TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 613d1a4fb7ce0a4c172b5f30e0b1220594ca0a9b / . / tests / suites / test_suite_rsa.function
blob: 764d21a95af2b9f2e1b1c2d4f2e6e33d4d937e1d [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/rsa.h"
Chris Jones66a4cd42021-03-09 16:04:12 +0000[diff] [blame]3#include "rsa_alt_helpers.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]4#include "mbedtls/md2.h"
5#include "mbedtls/md4.h"
6#include "mbedtls/md5.h"
7#include "mbedtls/sha1.h"
8#include "mbedtls/sha256.h"
9#include "mbedtls/sha512.h"
10#include "mbedtls/entropy.h"
11#include "mbedtls/ctr_drbg.h"
Hanno Becker47deec42017-07-24 12:27:09 +0100[diff] [blame]12
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]13/* END_HEADER */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]14
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]15/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]16 * depends_on:MBEDTLS_RSA_C:MBEDTLS_BIGNUM_C:MBEDTLS_GENPRIME
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]17 * END_DEPENDENCIES
18 */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]19
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]20/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
21void rsa_invalid_param( )
22{
23 mbedtls_rsa_context ctx;
24 const int valid_padding = MBEDTLS_RSA_PKCS_V21;
25 const int invalid_padding = 42;
26 const int valid_mode = MBEDTLS_RSA_PRIVATE;
27 const int invalid_mode = 42;
28 unsigned char buf[42] = { 0 };
29 size_t olen;
30
31 TEST_INVALID_PARAM( mbedtls_rsa_init( NULL, valid_padding, 0 ) );
32 TEST_INVALID_PARAM( mbedtls_rsa_init( &ctx, invalid_padding, 0 ) );
33 TEST_VALID_PARAM( mbedtls_rsa_free( NULL ) );
34
35 /* No more variants because only the first argument must be non-NULL. */
36 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
37 mbedtls_rsa_import( NULL, NULL, NULL,
38 NULL, NULL, NULL ) );
39 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
40 mbedtls_rsa_import_raw( NULL,
41 NULL, 0,
42 NULL, 0,
43 NULL, 0,
44 NULL, 0,
45 NULL, 0 ) );
46
47 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
48 mbedtls_rsa_complete( NULL ) );
49
50 /* No more variants because only the first argument must be non-NULL. */
51 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
52 mbedtls_rsa_export( NULL, NULL, NULL,
53 NULL, NULL, NULL ) );
54 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
55 mbedtls_rsa_export_raw( NULL,
56 NULL, 0,
57 NULL, 0,
58 NULL, 0,
59 NULL, 0,
60 NULL, 0 ) );
61 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
62 mbedtls_rsa_export_crt( NULL, NULL, NULL, NULL ) );
63
64 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( NULL,
65 valid_padding, 0 ) );
66 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( &ctx,
67 invalid_padding, 0 ) );
68
69 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]70 mbedtls_rsa_gen_key( NULL,
71 mbedtls_test_rnd_std_rand,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]72 NULL, 0, 0 ) );
73 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
74 mbedtls_rsa_gen_key( &ctx, NULL,
75 NULL, 0, 0 ) );
76
77 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
78 mbedtls_rsa_check_pubkey( NULL ) );
79 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
80 mbedtls_rsa_check_privkey( NULL ) );
81
82 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
83 mbedtls_rsa_check_pub_priv( NULL, &ctx ) );
84 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
85 mbedtls_rsa_check_pub_priv( &ctx, NULL ) );
86
87 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
88 mbedtls_rsa_public( NULL, buf, buf ) );
89 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
90 mbedtls_rsa_public( &ctx, NULL, buf ) );
91 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
92 mbedtls_rsa_public( &ctx, buf, NULL ) );
93
94 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
95 mbedtls_rsa_private( NULL, NULL, NULL,
96 buf, buf ) );
97 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
98 mbedtls_rsa_private( &ctx, NULL, NULL,
99 NULL, buf ) );
100 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
101 mbedtls_rsa_private( &ctx, NULL, NULL,
102 buf, NULL ) );
103
104 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
105 mbedtls_rsa_pkcs1_encrypt( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]106 sizeof( buf ), buf,
107 buf ) );
108 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
109 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]110 sizeof( buf ), NULL,
111 buf ) );
112 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
113 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]114 sizeof( buf ), buf,
115 NULL ) );
116
117 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
118 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( NULL, NULL,
Thomas Daubney53e4ac62021-05-13 18:26:49 +0100[diff] [blame]119 NULL, sizeof( buf ),
120 buf, buf ) );
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]121 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
122 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
Thomas Daubney53e4ac62021-05-13 18:26:49 +0100[diff] [blame]123 NULL, sizeof( buf ),
124 NULL, buf ) );
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]125 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
126 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
Thomas Daubney53e4ac62021-05-13 18:26:49 +0100[diff] [blame]127 NULL, sizeof( buf ),
128 buf, NULL ) );
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]129
130 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
131 mbedtls_rsa_rsaes_oaep_encrypt( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]132 buf, sizeof( buf ),
133 sizeof( buf ), buf,
134 buf ) );
135 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
136 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]137 NULL, sizeof( buf ),
138 sizeof( buf ), buf,
139 buf ) );
140 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
141 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]142 buf, sizeof( buf ),
143 sizeof( buf ), NULL,
144 buf ) );
145 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
146 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]147 buf, sizeof( buf ),
148 sizeof( buf ), buf,
149 NULL ) );
150
151 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
152 mbedtls_rsa_pkcs1_decrypt( NULL, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]153 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]154 buf, buf, 42 ) );
155 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
156 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]157 NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]158 buf, buf, 42 ) );
159 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
160 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]161 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]162 NULL, buf, 42 ) );
163 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
164 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]165 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]166 buf, NULL, 42 ) );
167
168 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
169 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( NULL, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]170 NULL, &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]171 buf, buf, 42 ) );
172 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
173 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]174 NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]175 buf, buf, 42 ) );
176 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
177 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]178 NULL, &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]179 NULL, buf, 42 ) );
180 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
181 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]182 NULL, &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]183 buf, NULL, 42 ) );
184
185 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
186 mbedtls_rsa_rsaes_oaep_decrypt( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]187 buf, sizeof( buf ),
188 &olen,
189 buf, buf, 42 ) );
190 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
191 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]192 NULL, sizeof( buf ),
193 NULL,
194 buf, buf, 42 ) );
195 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
196 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]197 buf, sizeof( buf ),
198 &olen,
199 NULL, buf, 42 ) );
200 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
201 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]202 buf, sizeof( buf ),
203 &olen,
204 buf, NULL, 42 ) );
205
206 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
207 mbedtls_rsa_pkcs1_sign( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]208 0, sizeof( buf ), buf,
209 buf ) );
210 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
211 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]212 0, sizeof( buf ), NULL,
213 buf ) );
214 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
215 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]216 0, sizeof( buf ), buf,
217 NULL ) );
218 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
219 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]220 MBEDTLS_MD_SHA1,
221 0, NULL,
222 buf ) );
223
224 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
225 mbedtls_rsa_rsassa_pkcs1_v15_sign( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]226 0, sizeof( buf ), buf,
227 buf ) );
228 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
229 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]230 0, sizeof( buf ), NULL,
231 buf ) );
232 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
233 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]234 0, sizeof( buf ), buf,
235 NULL ) );
236 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
237 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]238 MBEDTLS_MD_SHA1,
239 0, NULL,
240 buf ) );
241
242 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
243 mbedtls_rsa_rsassa_pss_sign( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]244 0, sizeof( buf ), buf,
245 buf ) );
246 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
247 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]248 0, sizeof( buf ), NULL,
249 buf ) );
250 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
251 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]252 0, sizeof( buf ), buf,
253 NULL ) );
254 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
255 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]256 MBEDTLS_MD_SHA1,
257 0, NULL,
258 buf ) );
259
260 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Cédric Meutera05cbec2020-04-25 15:02:34 +0200[diff] [blame]261 mbedtls_rsa_rsassa_pss_sign_ext( NULL, NULL, NULL,
262 0, sizeof( buf ), buf,
263 MBEDTLS_RSA_SALT_LEN_ANY,
264 buf ) );
265 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
266 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
267 0, sizeof( buf ), NULL,
268 MBEDTLS_RSA_SALT_LEN_ANY,
269 buf ) );
270 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
271 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
272 0, sizeof( buf ), buf,
273 MBEDTLS_RSA_SALT_LEN_ANY,
274 NULL ) );
275 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
276 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
277 MBEDTLS_MD_SHA1,
278 0, NULL,
279 MBEDTLS_RSA_SALT_LEN_ANY,
280 buf ) );
281
