TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 68d9cbca97aa9aaf495318904096f8a2a15e90cd / . / tests / suites / test_suite_rsa.function
blob: 112c4fc7b6e58093085b327b63a136d0d294568f [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/rsa.h"
Chris Jones66a4cd42021-03-09 16:04:12 +0000[diff] [blame]3#include "rsa_alt_helpers.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]4#include "mbedtls/md2.h"
5#include "mbedtls/md4.h"
6#include "mbedtls/md5.h"
7#include "mbedtls/sha1.h"
8#include "mbedtls/sha256.h"
9#include "mbedtls/sha512.h"
10#include "mbedtls/entropy.h"
11#include "mbedtls/ctr_drbg.h"
Hanno Becker47deec42017-07-24 12:27:09 +0100[diff] [blame]12
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]13/* END_HEADER */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]14
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]15/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]16 * depends_on:MBEDTLS_RSA_C:MBEDTLS_BIGNUM_C:MBEDTLS_GENPRIME
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]17 * END_DEPENDENCIES
18 */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]19
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]20/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
21void rsa_invalid_param( )
22{
23 mbedtls_rsa_context ctx;
24 const int valid_padding = MBEDTLS_RSA_PKCS_V21;
25 const int invalid_padding = 42;
26 const int valid_mode = MBEDTLS_RSA_PRIVATE;
27 const int invalid_mode = 42;
28 unsigned char buf[42] = { 0 };
29 size_t olen;
30
31 TEST_INVALID_PARAM( mbedtls_rsa_init( NULL, valid_padding, 0 ) );
32 TEST_INVALID_PARAM( mbedtls_rsa_init( &ctx, invalid_padding, 0 ) );
33 TEST_VALID_PARAM( mbedtls_rsa_free( NULL ) );
34
35 /* No more variants because only the first argument must be non-NULL. */
36 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
37 mbedtls_rsa_import( NULL, NULL, NULL,
38 NULL, NULL, NULL ) );
39 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
40 mbedtls_rsa_import_raw( NULL,
41 NULL, 0,
42 NULL, 0,
43 NULL, 0,
44 NULL, 0,
45 NULL, 0 ) );
46
47 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
48 mbedtls_rsa_complete( NULL ) );
49
50 /* No more variants because only the first argument must be non-NULL. */
51 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
52 mbedtls_rsa_export( NULL, NULL, NULL,
53 NULL, NULL, NULL ) );
54 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
55 mbedtls_rsa_export_raw( NULL,
56 NULL, 0,
57 NULL, 0,
58 NULL, 0,
59 NULL, 0,
60 NULL, 0 ) );
61 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
62 mbedtls_rsa_export_crt( NULL, NULL, NULL, NULL ) );
63
64 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( NULL,
65 valid_padding, 0 ) );
66 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( &ctx,
67 invalid_padding, 0 ) );
68
69 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]70 mbedtls_rsa_gen_key( NULL,
71 mbedtls_test_rnd_std_rand,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]72 NULL, 0, 0 ) );
73 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
74 mbedtls_rsa_gen_key( &ctx, NULL,
75 NULL, 0, 0 ) );
76
77 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
78 mbedtls_rsa_check_pubkey( NULL ) );
79 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
80 mbedtls_rsa_check_privkey( NULL ) );
81
82 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
83 mbedtls_rsa_check_pub_priv( NULL, &ctx ) );
84 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
85 mbedtls_rsa_check_pub_priv( &ctx, NULL ) );
86
87 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
88 mbedtls_rsa_public( NULL, buf, buf ) );
89 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
90 mbedtls_rsa_public( &ctx, NULL, buf ) );
91 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
92 mbedtls_rsa_public( &ctx, buf, NULL ) );
93
94 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
95 mbedtls_rsa_private( NULL, NULL, NULL,
96 buf, buf ) );
97 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
98 mbedtls_rsa_private( &ctx, NULL, NULL,
99 NULL, buf ) );
100 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
101 mbedtls_rsa_private( &ctx, NULL, NULL,
102 buf, NULL ) );
103
104 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
105 mbedtls_rsa_pkcs1_encrypt( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]106 sizeof( buf ), buf,
107 buf ) );
108 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
109 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]110 sizeof( buf ), NULL,
111 buf ) );
112 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
113 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]114 sizeof( buf ), buf,
115 NULL ) );
116
117 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
118 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( NULL, NULL,
Thomas Daubney53e4ac62021-05-13 18:26:49 +0100[diff] [blame]119 NULL, sizeof( buf ),
120 buf, buf ) );
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]121 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
122 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
Thomas Daubney53e4ac62021-05-13 18:26:49 +0100[diff] [blame]123 NULL, sizeof( buf ),
124 NULL, buf ) );
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]125 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
126 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
Thomas Daubney53e4ac62021-05-13 18:26:49 +0100[diff] [blame]127 NULL, sizeof( buf ),
128 buf, NULL ) );
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]129
130 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
131 mbedtls_rsa_rsaes_oaep_encrypt( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]132 buf, sizeof( buf ),
133 sizeof( buf ), buf,
134 buf ) );
135 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
136 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]137 NULL, sizeof( buf ),
138 sizeof( buf ), buf,
139 buf ) );
140 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
141 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]142 buf, sizeof( buf ),
143 sizeof( buf ), NULL,
144 buf ) );
145 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
146 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]147 buf, sizeof( buf ),
148 sizeof( buf ), buf,
149 NULL ) );
150
151 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
152 mbedtls_rsa_pkcs1_decrypt( NULL, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]153 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]154 buf, buf, 42 ) );
155 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
156 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]157 NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]158 buf, buf, 42 ) );
159 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
160 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]161 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]162 NULL, buf, 42 ) );
163 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
164 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]165 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]166 buf, NULL, 42 ) );
167
168 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
169 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( NULL, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]170 NULL, &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]171 buf, buf, 42 ) );
172 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
173 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]174 NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]175 buf, buf, 42 ) );
176 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
177 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]178 NULL, &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]179 NULL, buf, 42 ) );
180 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
181 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]182 NULL, &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]183 buf, NULL, 42 ) );
184
185 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
186 mbedtls_rsa_rsaes_oaep_decrypt( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]187 buf, sizeof( buf ),
188 &olen,
189 buf, buf, 42 ) );
190 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
191 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]192 NULL, sizeof( buf ),
193 NULL,
194 buf, buf, 42 ) );
195 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
196 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]197 buf, sizeof( buf ),
198 &olen,
199 NULL, buf, 42 ) );
200 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
201 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]202 buf, sizeof( buf ),
203 &olen,
204 buf, NULL, 42 ) );
205
206 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
207 mbedtls_rsa_pkcs1_sign( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]208 0, sizeof( buf ), buf,
209 buf ) );
210 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
211 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]212 0, sizeof( buf ), NULL,
213 buf ) );
214 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
215 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]216 0, sizeof( buf ), buf,
217 NULL ) );
218 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
219 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]220 MBEDTLS_MD_SHA1,
221 0, NULL,
222 buf ) );
223
224 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
225 mbedtls_rsa_rsassa_pkcs1_v15_sign( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]226 0, sizeof( buf ), buf,
227 buf ) );
228 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
229 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]230 0, sizeof( buf ), NULL,
231 buf ) );
232 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
233 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]234 0, sizeof( buf ), buf,
235 NULL ) );
236 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
237 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]238 MBEDTLS_MD_SHA1,
239 0, NULL,
240 buf ) );
241
242 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
243 mbedtls_rsa_rsassa_pss_sign( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]244 0, sizeof( buf ), buf,
245 buf ) );
246 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
247 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]248 0, sizeof( buf ), NULL,
249 buf ) );
250 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
251 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]252 0, sizeof( buf ), buf,
253 NULL ) );
254 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
255 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]256 MBEDTLS_MD_SHA1,
257 0, NULL,
258 buf ) );
259
260 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Cédric Meutera05cbec2020-04-25 15:02:34 +0200[diff] [blame]261 mbedtls_rsa_rsassa_pss_sign_ext( NULL, NULL, NULL,
262 0, sizeof( buf ), buf,
263 MBEDTLS_RSA_SALT_LEN_ANY,
264 buf ) );
265 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
266 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
267 0, sizeof( buf ), NULL,
268 MBEDTLS_RSA_SALT_LEN_ANY,
269 buf ) );
270 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
271 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
272 0, sizeof( buf ), buf,
273 MBEDTLS_RSA_SALT_LEN_ANY,
274 NULL ) );
275 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
276 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
277 MBEDTLS_MD_SHA1,
278 0, NULL,
279 MBEDTLS_RSA_SALT_LEN_ANY,
280 buf ) );
281
