TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 7aba0361542ab9fb8319c3833474ce64a2a75ec6 / . / tests / suites / test_suite_rsa.function
blob: 6c73e394731698cf7572b6988b907be618fbd00d [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/rsa.h"
Hanno Beckera565f542017-10-11 11:00:19 +0100[diff] [blame]3#include "mbedtls/rsa_internal.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]4#include "mbedtls/md2.h"
5#include "mbedtls/md4.h"
6#include "mbedtls/md5.h"
7#include "mbedtls/sha1.h"
8#include "mbedtls/sha256.h"
9#include "mbedtls/sha512.h"
10#include "mbedtls/entropy.h"
11#include "mbedtls/ctr_drbg.h"
Hanno Becker47deec42017-07-24 12:27:09 +0100[diff] [blame]12
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]13/* END_HEADER */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]14
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]15/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]16 * depends_on:MBEDTLS_RSA_C:MBEDTLS_BIGNUM_C:MBEDTLS_GENPRIME
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]17 * END_DEPENDENCIES
18 */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]19
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]20/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
21void rsa_invalid_param( )
22{
23 mbedtls_rsa_context ctx;
24 const int valid_padding = MBEDTLS_RSA_PKCS_V21;
25 const int invalid_padding = 42;
26 const int valid_mode = MBEDTLS_RSA_PRIVATE;
27 const int invalid_mode = 42;
28 unsigned char buf[42] = { 0 };
29 size_t olen;
30
31 TEST_INVALID_PARAM( mbedtls_rsa_init( NULL, valid_padding, 0 ) );
32 TEST_INVALID_PARAM( mbedtls_rsa_init( &ctx, invalid_padding, 0 ) );
33 TEST_VALID_PARAM( mbedtls_rsa_free( NULL ) );
34
35 /* No more variants because only the first argument must be non-NULL. */
36 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
37 mbedtls_rsa_import( NULL, NULL, NULL,
38 NULL, NULL, NULL ) );
39 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
40 mbedtls_rsa_import_raw( NULL,
41 NULL, 0,
42 NULL, 0,
43 NULL, 0,
44 NULL, 0,
45 NULL, 0 ) );
46
47 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
48 mbedtls_rsa_complete( NULL ) );
49
50 /* No more variants because only the first argument must be non-NULL. */
51 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
52 mbedtls_rsa_export( NULL, NULL, NULL,
53 NULL, NULL, NULL ) );
54 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
55 mbedtls_rsa_export_raw( NULL,
56 NULL, 0,
57 NULL, 0,
58 NULL, 0,
59 NULL, 0,
60 NULL, 0 ) );
61 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
62 mbedtls_rsa_export_crt( NULL, NULL, NULL, NULL ) );
63
64 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( NULL,
65 valid_padding, 0 ) );
66 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( &ctx,
67 invalid_padding, 0 ) );
68
69 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]70 mbedtls_rsa_gen_key( NULL,
71 mbedtls_test_rnd_std_rand,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]72 NULL, 0, 0 ) );
73 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
74 mbedtls_rsa_gen_key( &ctx, NULL,
75 NULL, 0, 0 ) );
76
77 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
78 mbedtls_rsa_check_pubkey( NULL ) );
79 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
80 mbedtls_rsa_check_privkey( NULL ) );
81
82 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
83 mbedtls_rsa_check_pub_priv( NULL, &ctx ) );
84 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
85 mbedtls_rsa_check_pub_priv( &ctx, NULL ) );
86
87 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
88 mbedtls_rsa_public( NULL, buf, buf ) );
89 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
90 mbedtls_rsa_public( &ctx, NULL, buf ) );
91 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
92 mbedtls_rsa_public( &ctx, buf, NULL ) );
93
94 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
95 mbedtls_rsa_private( NULL, NULL, NULL,
96 buf, buf ) );
97 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
98 mbedtls_rsa_private( &ctx, NULL, NULL,
99 NULL, buf ) );
100 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
101 mbedtls_rsa_private( &ctx, NULL, NULL,
102 buf, NULL ) );
103
104 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
105 mbedtls_rsa_pkcs1_encrypt( NULL, NULL, NULL,
106 valid_mode,
107 sizeof( buf ), buf,
108 buf ) );
109 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
110 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
111 invalid_mode,
112 sizeof( buf ), buf,
113 buf ) );
114 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
115 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
116 valid_mode,
117 sizeof( buf ), NULL,
118 buf ) );
119 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
120 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
121 valid_mode,
122 sizeof( buf ), buf,
123 NULL ) );
124
125 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
126 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( NULL, NULL,
127 NULL,
128 valid_mode,
129 sizeof( buf ), buf,
130 buf ) );
131 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
132 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
133 NULL,
134 invalid_mode,
135 sizeof( buf ), buf,
136 buf ) );
137 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
138 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
139 NULL,
140 valid_mode,
141 sizeof( buf ), NULL,
142 buf ) );
143 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
144 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
145 NULL,
146 valid_mode,
147 sizeof( buf ), buf,
148 NULL ) );
149
150 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
151 mbedtls_rsa_rsaes_oaep_encrypt( NULL, NULL, NULL,
152 valid_mode,
153 buf, sizeof( buf ),
154 sizeof( buf ), buf,
155 buf ) );
156 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
157 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
158 invalid_mode,
159 buf, sizeof( buf ),
160 sizeof( buf ), buf,
161 buf ) );
162 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
163 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
164 valid_mode,
165 NULL, sizeof( buf ),
166 sizeof( buf ), buf,
167 buf ) );
168 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
169 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
170 valid_mode,
171 buf, sizeof( buf ),
172 sizeof( buf ), NULL,
173 buf ) );
174 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
175 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
176 valid_mode,
177 buf, sizeof( buf ),
178 sizeof( buf ), buf,
179 NULL ) );
180
181 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
182 mbedtls_rsa_pkcs1_decrypt( NULL, NULL, NULL,
183 valid_mode, &olen,
184 buf, buf, 42 ) );
185 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
186 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
187 invalid_mode, &olen,
188 buf, buf, 42 ) );
189 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
190 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
191 valid_mode, NULL,
192 buf, buf, 42 ) );
193 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
194 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
195 valid_mode, &olen,
196 NULL, buf, 42 ) );
197 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
198 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
199 valid_mode, &olen,
200 buf, NULL, 42 ) );
201
202 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
203 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( NULL, NULL,
204 NULL,
205 valid_mode, &olen,
206 buf, buf, 42 ) );
207 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
208 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
209 NULL,
210 invalid_mode, &olen,
211 buf, buf, 42 ) );
212 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
213 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
214 NULL,
215 valid_mode, NULL,
216 buf, buf, 42 ) );
217 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
218 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
219 NULL,
220 valid_mode, &olen,
221 NULL, buf, 42 ) );
222 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
223 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
224 NULL,
225 valid_mode, &olen,
226 buf, NULL, 42 ) );
227
228 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
229 mbedtls_rsa_rsaes_oaep_decrypt( NULL, NULL, NULL,
230 valid_mode,
231 buf, sizeof( buf ),
232 &olen,
233 buf, buf, 42 ) );
234 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
235 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
236 invalid_mode,
237 buf, sizeof( buf ),
238 &olen,
239 buf, buf, 42 ) );
240 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
241 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
242 valid_mode,
243 NULL, sizeof( buf ),
244 NULL,
245 buf, buf, 42 ) );
246 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
247 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
248 valid_mode,
249 buf, sizeof( buf ),
250 &olen,
251 NULL, buf, 42 ) );
252 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
253 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
254 valid_mode,
255 buf, sizeof( buf ),
256 &olen,
257 buf, NULL, 42 ) );
258
259 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
260 mbedtls_rsa_pkcs1_sign( NULL, NULL, NULL,
261 valid_mode,
262 0, sizeof( buf ), buf,
263 buf ) );
264 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
265 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
266 invalid_mode,
267 0, sizeof( buf ), buf,
268 buf ) );
269 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
270 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
271 valid_mode,
272 0, sizeof( buf ), NULL,
273 buf ) );
274 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
275 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
276 valid_mode,
277 0, sizeof( buf ), buf,
278 NULL ) );
279 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
280 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
281 valid_mode,
282 MBEDTLS_MD_SHA1,
283 0, NULL,
284 buf ) );
285
286 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
287 mbedtls_rsa_rsassa_pkcs1_v15_sign( NULL, NULL, NULL,
288 valid_mode,
289 0, sizeof( buf ), buf,
290 buf ) );
291 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
292 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
293 invalid_mode,
294 0, sizeof( buf ), buf,
295 buf ) );
296 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
297 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
298 valid_mode,
299 0, sizeof( buf ), NULL,
300 buf ) );
301 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