282 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Thomas Daubney613d1a42021-05-18 19:34:03 +0100[diff] [blame^]283 mbedtls_rsa_pkcs1_verify( NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]284 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]285 0, sizeof( buf ), buf,
286 buf ) );
287 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Thomas Daubney613d1a42021-05-18 19:34:03 +0100[diff] [blame^]288 mbedtls_rsa_pkcs1_verify( &ctx,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]289 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]290 0, sizeof( buf ), NULL,
291 buf ) );
292 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Thomas Daubney613d1a42021-05-18 19:34:03 +0100[diff] [blame^]293 mbedtls_rsa_pkcs1_verify( &ctx,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]294 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]295 0, sizeof( buf ), buf,
296 NULL ) );
297 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Thomas Daubney613d1a42021-05-18 19:34:03 +0100[diff] [blame^]298 mbedtls_rsa_pkcs1_verify( &ctx,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]299 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]300 MBEDTLS_MD_SHA1, 0, NULL,
301 buf ) );
302
303 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
304 mbedtls_rsa_rsassa_pkcs1_v15_verify( NULL, NULL,
305 NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]306 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]307 0, sizeof( buf ), buf,
308 buf ) );
309 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
310 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
311 NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]312 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]313 0, sizeof( buf ),
314 NULL, buf ) );
315 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
316 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
317 NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]318 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]319 0, sizeof( buf ), buf,
320 NULL ) );
321 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
322 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
323 NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]324 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]325 MBEDTLS_MD_SHA1,
326 0, NULL,
327 buf ) );
328
329 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
330 mbedtls_rsa_rsassa_pss_verify( NULL, NULL, NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]331 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]332 0, sizeof( buf ),
333 buf, buf ) );
334 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
335 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]336 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]337 0, sizeof( buf ),
338 NULL, buf ) );
339 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
340 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]341 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]342 0, sizeof( buf ),
343 buf, NULL ) );
344 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
345 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]346 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]347 MBEDTLS_MD_SHA1,
348 0, NULL,
349 buf ) );
350
351 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
352 mbedtls_rsa_rsassa_pss_verify_ext( NULL, NULL, NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]353 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]354 0, sizeof( buf ),
355 buf,
356 0, 0,
357 buf ) );
358 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
359 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]360 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]361 0, sizeof( buf ),
362 NULL, 0, 0,
363 buf ) );
364 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
365 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]366 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]367 0, sizeof( buf ),
368 buf, 0, 0,
369 NULL ) );
370 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
371 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]372 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]373 MBEDTLS_MD_SHA1,
374 0, NULL,
375 0, 0,
376 buf ) );
377
378 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
379 mbedtls_rsa_copy( NULL, &ctx ) );
380 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
381 mbedtls_rsa_copy( &ctx, NULL ) );
382
383exit:
384 return;
385}
386/* END_CASE */
387
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]388/* BEGIN_CASE */
Gilles Peskine914afe12021-02-01 17:55:24 +0100[diff] [blame]389void rsa_init_free( int reinit )
390{
391 mbedtls_rsa_context ctx;
392
393 /* Double free is not explicitly documented to work, but we rely on it
394 * even inside the library so that you can call mbedtls_rsa_free()
395 * unconditionally on an error path without checking whether it has
396 * already been called in the success path. */
397
398 mbedtls_rsa_init( &ctx, 0, 0 );
399 mbedtls_rsa_free( &ctx );
400
401 if( reinit )
402 mbedtls_rsa_init( &ctx, 0, 0 );
403 mbedtls_rsa_free( &ctx );
404
405 /* This test case always succeeds, functionally speaking. A plausible
406 * bug might trigger an invalid pointer dereference or a memory leak. */
407 goto exit;
408}
409/* END_CASE */
410
411/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]412void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]413 int digest, int mod, int radix_P, char * input_P,
414 int radix_Q, char * input_Q, int radix_N,
415 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]416 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]417{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]418 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
419 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]420 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]421 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]422 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]423
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]424 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
425 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]426 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]427
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]428 memset( hash_result, 0x00, sizeof( hash_result ) );
429 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]430 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]431
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]432 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
433 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
434 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
435 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]436
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]437 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
438 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]439 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]440 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]441
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]442
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]443 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]444 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]445
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]446 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
Thomas Daubney140184d2021-05-18 16:04:07 +0100[diff] [blame]447 &rnd_info, digest, 0, hash_result,
448 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]449 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]450 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]451
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]452 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
453 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]454 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]455
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]456exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]457 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
458 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]459 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]460}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]461/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]462
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]463/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]464void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]465 int digest, int mod, int radix_N,
466 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]467 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]468{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]469 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]470 mbedtls_rsa_context ctx;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]471
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]472 mbedtls_mpi N, E;
473
474 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]475 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]476 memset( hash_result, 0x00, sizeof( hash_result ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]477
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]478 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
479 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
480 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
481 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]482 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]483
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]484
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]485 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]486 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]487
Thomas Daubney613d1a42021-05-18 19:34:03 +0100[diff] [blame^]488 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]489
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]490exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]491 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]492 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]493}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]494/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]495
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]496
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]497/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]498void rsa_pkcs1_sign_raw( data_t * hash_result,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]499 int padding_mode, int mod, int radix_P,
500 char * input_P, int radix_Q, char * input_Q,
501 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]502 char * input_E, data_t * result_str )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]503{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]504 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]505 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]506 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]507 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]508
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]509 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]510 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
511 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]512
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]513 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]514 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]515
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]516 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
517 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
518 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
