TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 76791f7c328cc28f1cb2e76f3974e72cf8ffdd05 / . / tests / suites / test_suite_rsa.function
blob: ed6cbf0b74afa59aad20cbbc37880b2995de5256 [file] [log] [blame]
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1BEGIN_HEADER
Paul Bakker76791f72009-10-03 20:02:00 +0000[diff] [blame^]2#include <polarssl/config.h>
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]3#include <polarssl/rsa.h>
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]4#include <polarssl/md2.h>
5#include <polarssl/md4.h>
6#include <polarssl/md5.h>
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]7#include <polarssl/sha1.h>
8#include <polarssl/sha2.h>
9#include <polarssl/sha4.h>
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]10#include <polarssl/havege.h>
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]11END_HEADER
12
13BEGIN_CASE
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]14rsa_pkcs1_sign:message_hex_string:padding_mode:digest:mod:radix_P:input_P:radix_Q:input_Q:radix_N:input_N:radix_E:input_E:result_hex_str:result
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]15{
16 unsigned char message_str[1000];
17 unsigned char hash_result[1000];
18 unsigned char output[1000];
19 unsigned char output_str[1000];
20 rsa_context ctx;
21 mpi P1, Q1, H, G;
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]22 int msg_len;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]23
24 mpi_init( &P1, &Q1, &H, &G, NULL );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]25 rsa_init( &ctx, {padding_mode}, 0, NULL, NULL );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]26
27 memset( message_str, 0x00, 1000 );
28 memset( hash_result, 0x00, 1000 );
29 memset( output, 0x00, 1000 );
30 memset( output_str, 0x00, 1000 );
31
32 ctx.len = {mod} / 8;
33 TEST_ASSERT( mpi_read_string( &ctx.P, {radix_P}, {input_P} ) == 0 );
34 TEST_ASSERT( mpi_read_string( &ctx.Q, {radix_Q}, {input_Q} ) == 0 );
35 TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
36 TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
37
38 TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
39 TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
40 TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
41 TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H ) == 0 );
42 TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
43 TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
44 TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
45 TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
46
47 TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
48
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]49 msg_len = unhexify( message_str, {message_hex_string} );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]50
Paul Bakker76791f72009-10-03 20:02:00 +0000[diff] [blame^]51 switch( {digest} )
52 {
53#ifdef POLARSSL_MD2_C
54 case SIG_RSA_MD2:
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]55 md2( message_str, msg_len, hash_result );
Paul Bakker76791f72009-10-03 20:02:00 +0000[diff] [blame^]56 break;
57#endif
58#ifdef POLARSSL_MD4_C
59 case SIG_RSA_MD4:
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]60 md4( message_str, msg_len, hash_result );
Paul Bakker76791f72009-10-03 20:02:00 +0000[diff] [blame^]61 break;
62#endif
63#ifdef POLARSSL_MD5_C
64 case SIG_RSA_MD5:
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]65 md5( message_str, msg_len, hash_result );
Paul Bakker76791f72009-10-03 20:02:00 +0000[diff] [blame^]66 break;
67#endif
68#ifdef POLARSSL_SHA1_C
69 case SIG_RSA_SHA1:
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]70 sha1( message_str, msg_len, hash_result );
Paul Bakker76791f72009-10-03 20:02:00 +0000[diff] [blame^]71 break;
72#endif
73#ifdef POLARSSL_SHA2_C
74 case SIG_RSA_SHA224:
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]75 sha2( message_str, msg_len, hash_result, 1 );
Paul Bakker76791f72009-10-03 20:02:00 +0000[diff] [blame^]76 break;
77 case SIG_RSA_SHA256:
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]78 sha2( message_str, msg_len, hash_result, 0 );
Paul Bakker76791f72009-10-03 20:02:00 +0000[diff] [blame^]79 break;
80#endif
81#ifdef POLARSSL_SHA4_C
82 case SIG_RSA_SHA384:
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]83 sha4( message_str, msg_len, hash_result, 1 );
Paul Bakker76791f72009-10-03 20:02:00 +0000[diff] [blame^]84 break;
85 case SIG_RSA_SHA512:
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]86 sha4( message_str, msg_len, hash_result, 0 );
Paul Bakker76791f72009-10-03 20:02:00 +0000[diff] [blame^]87 break;
88#endif
89 }
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]90
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]91 TEST_ASSERT( rsa_pkcs1_sign( &ctx, RSA_PRIVATE, {digest}, 0, hash_result, output ) == {result} );
92 if( {result} == 0 )
93 {
94 hexify( output_str, output, ctx.len );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]95
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]96 TEST_ASSERT( strcasecmp( (char *) output_str, {result_hex_str} ) == 0 );
97 }
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]98}
99END_CASE
100
101BEGIN_CASE