302 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
303 valid_mode,
304 0, sizeof( buf ), buf,
305 NULL ) );
306 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
307 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
308 valid_mode,
309 MBEDTLS_MD_SHA1,
310 0, NULL,
311 buf ) );
312
313 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
314 mbedtls_rsa_rsassa_pss_sign( NULL, NULL, NULL,
315 valid_mode,
316 0, sizeof( buf ), buf,
317 buf ) );
318 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
319 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
320 invalid_mode,
321 0, sizeof( buf ), buf,
322 buf ) );
323 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
324 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
325 valid_mode,
326 0, sizeof( buf ), NULL,
327 buf ) );
328 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
329 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
330 valid_mode,
331 0, sizeof( buf ), buf,
332 NULL ) );
333 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
334 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
335 valid_mode,
336 MBEDTLS_MD_SHA1,
337 0, NULL,
338 buf ) );
339
340 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
341 mbedtls_rsa_pkcs1_verify( NULL, NULL, NULL,
342 valid_mode,
343 0, sizeof( buf ), buf,
344 buf ) );
345 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
346 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
347 invalid_mode,
348 0, sizeof( buf ), buf,
349 buf ) );
350 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
351 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
352 valid_mode,
353 0, sizeof( buf ), NULL,
354 buf ) );
355 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
356 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
357 valid_mode,
358 0, sizeof( buf ), buf,
359 NULL ) );
360 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
361 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
362 valid_mode,
363 MBEDTLS_MD_SHA1, 0, NULL,
364 buf ) );
365
366 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
367 mbedtls_rsa_rsassa_pkcs1_v15_verify( NULL, NULL,
368 NULL,
369 valid_mode,
370 0, sizeof( buf ), buf,
371 buf ) );
372 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
373 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
374 NULL,
375 invalid_mode,
376 0, sizeof( buf ), buf,
377 buf ) );
378 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
379 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
380 NULL,
381 valid_mode,
382 0, sizeof( buf ),
383 NULL, buf ) );
384 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
385 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
386 NULL,
387 valid_mode,
388 0, sizeof( buf ), buf,
389 NULL ) );
390 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
391 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
392 NULL,
393 valid_mode,
394 MBEDTLS_MD_SHA1,
395 0, NULL,
396 buf ) );
397
398 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
399 mbedtls_rsa_rsassa_pss_verify( NULL, NULL, NULL,
400 valid_mode,
401 0, sizeof( buf ),
402 buf, buf ) );
403 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
404 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
405 invalid_mode,
406 0, sizeof( buf ),
407 buf, buf ) );
408 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
409 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
410 valid_mode,
411 0, sizeof( buf ),
412 NULL, buf ) );
413 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
414 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
415 valid_mode,
416 0, sizeof( buf ),
417 buf, NULL ) );
418 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
419 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
420 valid_mode,
421 MBEDTLS_MD_SHA1,
422 0, NULL,
423 buf ) );
424
425 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
426 mbedtls_rsa_rsassa_pss_verify_ext( NULL, NULL, NULL,
427 valid_mode,
428 0, sizeof( buf ),
429 buf,
430 0, 0,
431 buf ) );
432 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
433 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
434 invalid_mode,
435 0, sizeof( buf ),
436 buf,
437 0, 0,
438 buf ) );
439 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
440 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
441 valid_mode,
442 0, sizeof( buf ),
443 NULL, 0, 0,
444 buf ) );
445 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
446 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
447 valid_mode,
448 0, sizeof( buf ),
449 buf, 0, 0,
450 NULL ) );
451 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
452 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
453 valid_mode,
454 MBEDTLS_MD_SHA1,
455 0, NULL,
456 0, 0,
457 buf ) );
458
459 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
460 mbedtls_rsa_copy( NULL, &ctx ) );
461 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
462 mbedtls_rsa_copy( &ctx, NULL ) );
463
464exit:
465 return;
466}
467/* END_CASE */
468
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]469/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]470void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]471 int digest, int mod, int radix_P, char * input_P,
472 int radix_Q, char * input_Q, int radix_N,
473 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]474 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]475{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]476 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
477 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]478 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]479 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]480 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]481
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]482 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
483 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]484 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]485
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]486 memset( hash_result, 0x00, sizeof( hash_result ) );
487 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]488 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]489
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]490 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
491 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
492 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
493 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]494
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]495 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
496 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]497 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]498 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]499
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]500
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]501 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]502 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]503
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]504 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
505 &rnd_info, MBEDTLS_RSA_PRIVATE, digest,
506 0, hash_result, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]507 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]508 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]509
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]510 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
511 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]512 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]513
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]514exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]515 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
516 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]517 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]518}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]519/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]520
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]521/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]522void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]523 int digest, int mod, int radix_N,
524 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]525 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]526{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]527 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]528 mbedtls_rsa_context ctx;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]529
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]530 mbedtls_mpi N, E;
531
532 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]533 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]534 memset( hash_result, 0x00, sizeof( hash_result ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]535
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]536 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
537 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
538 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
539 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]540 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]541
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]542
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]543 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]544 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]545
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]546 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]547
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]548exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]549 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]550 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]551}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]552/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]553
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]554
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]555/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]556void rsa_pkcs1_sign_raw( data_t * hash_result,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]557 int padding_mode, int mod, int radix_P,
558 char * input_P, int radix_Q, char * input_Q,
559 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]560 char * input_E, data_t * result_str )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]561{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]562 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]563 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]564 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]565 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]566