519 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]520
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]521 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
522 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]523 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]524 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]525
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]526
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]527 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
Thomas Daubney140184d2021-05-18 16:04:07 +0100[diff] [blame]528 &rnd_info, MBEDTLS_MD_NONE,
529 hash_result->len,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]530 hash_result->x, output ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]531
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]532
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]533 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
534 ctx.len, result_str->len ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]535
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]536exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]537 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
538 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
539
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]540 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]541}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]542/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]543
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]544/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]545void rsa_pkcs1_verify_raw( data_t * hash_result,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]546 int padding_mode, int mod, int radix_N,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]547 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]548 data_t * result_str, int correct )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]549{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]550 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]551 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]552
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]553 mbedtls_mpi N, E;
554 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
555
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]556 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]557 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]558
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]559 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
560 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]561
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]562 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
563 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]564 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]565
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]566
Thomas Daubney613d1a42021-05-18 19:34:03 +0100[diff] [blame^]567 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]568
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]569exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]570 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]571 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]572}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]573/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]574
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]575/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]576void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]577 int mod, int radix_N, char * input_N,
578 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]579 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]580{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]581 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]582 mbedtls_rsa_context ctx;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]583 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]584
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]585 mbedtls_mpi N, E;
586 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
587
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]588 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]589
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]590 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]591 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]592
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]593 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
594 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]595
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]596 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
597 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]598 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]599
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]600
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]601 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx,
602 &mbedtls_test_rnd_pseudo_rand,
Thomas Daubney21772772021-05-13 17:30:32 +0100[diff] [blame]603 &rnd_info, message_str->len,
604 message_str->x,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]605 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]606 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]607 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]608
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]609 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
610 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]611 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]612
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]613exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]614 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]615 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]616}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]617/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]618
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]619/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]620void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]621 int mod, int radix_N, char * input_N,
622 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]623 data_t * result_str, int result )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]624{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]625 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]626 mbedtls_rsa_context ctx;
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]627
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]628 mbedtls_mpi N, E;
629
630 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]631 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]632 memset( output, 0x00, sizeof( output ) );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]633
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]634 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
635 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]636
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]637 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
638 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]639 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]640
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]641
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]642 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &mbedtls_test_rnd_zero_rand,
Thomas Daubney21772772021-05-13 17:30:32 +0100[diff] [blame]643 NULL, message_str->len,
644 message_str->x,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]645 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]646 if( result == 0 )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]647 {
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]648
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]649 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
650 ctx.len, result_str->len ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]651 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]652
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]653exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]654 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]655 mbedtls_rsa_free( &ctx );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]656}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]657/* END_CASE */
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]658
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]659/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]660void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]661 int mod, int radix_P, char * input_P,
662 int radix_Q, char * input_Q, int radix_N,
663 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]664 int max_output, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]665 int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]666{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]667 unsigned char output[32];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]668 mbedtls_rsa_context ctx;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]669 size_t output_len;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]670 mbedtls_test_rnd_pseudo_info rnd_info;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]671 mbedtls_mpi N, P, Q, E;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]672
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]673 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
674 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
675
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]676 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]677
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]678 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]679 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]680
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]681
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]682 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
683 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
684 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
685 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]686
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]687 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
688 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]689 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]690 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]691
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]692 output_len = 0;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]693
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]694 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, mbedtls_test_rnd_pseudo_rand,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]695 &rnd_info,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]696 &output_len, message_str->x, output,
697 max_output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]698 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]699 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]700
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]701 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]702 output_len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]703 result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]704 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]705
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]706exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]707 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