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]102rsa_pkcs1_verify:message_hex_string:padding_mode:digest:mod:radix_N:input_N:radix_E:input_E:result_hex_str:result
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]103{
104 unsigned char message_str[1000];
105 unsigned char hash_result[1000];
106 unsigned char result_str[1000];
107 rsa_context ctx;
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]108 int msg_len;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]109
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]110 rsa_init( &ctx, {padding_mode}, 0, NULL, NULL );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]111 memset( message_str, 0x00, 1000 );
112 memset( hash_result, 0x00, 1000 );
113 memset( result_str, 0x00, 1000 );
114
115 ctx.len = {mod} / 8;
116 TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
117 TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
118
119 TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
120
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]121 msg_len = unhexify( message_str, {message_hex_string} );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]122 unhexify( result_str, {result_hex_str} );
123
Paul Bakker76791f72009-10-03 20:02:00 +0000[diff] [blame^]124 switch( {digest} )
125 {
126#ifdef POLARSSL_MD2_C
127 case SIG_RSA_MD2:
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]128 md2( message_str, msg_len, hash_result );
Paul Bakker76791f72009-10-03 20:02:00 +0000[diff] [blame^]129 break;
130#endif
131#ifdef POLARSSL_MD4_C
132 case SIG_RSA_MD4:
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]133 md4( message_str, msg_len, hash_result );
Paul Bakker76791f72009-10-03 20:02:00 +0000[diff] [blame^]134 break;
135#endif
136#ifdef POLARSSL_MD5_C
137 case SIG_RSA_MD5:
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]138 md5( message_str, msg_len, hash_result );
Paul Bakker76791f72009-10-03 20:02:00 +0000[diff] [blame^]139 break;
140#endif
141#ifdef POLARSSL_SHA1_C
142 case SIG_RSA_SHA1:
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]143 sha1( message_str, msg_len, hash_result );
Paul Bakker76791f72009-10-03 20:02:00 +0000[diff] [blame^]144 break;
145#endif
146#ifdef POLARSSL_SHA2_C
147 case SIG_RSA_SHA224:
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]148 sha2( message_str, msg_len, hash_result, 1 );
Paul Bakker76791f72009-10-03 20:02:00 +0000[diff] [blame^]149 break;
150 case SIG_RSA_SHA256:
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]151 sha2( message_str, msg_len, hash_result, 0 );
Paul Bakker76791f72009-10-03 20:02:00 +0000[diff] [blame^]152 break;
153#endif
154#ifdef POLARSSL_SHA4_C
155 case SIG_RSA_SHA384:
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]156 sha4( message_str, msg_len, hash_result, 1 );
Paul Bakker76791f72009-10-03 20:02:00 +0000[diff] [blame^]157 break;
158 case SIG_RSA_SHA512:
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]159 sha4( message_str, msg_len, hash_result, 0 );
Paul Bakker76791f72009-10-03 20:02:00 +0000[diff] [blame^]160 break;
161#endif
162 }
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]163
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]164 TEST_ASSERT( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, {digest}, 0, hash_result, result_str ) == {result} );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]165}
166END_CASE
167
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]168
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]169BEGIN_CASE
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]170rsa_pkcs1_sign_raw:message_hex_string:hash_result_string:padding_mode:mod:radix_P:input_P:radix_Q:input_Q:radix_N:input_N:radix_E:input_E:result_hex_str
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]171{
172 unsigned char message_str[1000];
173 unsigned char hash_result[1000];
174 unsigned char output[1000];
175 unsigned char output_str[1000];
176 rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]177 mpi P1, Q1, H, G;
178 int msg_len, hash_len;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]179
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]180 mpi_init( &P1, &Q1, &H, &G, NULL );
181 rsa_init( &ctx, {padding_mode}, 0, NULL, NULL );
182
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]183 memset( message_str, 0x00, 1000 );
184 memset( hash_result, 0x00, 1000 );
185 memset( output, 0x00, 1000 );
186 memset( output_str, 0x00, 1000 );
187
188 ctx.len = {mod} / 8;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]189 TEST_ASSERT( mpi_read_string( &ctx.P, {radix_P}, {input_P} ) == 0 );
190 TEST_ASSERT( mpi_read_string( &ctx.Q, {radix_Q}, {input_Q} ) == 0 );
191 TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
192 TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
193
194 TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
195 TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
196 TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
197 TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H ) == 0 );
198 TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
199 TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
200 TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
201 TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