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]567 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]568 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
569 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]570
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]571 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]572 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]573
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]574 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
575 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
576 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
577 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]578
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]579 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
580 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]581 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]582 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]583
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]584
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]585 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
586 &rnd_info, MBEDTLS_RSA_PRIVATE,
587 MBEDTLS_MD_NONE, hash_result->len,
588 hash_result->x, output ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]589
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]590
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]591 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
592 ctx.len, result_str->len ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]593
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]594#if defined(MBEDTLS_PKCS1_V15)
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]595 /* For PKCS#1 v1.5, there is an alternative way to generate signatures */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]596 if( padding_mode == MBEDTLS_RSA_PKCS_V15 )
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]597 {
Manuel Pégourié-Gonnard1ba8a3f2018-03-13 13:27:14 +0100[diff] [blame]598 int res;
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]599 memset( output, 0x00, sizeof( output) );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]600
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]601 res = mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]602 &mbedtls_test_rnd_pseudo_rand, &rnd_info,
603 MBEDTLS_RSA_PRIVATE, hash_result->len,
604 hash_result->x, output );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]605
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]606#if !defined(MBEDTLS_RSA_ALT)
607 TEST_ASSERT( res == 0 );
608#else
609 TEST_ASSERT( ( res == 0 ) ||
610 ( res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION ) );
611#endif
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]612
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]613 if( res == 0 )
614 {
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]615 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]616 ctx.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]617 result_str->len ) == 0 );
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]618 }
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]619 }
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]620#endif /* MBEDTLS_PKCS1_V15 */
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]621
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]622exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]623 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
624 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
625
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]626 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]627}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]628/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]629
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]630/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]631void rsa_pkcs1_verify_raw( data_t * hash_result,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]632 int padding_mode, int mod, int radix_N,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]633 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]634 data_t * result_str, int correct )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]635{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]636 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]637 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]638
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]639 mbedtls_mpi N, E;
640 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
641
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]642 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]643 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]644
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]645 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
646 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]647
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]648 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
649 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]650 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]651
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]652
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]653 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]654
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]655#if defined(MBEDTLS_PKCS1_V15)
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]656 /* For PKCS#1 v1.5, there is an alternative way to verify signatures */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]657 if( padding_mode == MBEDTLS_RSA_PKCS_V15 )
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]658 {
Manuel Pégourié-Gonnard1ba8a3f2018-03-13 13:27:14 +0100[diff] [blame]659 int res;
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]660 int ok;
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]661 size_t olen;
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]662
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]663 res = mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]664 NULL, NULL, MBEDTLS_RSA_PUBLIC,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]665 &olen, result_str->x, output, sizeof( output ) );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]666
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]667#if !defined(MBEDTLS_RSA_ALT)
668 TEST_ASSERT( res == 0 );
669#else
670 TEST_ASSERT( ( res == 0 ) ||
671 ( res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION ) );
672#endif
673
674 if( res == 0 )
675 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]676 ok = olen == hash_result->len && memcmp( output, hash_result->x, olen ) == 0;
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]677 if( correct == 0 )
678 TEST_ASSERT( ok == 1 );
679 else
680 TEST_ASSERT( ok == 0 );
681 }
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]682 }
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]683#endif /* MBEDTLS_PKCS1_V15 */
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]684
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]685exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]686 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]687 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]688}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]689/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]690
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]691/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]692void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]693 int mod, int radix_N, char * input_N,
694 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]695 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]696{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]697 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]698 mbedtls_rsa_context ctx;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]699 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]700
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]701 mbedtls_mpi N, E;
702 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
703
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]704 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]705
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]706 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]707 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]708
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]709 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
710 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]711
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]712 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
713 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]714 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]715
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]716
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]717 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx,
718 &mbedtls_test_rnd_pseudo_rand,
719 &rnd_info, MBEDTLS_RSA_PUBLIC,
720 message_str->len, message_str->x,
721 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]722 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]723 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]724
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]725 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
726 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]727 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]728
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]729exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]730 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]731 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]732}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]733/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]734
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]735/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]736void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]737 int mod, int radix_N, char * input_N,
738 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]739 data_t * result_str, int result )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]740{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]741 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]742 mbedtls_rsa_context ctx;
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]743
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]744 mbedtls_mpi N, E;
745