282 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Thomas Daubney613d1a42021-05-18 19:34:03 +0100[diff] [blame]283 mbedtls_rsa_pkcs1_verify( NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]284 0, sizeof( buf ), buf,
285 buf ) );
286 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Thomas Daubney613d1a42021-05-18 19:34:03 +0100[diff] [blame]287 mbedtls_rsa_pkcs1_verify( &ctx,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]288 0, sizeof( buf ), NULL,
289 buf ) );
290 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Thomas Daubney613d1a42021-05-18 19:34:03 +0100[diff] [blame]291 mbedtls_rsa_pkcs1_verify( &ctx,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]292 0, sizeof( buf ), buf,
293 NULL ) );
294 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Thomas Daubney613d1a42021-05-18 19:34:03 +0100[diff] [blame]295 mbedtls_rsa_pkcs1_verify( &ctx,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]296 MBEDTLS_MD_SHA1, 0, NULL,
297 buf ) );
298
299 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
300 mbedtls_rsa_rsassa_pkcs1_v15_verify( NULL, NULL,
301 NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]302 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]303 0, sizeof( buf ), buf,
304 buf ) );
305 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
306 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
307 NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]308 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]309 0, sizeof( buf ),
310 NULL, buf ) );
311 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
312 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
313 NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]314 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]315 0, sizeof( buf ), buf,
316 NULL ) );
317 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
318 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
319 NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]320 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]321 MBEDTLS_MD_SHA1,
322 0, NULL,
323 buf ) );
324
325 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
326 mbedtls_rsa_rsassa_pss_verify( NULL, NULL, NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]327 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]328 0, sizeof( buf ),
329 buf, buf ) );
330 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
331 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]332 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]333 0, sizeof( buf ),
334 NULL, buf ) );
335 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
336 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]337 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]338 0, sizeof( buf ),
339 buf, NULL ) );
340 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
341 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]342 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]343 MBEDTLS_MD_SHA1,
344 0, NULL,
345 buf ) );
346
347 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
348 mbedtls_rsa_rsassa_pss_verify_ext( NULL, NULL, NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]349 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]350 0, sizeof( buf ),
351 buf,
352 0, 0,
353 buf ) );
354 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
355 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]356 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]357 0, sizeof( buf ),
358 NULL, 0, 0,
359 buf ) );
360 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
361 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]362 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]363 0, sizeof( buf ),
364 buf, 0, 0,
365 NULL ) );
366 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
367 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
Thomas Daubney28b55852021-05-18 18:30:00 +0100[diff] [blame]368 MBEDTLS_RSA_PUBLIC,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]369 MBEDTLS_MD_SHA1,
370 0, NULL,
371 0, 0,
372 buf ) );
373
374 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
375 mbedtls_rsa_copy( NULL, &ctx ) );
376 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
377 mbedtls_rsa_copy( &ctx, NULL ) );
378
379exit:
380 return;
381}
382/* END_CASE */
383
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]384/* BEGIN_CASE */
Gilles Peskine914afe12021-02-01 17:55:24 +0100[diff] [blame]385void rsa_init_free( int reinit )
386{
387 mbedtls_rsa_context ctx;
388
389 /* Double free is not explicitly documented to work, but we rely on it
390 * even inside the library so that you can call mbedtls_rsa_free()
391 * unconditionally on an error path without checking whether it has
392 * already been called in the success path. */
393
394 mbedtls_rsa_init( &ctx, 0, 0 );
395 mbedtls_rsa_free( &ctx );
396
397 if( reinit )
398 mbedtls_rsa_init( &ctx, 0, 0 );
399 mbedtls_rsa_free( &ctx );
400
401 /* This test case always succeeds, functionally speaking. A plausible
402 * bug might trigger an invalid pointer dereference or a memory leak. */
403 goto exit;
404}
405/* END_CASE */
406
407/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]408void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]409 int digest, int mod, int radix_P, char * input_P,
410 int radix_Q, char * input_Q, int radix_N,
411 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]412 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]413{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]414 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
415 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]416 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]417 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]418 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]419
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]420 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
421 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]422 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]423
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]424 memset( hash_result, 0x00, sizeof( hash_result ) );
425 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]426 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]427
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]428 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
429 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
430 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
431 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]432
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]433 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
434 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]435 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]436 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]437
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]438
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]439 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]440 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]441
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]442 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
Thomas Daubney140184d2021-05-18 16:04:07 +0100[diff] [blame]443 &rnd_info, digest, 0, hash_result,
444 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]445 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]446 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]447
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]448 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
449 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]450 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]451
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]452exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]453 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
454 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]455 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]456}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]457/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]458
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]459/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]460void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]461 int digest, int mod, int radix_N,
462 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]463 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]464{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]465 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]466 mbedtls_rsa_context ctx;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]467
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]468 mbedtls_mpi N, E;
469
470 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]471 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]472 memset( hash_result, 0x00, sizeof( hash_result ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]473
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]474 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
475 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
476 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
477 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]478 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]479
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]480
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]481 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]482 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]483
Thomas Daubney68d9cbc2021-05-18 18:45:09 +0100[diff] [blame^]484 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, digest, 0, hash_result, result_str->x ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]485
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]486exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]487 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]488 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]489}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]490/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]491
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]492
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]493/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]494void rsa_pkcs1_sign_raw( data_t * hash_result,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]495 int padding_mode, int mod, int radix_P,
496 char * input_P, int radix_Q, char * input_Q,
497 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]498 char * input_E, data_t * result_str )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]499{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]500 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]501 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]502 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]503 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]504
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]505 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]506 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
507 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]508
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]509 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]510 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]511
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]512 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
513 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
514 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
515 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]516
