| Paul Bakker | 9dcc322 | 2011-03-08 14:16:06 +0000 | [diff] [blame] | 1 | BEGIN_HEADER | 
| Paul Bakker | 9dcc322 | 2011-03-08 14:16:06 +0000 | [diff] [blame] | 2 | #include <polarssl/rsa.h> | 
|  | 3 | #include <polarssl/md.h> | 
|  | 4 | #include <polarssl/md2.h> | 
|  | 5 | #include <polarssl/md4.h> | 
|  | 6 | #include <polarssl/md5.h> | 
|  | 7 | #include <polarssl/sha1.h> | 
| Paul Bakker | d2681d8 | 2013-06-30 14:49:12 +0200 | [diff] [blame] | 8 | #include <polarssl/sha256.h> | 
|  | 9 | #include <polarssl/sha512.h> | 
| Paul Bakker | 9dcc322 | 2011-03-08 14:16:06 +0000 | [diff] [blame] | 10 | END_HEADER | 
|  | 11 |  | 
| Paul Bakker | 5690efc | 2011-05-26 13:16:06 +0000 | [diff] [blame] | 12 | BEGIN_DEPENDENCIES | 
| Paul Bakker | d7d8dbe | 2011-05-26 15:29:38 +0000 | [diff] [blame] | 13 | depends_on:POLARSSL_PKCS1_V21:POLARSSL_RSA_C:POLARSSL_BIGNUM_C:POLARSSL_SHA1_C:POLARSSL_GENPRIME | 
| Paul Bakker | 5690efc | 2011-05-26 13:16:06 +0000 | [diff] [blame] | 14 | END_DEPENDENCIES | 
|  | 15 |  | 
| Paul Bakker | 9dcc322 | 2011-03-08 14:16:06 +0000 | [diff] [blame] | 16 | BEGIN_CASE | 
|  | 17 | pkcs1_rsaes_oaep_encrypt:mod:radix_N:input_N:radix_E:input_E:hash:message_hex_string:seed:result_hex_str:result | 
|  | 18 | { | 
|  | 19 | unsigned char message_str[1000]; | 
|  | 20 | unsigned char output[1000]; | 
|  | 21 | unsigned char output_str[1000]; | 
|  | 22 | unsigned char rnd_buf[1000]; | 
|  | 23 | rsa_context ctx; | 
| Paul Bakker | f4a3f30 | 2011-04-24 15:53:29 +0000 | [diff] [blame] | 24 | size_t msg_len; | 
| Paul Bakker | 4cce2bb | 2011-03-13 16:56:35 +0000 | [diff] [blame] | 25 | rnd_buf_info info; | 
| Paul Bakker | 9dcc322 | 2011-03-08 14:16:06 +0000 | [diff] [blame] | 26 |  | 
|  | 27 | info.length = unhexify( rnd_buf, {seed} ); | 
|  | 28 | info.buf = rnd_buf; | 
| Paul Bakker | 9dcc322 | 2011-03-08 14:16:06 +0000 | [diff] [blame] | 29 |  | 
|  | 30 | rsa_init( &ctx, RSA_PKCS_V21, {hash} ); | 
|  | 31 | memset( message_str, 0x00, 1000 ); | 
|  | 32 | memset( output, 0x00, 1000 ); | 
|  | 33 | memset( output_str, 0x00, 1000 ); | 
|  | 34 |  | 
|  | 35 | ctx.len = {mod} / 8 + ( ( {mod} % 8 ) ? 1 : 0 ); | 
|  | 36 | TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 ); | 
|  | 37 | TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 ); | 
|  | 38 |  | 
|  | 39 | TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 ); | 
|  | 40 |  | 
|  | 41 | msg_len = unhexify( message_str, {message_hex_string} ); | 
|  | 42 |  | 
|  | 43 | TEST_ASSERT( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == {result} ); | 
|  | 44 | if( {result} == 0 ) | 
|  | 45 | { | 
|  | 46 | hexify( output_str, output, ctx.len ); | 
|  | 47 |  | 
|  | 48 | TEST_ASSERT( strcasecmp( (char *) output_str, {result_hex_str} ) == 0 ); | 
|  | 49 | } | 
| Paul Bakker | 58ef6ec | 2013-01-03 11:33:48 +0100 | [diff] [blame] | 50 |  | 
|  | 51 | rsa_free( &ctx ); | 
| Paul Bakker | 9dcc322 | 2011-03-08 14:16:06 +0000 | [diff] [blame] | 52 | } | 
|  | 53 | END_CASE | 
|  | 54 |  | 
|  | 55 | BEGIN_CASE | 
|  | 56 | pkcs1_rsaes_oaep_decrypt:mod:radix_P:input_P:radix_Q:input_Q:radix_N:input_N:radix_E:input_E:hash:result_hex_str:seed:message_hex_string:result | 
|  | 57 | { | 
|  | 58 | unsigned char message_str[1000]; | 
|  | 59 | unsigned char output[1000]; | 
|  | 60 | unsigned char output_str[1000]; | 
|  | 61 | rsa_context ctx; | 
|  | 62 | mpi P1, Q1, H, G; | 
| Paul Bakker | f4a3f30 | 2011-04-24 15:53:29 +0000 | [diff] [blame] | 63 | size_t output_len; | 
| Paul Bakker | 9dcc322 | 2011-03-08 14:16:06 +0000 | [diff] [blame] | 64 |  | 
| Paul Bakker | 6c591fa | 2011-05-05 11:49:20 +0000 | [diff] [blame] | 65 | mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); | 
| Paul Bakker | 9dcc322 | 2011-03-08 14:16:06 +0000 | [diff] [blame] | 66 | rsa_init( &ctx, RSA_PKCS_V21, {hash} ); | 