746 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]747 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]748 memset( output, 0x00, sizeof( output ) );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]749
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]750 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
751 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]752
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]753 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
754 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]755 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]756
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]757
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]758 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &mbedtls_test_rnd_zero_rand,
759 NULL, MBEDTLS_RSA_PUBLIC,
760 message_str->len, message_str->x,
761 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]762 if( result == 0 )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]763 {
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]764
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]765 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
766 ctx.len, result_str->len ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]767 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]768
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]769exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]770 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]771 mbedtls_rsa_free( &ctx );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]772}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]773/* END_CASE */
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]774
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]775/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]776void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]777 int mod, int radix_P, char * input_P,
778 int radix_Q, char * input_Q, int radix_N,
779 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]780 int max_output, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]781 int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]782{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]783 unsigned char output[32];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]784 mbedtls_rsa_context ctx;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]785 size_t output_len;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]786 mbedtls_test_rnd_pseudo_info rnd_info;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]787 mbedtls_mpi N, P, Q, E;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]788
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]789 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
790 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
791
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]792 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]793
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]794 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]795 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]796
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]797
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]798 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
799 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
800 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
801 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]802
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]803 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
804 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]805 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]806 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]807
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]808 output_len = 0;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]809
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]810 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, mbedtls_test_rnd_pseudo_rand,
811 &rnd_info, MBEDTLS_RSA_PRIVATE,
812 &output_len, message_str->x, output,
813 max_output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]814 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]815 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]816
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]817 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]818 output_len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]819 result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]820 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]821
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]822exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]823 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
824 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]825 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]826}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]827/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]828
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]829/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]830void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]831 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]832 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]833{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]834 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]835 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]836
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]837 mbedtls_mpi N, E;
838
839 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]840 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
841 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]842 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]843
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]844 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
845 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]846
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]847 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
848 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]849 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]850
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]851
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]852 TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]853 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]854 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]855
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]856 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
857 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]858 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]859
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]860 /* And now with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]861 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]862 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]863 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]864
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]865 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]866
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]867 memset( output, 0x00, sizeof( output ) );
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]868 TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str->x, output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]869 if( result == 0 )
870 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]871
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]872 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
873 ctx.len, result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]874 }
875
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]876exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]877 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]878 mbedtls_rsa_free( &ctx );
879 mbedtls_rsa_free( &ctx2 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]880}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]881/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]882
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]883/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]884void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]885 char * input_P, int radix_Q, char * input_Q,
886 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]887 char * input_E, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]888 int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]889{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]890 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]891 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]892 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]893 mbedtls_test_rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]894 int i;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]895
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]896 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
897 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]898 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
899 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]900
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]901 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]902
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]903 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
904 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
905 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
906 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]907
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]908 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
909 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]910 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]911 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]912
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]913
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]914 /* repeat three times to test updating of blinding values */
915 for( i = 0; i < 3; i++ )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]916 {
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]917 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]918 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_test_rnd_pseudo_rand,
919 &rnd_info, message_str->x,
920 output ) == result );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]921 if( result == 0 )
922 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]923
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]924 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]925 ctx.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]926 result_str->len ) == 0 );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]927 }