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]517 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
518 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]519 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]520 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]521
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]522
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]523 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
Thomas Daubney140184d2021-05-18 16:04:07 +0100[diff] [blame]524 &rnd_info, MBEDTLS_MD_NONE,
525 hash_result->len,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]526 hash_result->x, output ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]527
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]528
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]529 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
530 ctx.len, result_str->len ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]531
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]532exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]533 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
534 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
535
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]536 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]537}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]538/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]539
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]540/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]541void rsa_pkcs1_verify_raw( data_t * hash_result,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]542 int padding_mode, int mod, int radix_N,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]543 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]544 data_t * result_str, int correct )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]545{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]546 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]547 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]548
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]549 mbedtls_mpi N, E;
550 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
551
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]552 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]553 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]554
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]555 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
556 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]557
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]558 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
559 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]560 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]561
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]562
Thomas Daubney68d9cbc2021-05-18 18:45:09 +0100[diff] [blame^]563 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]564
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]565exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]566 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]567 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]568}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]569/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]570
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]571/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]572void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]573 int mod, int radix_N, char * input_N,
574 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]575 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]576{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]577 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]578 mbedtls_rsa_context ctx;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]579 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]580
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]581 mbedtls_mpi N, E;
582 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
583
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]584 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]585
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]586 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]587 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]588
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]589 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
590 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]591
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]592 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
593 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]594 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]595
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]596
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]597 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx,
598 &mbedtls_test_rnd_pseudo_rand,
Thomas Daubney21772772021-05-13 17:30:32 +0100[diff] [blame]599 &rnd_info, message_str->len,
600 message_str->x,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]601 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]602 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]603 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]604
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]605 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
606 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]607 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]608
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]609exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]610 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]611 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]612}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]613/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]614
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]615/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]616void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]617 int mod, int radix_N, char * input_N,
618 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]619 data_t * result_str, int result )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]620{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]621 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]622 mbedtls_rsa_context ctx;
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]623
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]624 mbedtls_mpi N, E;
625
626 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]627 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]628 memset( output, 0x00, sizeof( output ) );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]629
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]630 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
631 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]632
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]633 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
634 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]635 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]636
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]637
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]638 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &mbedtls_test_rnd_zero_rand,
Thomas Daubney21772772021-05-13 17:30:32 +0100[diff] [blame]639 NULL, message_str->len,
640 message_str->x,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]641 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]642 if( result == 0 )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]643 {
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]644
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]645 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
646 ctx.len, result_str->len ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]647 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]648
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]649exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]650 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]651 mbedtls_rsa_free( &ctx );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]652}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]653/* END_CASE */
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]654
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]655/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]656void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]657 int mod, int radix_P, char * input_P,
658 int radix_Q, char * input_Q, int radix_N,
659 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]660 int max_output, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]661 int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]662{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]663 unsigned char output[32];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]664 mbedtls_rsa_context ctx;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]665 size_t output_len;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]666 mbedtls_test_rnd_pseudo_info rnd_info;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]667 mbedtls_mpi N, P, Q, E;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]668
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]669 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
670 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
671
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]672 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]673
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]674 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]675 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]676
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]677
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]678 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
679 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
680 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
681 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]682
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]683 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
684 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]685 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]686 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]687
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]688 output_len = 0;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]689
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]690 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, mbedtls_test_rnd_pseudo_rand,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]691 &rnd_info,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]692 &output_len, message_str->x, output,
693 max_output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]694 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]695 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]696
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]697 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]698 output_len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]699 result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]700 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]701
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]702exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]703 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