202
203 TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
204
205 msg_len = unhexify( message_str, {message_hex_string} );
206 hash_len = unhexify( hash_result, {hash_result_string} );
207
Paul Bakkerfc22c442009-07-19 20:36:27 +0000[diff] [blame]208 TEST_ASSERT( rsa_pkcs1_sign( &ctx, RSA_PRIVATE, SIG_RSA_RAW, hash_len, hash_result, output ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]209
210 hexify( output_str, output, ctx.len );
211
212 TEST_ASSERT( strcasecmp( (char *) output_str, {result_hex_str} ) == 0 );
213}
214END_CASE
215
216BEGIN_CASE
217rsa_pkcs1_verify_raw:message_hex_string:hash_result_string:padding_mode:mod:radix_N:input_N:radix_E:input_E:result_hex_str:correct
218{
219 unsigned char message_str[1000];
220 unsigned char hash_result[1000];
221 unsigned char result_str[1000];
222 rsa_context ctx;
223 int msg_len, hash_len;
224
225 rsa_init( &ctx, {padding_mode}, 0, NULL, NULL );
226 memset( message_str, 0x00, 1000 );
227 memset( hash_result, 0x00, 1000 );
228 memset( result_str, 0x00, 1000 );
229
230 ctx.len = {mod} / 8;
231 TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
232 TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
233
234 TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
235
236 msg_len = unhexify( message_str, {message_hex_string} );
237 hash_len = unhexify( hash_result, {hash_result_string} );
238 unhexify( result_str, {result_hex_str} );
239
Paul Bakkerfc22c442009-07-19 20:36:27 +0000[diff] [blame]240 TEST_ASSERT( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_RAW, hash_len, hash_result, result_str ) == {correct} );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]241}
242END_CASE
243
244BEGIN_CASE
245rsa_pkcs1_encrypt:message_hex_string:padding_mode:mod:radix_N:input_N:radix_E:input_E:result_hex_str:result
246{
247 unsigned char message_str[1000];
248 unsigned char output[1000];
249 unsigned char output_str[1000];
250 rsa_context ctx;
251 int msg_len;
252
253 rsa_init( &ctx, {padding_mode}, 0, NULL, NULL );
254 memset( message_str, 0x00, 1000 );
255 memset( output, 0x00, 1000 );
256 memset( output_str, 0x00, 1000 );
257
258 ctx.len = {mod} / 8;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]259 TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
260 TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
261
262 TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
263
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]264 msg_len = unhexify( message_str, {message_hex_string} );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]265
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]266 TEST_ASSERT( rsa_pkcs1_encrypt( &ctx, RSA_PUBLIC, msg_len, message_str, output ) == {result} );
267 if( {result} == 0 )
268 {
269 hexify( output_str, output, ctx.len );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]270
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]271 TEST_ASSERT( strcasecmp( (char *) output_str, {result_hex_str} ) == 0 );
272 }
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]273}
274END_CASE
275
276BEGIN_CASE
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]277rsa_pkcs1_decrypt:message_hex_string:padding_mode:mod:radix_P:input_P:radix_Q:input_Q:radix_N:input_N:radix_E:input_E:max_output:result_hex_str:result
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]278{
279 unsigned char message_str[1000];
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]280 unsigned char output[1000];
281 unsigned char output_str[1000];
282 rsa_context ctx;
283 mpi P1, Q1, H, G;
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]284 int output_len;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]285
286 mpi_init( &P1, &Q1, &H, &G, NULL );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]287 rsa_init( &ctx, {padding_mode}, 0, NULL, NULL );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]288
289 memset( message_str, 0x00, 1000 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]290 memset( output, 0x00, 1000 );
291 memset( output_str, 0x00, 1000 );
292
293 ctx.len = {mod} / 8;
294 TEST_ASSERT( mpi_read_string( &ctx.P, {radix_P}, {input_P} ) == 0 );
295 TEST_ASSERT( mpi_read_string( &ctx.Q, {radix_Q}, {input_Q} ) == 0 );
296 TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
297 TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
298
299 TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
300 TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
301 TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
302 TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H ) == 0 );
303 TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
304 TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
305 TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
306 TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
307
308 TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
309
310 unhexify( message_str, {message_hex_string} );
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]311 output_len = 0;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]312
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]313 TEST_ASSERT( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, {max_output} ) == {result} );