708 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]709 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]710}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]711/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]712
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]713/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]714void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]715 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]716 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]717{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]718 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]719 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]720
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]721 mbedtls_mpi N, E;
722
723 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]724 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
725 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]726 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]727
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]728 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
729 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]730
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]731 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
732 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]733 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]734
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]735
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]736 TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]737 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]738 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]739
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]740 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
741 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]742 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]743
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]744 /* And now with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]745 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]746 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]747 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]748
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]749 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]750
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]751 memset( output, 0x00, sizeof( output ) );
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]752 TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str->x, output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]753 if( result == 0 )
754 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]755
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]756 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
757 ctx.len, result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]758 }
759
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]760exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]761 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]762 mbedtls_rsa_free( &ctx );
763 mbedtls_rsa_free( &ctx2 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]764}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]765/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]766
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]767/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]768void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]769 char * input_P, int radix_Q, char * input_Q,
770 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]771 char * input_E, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]772 int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]773{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]774 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]775 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]776 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]777 mbedtls_test_rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]778 int i;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]779
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]780 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
781 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]782 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
783 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]784
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]785 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]786
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]787 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
788 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
789 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
790 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]791
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]792 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
793 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]794 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]795 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]796
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]797
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]798 /* repeat three times to test updating of blinding values */
799 for( i = 0; i < 3; i++ )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]800 {
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]801 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]802 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_test_rnd_pseudo_rand,
803 &rnd_info, message_str->x,
804 output ) == result );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]805 if( result == 0 )
806 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]807
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]808 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]809 ctx.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]810 result_str->len ) == 0 );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]811 }
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]812 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]813
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]814 /* And now one more time with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]815 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]816 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]817 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]818
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]819 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]820
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]821 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]822 TEST_ASSERT( mbedtls_rsa_private( &ctx2, mbedtls_test_rnd_pseudo_rand,
823 &rnd_info, message_str->x,
824 output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]825 if( result == 0 )
826 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]827
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]828 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]829 ctx2.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]830 result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]831 }
832
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]833exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]834 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
835 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
836
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]837 mbedtls_rsa_free( &ctx ); mbedtls_rsa_free( &ctx2 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]838}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]839/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]840
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]841/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]842void rsa_check_privkey_null( )
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]843{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]844 mbedtls_rsa_context ctx;
845 memset( &ctx, 0x00, sizeof( mbedtls_rsa_context ) );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]846
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]847 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]848}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]849/* END_CASE */
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]850
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]851/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]852void mbedtls_rsa_check_pubkey( int radix_N, char * input_N, int radix_E,
853 char * input_E, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]854{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]855 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]856 mbedtls_mpi N, E;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]857
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]858 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]859 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]860
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]861 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]862 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]863 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]864 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]865 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]866 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]867 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]868 }
869
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]870 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]871 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]872
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]873exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]874 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]875 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]876}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]877/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]878
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]879/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]880void mbedtls_rsa_check_privkey( int mod, int radix_P, char * input_P,
881 int radix_Q, char * input_Q, int radix_N,
882 char * input_N, int radix_E, char * input_E,
883 int radix_D, char * input_D, int radix_DP,
884 char * input_DP, int radix_DQ,
885 char * input_DQ, int radix_QP,
886 char * input_QP, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]887{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]888 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]889
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]890 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]891
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]892 ctx.len = mod / 8;
893 if( strlen( input_P ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]894 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]895 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]896 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]897 if( strlen( input_Q ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]898 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]899 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]900 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]901 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]902 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]903 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]904 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]905 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]906 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]907 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]908 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]909 if( strlen( input_D ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]910 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]911 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.D, radix_D, input_D ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]912 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]913#if !defined(MBEDTLS_RSA_NO_CRT)