704 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]705 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]706}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]707/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]708
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]709/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]710void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]711 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]712 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]713{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]714 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]715 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]716
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]717 mbedtls_mpi N, E;
718
719 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]720 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
721 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]722 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]723
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]724 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
725 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]726
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]727 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
728 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]729 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]730
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]731
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]732 TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]733 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]734 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]735
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]736 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
737 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]738 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]739
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]740 /* And now with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]741 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]742 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]743 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]744
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]745 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]746
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]747 memset( output, 0x00, sizeof( output ) );
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]748 TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str->x, output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]749 if( result == 0 )
750 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]751
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]752 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
753 ctx.len, result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]754 }
755
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]756exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]757 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]758 mbedtls_rsa_free( &ctx );
759 mbedtls_rsa_free( &ctx2 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]760}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]761/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]762
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]763/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]764void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]765 char * input_P, int radix_Q, char * input_Q,
766 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]767 char * input_E, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]768 int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]769{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]770 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]771 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]772 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]773 mbedtls_test_rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]774 int i;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]775
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]776 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
777 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]778 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
779 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]780
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]781 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]782
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]783 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
784 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
785 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
786 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]787
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]788 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
789 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]790 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]791 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]792
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]793
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]794 /* repeat three times to test updating of blinding values */
795 for( i = 0; i < 3; i++ )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]796 {
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]797 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]798 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_test_rnd_pseudo_rand,
799 &rnd_info, message_str->x,
800 output ) == result );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]801 if( result == 0 )
802 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]803
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]804 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]805 ctx.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]806 result_str->len ) == 0 );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]807 }
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]808 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]809
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]810 /* And now one more time with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]811 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]812 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]813 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]814
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]815 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]816
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]817 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]818 TEST_ASSERT( mbedtls_rsa_private( &ctx2, mbedtls_test_rnd_pseudo_rand,
819 &rnd_info, message_str->x,
820 output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]821 if( result == 0 )
822 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]823
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]824 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]825 ctx2.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]826 result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]827 }
828
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]829exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]830 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
831 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
832
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]833 mbedtls_rsa_free( &ctx ); mbedtls_rsa_free( &ctx2 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]834}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]835/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]836
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]837/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]838void rsa_check_privkey_null( )
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]839{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]840 mbedtls_rsa_context ctx;
841 memset( &ctx, 0x00, sizeof( mbedtls_rsa_context ) );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]842
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]843 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]844}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]845/* END_CASE */
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]846
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]847/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]848void mbedtls_rsa_check_pubkey( int radix_N, char * input_N, int radix_E,
849 char * input_E, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]850{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]851 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]852 mbedtls_mpi N, E;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]853
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]854 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]855 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]856
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]857 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]858 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]859 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]860 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]861 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]862 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]863 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]864 }
865
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]866 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]867 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]868
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]869exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]870 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]871 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]872}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]873/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]874
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]875/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]876void mbedtls_rsa_check_privkey( int mod, int radix_P, char * input_P,
877 int radix_Q, char * input_Q, int radix_N,
878 char * input_N, int radix_E, char * input_E,
879 int radix_D, char * input_D, int radix_DP,
880 char * input_DP, int radix_DQ,
881 char * input_DQ, int radix_QP,
882 char * input_QP, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]883{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]884 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]885
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]886 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]887
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]888 ctx.len = mod / 8;
889 if( strlen( input_P ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]890 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]891 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]892 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]893 if( strlen( input_Q ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]894 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]895 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]896 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]897 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]898 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]899 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]900 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]901 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]902 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]903 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]904 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]905 if( strlen( input_D ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]906 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]907 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.D, radix_D, input_D ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]908 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]909#if !defined(MBEDTLS_RSA_NO_CRT)
