TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 750e8b4596c5c0a3d84303b432fe5be60cc4337c / . / tests / suites / test_suite_rsa.function
blob: 5f493c3a0a2aacd8b0e06831754f4c10bfd1aaf6 [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/rsa.h"
3#include "mbedtls/md2.h"
4#include "mbedtls/md4.h"
5#include "mbedtls/md5.h"
6#include "mbedtls/sha1.h"
7#include "mbedtls/sha256.h"
8#include "mbedtls/sha512.h"
9#include "mbedtls/entropy.h"
10#include "mbedtls/ctr_drbg.h"
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]11/* END_HEADER */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]12
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]13/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]14 * depends_on:MBEDTLS_RSA_C:MBEDTLS_BIGNUM_C:MBEDTLS_GENPRIME
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]15 * END_DEPENDENCIES
16 */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]17
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]18/* BEGIN_CASE */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]19void mbedtls_rsa_pkcs1_sign( char *message_hex_string, int padding_mode, int digest,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]20 int mod, int radix_P, char *input_P, int radix_Q,
21 char *input_Q, int radix_N, char *input_N, int radix_E,
22 char *input_E, char *result_hex_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]23{
24 unsigned char message_str[1000];
25 unsigned char hash_result[1000];
26 unsigned char output[1000];
27 unsigned char output_str[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]28 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]29 mbedtls_mpi N, P, Q, E;
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]30 int msg_len;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]31 rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]32
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]33 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
34 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]35 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]36
37 memset( message_str, 0x00, 1000 );
38 memset( hash_result, 0x00, 1000 );
39 memset( output, 0x00, 1000 );
40 memset( output_str, 0x00, 1000 );
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]41 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]42
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]43 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
44 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
45 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
46 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]47
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]48 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
49 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
50 TEST_ASSERT( mbedtls_rsa_complete( &ctx, NULL, NULL ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]51 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]52
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]53 msg_len = unhexify( message_str, message_hex_string );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]54
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]55 if( mbedtls_md_info_from_type( digest ) != NULL )
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]56 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ),
57 message_str, msg_len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]58
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]59 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_pseudo_rand, &rnd_info,
60 MBEDTLS_RSA_PRIVATE, digest, 0,
61 hash_result, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]62 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]63 {
64 hexify( output_str, output, ctx.len );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]65
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]66 TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]67 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]68
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]69exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]70 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
71 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]72 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]73}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]74/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]75
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]76/* BEGIN_CASE */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]77void mbedtls_rsa_pkcs1_verify( char *message_hex_string, int padding_mode, int digest,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]78 int mod, int radix_N, char *input_N, int radix_E,
79 char *input_E, char *result_hex_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]80{
81 unsigned char message_str[1000];
82 unsigned char hash_result[1000];
83 unsigned char result_str[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]84 mbedtls_rsa_context ctx;
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]85 int msg_len;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]86
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]87 mbedtls_mpi N, E;
88
89 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]90 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]91 memset( message_str, 0x00, 1000 );
92 memset( hash_result, 0x00, 1000 );
93 memset( result_str, 0x00, 1000 );
94
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]95 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
96 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
97 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
98 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]99 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]100
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]101 msg_len = unhexify( message_str, message_hex_string );
102 unhexify( result_str, result_hex_str );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]103
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]104 if( mbedtls_md_info_from_type( digest ) != NULL )
105 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str, msg_len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]106
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]107 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]108
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]109exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]110 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]111 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]112}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]113/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]114
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]115
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]116/* BEGIN_CASE */
117void rsa_pkcs1_sign_raw( char *message_hex_string, char *hash_result_string,
118 int padding_mode, int mod, int radix_P, char *input_P,
119 int radix_Q, char *input_Q, int radix_N,
120 char *input_N, int radix_E, char *input_E,
121 char *result_hex_str )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]122{
123 unsigned char message_str[1000];
124 unsigned char hash_result[1000];
125 unsigned char output[1000];
126 unsigned char output_str[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]127 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]128 mbedtls_mpi N, P, Q, E;
Paul Bakkereaf90d92011-07-13 14:21:52 +0000[diff] [blame]129 int hash_len;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]130 rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]131
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]132 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]133 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
134 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]135
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]136 memset( message_str, 0x00, 1000 );
137 memset( hash_result, 0x00, 1000 );
138 memset( output, 0x00, 1000 );
139 memset( output_str, 0x00, 1000 );
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]140 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]141
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]142 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
143 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
144 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
145 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]146
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]147 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
148 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
149 TEST_ASSERT( mbedtls_rsa_complete( &ctx, NULL, NULL ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]150 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]151
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]152 unhexify( message_str, message_hex_string );
153 hash_len = unhexify( hash_result, hash_result_string );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]154
Hanno Becker8fd55482017-08-23 14:07:48 +0100[diff] [blame]155 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_pseudo_rand, &rnd_info,
156 MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_NONE,
157 hash_len, hash_result, output ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]158
159 hexify( output_str, output, ctx.len );
160
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]161 TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]162
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]163 /* For PKCS#1 v1.5, there is an alternative way to generate signatures */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]164 if( padding_mode == MBEDTLS_RSA_PKCS_V15 )