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]914 if( strlen( input_DP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]915 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]916 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DP, radix_DP, input_DP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]917 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]918 if( strlen( input_DQ ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]919 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]920 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]921 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]922 if( strlen( input_QP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]923 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]924 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.QP, radix_QP, input_QP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]925 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]926#else
927 ((void) radix_DP); ((void) input_DP);
928 ((void) radix_DQ); ((void) input_DQ);
929 ((void) radix_QP); ((void) input_QP);
930#endif
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]931
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]932 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]933
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]934exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]935 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]936}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]937/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]938
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]939/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]940void rsa_check_pubpriv( int mod, int radix_Npub, char * input_Npub,
941 int radix_Epub, char * input_Epub, int radix_P,
942 char * input_P, int radix_Q, char * input_Q,
943 int radix_N, char * input_N, int radix_E,
944 char * input_E, int radix_D, char * input_D,
945 int radix_DP, char * input_DP, int radix_DQ,
946 char * input_DQ, int radix_QP, char * input_QP,
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]947 int result )
948{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]949 mbedtls_rsa_context pub, prv;
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]950
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]951 mbedtls_rsa_init( &pub, MBEDTLS_RSA_PKCS_V15, 0 );
952 mbedtls_rsa_init( &prv, MBEDTLS_RSA_PKCS_V15, 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]953
954 pub.len = mod / 8;
955 prv.len = mod / 8;
956
957 if( strlen( input_Npub ) )
958 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]959 TEST_ASSERT( mbedtls_mpi_read_string( &pub.N, radix_Npub, input_Npub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]960 }
961 if( strlen( input_Epub ) )
962 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]963 TEST_ASSERT( mbedtls_mpi_read_string( &pub.E, radix_Epub, input_Epub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]964 }
965
966 if( strlen( input_P ) )
967 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]968 TEST_ASSERT( mbedtls_mpi_read_string( &prv.P, radix_P, input_P ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]969 }
970 if( strlen( input_Q ) )
971 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]972 TEST_ASSERT( mbedtls_mpi_read_string( &prv.Q, radix_Q, input_Q ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]973 }
974 if( strlen( input_N ) )
975 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]976 TEST_ASSERT( mbedtls_mpi_read_string( &prv.N, radix_N, input_N ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]977 }
978 if( strlen( input_E ) )
979 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]980 TEST_ASSERT( mbedtls_mpi_read_string( &prv.E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]981 }
982 if( strlen( input_D ) )
983 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]984 TEST_ASSERT( mbedtls_mpi_read_string( &prv.D, radix_D, input_D ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]985 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]986#if !defined(MBEDTLS_RSA_NO_CRT)
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]987 if( strlen( input_DP ) )
988 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]989 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DP, radix_DP, input_DP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]990 }
991 if( strlen( input_DQ ) )
992 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]993 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DQ, radix_DQ, input_DQ ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]994 }
995 if( strlen( input_QP ) )
996 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]997 TEST_ASSERT( mbedtls_mpi_read_string( &prv.QP, radix_QP, input_QP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]998 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]999#else
1000 ((void) radix_DP); ((void) input_DP);
1001 ((void) radix_DQ); ((void) input_DQ);
1002 ((void) radix_QP); ((void) input_QP);
1003#endif
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1004
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1005 TEST_ASSERT( mbedtls_rsa_check_pub_priv( &pub, &prv ) == result );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1006
1007exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1008 mbedtls_rsa_free( &pub );
1009 mbedtls_rsa_free( &prv );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1010}
1011/* END_CASE */
1012
Hanno Beckerd4a872e2017-09-07 08:09:33 +0100[diff] [blame]1013/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1014void mbedtls_rsa_gen_key( int nrbits, int exponent, int result)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1015{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1016 mbedtls_rsa_context ctx;
1017 mbedtls_entropy_context entropy;
1018 mbedtls_ctr_drbg_context ctr_drbg;
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]1019 const char *pers = "test_suite_rsa";
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1020
Manuel Pégourié-Gonnard8d128ef2015-04-28 22:38:08 +0200[diff] [blame]1021 mbedtls_ctr_drbg_init( &ctr_drbg );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1022 mbedtls_entropy_init( &entropy );
Hanno Becker7e8e57c2017-07-23 10:19:29 +0100[diff] [blame]1023 mbedtls_rsa_init ( &ctx, 0, 0 );
Paul Bakkerc0a1a312011-12-04 17:12:15 +0000[diff] [blame]1024
Hanno Beckera47023e2017-12-22 17:08:03 +0000[diff] [blame]1025 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1026 &entropy, (const unsigned char *) pers,
1027 strlen( pers ) ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1028
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1029 TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1030 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1031 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1032 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Janos Follathef441782016-09-21 13:18:12 +0100[diff] [blame]1033 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &ctx.Q ) > 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1034 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1035
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1036exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1037 mbedtls_rsa_free( &ctx );
1038 mbedtls_ctr_drbg_free( &ctr_drbg );
1039 mbedtls_entropy_free( &entropy );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1040}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1041/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1042
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1043/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Hanno Becker0f65e0c2017-10-03 14:39:16 +0100[diff] [blame]1044void mbedtls_rsa_deduce_primes( int radix_N, char *input_N,
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1045 int radix_D, char *input_D,
1046 int radix_E, char *input_E,
1047 int radix_P, char *output_P,
1048 int radix_Q, char *output_Q,
1049 int corrupt, int result )
1050{
1051 mbedtls_mpi N, P, Pp, Q, Qp, D, E;
1052
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1053 mbedtls_mpi_init( &N );
1054 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1055 mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp );
1056 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1057
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1058 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1059 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1060 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1061 TEST_ASSERT( mbedtls_mpi_read_string( &Qp, radix_P, output_P ) == 0 );
1062 TEST_ASSERT( mbedtls_mpi_read_string( &Pp, radix_Q, output_Q ) == 0 );
1063
1064 if( corrupt )
1065 TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 );
1066
1067 /* Try to deduce P, Q from N, D, E only. */
Hanno Beckerf9e184b2017-10-10 16:49:26 +0100[diff] [blame]1068 TEST_ASSERT( mbedtls_rsa_deduce_primes( &N, &D, &E, &P, &Q ) == result );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1069
1070 if( !corrupt )
1071 {
1072 /* Check if (P,Q) = (Pp, Qp) or (P,Q) = (Qp, Pp) */
1073 TEST_ASSERT( ( mbedtls_mpi_cmp_mpi( &P, &Pp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Qp ) == 0 ) ||
1074 ( mbedtls_mpi_cmp_mpi( &P, &Qp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Pp ) == 0 ) );
1075 }
1076
1077exit:
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1078 mbedtls_mpi_free( &N );
1079 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1080 mbedtls_mpi_free( &Pp ); mbedtls_mpi_free( &Qp );
1081 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1082}
1083/* END_CASE */
1084
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1085/* BEGIN_CASE */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1086void mbedtls_rsa_deduce_private_exponent( int radix_P, char *input_P,
1087 int radix_Q, char *input_Q,
1088 int radix_E, char *input_E,
1089 int radix_D, char *output_D,
1090 int corrupt, int result )
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1091{
1092 mbedtls_mpi P, Q, D, Dp, E, R, Rp;
1093
1094 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1095 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &Dp );
1096 mbedtls_mpi_init( &E );
1097 mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp );
1098
1099 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1100 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1101 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1102 TEST_ASSERT( mbedtls_mpi_read_string( &Dp, radix_D, output_D ) == 0 );
1103
1104 if( corrupt )
1105 {
1106 /* Make E even */
1107 TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 0 ) == 0 );
1108 }
1109
1110 /* Try to deduce D from N, P, Q, E. */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1111 TEST_ASSERT( mbedtls_rsa_deduce_private_exponent( &P, &Q,
1112 &E, &D ) == result );
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1113
1114 if( !corrupt )
1115 {
1116 /*
1117 * Check that D and Dp agree modulo LCM(P-1, Q-1).