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]910 if( strlen( input_DP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]911 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]912 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DP, radix_DP, input_DP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]913 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]914 if( strlen( input_DQ ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]915 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]916 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]917 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]918 if( strlen( input_QP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]919 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]920 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.QP, radix_QP, input_QP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]921 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]922#else
923 ((void) radix_DP); ((void) input_DP);
924 ((void) radix_DQ); ((void) input_DQ);
925 ((void) radix_QP); ((void) input_QP);
926#endif
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]927
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]928 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]929
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]930exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]931 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]932}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]933/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]934
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]935/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]936void rsa_check_pubpriv( int mod, int radix_Npub, char * input_Npub,
937 int radix_Epub, char * input_Epub, int radix_P,
938 char * input_P, int radix_Q, char * input_Q,
939 int radix_N, char * input_N, int radix_E,
940 char * input_E, int radix_D, char * input_D,
941 int radix_DP, char * input_DP, int radix_DQ,
942 char * input_DQ, int radix_QP, char * input_QP,
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]943 int result )
944{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]945 mbedtls_rsa_context pub, prv;
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]946
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]947 mbedtls_rsa_init( &pub, MBEDTLS_RSA_PKCS_V15, 0 );
948 mbedtls_rsa_init( &prv, MBEDTLS_RSA_PKCS_V15, 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]949
950 pub.len = mod / 8;
951 prv.len = mod / 8;
952
953 if( strlen( input_Npub ) )
954 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]955 TEST_ASSERT( mbedtls_mpi_read_string( &pub.N, radix_Npub, input_Npub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]956 }
957 if( strlen( input_Epub ) )
958 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]959 TEST_ASSERT( mbedtls_mpi_read_string( &pub.E, radix_Epub, input_Epub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]960 }
961
962 if( strlen( input_P ) )
963 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]964 TEST_ASSERT( mbedtls_mpi_read_string( &prv.P, radix_P, input_P ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]965 }
966 if( strlen( input_Q ) )
967 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]968 TEST_ASSERT( mbedtls_mpi_read_string( &prv.Q, radix_Q, input_Q ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]969 }
970 if( strlen( input_N ) )
971 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]972 TEST_ASSERT( mbedtls_mpi_read_string( &prv.N, radix_N, input_N ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]973 }
974 if( strlen( input_E ) )
975 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]976 TEST_ASSERT( mbedtls_mpi_read_string( &prv.E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]977 }
978 if( strlen( input_D ) )
979 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]980 TEST_ASSERT( mbedtls_mpi_read_string( &prv.D, radix_D, input_D ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]981 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]982#if !defined(MBEDTLS_RSA_NO_CRT)
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]983 if( strlen( input_DP ) )
984 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]985 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DP, radix_DP, input_DP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]986 }
987 if( strlen( input_DQ ) )
988 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]989 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DQ, radix_DQ, input_DQ ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]990 }
991 if( strlen( input_QP ) )
992 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]993 TEST_ASSERT( mbedtls_mpi_read_string( &prv.QP, radix_QP, input_QP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]994 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]995#else
996 ((void) radix_DP); ((void) input_DP);
997 ((void) radix_DQ); ((void) input_DQ);
998 ((void) radix_QP); ((void) input_QP);
999#endif
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1000
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1001 TEST_ASSERT( mbedtls_rsa_check_pub_priv( &pub, &prv ) == result );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1002
1003exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1004 mbedtls_rsa_free( &pub );
1005 mbedtls_rsa_free( &prv );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1006}
1007/* END_CASE */
1008
Hanno Beckerd4a872e2017-09-07 08:09:33 +0100[diff] [blame]1009/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1010void mbedtls_rsa_gen_key( int nrbits, int exponent, int result)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1011{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1012 mbedtls_rsa_context ctx;
1013 mbedtls_entropy_context entropy;
1014 mbedtls_ctr_drbg_context ctr_drbg;
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]1015 const char *pers = "test_suite_rsa";
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1016
Manuel Pégourié-Gonnard8d128ef2015-04-28 22:38:08 +0200[diff] [blame]1017 mbedtls_ctr_drbg_init( &ctr_drbg );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1018 mbedtls_entropy_init( &entropy );
Hanno Becker7e8e57c2017-07-23 10:19:29 +0100[diff] [blame]1019 mbedtls_rsa_init ( &ctx, 0, 0 );
Paul Bakkerc0a1a312011-12-04 17:12:15 +0000[diff] [blame]1020
Hanno Beckera47023e2017-12-22 17:08:03 +0000[diff] [blame]1021 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1022 &entropy, (const unsigned char *) pers,
1023 strlen( pers ) ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1024
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1025 TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1026 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1027 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1028 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Janos Follathef441782016-09-21 13:18:12 +0100[diff] [blame]1029 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &ctx.Q ) > 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1030 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1031
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1032exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1033 mbedtls_rsa_free( &ctx );
1034 mbedtls_ctr_drbg_free( &ctr_drbg );
1035 mbedtls_entropy_free( &entropy );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1036}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1037/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1038
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1039/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Hanno Becker0f65e0c2017-10-03 14:39:16 +0100[diff] [blame]1040void mbedtls_rsa_deduce_primes( int radix_N, char *input_N,
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1041 int radix_D, char *input_D,
1042 int radix_E, char *input_E,
1043 int radix_P, char *output_P,
1044 int radix_Q, char *output_Q,
1045 int corrupt, int result )
1046{
1047 mbedtls_mpi N, P, Pp, Q, Qp, D, E;
1048
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1049 mbedtls_mpi_init( &N );
1050 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1051 mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp );
1052 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1053
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1054 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1055 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1056 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1057 TEST_ASSERT( mbedtls_mpi_read_string( &Qp, radix_P, output_P ) == 0 );
1058 TEST_ASSERT( mbedtls_mpi_read_string( &Pp, radix_Q, output_Q ) == 0 );
1059
1060 if( corrupt )
1061 TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 );
1062
1063 /* Try to deduce P, Q from N, D, E only. */
Hanno Beckerf9e184b2017-10-10 16:49:26 +0100[diff] [blame]1064 TEST_ASSERT( mbedtls_rsa_deduce_primes( &N, &D, &E, &P, &Q ) == result );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1065
1066 if( !corrupt )
1067 {
1068 /* Check if (P,Q) = (Pp, Qp) or (P,Q) = (Qp, Pp) */
1069 TEST_ASSERT( ( mbedtls_mpi_cmp_mpi( &P, &Pp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Qp ) == 0 ) ||
1070 ( mbedtls_mpi_cmp_mpi( &P, &Qp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Pp ) == 0 ) );
1071 }
1072
1073exit:
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1074 mbedtls_mpi_free( &N );
1075 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1076 mbedtls_mpi_free( &Pp ); mbedtls_mpi_free( &Qp );
1077 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1078}
1079/* END_CASE */
1080
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1081/* BEGIN_CASE */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1082void mbedtls_rsa_deduce_private_exponent( int radix_P, char *input_P,
1083 int radix_Q, char *input_Q,
1084 int radix_E, char *input_E,
1085 int radix_D, char *output_D,
1086 int corrupt, int result )
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1087{
1088 mbedtls_mpi P, Q, D, Dp, E, R, Rp;
1089
1090 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1091 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &Dp );
1092 mbedtls_mpi_init( &E );
1093 mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp );
1094
1095 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1096 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1097 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1098 TEST_ASSERT( mbedtls_mpi_read_string( &Dp, radix_D, output_D ) == 0 );
1099
1100 if( corrupt )
1101 {
1102 /* Make E even */
1103 TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 0 ) == 0 );
1104 }
1105
1106 /* Try to deduce D from N, P, Q, E. */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1107 TEST_ASSERT( mbedtls_rsa_deduce_private_exponent( &P, &Q,
1108 &E, &D ) == result );
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1109
1110 if( !corrupt )
1111 {
1112 /*
1113 * Check that D and Dp agree modulo LCM(P-1, Q-1).