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]165 {
166 memset( output, 0x00, 1000 );
167 memset( output_str, 0x00, 1000 );
168
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]169 TEST_ASSERT( mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx,
170 &rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE,
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]171 hash_len, hash_result, output ) == 0 );
172
173 hexify( output_str, output, ctx.len );
174
175 TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
176 }
177
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]178exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]179 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
180 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
181
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]182 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]183}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]184/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]185
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]186/* BEGIN_CASE */
187void rsa_pkcs1_verify_raw( char *message_hex_string, char *hash_result_string,
188 int padding_mode, int mod, int radix_N,
189 char *input_N, int radix_E, char *input_E,
190 char *result_hex_str, int correct )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]191{
192 unsigned char message_str[1000];
193 unsigned char hash_result[1000];
194 unsigned char result_str[1000];
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]195 unsigned char output[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]196 mbedtls_rsa_context ctx;
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]197 size_t hash_len, olen;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]198
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]199 mbedtls_mpi N, E;
200 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
201
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]202 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]203 memset( message_str, 0x00, 1000 );
204 memset( hash_result, 0x00, 1000 );
205 memset( result_str, 0x00, 1000 );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]206 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]207
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]208 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
209 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]210
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]211 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
212 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]213 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]214
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]215 unhexify( message_str, message_hex_string );
216 hash_len = unhexify( hash_result, hash_result_string );
217 unhexify( result_str, result_hex_str );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]218
Hanno Becker8fd55482017-08-23 14:07:48 +0100[diff] [blame]219 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
220 MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE,
221 hash_len, hash_result,
222 result_str ) == correct );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]223
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]224 /* For PKCS#1 v1.5, there is an alternative way to verify signatures */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]225 if( padding_mode == MBEDTLS_RSA_PKCS_V15 )
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]226 {
227 int ok;
228
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]229 TEST_ASSERT( mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx,
230 NULL, NULL, MBEDTLS_RSA_PUBLIC,
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]231 &olen, result_str, output, sizeof( output ) ) == 0 );
232
233 ok = olen == hash_len && memcmp( output, hash_result, olen ) == 0;
234 if( correct == 0 )
235 TEST_ASSERT( ok == 1 );
236 else
237 TEST_ASSERT( ok == 0 );
238 }
239
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]240exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]241 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]242 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]243}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]244/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]245
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]246/* BEGIN_CASE */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]247void mbedtls_rsa_pkcs1_encrypt( char *message_hex_string, int padding_mode, int mod,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]248 int radix_N, char *input_N, int radix_E, char *input_E,
249 char *result_hex_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]250{
251 unsigned char message_str[1000];
252 unsigned char output[1000];
253 unsigned char output_str[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]254 mbedtls_rsa_context ctx;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]255 size_t msg_len;
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]256 rnd_pseudo_info rnd_info;
257
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]258 mbedtls_mpi N, E;
259 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
260
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]261 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]262
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]263 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]264 memset( message_str, 0x00, 1000 );
265 memset( output, 0x00, 1000 );
266 memset( output_str, 0x00, 1000 );
267
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]268 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
269 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]270
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]271 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
272 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]273 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]274
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]275 msg_len = unhexify( message_str, message_hex_string );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]276
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]277 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PUBLIC, msg_len, message_str, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]278 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]279 {
280 hexify( output_str, output, ctx.len );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]281
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]282 TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]283 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]284
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]285exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]286 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]287 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]288}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]289/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]290
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]291/* BEGIN_CASE */
292void rsa_pkcs1_encrypt_bad_rng( char *message_hex_string, int padding_mode,
293 int mod, int radix_N, char *input_N,
294 int radix_E, char *input_E,
295 char *result_hex_str, int result )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]296{
297 unsigned char message_str[1000];
298 unsigned char output[1000];
299 unsigned char output_str[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]300 mbedtls_rsa_context ctx;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]301 size_t msg_len;
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]302
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]303 mbedtls_mpi N, E;
304
305 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]306 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]307 memset( message_str, 0x00, 1000 );
308 memset( output, 0x00, 1000 );
309 memset( output_str, 0x00, 1000 );
310
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]311 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
312 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]313
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]314 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
315 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]316 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]317
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]318 msg_len = unhexify( message_str, message_hex_string );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]319
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]320 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &rnd_zero_rand, NULL, MBEDTLS_RSA_PUBLIC, msg_len, message_str, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]321 if( result == 0 )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]322 {
323 hexify( output_str, output, ctx.len );
324
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]325 TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]326 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]327
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]328exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]329 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]330 mbedtls_rsa_free( &ctx );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]331}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]332/* END_CASE */
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]333