1118 */
1119
1120 /* Replace P,Q by P-1, Q-1 */
1121 TEST_ASSERT( mbedtls_mpi_sub_int( &P, &P, 1 ) == 0 );
1122 TEST_ASSERT( mbedtls_mpi_sub_int( &Q, &Q, 1 ) == 0 );
1123
1124 /* Check D == Dp modulo P-1 */
1125 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &P ) == 0 );
1126 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &P ) == 0 );
1127 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1128
1129 /* Check D == Dp modulo Q-1 */
1130 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &Q ) == 0 );
1131 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &Q ) == 0 );
1132 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1133 }
1134
1135exit:
1136
1137 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1138 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &Dp );
1139 mbedtls_mpi_free( &E );
1140 mbedtls_mpi_free( &R ); mbedtls_mpi_free( &Rp );
1141}
1142/* END_CASE */
1143
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1144/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1145void mbedtls_rsa_import( int radix_N, char *input_N,
1146 int radix_P, char *input_P,
1147 int radix_Q, char *input_Q,
1148 int radix_D, char *input_D,
1149 int radix_E, char *input_E,
1150 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1151 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1152 int res_check,
1153 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1154{
1155 mbedtls_mpi N, P, Q, D, E;
1156 mbedtls_rsa_context ctx;
1157
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1158 /* Buffers used for encryption-decryption test */
1159 unsigned char *buf_orig = NULL;
1160 unsigned char *buf_enc = NULL;
1161 unsigned char *buf_dec = NULL;
1162
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1163 mbedtls_entropy_context entropy;
1164 mbedtls_ctr_drbg_context ctr_drbg;
1165 const char *pers = "test_suite_rsa";
1166
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1167 const int have_N = ( strlen( input_N ) > 0 );
1168 const int have_P = ( strlen( input_P ) > 0 );
1169 const int have_Q = ( strlen( input_Q ) > 0 );
1170 const int have_D = ( strlen( input_D ) > 0 );
1171 const int have_E = ( strlen( input_E ) > 0 );
1172
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1173 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1174 mbedtls_entropy_init( &entropy );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1175 mbedtls_rsa_init( &ctx, 0, 0 );
1176
1177 mbedtls_mpi_init( &N );
1178 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1179 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1180
Hanno Beckerd4d60572018-01-10 07:12:01 +0000[diff] [blame]1181 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
1182 (const unsigned char *) pers, strlen( pers ) ) == 0 );
1183
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1184 if( have_N )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1185 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1186
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1187 if( have_P )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1188 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1189
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1190 if( have_Q )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1191 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1192
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1193 if( have_D )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1194 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1195
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1196 if( have_E )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1197 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1198
1199 if( !successive )
1200 {
1201 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1202 have_N ? &N : NULL,
1203 have_P ? &P : NULL,
1204 have_Q ? &Q : NULL,
1205 have_D ? &D : NULL,
1206 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1207 }
1208 else
1209 {
1210 /* Import N, P, Q, D, E separately.