1114 */
1115
1116 /* Replace P,Q by P-1, Q-1 */
1117 TEST_ASSERT( mbedtls_mpi_sub_int( &P, &P, 1 ) == 0 );
1118 TEST_ASSERT( mbedtls_mpi_sub_int( &Q, &Q, 1 ) == 0 );
1119
1120 /* Check D == Dp modulo P-1 */
1121 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &P ) == 0 );
1122 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &P ) == 0 );
1123 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1124
1125 /* Check D == Dp modulo Q-1 */
1126 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &Q ) == 0 );
1127 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &Q ) == 0 );
1128 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1129 }
1130
1131exit:
1132
1133 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1134 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &Dp );
1135 mbedtls_mpi_free( &E );
1136 mbedtls_mpi_free( &R ); mbedtls_mpi_free( &Rp );
1137}
1138/* END_CASE */
1139
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1140/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1141void mbedtls_rsa_import( int radix_N, char *input_N,
1142 int radix_P, char *input_P,
1143 int radix_Q, char *input_Q,
1144 int radix_D, char *input_D,
1145 int radix_E, char *input_E,
1146 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1147 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1148 int res_check,
1149 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1150{
1151 mbedtls_mpi N, P, Q, D, E;
1152 mbedtls_rsa_context ctx;
1153
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1154 /* Buffers used for encryption-decryption test */
1155 unsigned char *buf_orig = NULL;
1156 unsigned char *buf_enc = NULL;
1157 unsigned char *buf_dec = NULL;
1158
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1159 mbedtls_entropy_context entropy;
1160 mbedtls_ctr_drbg_context ctr_drbg;
1161 const char *pers = "test_suite_rsa";
1162
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1163 const int have_N = ( strlen( input_N ) > 0 );
1164 const int have_P = ( strlen( input_P ) > 0 );
1165 const int have_Q = ( strlen( input_Q ) > 0 );
1166 const int have_D = ( strlen( input_D ) > 0 );
1167 const int have_E = ( strlen( input_E ) > 0 );
1168
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1169 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1170 mbedtls_entropy_init( &entropy );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1171 mbedtls_rsa_init( &ctx, 0, 0 );
1172
1173 mbedtls_mpi_init( &N );
1174 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1175 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1176
Hanno Beckerd4d60572018-01-10 07:12:01 +0000[diff] [blame]1177 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
1178 (const unsigned char *) pers, strlen( pers ) ) == 0 );
1179
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1180 if( have_N )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1181 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1182
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1183 if( have_P )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1184 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1185
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1186 if( have_Q )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1187 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1188
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1189 if( have_D )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1190 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1191
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1192 if( have_E )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1193 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1194
1195 if( !successive )
1196 {
1197 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1198 have_N ? &N : NULL,
1199 have_P ? &P : NULL,
1200 have_Q ? &Q : NULL,
1201 have_D ? &D : NULL,
1202 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1203 }
1204 else
1205 {
1206 /* Import N, P, Q, D, E separately.