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]334/* BEGIN_CASE */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]335void mbedtls_rsa_pkcs1_decrypt( char *message_hex_string, int padding_mode, int mod,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]336 int radix_P, char *input_P, int radix_Q, char *input_Q,
337 int radix_N, char *input_N, int radix_E, char *input_E,
338 int max_output, char *result_hex_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]339{
340 unsigned char message_str[1000];
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]341 unsigned char output[1000];
342 unsigned char output_str[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]343 mbedtls_rsa_context ctx;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]344 size_t output_len;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]345 rnd_pseudo_info rnd_info;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]346 mbedtls_mpi N, P, Q, E;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]347
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]348 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
349 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
350
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]351 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]352
353 memset( message_str, 0x00, 1000 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]354 memset( output, 0x00, 1000 );
355 memset( output_str, 0x00, 1000 );
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]356 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]357
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]358
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]359 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
360 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
361 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
362 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]363
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]364 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
365 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
366 TEST_ASSERT( mbedtls_rsa_complete( &ctx, NULL, NULL ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]367 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]368
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]369 unhexify( message_str, message_hex_string );
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]370 output_len = 0;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]371
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]372 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE, &output_len, message_str, output, max_output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]373 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]374 {
375 hexify( output_str, output, ctx.len );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]376
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]377 TEST_ASSERT( strncasecmp( (char *) output_str, result_hex_str, strlen( result_hex_str ) ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]378 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]379
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]380exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]381 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
382 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]383 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]384}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]385/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]386
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]387/* BEGIN_CASE */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]388void mbedtls_rsa_public( char *message_hex_string, int mod, int radix_N, char *input_N,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]389 int radix_E, char *input_E, char *result_hex_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]390{
391 unsigned char message_str[1000];
392 unsigned char output[1000];
393 unsigned char output_str[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]394 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]395
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]396 mbedtls_mpi N, E;
397
398 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]399 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
400 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]401 memset( message_str, 0x00, 1000 );
402 memset( output, 0x00, 1000 );
403 memset( output_str, 0x00, 1000 );
404
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]405 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
406 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]407
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]408 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
409 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]410 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]411
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]412 unhexify( message_str, message_hex_string );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]413
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]414 TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]415 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]416 {
417 hexify( output_str, output, ctx.len );
418
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]419 TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]420 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]421
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]422 /* And now with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]423 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]424 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]425 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]426
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]427 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]428
429 memset( output, 0x00, 1000 );
430 memset( output_str, 0x00, 1000 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]431 TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str, output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]432 if( result == 0 )
433 {
434 hexify( output_str, output, ctx2.len );
435
436 TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
437 }
438
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]439exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]440 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]441 mbedtls_rsa_free( &ctx );
442 mbedtls_rsa_free( &ctx2 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]443}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]444/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]445
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]446/* BEGIN_CASE */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]447void mbedtls_rsa_private( char *message_hex_string, int mod, int radix_P, char *input_P,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]448 int radix_Q, char *input_Q, int radix_N, char *input_N,
449 int radix_E, char *input_E, char *result_hex_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]450{
451 unsigned char message_str[1000];
452 unsigned char output[1000];
453 unsigned char output_str[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]454 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]455 mbedtls_mpi N, P, Q, E;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]456 rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]457 int i;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]458
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]459 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
460 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]461 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
462 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]463
464 memset( message_str, 0x00, 1000 );
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]465 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]466
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]467 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
468 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
469 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
470 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]471
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]472 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
473 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
474 TEST_ASSERT( mbedtls_rsa_complete( &ctx, NULL, NULL ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]475 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]476
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]477 unhexify( message_str, message_hex_string );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]478
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]479 /* repeat three times to test updating of blinding values */
480 for( i = 0; i < 3; i++ )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]481 {
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]482 memset( output, 0x00, 1000 );
483 memset( output_str, 0x00, 1000 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]484 TEST_ASSERT( mbedtls_rsa_private( &ctx, rnd_pseudo_rand, &rnd_info,
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]485 message_str, output ) == result );
486 if( result == 0 )
487 {
488 hexify( output_str, output, ctx.len );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]489
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]490 TEST_ASSERT( strcasecmp( (char *) output_str,
491 result_hex_str ) == 0 );
492 }
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]493 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]494