|  | 67 |  | 
|  | 68 | memset( message_str, 0x00, 1000 ); | 
|  | 69 | memset( output, 0x00, 1000 ); | 
|  | 70 | memset( output_str, 0x00, 1000 ); | 
|  | 71 |  | 
|  | 72 | ctx.len = {mod} / 8 + ( ( {mod} % 8 ) ? 1 : 0 ); | 
|  | 73 | TEST_ASSERT( mpi_read_string( &ctx.P, {radix_P}, {input_P} ) == 0 ); | 
|  | 74 | TEST_ASSERT( mpi_read_string( &ctx.Q, {radix_Q}, {input_Q} ) == 0 ); | 
|  | 75 | TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 ); | 
|  | 76 | TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 ); | 
|  | 77 |  | 
|  | 78 | TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); | 
|  | 79 | TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); | 
|  | 80 | TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); | 
|  | 81 | TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H  ) == 0 ); | 
|  | 82 | TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H  ) == 0 ); | 
|  | 83 | TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); | 
|  | 84 | TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); | 
|  | 85 | TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); | 
|  | 86 |  | 
|  | 87 | TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 ); | 
|  | 88 |  | 
| Paul Bakker | eaf90d9 | 2011-07-13 14:21:52 +0000 | [diff] [blame] | 89 | unhexify( message_str, {message_hex_string} ); | 
| Paul Bakker | 9dcc322 | 2011-03-08 14:16:06 +0000 | [diff] [blame] | 90 |  | 
|  | 91 | TEST_ASSERT( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == {result} ); | 
|  | 92 | if( {result} == 0 ) | 
|  | 93 | { | 
|  | 94 | hexify( output_str, output, ctx.len ); | 
|  | 95 |  | 
|  | 96 | TEST_ASSERT( strncasecmp( (char *) output_str, {result_hex_str}, strlen( {result_hex_str} ) ) == 0 ); | 
|  | 97 | } | 
| Paul Bakker | 6c591fa | 2011-05-05 11:49:20 +0000 | [diff] [blame] | 98 |  | 
|  | 99 | mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); | 
| Paul Bakker | 58ef6ec | 2013-01-03 11:33:48 +0100 | [diff] [blame] | 100 | rsa_free( &ctx ); | 
| Paul Bakker | 9dcc322 | 2011-03-08 14:16:06 +0000 | [diff] [blame] | 101 | } | 
|  | 102 | END_CASE | 
|  | 103 |  | 
|  | 104 | BEGIN_CASE | 
|  | 105 | pkcs1_rsassa_pss_sign:mod:radix_P:input_P:radix_Q:input_Q:radix_N:input_N:radix_E:input_E:digest:hash:message_hex_string:salt:result_hex_str:result | 
|  | 106 | { | 
|  | 107 | unsigned char message_str[1000]; | 
|  | 108 | unsigned char hash_result[1000]; | 
|  | 109 | unsigned char output[1000]; | 
|  | 110 | unsigned char output_str[1000]; | 
|  | 111 | unsigned char rnd_buf[1000]; | 
|  | 112 | rsa_context ctx; | 
|  | 113 | mpi P1, Q1, H, G; | 
| Paul Bakker | f4a3f30 | 2011-04-24 15:53:29 +0000 | [diff] [blame] | 114 | size_t msg_len; | 
| Paul Bakker | 4cce2bb | 2011-03-13 16:56:35 +0000 | [diff] [blame] | 115 | rnd_buf_info info; | 
| Paul Bakker | 9dcc322 | 2011-03-08 14:16:06 +0000 | [diff] [blame] | 116 |  | 
|  | 117 | info.length = unhexify( rnd_buf, {salt} ); | 
|  | 118 | info.buf = rnd_buf; | 
| Paul Bakker | 9dcc322 | 2011-03-08 14:16:06 +0000 | [diff] [blame] | 119 |  | 
| Paul Bakker | 6c591fa | 2011-05-05 11:49:20 +0000 | [diff] [blame] | 120 | mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); | 
| Paul Bakker | 9dcc322 | 2011-03-08 14:16:06 +0000 | [diff] [blame] | 121 | rsa_init( &ctx, RSA_PKCS_V21, {hash} ); | 
|  | 122 |  | 
|  | 123 | memset( message_str, 0x00, 1000 ); | 
|  | 124 | memset( hash_result, 0x00, 1000 ); | 
|  | 125 | memset( output, 0x00, 1000 ); | 
|  | 126 | memset( output_str, 0x00, 1000 ); | 
|  | 127 |  | 
|  | 128 | ctx.len = {mod} / 8 + ( ( {mod} % 8 ) ? 1 : 0 ); | 
|  | 129 | TEST_ASSERT( mpi_read_string( &ctx.P, {radix_P}, {input_P} ) == 0 ); | 
|  | 130 | TEST_ASSERT( mpi_read_string( &ctx.Q, {radix_Q}, {input_Q} ) == 0 ); | 