314 if( {result} == 0 )
315 {
316 hexify( output_str, output, ctx.len );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]317
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]318 TEST_ASSERT( strncasecmp( (char *) output_str, {result_hex_str}, strlen( {result_hex_str} ) ) == 0 );
319 }
320}
321END_CASE
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]322
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]323BEGIN_CASE
324rsa_public:message_hex_string:mod:radix_N:input_N:radix_E:input_E:result_hex_str:result
325{
326 unsigned char message_str[1000];
327 unsigned char output[1000];
328 unsigned char output_str[1000];
329 rsa_context ctx;
330
331 rsa_init( &ctx, RSA_PKCS_V15, 0, NULL, NULL );
332 memset( message_str, 0x00, 1000 );
333 memset( output, 0x00, 1000 );
334 memset( output_str, 0x00, 1000 );
335
336 ctx.len = {mod} / 8;
337 TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
338 TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
339
340 TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
341
342 unhexify( message_str, {message_hex_string} );
343
344 TEST_ASSERT( rsa_public( &ctx, message_str, output ) == {result} );
345 if( {result} == 0 )
346 {
347 hexify( output_str, output, ctx.len );
348
349 TEST_ASSERT( strcasecmp( (char *) output_str, {result_hex_str} ) == 0 );
350 }
351}
352END_CASE
353
354BEGIN_CASE
355rsa_private:message_hex_string:mod:radix_P:input_P:radix_Q:input_Q:radix_N:input_N:radix_E:input_E:result_hex_str:result
356{
357 unsigned char message_str[1000];
358 unsigned char output[1000];
359 unsigned char output_str[1000];
360 rsa_context ctx;
361 mpi P1, Q1, H, G;
362
363 mpi_init( &P1, &Q1, &H, &G, NULL );
364 rsa_init( &ctx, RSA_PKCS_V15, 0, NULL, NULL );
365
366 memset( message_str, 0x00, 1000 );
367 memset( output, 0x00, 1000 );
368 memset( output_str, 0x00, 1000 );
369
370 ctx.len = {mod} / 8;
371 TEST_ASSERT( mpi_read_string( &ctx.P, {radix_P}, {input_P} ) == 0 );
372 TEST_ASSERT( mpi_read_string( &ctx.Q, {radix_Q}, {input_Q} ) == 0 );
373 TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
374 TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
375
376 TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
377 TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
378 TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
379 TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H ) == 0 );
380 TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
381 TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
382 TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
383 TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
384
385 TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
386
387 unhexify( message_str, {message_hex_string} );
388
389 TEST_ASSERT( rsa_private( &ctx, message_str, output ) == {result} );
390 if( {result} == 0 )
391 {
392 hexify( output_str, output, ctx.len );
393
394 TEST_ASSERT( strcasecmp( (char *) output_str, {result_hex_str} ) == 0 );
395 }
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]396}
397END_CASE
398
399BEGIN_CASE
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]400rsa_check_privkey_null:
401{
402 rsa_context ctx;
403 memset( &ctx, 0x00, sizeof( rsa_context ) );
404
405 TEST_ASSERT( rsa_check_privkey( &ctx ) == POLARSSL_ERR_RSA_KEY_CHECK_FAILED );
406}
407END_CASE
408
409BEGIN_CASE
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]410rsa_check_pubkey:radix_N:input_N:radix_E:input_E:result
411{
412 rsa_context ctx;
413
414 rsa_init( &ctx, RSA_PKCS_V15, 0, NULL, NULL );
415
416 if( strlen( {input_N} ) )
417 {
418 TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
419 }
420 if( strlen( {input_E} ) )
421 {
422 TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
423 }
424
425 TEST_ASSERT( rsa_check_pubkey( &ctx ) == {result} );
426}
427END_CASE
428
429BEGIN_CASE
430rsa_check_privkey:mod:radix_P:input_P:radix_Q:input_Q:radix_N:input_N:radix_E:input_E:radix_D:input_D:result
431{
432 rsa_context ctx;
433
434 rsa_init( &ctx, RSA_PKCS_V15, 0, NULL, NULL );
435
436 ctx.len = {mod} / 8;
437 if( strlen( {input_P} ) )
438 {
439 TEST_ASSERT( mpi_read_string( &ctx.P, {radix_P}, {input_P} ) == 0 );
440 }
441 if( strlen( {input_Q} ) )
442 {
443 TEST_ASSERT( mpi_read_string( &ctx.Q, {radix_Q}, {input_Q} ) == 0 );
444 }
445 if( strlen( {input_N} ) )
446 {
447 TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
448 }
449 if( strlen( {input_E} ) )
450 {
451 TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
452 }
453 if( strlen( {input_D} ) )
454 {
455 TEST_ASSERT( mpi_read_string( &ctx.D, {radix_D}, {input_D} ) == 0 );
456 }
457
458 TEST_ASSERT( rsa_check_privkey( &ctx ) == {result} );
459}
460END_CASE
461
462BEGIN_CASE
463rsa_gen_key:nrbits:exponent:result
464{
465 rsa_context ctx;
466 havege_state hs;
467
468 havege_init( &hs );
469 rsa_init( &ctx, 0, 0, havege_rand, &hs );
470
471 TEST_ASSERT( rsa_gen_key( &ctx, {nrbits}, {exponent} ) == {result} );
472 if( {result} == 0 )
473 {
474 TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
475 }
476}
477END_CASE
478
479BEGIN_CASE
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]480rsa_selftest:
481{
482 TEST_ASSERT( rsa_self_test( 0 ) == 0 );
483}
484END_CASE