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]495 /* And now one more time with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]496 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]497 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]498 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]499
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]500 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]501
502 memset( output, 0x00, 1000 );
503 memset( output_str, 0x00, 1000 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]504 TEST_ASSERT( mbedtls_rsa_private( &ctx2, rnd_pseudo_rand, &rnd_info,
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]505 message_str, output ) == result );
506 if( result == 0 )
507 {
508 hexify( output_str, output, ctx2.len );
509
510 TEST_ASSERT( strcasecmp( (char *) output_str,
511 result_hex_str ) == 0 );
512 }
513
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]514exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]515 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
516 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
517
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]518 mbedtls_rsa_free( &ctx ); mbedtls_rsa_free( &ctx2 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]519}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]520/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]521
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]522/* BEGIN_CASE */
523void rsa_check_privkey_null()
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]524{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]525 mbedtls_rsa_context ctx;
526 memset( &ctx, 0x00, sizeof( mbedtls_rsa_context ) );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]527
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]528 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]529}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]530/* END_CASE */
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]531
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]532/* BEGIN_CASE */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]533void mbedtls_rsa_check_pubkey( int radix_N, char *input_N, int radix_E, char *input_E,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]534 int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]535{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]536 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]537 mbedtls_mpi N, E;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]538
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]539 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]540 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]541
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]542 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]543 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]544 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]545 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]546 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]547 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]548 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]549 }
550
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]551 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]552 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]553
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]554exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]555 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]556 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]557}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]558/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]559
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]560/* BEGIN_CASE */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]561void mbedtls_rsa_check_privkey( int mod, int radix_P, char *input_P, int radix_Q,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]562 char *input_Q, int radix_N, char *input_N,
563 int radix_E, char *input_E, int radix_D, char *input_D,
564 int radix_DP, char *input_DP, int radix_DQ,
565 char *input_DQ, int radix_QP, char *input_QP,
566 int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]567{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]568 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]569
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]570 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]571
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]572 ctx.len = mod / 8;
573 if( strlen( input_P ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]574 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]575 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]576 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]577 if( strlen( input_Q ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]578 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]579 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]580 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]581 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]582 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]583 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]584 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]585 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]586 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]587 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]588 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]589 if( strlen( input_D ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]590 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]591 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.D, radix_D, input_D ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]592 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]593#if !defined(MBEDTLS_RSA_NO_CRT)
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]594 if( strlen( input_DP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]595 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]596 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DP, radix_DP, input_DP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]597 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]598 if( strlen( input_DQ ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]599 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]600 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]601 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]602 if( strlen( input_QP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]603 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]604 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.QP, radix_QP, input_QP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]605 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]606#else
607 ((void) radix_DP); ((void) input_DP);
608 ((void) radix_DQ); ((void) input_DQ);
609 ((void) radix_QP); ((void) input_QP);
610#endif
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]611
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]612 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]613
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]614exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]615 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]616}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]617/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]618
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]619/* BEGIN_CASE */
620void rsa_check_pubpriv( int mod, int radix_Npub, char *input_Npub,
621 int radix_Epub, char *input_Epub,
622 int radix_P, char *input_P, int radix_Q,
623 char *input_Q, int radix_N, char *input_N,
624 int radix_E, char *input_E, int radix_D, char *input_D,
625 int radix_DP, char *input_DP, int radix_DQ,
626 char *input_DQ, int radix_QP, char *input_QP,
627 int result )
628{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]629 mbedtls_rsa_context pub, prv;
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]630
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]631 mbedtls_rsa_init( &pub, MBEDTLS_RSA_PKCS_V15, 0 );
632 mbedtls_rsa_init( &prv, MBEDTLS_RSA_PKCS_V15, 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]633
634 pub.len = mod / 8;
635 prv.len = mod / 8;
636
637 if( strlen( input_Npub ) )
638 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]639 TEST_ASSERT( mbedtls_mpi_read_string( &pub.N, radix_Npub, input_Npub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]640 }
641 if( strlen( input_Epub ) )
642 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]643 TEST_ASSERT( mbedtls_mpi_read_string( &pub.E, radix_Epub, input_Epub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]644 }
645
646 if( strlen( input_P ) )
647 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]648 TEST_ASSERT( mbedtls_mpi_read_string( &prv.P, radix_P, input_P ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]649 }
650 if( strlen( input_Q ) )
651 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]652 TEST_ASSERT( mbedtls_mpi_read_string( &prv.Q, radix_Q, input_Q ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]653 }
654 if( strlen( input_N ) )
655 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]656 TEST_ASSERT( mbedtls_mpi_read_string( &prv.N, radix_N, input_N ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]657 }
658 if( strlen( input_E ) )
659 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]660 TEST_ASSERT( mbedtls_mpi_read_string( &prv.E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]661 }
662 if( strlen( input_D ) )