|  | 131 | TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 ); | 
|  | 132 | TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 ); | 
|  | 133 |  | 
|  | 134 | TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); | 
|  | 135 | TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); | 
|  | 136 | TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); | 
|  | 137 | TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H  ) == 0 ); | 
|  | 138 | TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H  ) == 0 ); | 
|  | 139 | TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); | 
|  | 140 | TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); | 
|  | 141 | TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); | 
|  | 142 |  | 
|  | 143 | TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 ); | 
|  | 144 |  | 
|  | 145 | msg_len = unhexify( message_str, {message_hex_string} ); | 
|  | 146 |  | 
| Paul Bakker | c70b982 | 2013-04-07 22:00:46 +0200 | [diff] [blame] | 147 | if( md_info_from_type( {digest} ) != NULL ) | 
|  | 148 | TEST_ASSERT( md( md_info_from_type( {digest} ), message_str, msg_len, hash_result ) == 0 ); | 
| Paul Bakker | 9dcc322 | 2011-03-08 14:16:06 +0000 | [diff] [blame] | 149 |  | 
|  | 150 | TEST_ASSERT( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, {digest}, 0, hash_result, output ) == {result} ); | 
|  | 151 | if( {result} == 0 ) | 
|  | 152 | { | 
|  | 153 | hexify( output_str, output, ctx.len); | 
|  | 154 |  | 
|  | 155 | TEST_ASSERT( strcasecmp( (char *) output_str, {result_hex_str} ) == 0 ); | 
|  | 156 | } | 
| Paul Bakker | 6c591fa | 2011-05-05 11:49:20 +0000 | [diff] [blame] | 157 |  | 
|  | 158 | mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); | 
| Paul Bakker | 58ef6ec | 2013-01-03 11:33:48 +0100 | [diff] [blame] | 159 | rsa_free( &ctx ); | 
| Paul Bakker | 9dcc322 | 2011-03-08 14:16:06 +0000 | [diff] [blame] | 160 | } | 
|  | 161 | END_CASE | 
|  | 162 |  | 
|  | 163 | BEGIN_CASE | 
|  | 164 | pkcs1_rsassa_pss_verify:mod:radix_N:input_N:radix_E:input_E:digest:hash:message_hex_string:salt:result_hex_str:result | 
|  | 165 | { | 
|  | 166 | unsigned char message_str[1000]; | 
|  | 167 | unsigned char hash_result[1000]; | 
|  | 168 | unsigned char result_str[1000]; | 
|  | 169 | rsa_context ctx; | 
| Paul Bakker | f4a3f30 | 2011-04-24 15:53:29 +0000 | [diff] [blame] | 170 | size_t msg_len; | 
| Paul Bakker | 9dcc322 | 2011-03-08 14:16:06 +0000 | [diff] [blame] | 171 |  | 
|  | 172 | rsa_init( &ctx, RSA_PKCS_V21, {hash} ); | 
|  | 173 | memset( message_str, 0x00, 1000 ); | 
|  | 174 | memset( hash_result, 0x00, 1000 ); | 
|  | 175 | memset( result_str, 0x00, 1000 ); | 
|  | 176 |  | 
|  | 177 | ctx.len = {mod} / 8 + ( ( {mod} % 8 ) ? 1 : 0 ); | 
|  | 178 | TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 ); | 
|  | 179 | TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 ); | 
|  | 180 |  | 
|  | 181 | TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 ); | 
|  | 182 |  | 
|  | 183 | msg_len = unhexify( message_str, {message_hex_string} ); | 
|  | 184 | unhexify( result_str, {result_hex_str} ); | 
|  | 185 |  | 
| Paul Bakker | c70b982 | 2013-04-07 22:00:46 +0200 | [diff] [blame] | 186 | if( md_info_from_type( {digest} ) != NULL ) | 
|  | 187 | TEST_ASSERT( md( md_info_from_type( {digest} ), message_str, msg_len, hash_result ) == 0 ); | 
| Paul Bakker | 9dcc322 | 2011-03-08 14:16:06 +0000 | [diff] [blame] | 188 |  | 
|  | 189 | TEST_ASSERT( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, {digest}, 0, hash_result, result_str ) == {result} ); | 
| Paul Bakker | 58ef6ec | 2013-01-03 11:33:48 +0100 | [diff] [blame] | 190 |  | 
|  | 191 | rsa_free( &ctx ); | 
| Paul Bakker | 9dcc322 | 2011-03-08 14:16:06 +0000 | [diff] [blame] | 192 | } | 
|  | 193 | END_CASE |