1211 * This should make no functional difference. */
1212
1213 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1214 have_N ? &N : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1215 NULL, NULL, NULL, NULL ) == 0 );
1216
1217 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1218 NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1219 have_P ? &P : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1220 NULL, NULL, NULL ) == 0 );
1221
1222 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1223 NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1224 have_Q ? &Q : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1225 NULL, NULL ) == 0 );
1226
1227 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1228 NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1229 have_D ? &D : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1230 NULL ) == 0 );
1231
1232 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1233 NULL, NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1234 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1235 }
1236
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1237 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1238
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1239 /* On expected success, perform some public and private
1240 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1241 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1242 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1243 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1244 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1245 else
1246 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1247
1248 if( res_check != 0 )
1249 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1250
1251 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1252 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1253 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1254 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1255 goto exit;
1256
1257 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1258 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1259
1260 /* Make sure the number we're generating is smaller than the modulus */
1261 buf_orig[0] = 0x00;
1262
1263 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1264
1265 if( is_priv )
1266 {
1267 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1268 &ctr_drbg, buf_enc,
1269 buf_dec ) == 0 );
1270
1271 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1272 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1273 }
1274 }
1275
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1276exit:
1277
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1278 mbedtls_free( buf_orig );
1279 mbedtls_free( buf_enc );
1280 mbedtls_free( buf_dec );
1281
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1282 mbedtls_rsa_free( &ctx );
1283
1284 mbedtls_ctr_drbg_free( &ctr_drbg );
1285 mbedtls_entropy_free( &entropy );
1286
1287 mbedtls_mpi_free( &N );
1288 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1289 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1290}
1291/* END_CASE */
1292
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1293/* BEGIN_CASE */
1294void mbedtls_rsa_export( int radix_N, char *input_N,
1295 int radix_P, char *input_P,
1296 int radix_Q, char *input_Q,
1297 int radix_D, char *input_D,
1298 int radix_E, char *input_E,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1299 int is_priv,
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1300 int successive )
1301{
1302 /* Original MPI's with which we set up the RSA context */
1303 mbedtls_mpi N, P, Q, D, E;
1304
1305 /* Exported MPI's */
1306 mbedtls_mpi Ne, Pe, Qe, De, Ee;
1307
1308 const int have_N = ( strlen( input_N ) > 0 );
1309 const int have_P = ( strlen( input_P ) > 0 );
1310 const int have_Q = ( strlen( input_Q ) > 0 );
1311 const int have_D = ( strlen( input_D ) > 0 );
1312 const int have_E = ( strlen( input_E ) > 0 );
1313
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1314 mbedtls_rsa_context ctx;
1315
1316 mbedtls_rsa_init( &ctx, 0, 0 );
1317
1318 mbedtls_mpi_init( &N );
1319 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1320 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1321
1322 mbedtls_mpi_init( &Ne );
1323 mbedtls_mpi_init( &Pe ); mbedtls_mpi_init( &Qe );
1324 mbedtls_mpi_init( &De ); mbedtls_mpi_init( &Ee );
1325
1326 /* Setup RSA context */
1327
1328 if( have_N )
1329 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1330
1331 if( have_P )
1332 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1333
1334 if( have_Q )
1335 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1336
1337 if( have_D )
1338 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1339
1340 if( have_E )
1341 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1342
1343 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1344 strlen( input_N ) ? &N : NULL,
1345 strlen( input_P ) ? &P : NULL,
1346 strlen( input_Q ) ? &Q : NULL,
1347 strlen( input_D ) ? &D : NULL,
1348 strlen( input_E ) ? &E : NULL ) == 0 );
1349
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1350 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1351
1352 /*
1353 * Export parameters and compare to original ones.
1354 */
1355
1356 /* N and E must always be present. */
1357 if( !successive )
1358 {
1359 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, &Ee ) == 0 );
1360 }
1361 else
1362 {
1363 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, NULL ) == 0 );
1364 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL, NULL, &Ee ) == 0 );
1365 }
1366 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &Ne ) == 0 );
1367 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &E, &Ee ) == 0 );
1368
1369 /* If we were providing enough information to setup a complete private context,
1370 * we expect to be able to export all core parameters. */
1371
1372 if( is_priv )
1373 {
1374 if( !successive )
1375 {
1376 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, &Qe,
1377 &De, NULL ) == 0 );
1378 }
1379 else
1380 {
1381 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, NULL,
1382 NULL, NULL ) == 0 );
1383 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, &Qe,
1384 NULL, NULL ) == 0 );
1385 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL,
1386 &De, NULL ) == 0 );
1387 }
1388
1389 if( have_P )
1390 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P, &Pe ) == 0 );
1391
1392 if( have_Q )
1393 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &Qe ) == 0 );
1394
1395 if( have_D )
1396 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &D, &De ) == 0 );
1397
1398 /* While at it, perform a sanity check */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1399 TEST_ASSERT( mbedtls_rsa_validate_params( &Ne, &Pe, &Qe, &De, &Ee,
1400 NULL, NULL ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1401 }
1402
1403exit:
1404
1405 mbedtls_rsa_free( &ctx );
1406
1407 mbedtls_mpi_free( &N );
1408 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1409 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1410
1411 mbedtls_mpi_free( &Ne );
1412 mbedtls_mpi_free( &Pe ); mbedtls_mpi_free( &Qe );
1413 mbedtls_mpi_free( &De ); mbedtls_mpi_free( &Ee );
1414}
1415/* END_CASE */
1416
Manuel Pégourié-Gonnardd12402f2020-05-20 10:34:25 +0200[diff] [blame]1417/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1418void mbedtls_rsa_validate_params( int radix_N, char *input_N,
1419 int radix_P, char *input_P,
1420 int radix_Q, char *input_Q,
1421 int radix_D, char *input_D,
1422 int radix_E, char *input_E,
1423 int prng, int result )
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1424{
1425 /* Original MPI's with which we set up the RSA context */
1426 mbedtls_mpi N, P, Q, D, E;
1427
1428 const int have_N = ( strlen( input_N ) > 0 );
1429 const int have_P = ( strlen( input_P ) > 0 );
1430 const int have_Q = ( strlen( input_Q ) > 0 );
1431 const int have_D = ( strlen( input_D ) > 0 );
1432 const int have_E = ( strlen( input_E ) > 0 );
1433
1434 mbedtls_entropy_context entropy;
1435 mbedtls_ctr_drbg_context ctr_drbg;
1436 const char *pers = "test_suite_rsa";
1437
1438 mbedtls_mpi_init( &N );
1439 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1440 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1441
1442 mbedtls_ctr_drbg_init( &ctr_drbg );
1443 mbedtls_entropy_init( &entropy );
1444 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1445 &entropy, (const unsigned char *) pers,
1446 strlen( pers ) ) == 0 );
1447
1448 if( have_N )
1449 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1450
1451 if( have_P )
1452 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1453
1454 if( have_Q )
1455 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1456
1457 if( have_D )
1458 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1459
1460 if( have_E )
1461 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1462
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1463 TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL,
1464 have_P ? &P : NULL,
1465 have_Q ? &Q : NULL,
1466 have_D ? &D : NULL,
1467 have_E ? &E : NULL,
1468 prng ? mbedtls_ctr_drbg_random : NULL,
1469 prng ? &ctr_drbg : NULL ) == result );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1470exit:
1471
1472 mbedtls_ctr_drbg_free( &ctr_drbg );
1473 mbedtls_entropy_free( &entropy );
1474
1475 mbedtls_mpi_free( &N );
1476 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1477 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1478}
1479/* END_CASE */
1480
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1481/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1482void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P,
1483 data_t *input_Q, data_t *input_D,
1484 data_t *input_E, int is_priv,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1485 int successive )
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1486{
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1487 /* Exported buffers */
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]1488 unsigned char bufNe[256];
1489 unsigned char bufPe[128];
1490 unsigned char bufQe[128];
1491 unsigned char bufDe[256];
1492 unsigned char bufEe[1];
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1493
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1494 mbedtls_rsa_context ctx;
1495
1496 mbedtls_rsa_init( &ctx, 0, 0 );
1497
1498 /* Setup RSA context */
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1499 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1500 input_N->len ? input_N->x : NULL, input_N->len,
1501 input_P->len ? input_P->x : NULL, input_P->len,
1502 input_Q->len ? input_Q->x : NULL, input_Q->len,
1503 input_D->len ? input_D->x : NULL, input_D->len,
1504 input_E->len ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1505
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1506 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1507
1508 /*
1509 * Export parameters and compare to original ones.