663 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]664 TEST_ASSERT( mbedtls_mpi_read_string( &prv.D, radix_D, input_D ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]665 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]666#if !defined(MBEDTLS_RSA_NO_CRT)
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]667 if( strlen( input_DP ) )
668 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]669 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DP, radix_DP, input_DP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]670 }
671 if( strlen( input_DQ ) )
672 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]673 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DQ, radix_DQ, input_DQ ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]674 }
675 if( strlen( input_QP ) )
676 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]677 TEST_ASSERT( mbedtls_mpi_read_string( &prv.QP, radix_QP, input_QP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]678 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]679#else
680 ((void) radix_DP); ((void) input_DP);
681 ((void) radix_DQ); ((void) input_DQ);
682 ((void) radix_QP); ((void) input_QP);
683#endif
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]684
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]685 TEST_ASSERT( mbedtls_rsa_check_pub_priv( &pub, &prv ) == result );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]686
687exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]688 mbedtls_rsa_free( &pub );
689 mbedtls_rsa_free( &prv );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]690}
691/* END_CASE */
692
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]693/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
694void mbedtls_rsa_gen_key( int nrbits, int exponent, int result)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]695{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]696 mbedtls_rsa_context ctx;
697 mbedtls_entropy_context entropy;
698 mbedtls_ctr_drbg_context ctr_drbg;
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]699 const char *pers = "test_suite_rsa";
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]700
Manuel Pégourié-Gonnard8d128ef2015-04-28 22:38:08 +0200[diff] [blame]701 mbedtls_ctr_drbg_init( &ctr_drbg );
702
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]703 mbedtls_entropy_init( &entropy );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]704 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
705 &entropy, (const unsigned char *) pers,
706 strlen( pers ) ) == 0 );
Paul Bakkerc0a1a312011-12-04 17:12:15 +0000[diff] [blame]707
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]708 mbedtls_rsa_init( &ctx, 0, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]709
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]710 TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_ctr_drbg_random,
711 &ctr_drbg, nrbits, exponent ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]712 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]713 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]714 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Janos Follathef441782016-09-21 13:18:12 +0100[diff] [blame]715 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &ctx.Q ) > 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]716 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]717
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]718exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]719 mbedtls_rsa_free( &ctx );
720 mbedtls_ctr_drbg_free( &ctr_drbg );
721 mbedtls_entropy_free( &entropy );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]722}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]723/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]724
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]725/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
726void mbedtls_rsa_deduce_moduli( int radix_N, char *input_N,
727 int radix_D, char *input_D,
728 int radix_E, char *input_E,
729 int radix_P, char *output_P,
730 int radix_Q, char *output_Q,
731 int corrupt, int result )
732{
733 mbedtls_mpi N, P, Pp, Q, Qp, D, E;
734
735 mbedtls_entropy_context entropy;
736 mbedtls_ctr_drbg_context ctr_drbg;
737 const char *pers = "test_suite_rsa";
738
739 mbedtls_mpi_init( &N );
740 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
741 mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp );
742 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
743
744 mbedtls_ctr_drbg_init( &ctr_drbg );
745 mbedtls_entropy_init( &entropy );
746 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
747 (const unsigned char *) pers, strlen( pers ) ) == 0 );
748
749 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
750 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
751 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
752 TEST_ASSERT( mbedtls_mpi_read_string( &Qp, radix_P, output_P ) == 0 );
753 TEST_ASSERT( mbedtls_mpi_read_string( &Pp, radix_Q, output_Q ) == 0 );
754
755 if( corrupt )
756 TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 );
757
758 /* Try to deduce P, Q from N, D, E only. */
759 TEST_ASSERT( mbedtls_rsa_deduce_moduli( &N, &D, &E, mbedtls_ctr_drbg_random,
760 &ctr_drbg, &P, &Q ) == result );
761
762 if( !corrupt )
763 {
764 /* Check if (P,Q) = (Pp, Qp) or (P,Q) = (Qp, Pp) */
765 TEST_ASSERT( ( mbedtls_mpi_cmp_mpi( &P, &Pp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Qp ) == 0 ) ||
766 ( mbedtls_mpi_cmp_mpi( &P, &Qp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Pp ) == 0 ) );
767 }
768
769exit:
770
771 mbedtls_mpi_free( &N );
772 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
773 mbedtls_mpi_free( &Pp ); mbedtls_mpi_free( &Qp );
774 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
775
776 mbedtls_ctr_drbg_free( &ctr_drbg );
777 mbedtls_entropy_free( &entropy );
778}
779/* END_CASE */
780
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]781/* BEGIN_CASE */
782void mbedtls_rsa_deduce_private( int radix_P, char *input_P,
783 int radix_Q, char *input_Q,
784 int radix_E, char *input_E,
785 int radix_D, char *output_D,
786 int corrupt, int result )
787{
788 mbedtls_mpi P, Q, D, Dp, E, R, Rp;
789
790 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
791 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &Dp );
792 mbedtls_mpi_init( &E );
793 mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp );
794
795 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
796 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
797 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
798 TEST_ASSERT( mbedtls_mpi_read_string( &Dp, radix_D, output_D ) == 0 );
799
800 if( corrupt )
801 {
802 /* Make E even */
803 TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 0 ) == 0 );
804 }
805
806 /* Try to deduce D from N, P, Q, E. */
807 TEST_ASSERT( mbedtls_rsa_deduce_private( &P, &Q, &D, &E ) == result );
808
809 if( !corrupt )
810 {
811 /*
812 * Check that D and Dp agree modulo LCM(P-1, Q-1).
813 */
814
815 /* Replace P,Q by P-1, Q-1 */
816 TEST_ASSERT( mbedtls_mpi_sub_int( &P, &P, 1 ) == 0 );
817 TEST_ASSERT( mbedtls_mpi_sub_int( &Q, &Q, 1 ) == 0 );
818
819 /* Check D == Dp modulo P-1 */
820 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &P ) == 0 );
821 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &P ) == 0 );
822 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
823
824 /* Check D == Dp modulo Q-1 */
825 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &Q ) == 0 );
826 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &Q ) == 0 );
827 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
828 }
829
830exit:
831
832 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
833 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &Dp );
834 mbedtls_mpi_free( &E );
835 mbedtls_mpi_free( &R ); mbedtls_mpi_free( &Rp );
836}
837/* END_CASE */
838
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]839/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
840void mbedtls_rsa_import( int radix_N, char *input_N,
841 int radix_P, char *input_P,
842 int radix_Q, char *input_Q,
843 int radix_D, char *input_D,
844 int radix_E, char *input_E,
845 int successive,
846 int result )
847{
848 mbedtls_mpi N, P, Q, D, E;
849 mbedtls_rsa_context ctx;
850
851 mbedtls_entropy_context entropy;
852 mbedtls_ctr_drbg_context ctr_drbg;
853 const char *pers = "test_suite_rsa";
854
855 mbedtls_ctr_drbg_init( &ctr_drbg );
856
857 mbedtls_entropy_init( &entropy );
858 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
859 (const unsigned char *) pers, strlen( pers ) ) == 0 );
860
861 mbedtls_rsa_init( &ctx, 0, 0 );
862
863 mbedtls_mpi_init( &N );
864 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
865 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
866
867 if( strlen( input_N ) )
868 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
869
870 if( strlen( input_P ) )
871 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
872
873 if( strlen( input_Q ) )
874 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
875
876 if( strlen( input_D ) )
877 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
878
879 if( strlen( input_E ) )
880 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
881
882 if( !successive )
883 {
884 TEST_ASSERT( mbedtls_rsa_import( &ctx,
885 strlen( input_N ) ? &N : NULL,
886 strlen( input_P ) ? &P : NULL,
887 strlen( input_Q ) ? &Q : NULL,
888 strlen( input_D ) ? &D : NULL,
889 strlen( input_E ) ? &E : NULL ) == 0 );
890 }
891 else
892 {
893 /* Import N, P, Q, D, E separately.