1207 * This should make no functional difference. */
1208
1209 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1210 have_N ? &N : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1211 NULL, NULL, NULL, NULL ) == 0 );
1212
1213 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1214 NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1215 have_P ? &P : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1216 NULL, NULL, NULL ) == 0 );
1217
1218 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1219 NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1220 have_Q ? &Q : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1221 NULL, NULL ) == 0 );
1222
1223 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1224 NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1225 have_D ? &D : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1226 NULL ) == 0 );
1227
1228 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1229 NULL, NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1230 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1231 }
1232
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1233 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1234
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1235 /* On expected success, perform some public and private
1236 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1237 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1238 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1239 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1240 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1241 else
1242 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1243
1244 if( res_check != 0 )
1245 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1246
1247 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1248 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1249 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1250 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1251 goto exit;
1252
1253 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1254 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1255
1256 /* Make sure the number we're generating is smaller than the modulus */
1257 buf_orig[0] = 0x00;
1258
1259 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1260
1261 if( is_priv )
1262 {
1263 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1264 &ctr_drbg, buf_enc,
1265 buf_dec ) == 0 );
1266
1267 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1268 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1269 }
1270 }
1271
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1272exit:
1273
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1274 mbedtls_free( buf_orig );
1275 mbedtls_free( buf_enc );
1276 mbedtls_free( buf_dec );
1277
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1278 mbedtls_rsa_free( &ctx );
1279
1280 mbedtls_ctr_drbg_free( &ctr_drbg );
1281 mbedtls_entropy_free( &entropy );
1282
1283 mbedtls_mpi_free( &N );
1284 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1285 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1286}
1287/* END_CASE */
1288
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1289/* BEGIN_CASE */
1290void mbedtls_rsa_export( int radix_N, char *input_N,
1291 int radix_P, char *input_P,
1292 int radix_Q, char *input_Q,
1293 int radix_D, char *input_D,
1294 int radix_E, char *input_E,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1295 int is_priv,
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1296 int successive )
1297{
1298 /* Original MPI's with which we set up the RSA context */
1299 mbedtls_mpi N, P, Q, D, E;
1300
1301 /* Exported MPI's */
1302 mbedtls_mpi Ne, Pe, Qe, De, Ee;
1303
1304 const int have_N = ( strlen( input_N ) > 0 );
1305 const int have_P = ( strlen( input_P ) > 0 );
1306 const int have_Q = ( strlen( input_Q ) > 0 );
1307 const int have_D = ( strlen( input_D ) > 0 );
1308 const int have_E = ( strlen( input_E ) > 0 );
1309
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1310 mbedtls_rsa_context ctx;
1311
1312 mbedtls_rsa_init( &ctx, 0, 0 );
1313
1314 mbedtls_mpi_init( &N );
1315 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1316 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1317
1318 mbedtls_mpi_init( &Ne );
1319 mbedtls_mpi_init( &Pe ); mbedtls_mpi_init( &Qe );
1320 mbedtls_mpi_init( &De ); mbedtls_mpi_init( &Ee );
1321
1322 /* Setup RSA context */
1323
1324 if( have_N )
1325 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1326
1327 if( have_P )
1328 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1329
1330 if( have_Q )
1331 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1332
1333 if( have_D )
1334 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1335
1336 if( have_E )
1337 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1338
1339 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1340 strlen( input_N ) ? &N : NULL,
1341 strlen( input_P ) ? &P : NULL,
1342 strlen( input_Q ) ? &Q : NULL,
1343 strlen( input_D ) ? &D : NULL,
1344 strlen( input_E ) ? &E : NULL ) == 0 );
1345
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1346 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1347
1348 /*
1349 * Export parameters and compare to original ones.
1350 */
1351
1352 /* N and E must always be present. */
1353 if( !successive )
1354 {
1355 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, &Ee ) == 0 );
1356 }
1357 else
1358 {
1359 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, NULL ) == 0 );
1360 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL, NULL, &Ee ) == 0 );
1361 }
1362 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &Ne ) == 0 );
1363 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &E, &Ee ) == 0 );
1364
1365 /* If we were providing enough information to setup a complete private context,
1366 * we expect to be able to export all core parameters. */
1367
1368 if( is_priv )
1369 {
1370 if( !successive )
1371 {
1372 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, &Qe,
1373 &De, NULL ) == 0 );
1374 }
1375 else
1376 {
1377 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, NULL,
1378 NULL, NULL ) == 0 );
1379 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, &Qe,
1380 NULL, NULL ) == 0 );
1381 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL,
1382 &De, NULL ) == 0 );
1383 }
1384
1385 if( have_P )
1386 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P, &Pe ) == 0 );
1387
1388 if( have_Q )
1389 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &Qe ) == 0 );
1390
1391 if( have_D )
1392 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &D, &De ) == 0 );
1393
1394 /* While at it, perform a sanity check */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1395 TEST_ASSERT( mbedtls_rsa_validate_params( &Ne, &Pe, &Qe, &De, &Ee,
1396 NULL, NULL ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1397 }
1398
1399exit:
1400
1401 mbedtls_rsa_free( &ctx );
1402
1403 mbedtls_mpi_free( &N );
1404 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1405 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1406
1407 mbedtls_mpi_free( &Ne );
1408 mbedtls_mpi_free( &Pe ); mbedtls_mpi_free( &Qe );
1409 mbedtls_mpi_free( &De ); mbedtls_mpi_free( &Ee );
1410}
1411/* END_CASE */
1412
Manuel Pégourié-Gonnardd12402f2020-05-20 10:34:25 +0200[diff] [blame]1413/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1414void mbedtls_rsa_validate_params( int radix_N, char *input_N,
1415 int radix_P, char *input_P,
1416 int radix_Q, char *input_Q,
1417 int radix_D, char *input_D,
1418 int radix_E, char *input_E,
1419 int prng, int result )
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1420{
1421 /* Original MPI's with which we set up the RSA context */
1422 mbedtls_mpi N, P, Q, D, E;
1423
1424 const int have_N = ( strlen( input_N ) > 0 );
1425 const int have_P = ( strlen( input_P ) > 0 );
1426 const int have_Q = ( strlen( input_Q ) > 0 );
1427 const int have_D = ( strlen( input_D ) > 0 );
1428 const int have_E = ( strlen( input_E ) > 0 );
1429
1430 mbedtls_entropy_context entropy;
1431 mbedtls_ctr_drbg_context ctr_drbg;
1432 const char *pers = "test_suite_rsa";
1433
1434 mbedtls_mpi_init( &N );
1435 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1436 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1437
1438 mbedtls_ctr_drbg_init( &ctr_drbg );
1439 mbedtls_entropy_init( &entropy );
1440 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1441 &entropy, (const unsigned char *) pers,
1442 strlen( pers ) ) == 0 );
1443
1444 if( have_N )
1445 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1446
1447 if( have_P )
1448 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1449
1450 if( have_Q )
1451 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1452
1453 if( have_D )
1454 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1455
1456 if( have_E )
1457 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1458
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1459 TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL,
1460 have_P ? &P : NULL,
1461 have_Q ? &Q : NULL,
1462 have_D ? &D : NULL,
1463 have_E ? &E : NULL,
1464 prng ? mbedtls_ctr_drbg_random : NULL,
1465 prng ? &ctr_drbg : NULL ) == result );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1466exit:
1467
1468 mbedtls_ctr_drbg_free( &ctr_drbg );
1469 mbedtls_entropy_free( &entropy );
1470
1471 mbedtls_mpi_free( &N );
1472 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1473 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1474}
1475/* END_CASE */
1476
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1477/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1478void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P,
1479 data_t *input_Q, data_t *input_D,
1480 data_t *input_E, int is_priv,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1481 int successive )
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1482{
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1483 /* Exported buffers */
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]1484 unsigned char bufNe[256];
1485 unsigned char bufPe[128];
1486 unsigned char bufQe[128];
1487 unsigned char bufDe[256];
1488 unsigned char bufEe[1];
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1489
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1490 mbedtls_rsa_context ctx;
1491
1492 mbedtls_rsa_init( &ctx, 0, 0 );
1493
1494 /* Setup RSA context */
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1495 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1496 input_N->len ? input_N->x : NULL, input_N->len,
1497 input_P->len ? input_P->x : NULL, input_P->len,
1498 input_Q->len ? input_Q->x : NULL, input_Q->len,
1499 input_D->len ? input_D->x : NULL, input_D->len,
1500 input_E->len ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1501
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1502 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1503
1504 /*
1505 * Export parameters and compare to original ones.