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]928 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]929
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]930 /* And now one more time with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]931 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]932 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]933 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]934
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]935 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]936
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]937 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]938 TEST_ASSERT( mbedtls_rsa_private( &ctx2, mbedtls_test_rnd_pseudo_rand,
939 &rnd_info, message_str->x,
940 output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]941 if( result == 0 )
942 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]943
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]944 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]945 ctx2.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]946 result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]947 }
948
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]949exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]950 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
951 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
952
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]953 mbedtls_rsa_free( &ctx ); mbedtls_rsa_free( &ctx2 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]954}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]955/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]956
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]957/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]958void rsa_check_privkey_null( )
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]959{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]960 mbedtls_rsa_context ctx;
961 memset( &ctx, 0x00, sizeof( mbedtls_rsa_context ) );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]962
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]963 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]964}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]965/* END_CASE */
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]966
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]967/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]968void mbedtls_rsa_check_pubkey( int radix_N, char * input_N, int radix_E,
969 char * input_E, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]970{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]971 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]972 mbedtls_mpi N, E;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]973
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]974 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]975 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]976
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]977 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]978 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]979 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]980 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]981 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]982 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]983 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]984 }
985
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]986 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]987 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]988
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]989exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]990 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]991 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]992}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]993/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]994
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]995/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]996void mbedtls_rsa_check_privkey( int mod, int radix_P, char * input_P,
997 int radix_Q, char * input_Q, int radix_N,
998 char * input_N, int radix_E, char * input_E,
999 int radix_D, char * input_D, int radix_DP,
1000 char * input_DP, int radix_DQ,
1001 char * input_DQ, int radix_QP,
1002 char * input_QP, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1003{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1004 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1005
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1006 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1007
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1008 ctx.len = mod / 8;
1009 if( strlen( input_P ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1010 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1011 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1012 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1013 if( strlen( input_Q ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1014 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1015 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1016 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1017 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1018 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1019 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1020 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1021 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1022 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1023 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1024 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1025 if( strlen( input_D ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1026 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1027 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.D, radix_D, input_D ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1028 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1029#if !defined(MBEDTLS_RSA_NO_CRT)
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1030 if( strlen( input_DP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1031 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1032 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DP, radix_DP, input_DP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1033 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1034 if( strlen( input_DQ ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1035 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1036 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1037 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1038 if( strlen( input_QP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1039 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1040 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.QP, radix_QP, input_QP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1041 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1042#else
1043 ((void) radix_DP); ((void) input_DP);
1044 ((void) radix_DQ); ((void) input_DQ);
1045 ((void) radix_QP); ((void) input_QP);
1046#endif
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1047
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1048 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1049
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1050exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1051 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1052}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1053/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1054
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1055/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1056void rsa_check_pubpriv( int mod, int radix_Npub, char * input_Npub,
1057 int radix_Epub, char * input_Epub, int radix_P,
1058 char * input_P, int radix_Q, char * input_Q,
1059 int radix_N, char * input_N, int radix_E,
1060 char * input_E, int radix_D, char * input_D,
1061 int radix_DP, char * input_DP, int radix_DQ,
1062 char * input_DQ, int radix_QP, char * input_QP,
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1063 int result )
1064{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1065 mbedtls_rsa_context pub, prv;
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1066
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1067 mbedtls_rsa_init( &pub, MBEDTLS_RSA_PKCS_V15, 0 );
1068 mbedtls_rsa_init( &prv, MBEDTLS_RSA_PKCS_V15, 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1069
1070 pub.len = mod / 8;
1071 prv.len = mod / 8;
1072
1073 if( strlen( input_Npub ) )
1074 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1075 TEST_ASSERT( mbedtls_mpi_read_string( &pub.N, radix_Npub, input_Npub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1076 }
1077 if( strlen( input_Epub ) )
1078 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1079 TEST_ASSERT( mbedtls_mpi_read_string( &pub.E, radix_Epub, input_Epub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1080 }
1081
1082 if( strlen( input_P ) )
1083 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1084 TEST_ASSERT( mbedtls_mpi_read_string( &prv.P, radix_P, input_P ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1085 }
1086 if( strlen( input_Q ) )
1087 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1088 TEST_ASSERT( mbedtls_mpi_read_string( &prv.Q, radix_Q, input_Q ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1089 }
1090 if( strlen( input_N ) )
1091 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1092 TEST_ASSERT( mbedtls_mpi_read_string( &prv.N, radix_N, input_N ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1093 }
1094 if( strlen( input_E ) )
1095 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1096 TEST_ASSERT( mbedtls_mpi_read_string( &prv.E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1097 }
1098 if( strlen( input_D ) )
1099 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1100 TEST_ASSERT( mbedtls_mpi_read_string( &prv.D, radix_D, input_D ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1101 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1102#if !defined(MBEDTLS_RSA_NO_CRT)
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1103 if( strlen( input_DP ) )
1104 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1105 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DP, radix_DP, input_DP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1106 }
1107 if( strlen( input_DQ ) )