894 * This should make no functional difference. */
895
896 TEST_ASSERT( mbedtls_rsa_import( &ctx,
897 strlen( input_N ) ? &N : NULL,
898 NULL, NULL, NULL, NULL ) == 0 );
899
900 TEST_ASSERT( mbedtls_rsa_import( &ctx,
901 NULL,
902 strlen( input_P ) ? &P : NULL,
903 NULL, NULL, NULL ) == 0 );
904
905 TEST_ASSERT( mbedtls_rsa_import( &ctx,
906 NULL, NULL,
907 strlen( input_Q ) ? &Q : NULL,
908 NULL, NULL ) == 0 );
909
910 TEST_ASSERT( mbedtls_rsa_import( &ctx,
911 NULL, NULL, NULL,
912 strlen( input_D ) ? &D : NULL,
913 NULL ) == 0 );
914
915 TEST_ASSERT( mbedtls_rsa_import( &ctx,
916 NULL, NULL, NULL, NULL,
917 strlen( input_E ) ? &E : NULL ) == 0 );
918 }
919
920 TEST_ASSERT( mbedtls_rsa_complete( &ctx,
921 mbedtls_ctr_drbg_random,
922 &ctr_drbg ) == result );
923
924exit:
925
926 mbedtls_rsa_free( &ctx );
927
928 mbedtls_ctr_drbg_free( &ctr_drbg );
929 mbedtls_entropy_free( &entropy );
930
931 mbedtls_mpi_free( &N );
932 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
933 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
934}
935/* END_CASE */
936
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]937/* BEGIN_CASE */
938void mbedtls_rsa_export( int radix_N, char *input_N,
939 int radix_P, char *input_P,
940 int radix_Q, char *input_Q,
941 int radix_D, char *input_D,
942 int radix_E, char *input_E,
943 int successive )
944{
945 /* Original MPI's with which we set up the RSA context */
946 mbedtls_mpi N, P, Q, D, E;
947
948 /* Exported MPI's */
949 mbedtls_mpi Ne, Pe, Qe, De, Ee;
950
951 const int have_N = ( strlen( input_N ) > 0 );
952 const int have_P = ( strlen( input_P ) > 0 );
953 const int have_Q = ( strlen( input_Q ) > 0 );
954 const int have_D = ( strlen( input_D ) > 0 );
955 const int have_E = ( strlen( input_E ) > 0 );
956
957 const int is_priv = have_P || have_Q || have_D;
958
959 mbedtls_rsa_context ctx;
960
961 mbedtls_rsa_init( &ctx, 0, 0 );
962
963 mbedtls_mpi_init( &N );
964 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
965 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
966
967 mbedtls_mpi_init( &Ne );
968 mbedtls_mpi_init( &Pe ); mbedtls_mpi_init( &Qe );
969 mbedtls_mpi_init( &De ); mbedtls_mpi_init( &Ee );
970
971 /* Setup RSA context */
972
973 if( have_N )
974 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
975
976 if( have_P )
977 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
978
979 if( have_Q )
980 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
981
982 if( have_D )
983 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
984
985 if( have_E )
986 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
987
988 TEST_ASSERT( mbedtls_rsa_import( &ctx,
989 strlen( input_N ) ? &N : NULL,
990 strlen( input_P ) ? &P : NULL,
991 strlen( input_Q ) ? &Q : NULL,
992 strlen( input_D ) ? &D : NULL,
993 strlen( input_E ) ? &E : NULL ) == 0 );
994
995 TEST_ASSERT( mbedtls_rsa_complete( &ctx, NULL, NULL ) == 0 );
996
997 /*
998 * Export parameters and compare to original ones.
999 */
1000
1001 /* N and E must always be present. */
1002 if( !successive )
1003 {
1004 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, &Ee ) == 0 );
1005 }
1006 else
1007 {
1008 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, NULL ) == 0 );
1009 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL, NULL, &Ee ) == 0 );
1010 }
1011 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &Ne ) == 0 );
1012 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &E, &Ee ) == 0 );
1013
1014 /* If we were providing enough information to setup a complete private context,
1015 * we expect to be able to export all core parameters. */
1016
1017 if( is_priv )
1018 {
1019 if( !successive )
1020 {
1021 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, &Qe,
1022 &De, NULL ) == 0 );
1023 }
1024 else
1025 {
1026 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, NULL,
1027 NULL, NULL ) == 0 );
1028 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, &Qe,
1029 NULL, NULL ) == 0 );
1030 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL,
1031 &De, NULL ) == 0 );
1032 }
1033
1034 if( have_P )
1035 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P, &Pe ) == 0 );
1036
1037 if( have_Q )
1038 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &Qe ) == 0 );
1039
1040 if( have_D )
1041 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &D, &De ) == 0 );
1042
1043 /* While at it, perform a sanity check */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame^]1044 TEST_ASSERT( mbedtls_rsa_validate_params( &Ne, &Pe, &Qe, &De, &Ee,
1045 NULL, NULL ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1046 }
1047