1506 */
1507
1508 /* N and E must always be present. */
1509 if( !successive )
1510 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1511 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1512 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1513 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1514 }
1515 else
1516 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1517 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1518 NULL, 0, NULL, 0, NULL, 0,
1519 NULL, 0 ) == 0 );
1520 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
1521 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1522 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1523 }
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1524 TEST_ASSERT( memcmp( input_N->x, bufNe, input_N->len ) == 0 );
1525 TEST_ASSERT( memcmp( input_E->x, bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1526
1527 /* If we were providing enough information to setup a complete private context,
1528 * we expect to be able to export all core parameters. */
1529
1530 if( is_priv )
1531 {
1532 if( !successive )
1533 {
1534 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1535 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
1536 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
1537 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1538 NULL, 0 ) == 0 );
1539 }
1540 else
1541 {
1542 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1543 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1544 NULL, 0, NULL, 0,
1545 NULL, 0 ) == 0 );
1546
1547 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1548 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1549 NULL, 0, NULL, 0 ) == 0 );
1550
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1551 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0, NULL, 0,
1552 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1553 NULL, 0 ) == 0 );
1554 }
1555
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1556 if( input_P->len )
1557 TEST_ASSERT( memcmp( input_P->x, bufPe, input_P->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1558
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1559 if( input_Q->len )
1560 TEST_ASSERT( memcmp( input_Q->x, bufQe, input_Q->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1561
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1562 if( input_D->len )
1563 TEST_ASSERT( memcmp( input_D->x, bufDe, input_D->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1564
1565 }
1566
1567exit:
1568 mbedtls_rsa_free( &ctx );
1569}
1570/* END_CASE */
1571
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1572/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1573void mbedtls_rsa_import_raw( data_t *input_N,
1574 data_t *input_P, data_t *input_Q,
1575 data_t *input_D, data_t *input_E,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1576 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1577 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1578 int res_check,
1579 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1580{
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1581 /* Buffers used for encryption-decryption test */
1582 unsigned char *buf_orig = NULL;
1583 unsigned char *buf_enc = NULL;
1584 unsigned char *buf_dec = NULL;
1585
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1586 mbedtls_rsa_context ctx;
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1587 mbedtls_entropy_context entropy;
1588 mbedtls_ctr_drbg_context ctr_drbg;
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1589
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1590 const char *pers = "test_suite_rsa";
1591
1592 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1593 mbedtls_entropy_init( &entropy );
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1594 mbedtls_rsa_init( &ctx, 0, 0 );
1595
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1596 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1597 &entropy, (const unsigned char *) pers,
1598 strlen( pers ) ) == 0 );
1599
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1600 if( !successive )
1601 {
1602 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1603 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
1604 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
1605 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
1606 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
1607 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1608 }
1609 else
1610 {
1611 /* Import N, P, Q, D, E separately.
1612 * This should make no functional difference. */
1613
1614 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1615 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1616 NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1617
1618 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1619 NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1620 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1621 NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1622
1623 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1624 NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1625 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1626 NULL, 0, NULL, 0 ) == 0 );
1627
1628 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1629 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1630 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1631 NULL, 0 ) == 0 );
1632
1633 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1634 NULL, 0, NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1635 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1636 }
1637
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1638 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1639
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1640 /* On expected success, perform some public and private
1641 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1642 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1643 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1644 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1645 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1646 else
1647 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1648
1649 if( res_check != 0 )
1650 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1651
1652 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1653 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1654 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1655 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1656 goto exit;
1657
1658 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1659 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1660
1661 /* Make sure the number we're generating is smaller than the modulus */
1662 buf_orig[0] = 0x00;
1663
1664 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1665
1666 if( is_priv )
1667 {
1668 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1669 &ctr_drbg, buf_enc,
1670 buf_dec ) == 0 );
1671
1672 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1673 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1674 }
1675 }
1676
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1677exit:
1678
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1679 mbedtls_free( buf_orig );
1680 mbedtls_free( buf_enc );
1681 mbedtls_free( buf_dec );
1682
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1683 mbedtls_rsa_free( &ctx );
1684
1685 mbedtls_ctr_drbg_free( &ctr_drbg );
1686 mbedtls_entropy_free( &entropy );
1687
1688}
1689/* END_CASE */
1690
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1691/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1692void rsa_selftest( )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1693{
Andres AG93012e82016-09-09 09:10:28 +0100[diff] [blame]1694 TEST_ASSERT( mbedtls_rsa_self_test( 1 ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1695}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1696/* END_CASE */