1108 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1109 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DQ, radix_DQ, input_DQ ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1110 }
1111 if( strlen( input_QP ) )
1112 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1113 TEST_ASSERT( mbedtls_mpi_read_string( &prv.QP, radix_QP, input_QP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1114 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1115#else
1116 ((void) radix_DP); ((void) input_DP);
1117 ((void) radix_DQ); ((void) input_DQ);
1118 ((void) radix_QP); ((void) input_QP);
1119#endif
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1120
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1121 TEST_ASSERT( mbedtls_rsa_check_pub_priv( &pub, &prv ) == result );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1122
1123exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1124 mbedtls_rsa_free( &pub );
1125 mbedtls_rsa_free( &prv );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1126}
1127/* END_CASE */
1128
Hanno Beckerd4a872e2017-09-07 08:09:33 +0100[diff] [blame]1129/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1130void mbedtls_rsa_gen_key( int nrbits, int exponent, int result)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1131{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1132 mbedtls_rsa_context ctx;
1133 mbedtls_entropy_context entropy;
1134 mbedtls_ctr_drbg_context ctr_drbg;
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]1135 const char *pers = "test_suite_rsa";
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1136
Manuel Pégourié-Gonnard8d128ef2015-04-28 22:38:08 +0200[diff] [blame]1137 mbedtls_ctr_drbg_init( &ctr_drbg );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1138 mbedtls_entropy_init( &entropy );
Hanno Becker7e8e57c2017-07-23 10:19:29 +0100[diff] [blame]1139 mbedtls_rsa_init ( &ctx, 0, 0 );
Paul Bakkerc0a1a312011-12-04 17:12:15 +0000[diff] [blame]1140
Hanno Beckera47023e2017-12-22 17:08:03 +0000[diff] [blame]1141 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1142 &entropy, (const unsigned char *) pers,
1143 strlen( pers ) ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1144
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1145 TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1146 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1147 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1148 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Janos Follathef441782016-09-21 13:18:12 +0100[diff] [blame]1149 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &ctx.Q ) > 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1150 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1151
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1152exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1153 mbedtls_rsa_free( &ctx );
1154 mbedtls_ctr_drbg_free( &ctr_drbg );
1155 mbedtls_entropy_free( &entropy );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1156}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1157/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1158
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1159/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Hanno Becker0f65e0c2017-10-03 14:39:16 +0100[diff] [blame]1160void mbedtls_rsa_deduce_primes( int radix_N, char *input_N,
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1161 int radix_D, char *input_D,
1162 int radix_E, char *input_E,
1163 int radix_P, char *output_P,
1164 int radix_Q, char *output_Q,
1165 int corrupt, int result )
1166{
1167 mbedtls_mpi N, P, Pp, Q, Qp, D, E;
1168
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1169 mbedtls_mpi_init( &N );
1170 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1171 mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp );
1172 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1173
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1174 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1175 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1176 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1177 TEST_ASSERT( mbedtls_mpi_read_string( &Qp, radix_P, output_P ) == 0 );
1178 TEST_ASSERT( mbedtls_mpi_read_string( &Pp, radix_Q, output_Q ) == 0 );
1179
1180 if( corrupt )
1181 TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 );
1182
1183 /* Try to deduce P, Q from N, D, E only. */
Hanno Beckerf9e184b2017-10-10 16:49:26 +0100[diff] [blame]1184 TEST_ASSERT( mbedtls_rsa_deduce_primes( &N, &D, &E, &P, &Q ) == result );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1185
1186 if( !corrupt )
1187 {
1188 /* Check if (P,Q) = (Pp, Qp) or (P,Q) = (Qp, Pp) */
1189 TEST_ASSERT( ( mbedtls_mpi_cmp_mpi( &P, &Pp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Qp ) == 0 ) ||
1190 ( mbedtls_mpi_cmp_mpi( &P, &Qp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Pp ) == 0 ) );
1191 }
1192
1193exit:
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1194 mbedtls_mpi_free( &N );
1195 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1196 mbedtls_mpi_free( &Pp ); mbedtls_mpi_free( &Qp );
1197 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1198}
1199/* END_CASE */
1200
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1201/* BEGIN_CASE */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1202void mbedtls_rsa_deduce_private_exponent( int radix_P, char *input_P,
1203 int radix_Q, char *input_Q,
1204 int radix_E, char *input_E,
1205 int radix_D, char *output_D,
1206 int corrupt, int result )
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1207{
1208 mbedtls_mpi P, Q, D, Dp, E, R, Rp;
1209
1210 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1211 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &Dp );
1212 mbedtls_mpi_init( &E );
1213 mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp );
1214
1215 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1216 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1217 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1218 TEST_ASSERT( mbedtls_mpi_read_string( &Dp, radix_D, output_D ) == 0 );
1219
1220 if( corrupt )
1221 {
1222 /* Make E even */
1223 TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 0 ) == 0 );
1224 }
1225
1226 /* Try to deduce D from N, P, Q, E. */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1227 TEST_ASSERT( mbedtls_rsa_deduce_private_exponent( &P, &Q,
1228 &E, &D ) == result );
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1229
1230 if( !corrupt )
1231 {
1232 /*
1233 * Check that D and Dp agree modulo LCM(P-1, Q-1).
1234 */
1235
1236 /* Replace P,Q by P-1, Q-1 */
1237 TEST_ASSERT( mbedtls_mpi_sub_int( &P, &P, 1 ) == 0 );
1238 TEST_ASSERT( mbedtls_mpi_sub_int( &Q, &Q, 1 ) == 0 );
1239
1240 /* Check D == Dp modulo P-1 */
1241 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &P ) == 0 );
1242 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &P ) == 0 );
1243 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1244
1245 /* Check D == Dp modulo Q-1 */
1246 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &Q ) == 0 );
1247 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &Q ) == 0 );
1248 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1249 }
1250
1251exit:
1252
1253 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1254 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &Dp );
1255 mbedtls_mpi_free( &E );
1256 mbedtls_mpi_free( &R ); mbedtls_mpi_free( &Rp );
1257}
1258/* END_CASE */
1259
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1260/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1261void mbedtls_rsa_import( int radix_N, char *input_N,
1262 int radix_P, char *input_P,
1263 int radix_Q, char *input_Q,
1264 int radix_D, char *input_D,
1265 int radix_E, char *input_E,
1266 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1267 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1268 int res_check,
1269 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1270{
1271 mbedtls_mpi N, P, Q, D, E;
1272 mbedtls_rsa_context ctx;
1273
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1274 /* Buffers used for encryption-decryption test */
1275 unsigned char *buf_orig = NULL;
1276 unsigned char *buf_enc = NULL;
1277 unsigned char *buf_dec = NULL;
1278
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1279 mbedtls_entropy_context entropy;
1280 mbedtls_ctr_drbg_context ctr_drbg;
1281 const char *pers = "test_suite_rsa";
1282
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1283 const int have_N = ( strlen( input_N ) > 0 );
1284 const int have_P = ( strlen( input_P ) > 0 );
1285 const int have_Q = ( strlen( input_Q ) > 0 );
1286 const int have_D = ( strlen( input_D ) > 0 );
1287 const int have_E = ( strlen( input_E ) > 0 );
1288
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1289 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1290 mbedtls_entropy_init( &entropy );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1291 mbedtls_rsa_init( &ctx, 0, 0 );
1292
1293 mbedtls_mpi_init( &N );
1294 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1295 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1296
Hanno Beckerd4d60572018-01-10 07:12:01 +0000[diff] [blame]1297 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
1298 (const unsigned char *) pers, strlen( pers ) ) == 0 );
1299
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1300 if( have_N )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1301 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1302
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1303 if( have_P )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1304 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1305
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1306 if( have_Q )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1307 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1308
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1309 if( have_D )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1310 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1311
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1312 if( have_E )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1313 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1314
1315 if( !successive )
1316 {
1317 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1318 have_N ? &N : NULL,
1319 have_P ? &P : NULL,
1320 have_Q ? &Q : NULL,
1321 have_D ? &D : NULL,
1322 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1323 }
1324 else
1325 {
1326 /* Import N, P, Q, D, E separately.