1048exit:
1049
1050 mbedtls_rsa_free( &ctx );
1051
1052 mbedtls_mpi_free( &N );
1053 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1054 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1055
1056 mbedtls_mpi_free( &Ne );
1057 mbedtls_mpi_free( &Pe ); mbedtls_mpi_free( &Qe );
1058 mbedtls_mpi_free( &De ); mbedtls_mpi_free( &Ee );
1059}
1060/* END_CASE */
1061
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1062/* BEGIN_CASE */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame^]1063void mbedtls_rsa_validate_params( int radix_N, char *input_N,
1064 int radix_P, char *input_P,
1065 int radix_Q, char *input_Q,
1066 int radix_D, char *input_D,
1067 int radix_E, char *input_E,
1068 int prng, int result )
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1069{
1070 /* Original MPI's with which we set up the RSA context */
1071 mbedtls_mpi N, P, Q, D, E;
1072
1073 const int have_N = ( strlen( input_N ) > 0 );
1074 const int have_P = ( strlen( input_P ) > 0 );
1075 const int have_Q = ( strlen( input_Q ) > 0 );
1076 const int have_D = ( strlen( input_D ) > 0 );
1077 const int have_E = ( strlen( input_E ) > 0 );
1078
1079 mbedtls_entropy_context entropy;
1080 mbedtls_ctr_drbg_context ctr_drbg;
1081 const char *pers = "test_suite_rsa";
1082
1083 mbedtls_mpi_init( &N );
1084 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1085 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1086
1087 mbedtls_ctr_drbg_init( &ctr_drbg );
1088 mbedtls_entropy_init( &entropy );
1089 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1090 &entropy, (const unsigned char *) pers,
1091 strlen( pers ) ) == 0 );
1092
1093 if( have_N )
1094 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1095
1096 if( have_P )
1097 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1098
1099 if( have_Q )
1100 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1101
1102 if( have_D )
1103 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1104
1105 if( have_E )
1106 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1107
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame^]1108 TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL,
1109 have_P ? &P : NULL,
1110 have_Q ? &Q : NULL,
1111 have_D ? &D : NULL,
1112 have_E ? &E : NULL,
1113 prng ? mbedtls_ctr_drbg_random : NULL,
1114 prng ? &ctr_drbg : NULL ) == result );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1115exit:
1116
1117 mbedtls_ctr_drbg_free( &ctr_drbg );
1118 mbedtls_entropy_free( &entropy );
1119
1120 mbedtls_mpi_free( &N );
1121 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1122 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1123}
1124/* END_CASE */
1125
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1126/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1127void mbedtls_rsa_export_raw( char *input_N, char *input_P,
1128 char *input_Q, char *input_D,
1129 char *input_E, int successive )
1130{
1131 /* Original raw buffers with which we set up the RSA context */
1132 unsigned char bufN[1000];
1133 unsigned char bufP[1000];
1134 unsigned char bufQ[1000];
1135 unsigned char bufD[1000];
1136 unsigned char bufE[1000];
1137
1138 size_t lenN = 0;
1139 size_t lenP = 0;
1140 size_t lenQ = 0;
1141 size_t lenD = 0;
1142 size_t lenE = 0;
1143
1144 /* Exported buffers */
1145 unsigned char bufNe[ sizeof( bufN ) ];
1146 unsigned char bufPe[ sizeof( bufP ) ];
1147 unsigned char bufQe[ sizeof( bufQ ) ];
1148 unsigned char bufDe[ sizeof( bufD ) ];
1149 unsigned char bufEe[ sizeof( bufE ) ];
1150
1151 const int have_N = ( strlen( input_N ) > 0 );
1152 const int have_P = ( strlen( input_P ) > 0 );
1153 const int have_Q = ( strlen( input_Q ) > 0 );
1154 const int have_D = ( strlen( input_D ) > 0 );
1155 const int have_E = ( strlen( input_E ) > 0 );
1156
1157 const int is_priv = have_P || have_Q || have_D;
1158
1159 mbedtls_rsa_context ctx;
1160
1161 mbedtls_rsa_init( &ctx, 0, 0 );
1162
1163 /* Setup RSA context */
1164
1165 if( have_N )
1166 lenN = unhexify( bufN, input_N );
1167
1168 if( have_P )
1169 lenP = unhexify( bufP, input_P );
1170
1171 if( have_Q )
1172 lenQ = unhexify( bufQ, input_Q );
1173
1174 if( have_D )
1175 lenD = unhexify( bufD, input_D );
1176
1177 if( have_E )
1178 lenE = unhexify( bufE, input_E );
1179
1180 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1181 have_N ? bufN : NULL, lenN,
1182 have_P ? bufP : NULL, lenP,
1183 have_Q ? bufQ : NULL, lenQ,
1184 have_D ? bufD : NULL, lenD,
1185 have_E ? bufE : NULL, lenE ) == 0 );
1186
1187 TEST_ASSERT( mbedtls_rsa_complete( &ctx, NULL, NULL ) == 0 );
1188
1189 /*
1190 * Export parameters and compare to original ones.