1510 */
1511
1512 /* N and E must always be present. */
1513 if( !successive )
1514 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1515 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1516 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1517 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1518 }
1519 else
1520 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1521 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1522 NULL, 0, NULL, 0, NULL, 0,
1523 NULL, 0 ) == 0 );
1524 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
1525 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1526 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1527 }
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1528 TEST_ASSERT( memcmp( input_N->x, bufNe, input_N->len ) == 0 );
1529 TEST_ASSERT( memcmp( input_E->x, bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1530
1531 /* If we were providing enough information to setup a complete private context,
1532 * we expect to be able to export all core parameters. */
1533
1534 if( is_priv )
1535 {
1536 if( !successive )
1537 {
1538 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1539 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
1540 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
1541 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1542 NULL, 0 ) == 0 );
1543 }
1544 else
1545 {
1546 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1547 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1548 NULL, 0, NULL, 0,
1549 NULL, 0 ) == 0 );
1550
1551 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1552 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1553 NULL, 0, NULL, 0 ) == 0 );
1554
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1555 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0, NULL, 0,
1556 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1557 NULL, 0 ) == 0 );
1558 }
1559
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1560 if( input_P->len )
1561 TEST_ASSERT( memcmp( input_P->x, bufPe, input_P->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1562
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1563 if( input_Q->len )
1564 TEST_ASSERT( memcmp( input_Q->x, bufQe, input_Q->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1565
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1566 if( input_D->len )
1567 TEST_ASSERT( memcmp( input_D->x, bufDe, input_D->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1568
1569 }
1570
1571exit:
1572 mbedtls_rsa_free( &ctx );
1573}
1574/* END_CASE */
1575
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1576/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1577void mbedtls_rsa_import_raw( data_t *input_N,
1578 data_t *input_P, data_t *input_Q,
1579 data_t *input_D, data_t *input_E,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1580 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1581 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1582 int res_check,
1583 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1584{
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1585 /* Buffers used for encryption-decryption test */
1586 unsigned char *buf_orig = NULL;
1587 unsigned char *buf_enc = NULL;
1588 unsigned char *buf_dec = NULL;
1589
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1590 mbedtls_rsa_context ctx;
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1591 mbedtls_entropy_context entropy;
1592 mbedtls_ctr_drbg_context ctr_drbg;
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1593
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1594 const char *pers = "test_suite_rsa";
1595
1596 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1597 mbedtls_entropy_init( &entropy );
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1598 mbedtls_rsa_init( &ctx, 0, 0 );
1599
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1600 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1601 &entropy, (const unsigned char *) pers,
1602 strlen( pers ) ) == 0 );
1603
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1604 if( !successive )
1605 {
1606 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1607 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
1608 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
1609 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
1610 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
1611 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1612 }
1613 else
1614 {
1615 /* Import N, P, Q, D, E separately.
1616 * This should make no functional difference. */
1617
1618 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1619 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1620 NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1621
1622 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1623 NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1624 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1625 NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1626
1627 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1628 NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1629 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1630 NULL, 0, NULL, 0 ) == 0 );
1631
1632 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1633 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1634 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1635 NULL, 0 ) == 0 );
1636
1637 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1638 NULL, 0, NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1639 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1640 }
1641
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1642 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1643
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1644 /* On expected success, perform some public and private
1645 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1646 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1647 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1648 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1649 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1650 else
1651 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1652
1653 if( res_check != 0 )
1654 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1655
1656 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1657 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1658 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1659 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1660 goto exit;
1661
1662 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1663 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1664
1665 /* Make sure the number we're generating is smaller than the modulus */
1666 buf_orig[0] = 0x00;
1667
1668 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1669
1670 if( is_priv )
1671 {
1672 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1673 &ctr_drbg, buf_enc,
1674 buf_dec ) == 0 );
1675
1676 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1677 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1678 }
1679 }
1680
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1681exit:
1682
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1683 mbedtls_free( buf_orig );
1684 mbedtls_free( buf_enc );
1685 mbedtls_free( buf_dec );
1686
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1687 mbedtls_rsa_free( &ctx );
1688
1689 mbedtls_ctr_drbg_free( &ctr_drbg );
1690 mbedtls_entropy_free( &entropy );
1691
1692}
1693/* END_CASE */
1694
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1695/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1696void rsa_selftest( )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1697{
Andres AG93012e82016-09-09 09:10:28 +0100[diff] [blame]1698 TEST_ASSERT( mbedtls_rsa_self_test( 1 ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1699}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1700/* END_CASE */