1327 * This should make no functional difference. */
1328
1329 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1330 have_N ? &N : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1331 NULL, NULL, NULL, NULL ) == 0 );
1332
1333 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1334 NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1335 have_P ? &P : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1336 NULL, NULL, NULL ) == 0 );
1337
1338 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1339 NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1340 have_Q ? &Q : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1341 NULL, NULL ) == 0 );
1342
1343 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1344 NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1345 have_D ? &D : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1346 NULL ) == 0 );
1347
1348 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1349 NULL, NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1350 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1351 }
1352
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1353 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1354
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1355 /* On expected success, perform some public and private
1356 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1357 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1358 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1359 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1360 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1361 else
1362 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1363
1364 if( res_check != 0 )
1365 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1366
1367 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1368 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1369 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1370 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1371 goto exit;
1372
1373 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1374 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1375
1376 /* Make sure the number we're generating is smaller than the modulus */
1377 buf_orig[0] = 0x00;
1378
1379 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1380
1381 if( is_priv )
1382 {
1383 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1384 &ctr_drbg, buf_enc,
1385 buf_dec ) == 0 );
1386
1387 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1388 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1389 }
1390 }
1391
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1392exit:
1393
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1394 mbedtls_free( buf_orig );
1395 mbedtls_free( buf_enc );
1396 mbedtls_free( buf_dec );
1397
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1398 mbedtls_rsa_free( &ctx );
1399
1400 mbedtls_ctr_drbg_free( &ctr_drbg );
1401 mbedtls_entropy_free( &entropy );
1402
1403 mbedtls_mpi_free( &N );
1404 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1405 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1406}
1407/* END_CASE */
1408
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1409/* BEGIN_CASE */
1410void mbedtls_rsa_export( int radix_N, char *input_N,
1411 int radix_P, char *input_P,
1412 int radix_Q, char *input_Q,
1413 int radix_D, char *input_D,
1414 int radix_E, char *input_E,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1415 int is_priv,
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1416 int successive )
1417{
1418 /* Original MPI's with which we set up the RSA context */
1419 mbedtls_mpi N, P, Q, D, E;
1420
1421 /* Exported MPI's */
1422 mbedtls_mpi Ne, Pe, Qe, De, Ee;
1423
1424 const int have_N = ( strlen( input_N ) > 0 );
1425 const int have_P = ( strlen( input_P ) > 0 );
1426 const int have_Q = ( strlen( input_Q ) > 0 );
1427 const int have_D = ( strlen( input_D ) > 0 );
1428 const int have_E = ( strlen( input_E ) > 0 );
1429
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1430 mbedtls_rsa_context ctx;
1431
1432 mbedtls_rsa_init( &ctx, 0, 0 );
1433
1434 mbedtls_mpi_init( &N );
1435 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1436 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1437
1438 mbedtls_mpi_init( &Ne );
1439 mbedtls_mpi_init( &Pe ); mbedtls_mpi_init( &Qe );
1440 mbedtls_mpi_init( &De ); mbedtls_mpi_init( &Ee );
1441
1442 /* Setup RSA context */
1443
1444 if( have_N )
1445 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1446
1447 if( have_P )
1448 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1449
1450 if( have_Q )
1451 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1452
1453 if( have_D )
1454 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1455
1456 if( have_E )
1457 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1458
1459 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1460 strlen( input_N ) ? &N : NULL,
1461 strlen( input_P ) ? &P : NULL,
1462 strlen( input_Q ) ? &Q : NULL,
1463 strlen( input_D ) ? &D : NULL,
1464 strlen( input_E ) ? &E : NULL ) == 0 );
1465
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1466 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1467
1468 /*
1469 * Export parameters and compare to original ones.
1470 */
1471
1472 /* N and E must always be present. */
1473 if( !successive )
1474 {
1475 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, &Ee ) == 0 );
1476 }
1477 else
1478 {
1479 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, NULL ) == 0 );
1480 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL, NULL, &Ee ) == 0 );
1481 }
1482 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &Ne ) == 0 );
1483 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &E, &Ee ) == 0 );
1484
1485 /* If we were providing enough information to setup a complete private context,
1486 * we expect to be able to export all core parameters. */
1487
1488 if( is_priv )
1489 {
1490 if( !successive )
1491 {
1492 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, &Qe,
1493 &De, NULL ) == 0 );
1494 }
1495 else
1496 {
1497 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, NULL,
1498 NULL, NULL ) == 0 );
1499 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, &Qe,
1500 NULL, NULL ) == 0 );
1501 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL,
1502 &De, NULL ) == 0 );
1503 }
1504
1505 if( have_P )
1506 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P, &Pe ) == 0 );
1507
1508 if( have_Q )
1509 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &Qe ) == 0 );
1510
1511 if( have_D )
1512 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &D, &De ) == 0 );
1513
1514 /* While at it, perform a sanity check */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1515 TEST_ASSERT( mbedtls_rsa_validate_params( &Ne, &Pe, &Qe, &De, &Ee,
1516 NULL, NULL ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1517 }
1518
1519exit:
1520
1521 mbedtls_rsa_free( &ctx );
1522
1523 mbedtls_mpi_free( &N );
1524 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1525 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1526
1527 mbedtls_mpi_free( &Ne );
1528 mbedtls_mpi_free( &Pe ); mbedtls_mpi_free( &Qe );
1529 mbedtls_mpi_free( &De ); mbedtls_mpi_free( &Ee );
1530}
1531/* END_CASE */
1532
Manuel Pégourié-Gonnardd12402f2020-05-20 10:34:25 +0200[diff] [blame]1533/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1534void mbedtls_rsa_validate_params( int radix_N, char *input_N,
1535 int radix_P, char *input_P,
1536 int radix_Q, char *input_Q,
1537 int radix_D, char *input_D,
1538 int radix_E, char *input_E,
1539 int prng, int result )
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1540{
1541 /* Original MPI's with which we set up the RSA context */
1542 mbedtls_mpi N, P, Q, D, E;
1543
1544 const int have_N = ( strlen( input_N ) > 0 );
1545 const int have_P = ( strlen( input_P ) > 0 );
1546 const int have_Q = ( strlen( input_Q ) > 0 );
1547 const int have_D = ( strlen( input_D ) > 0 );
1548 const int have_E = ( strlen( input_E ) > 0 );
1549
1550 mbedtls_entropy_context entropy;
1551 mbedtls_ctr_drbg_context ctr_drbg;
1552 const char *pers = "test_suite_rsa";
1553
1554 mbedtls_mpi_init( &N );
1555 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1556 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1557
1558 mbedtls_ctr_drbg_init( &ctr_drbg );
1559 mbedtls_entropy_init( &entropy );
1560 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1561 &entropy, (const unsigned char *) pers,
1562 strlen( pers ) ) == 0 );
1563
1564 if( have_N )
1565 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1566
1567 if( have_P )
1568 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1569
1570 if( have_Q )
1571 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1572
1573 if( have_D )
1574 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1575
1576 if( have_E )
1577 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1578
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1579 TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL,
1580 have_P ? &P : NULL,
1581 have_Q ? &Q : NULL,
1582 have_D ? &D : NULL,
1583 have_E ? &E : NULL,
1584 prng ? mbedtls_ctr_drbg_random : NULL,
1585 prng ? &ctr_drbg : NULL ) == result );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1586exit:
1587
1588 mbedtls_ctr_drbg_free( &ctr_drbg );
1589 mbedtls_entropy_free( &entropy );
1590
1591 mbedtls_mpi_free( &N );
1592 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1593 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1594}
1595/* END_CASE */
1596
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1597/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1598void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P,
1599 data_t *input_Q, data_t *input_D,
1600 data_t *input_E, int is_priv,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1601 int successive )
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1602{
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1603 /* Exported buffers */
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]1604 unsigned char bufNe[256];
1605 unsigned char bufPe[128];
1606 unsigned char bufQe[128];
1607 unsigned char bufDe[256];
1608 unsigned char bufEe[1];
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1609
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1610 mbedtls_rsa_context ctx;
1611
1612 mbedtls_rsa_init( &ctx, 0, 0 );
1613
1614 /* Setup RSA context */
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1615 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1616 input_N->len ? input_N->x : NULL, input_N->len,
1617 input_P->len ? input_P->x : NULL, input_P->len,
1618 input_Q->len ? input_Q->x : NULL, input_Q->len,
1619 input_D->len ? input_D->x : NULL, input_D->len,
1620 input_E->len ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1621
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1622 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1623
1624 /*
1625 * Export parameters and compare to original ones.