1191 */
1192
1193 /* N and E must always be present. */
1194 if( !successive )
1195 {
1196 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, lenN,
1197 NULL, 0, NULL, 0, NULL, 0,
1198 bufEe, lenE ) == 0 );
1199 }
1200 else
1201 {
1202 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, lenN,
1203 NULL, 0, NULL, 0, NULL, 0,
1204 NULL, 0 ) == 0 );
1205 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
1206 NULL, 0, NULL, 0, NULL, 0,
1207 bufEe, lenE ) == 0 );
1208 }
1209 TEST_ASSERT( memcmp( bufN, bufNe, lenN ) == 0 );
1210 TEST_ASSERT( memcmp( bufE, bufEe, lenE ) == 0 );
1211
1212 /* If we were providing enough information to setup a complete private context,
1213 * we expect to be able to export all core parameters. */
1214
1215 if( is_priv )
1216 {
1217 if( !successive )
1218 {
1219 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
1220 bufPe, lenP ? lenP : sizeof( bufPe ),
1221 bufQe, lenQ ? lenQ : sizeof( bufQe ),
1222 bufDe, lenD ? lenD : sizeof( bufDe ),
1223 NULL, 0 ) == 0 );
1224 }
1225 else
1226 {
1227 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
1228 bufPe, lenP ? lenP : sizeof( bufPe ),
1229 NULL, 0, NULL, 0,
1230 NULL, 0 ) == 0 );
1231
1232 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0,
1233 bufQe, lenQ ? lenQ : sizeof( bufQe ),
1234 NULL, 0, NULL, 0 ) == 0 );
1235
1236 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0,
1237 NULL, 0, bufDe, lenD ? lenD : sizeof( bufDe ),
1238 NULL, 0 ) == 0 );
1239 }
1240
1241 if( have_P )
1242 TEST_ASSERT( memcmp( bufP, bufPe, lenP ) == 0 );
1243
1244 if( have_Q )
1245 TEST_ASSERT( memcmp( bufQ, bufQe, lenQ ) == 0 );
1246
1247 if( have_D )
1248 TEST_ASSERT( memcmp( bufD, bufDe, lenD ) == 0 );
1249
1250 }
1251
1252exit:
1253 mbedtls_rsa_free( &ctx );
1254}
1255/* END_CASE */
1256
1257/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1258void mbedtls_rsa_import_raw( char *input_N,
1259 char *input_P, char *input_Q,
1260 char *input_D, char *input_E,
1261 int successive,
1262 int result )
1263{
1264 unsigned char bufN[1000];
1265 unsigned char bufP[1000];
1266 unsigned char bufQ[1000];
1267 unsigned char bufD[1000];
1268 unsigned char bufE[1000];
1269
1270 size_t lenN = 0;
1271 size_t lenP = 0;
1272 size_t lenQ = 0;
1273 size_t lenD = 0;
1274 size_t lenE = 0;
1275
1276 mbedtls_rsa_context ctx;
1277
1278 mbedtls_entropy_context entropy;
1279 mbedtls_ctr_drbg_context ctr_drbg;
1280 const char *pers = "test_suite_rsa";
1281
1282 mbedtls_ctr_drbg_init( &ctr_drbg );
1283
1284 mbedtls_entropy_init( &entropy );
1285 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1286 &entropy, (const unsigned char *) pers,
1287 strlen( pers ) ) == 0 );
1288
1289 mbedtls_rsa_init( &ctx, 0, 0 );
1290
1291 if( strlen( input_N ) )
1292 lenN = unhexify( bufN, input_N );
1293
1294 if( strlen( input_P ) )
1295 lenP = unhexify( bufP, input_P );
1296
1297 if( strlen( input_Q ) )
1298 lenQ = unhexify( bufQ, input_Q );
1299
1300 if( strlen( input_D ) )
1301 lenD = unhexify( bufD, input_D );
1302
1303 if( strlen( input_E ) )
1304 lenE = unhexify( bufE, input_E );
1305
1306 if( !successive )
1307 {
1308 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1309 ( lenN > 0 ) ? bufN : NULL, lenN,
1310 ( lenP > 0 ) ? bufP : NULL, lenP,
1311 ( lenQ > 0 ) ? bufQ : NULL, lenQ,
1312 ( lenD > 0 ) ? bufD : NULL, lenD,
1313 ( lenE > 0 ) ? bufE : NULL, lenE ) == 0 );
1314 }
1315 else
1316 {
1317 /* Import N, P, Q, D, E separately.
1318 * This should make no functional difference. */
1319
1320 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1321 ( lenN > 0 ) ? bufN : NULL, lenN,
1322 NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1323
1324 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1325 NULL, 0,
1326 ( lenP > 0 ) ? bufP : NULL, lenP,
1327 NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1328
1329 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1330 NULL, 0, NULL, 0,
1331 ( lenQ > 0 ) ? bufQ : NULL, lenQ,
1332 NULL, 0, NULL, 0 ) == 0 );
1333
1334 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1335 NULL, 0, NULL, 0, NULL, 0,
1336 ( lenD > 0 ) ? bufD : NULL, lenD,
1337 NULL, 0 ) == 0 );
1338
1339 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1340 NULL, 0, NULL, 0, NULL, 0, NULL, 0,
1341 ( lenE > 0 ) ? bufE : NULL, lenE ) == 0 );
1342 }
1343
1344 TEST_ASSERT( mbedtls_rsa_complete( &ctx,
1345 mbedtls_ctr_drbg_random,
1346 &ctr_drbg ) == result );
1347
1348exit:
1349
1350 mbedtls_rsa_free( &ctx );
1351
1352 mbedtls_ctr_drbg_free( &ctr_drbg );
1353 mbedtls_entropy_free( &entropy );
1354
1355}
1356/* END_CASE */
1357
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1358/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1359void rsa_selftest()
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1360{
Andres AG93012e82016-09-09 09:10:28 +0100[diff] [blame]1361 TEST_ASSERT( mbedtls_rsa_self_test( 1 ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1362}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1363/* END_CASE */