1626 */
1627
1628 /* N and E must always be present. */
1629 if( !successive )
1630 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1631 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1632 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1633 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1634 }
1635 else
1636 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1637 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1638 NULL, 0, NULL, 0, NULL, 0,
1639 NULL, 0 ) == 0 );
1640 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
1641 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1642 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1643 }
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1644 TEST_ASSERT( memcmp( input_N->x, bufNe, input_N->len ) == 0 );
1645 TEST_ASSERT( memcmp( input_E->x, bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1646
1647 /* If we were providing enough information to setup a complete private context,
1648 * we expect to be able to export all core parameters. */
1649
1650 if( is_priv )
1651 {
1652 if( !successive )
1653 {
1654 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1655 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
1656 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
1657 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1658 NULL, 0 ) == 0 );
1659 }
1660 else
1661 {
1662 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1663 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1664 NULL, 0, NULL, 0,
1665 NULL, 0 ) == 0 );
1666
1667 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1668 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1669 NULL, 0, NULL, 0 ) == 0 );
1670
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1671 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0, NULL, 0,
1672 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1673 NULL, 0 ) == 0 );
1674 }
1675
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1676 if( input_P->len )
1677 TEST_ASSERT( memcmp( input_P->x, bufPe, input_P->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1678
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1679 if( input_Q->len )
1680 TEST_ASSERT( memcmp( input_Q->x, bufQe, input_Q->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1681
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1682 if( input_D->len )
1683 TEST_ASSERT( memcmp( input_D->x, bufDe, input_D->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1684
1685 }
1686
1687exit:
1688 mbedtls_rsa_free( &ctx );
1689}
1690/* END_CASE */
1691
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1692/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1693void mbedtls_rsa_import_raw( data_t *input_N,
1694 data_t *input_P, data_t *input_Q,
1695 data_t *input_D, data_t *input_E,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1696 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1697 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1698 int res_check,
1699 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1700{
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1701 /* Buffers used for encryption-decryption test */
1702 unsigned char *buf_orig = NULL;
1703 unsigned char *buf_enc = NULL;
1704 unsigned char *buf_dec = NULL;
1705
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1706 mbedtls_rsa_context ctx;
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1707 mbedtls_entropy_context entropy;
1708 mbedtls_ctr_drbg_context ctr_drbg;
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1709
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1710 const char *pers = "test_suite_rsa";
1711
1712 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1713 mbedtls_entropy_init( &entropy );
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1714 mbedtls_rsa_init( &ctx, 0, 0 );
1715
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1716 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1717 &entropy, (const unsigned char *) pers,
1718 strlen( pers ) ) == 0 );
1719
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1720 if( !successive )
1721 {
1722 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1723 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
1724 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
1725 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
1726 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
1727 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1728 }
1729 else
1730 {
1731 /* Import N, P, Q, D, E separately.
1732 * This should make no functional difference. */
1733
1734 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1735 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1736 NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1737
1738 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1739 NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1740 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1741 NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1742
1743 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1744 NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1745 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1746 NULL, 0, NULL, 0 ) == 0 );
1747
1748 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1749 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1750 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1751 NULL, 0 ) == 0 );
1752
1753 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1754 NULL, 0, NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1755 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1756 }
1757
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1758 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1759
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1760 /* On expected success, perform some public and private
1761 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1762 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1763 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1764 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1765 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1766 else
1767 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1768
1769 if( res_check != 0 )
1770 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1771
1772 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1773 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1774 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1775 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1776 goto exit;
1777
1778 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1779 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1780
1781 /* Make sure the number we're generating is smaller than the modulus */
1782 buf_orig[0] = 0x00;
1783
1784 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1785
1786 if( is_priv )
1787 {
1788 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1789 &ctr_drbg, buf_enc,
1790 buf_dec ) == 0 );
1791
1792 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1793 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1794 }
1795 }
1796
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1797exit:
1798
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1799 mbedtls_free( buf_orig );
1800 mbedtls_free( buf_enc );
1801 mbedtls_free( buf_dec );
1802
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1803 mbedtls_rsa_free( &ctx );
1804
1805 mbedtls_ctr_drbg_free( &ctr_drbg );
1806 mbedtls_entropy_free( &entropy );
1807
1808}
1809/* END_CASE */
1810
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1811/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1812void rsa_selftest( )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1813{
Andres AG93012e82016-09-09 09:10:28 +0100[diff] [blame]1814 TEST_ASSERT( mbedtls_rsa_self_test( 1 ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1815}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1816/* END_CASE */