TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 95f869c9fb97ff641de68b0ce4ff9b51a709f78f / . / tests / suites / test_suite_rsa.function
blob: eaee7b34d08abfd2e8fa24598abcd469508f3e79 [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/rsa.h"
Hanno Beckera565f542017-10-11 11:00:19 +0100[diff] [blame]3#include "mbedtls/rsa_internal.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]4#include "mbedtls/md2.h"
5#include "mbedtls/md4.h"
6#include "mbedtls/md5.h"
7#include "mbedtls/sha1.h"
8#include "mbedtls/sha256.h"
9#include "mbedtls/sha512.h"
10#include "mbedtls/entropy.h"
11#include "mbedtls/ctr_drbg.h"
Hanno Becker47deec42017-07-24 12:27:09 +0100[diff] [blame]12
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]13/* END_HEADER */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]14
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]15/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]16 * depends_on:MBEDTLS_RSA_C:MBEDTLS_BIGNUM_C:MBEDTLS_GENPRIME
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]17 * END_DEPENDENCIES
18 */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]19
Hanno Becker046d2022018-12-13 18:07:09 +0000[diff] [blame]20/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
21void rsa_invalid_param( )
22{
23 mbedtls_rsa_context ctx;
24 const int valid_padding = MBEDTLS_RSA_PKCS_V21;
25 const int invalid_padding = 42;
26 const int valid_mode = MBEDTLS_RSA_PRIVATE;
27 const int invalid_mode = 42;
28 unsigned char buf[42] = { 0 };
29 size_t olen;
30
Hanno Beckera7ee0022018-12-18 13:30:20 +0000[diff] [blame]31 TEST_INVALID_PARAM( mbedtls_rsa_init( NULL, valid_padding, 0 ) );
32 TEST_INVALID_PARAM( mbedtls_rsa_init( &ctx, invalid_padding, 0 ) );
Hanno Becker046d2022018-12-13 18:07:09 +0000[diff] [blame]33 TEST_VALID_PARAM( mbedtls_rsa_free( NULL ) );
34
35 /* No more variants because only the first argument must be non-NULL. */
36 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
37 mbedtls_rsa_import( NULL, NULL, NULL,
38 NULL, NULL, NULL ) );
39 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
40 mbedtls_rsa_import_raw( NULL,
41 NULL, 0,
42 NULL, 0,
43 NULL, 0,
44 NULL, 0,
45 NULL, 0 ) );
46
47 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
48 mbedtls_rsa_complete( NULL ) );
49
50 /* No more variants because only the first argument must be non-NULL. */
51 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
52 mbedtls_rsa_export( NULL, NULL, NULL,
53 NULL, NULL, NULL ) );
54 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Hanno Becker046d2022018-12-13 18:07:09 +0000[diff] [blame]55 mbedtls_rsa_export_raw( NULL,
56 NULL, 0,
57 NULL, 0,
58 NULL, 0,
59 NULL, 0,
60 NULL, 0 ) );
61 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
62 mbedtls_rsa_export_crt( NULL, NULL, NULL, NULL ) );
63
64 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( NULL,
65 valid_padding, 0 ) );
66 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( &ctx,
67 invalid_padding, 0 ) );
68
69 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Hanno Beckerf04d9232018-12-18 13:30:42 +0000[diff] [blame]70 mbedtls_rsa_gen_key( NULL, rnd_std_rand,
71 NULL, 0, 0 ) );
72 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
73 mbedtls_rsa_gen_key( &ctx, NULL,
74 NULL, 0, 0 ) );
Hanno Becker046d2022018-12-13 18:07:09 +0000[diff] [blame]75
76 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
77 mbedtls_rsa_check_pubkey( NULL ) );
78 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
79 mbedtls_rsa_check_privkey( NULL ) );
80
81 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
82 mbedtls_rsa_check_pub_priv( NULL, &ctx ) );
83 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
84 mbedtls_rsa_check_pub_priv( &ctx, NULL ) );
85
86 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
87 mbedtls_rsa_public( NULL, buf, buf ) );
88 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
89 mbedtls_rsa_public( &ctx, NULL, buf ) );
90 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
91 mbedtls_rsa_public( &ctx, buf, NULL ) );
92
93 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
94 mbedtls_rsa_private( NULL, NULL, NULL,
95 buf, buf ) );
96 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
97 mbedtls_rsa_private( &ctx, NULL, NULL,
98 NULL, buf ) );
99 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
100 mbedtls_rsa_private( &ctx, NULL, NULL,
101 buf, NULL ) );
102
103 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
104 mbedtls_rsa_pkcs1_encrypt( NULL, NULL, NULL,
105 valid_mode,
106 sizeof( buf ), buf,
107 buf ) );
108 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
109 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
110 invalid_mode,
111 sizeof( buf ), buf,
112 buf ) );
113 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
114 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
115 valid_mode,
116 sizeof( buf ), NULL,
117 buf ) );
118 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
119 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
120 valid_mode,
121 sizeof( buf ), buf,
122 NULL ) );
123
124 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
125 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( NULL, NULL,
126 NULL,
127 valid_mode,
128 sizeof( buf ), buf,
129 buf ) );
130 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
131 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
132 NULL,
133 invalid_mode,
134 sizeof( buf ), buf,
135 buf ) );
136 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
137 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
138 NULL,
139 valid_mode,
140 sizeof( buf ), NULL,
141 buf ) );
142 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
143 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
144 NULL,
145 valid_mode,
146 sizeof( buf ), buf,
147 NULL ) );
148
149 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
150 mbedtls_rsa_rsaes_oaep_encrypt( NULL, NULL, NULL,
151 valid_mode,
152 buf, sizeof( buf ),
153 sizeof( buf ), buf,
154 buf ) );
155 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
156 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
157 invalid_mode,
158 buf, sizeof( buf ),
159 sizeof( buf ), buf,
160 buf ) );
161 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
162 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
163 valid_mode,
164 NULL, sizeof( buf ),
165 sizeof( buf ), buf,
166 buf ) );
167 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
168 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
169 valid_mode,
170 buf, sizeof( buf ),
171 sizeof( buf ), NULL,
172 buf ) );
173 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
174 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
175 valid_mode,
176 buf, sizeof( buf ),
177 sizeof( buf ), buf,
178 NULL ) );
179
180 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
181 mbedtls_rsa_pkcs1_decrypt( NULL, NULL, NULL,
182 valid_mode, &olen,
183 buf, buf, 42 ) );
184 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
185 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
186 invalid_mode, &olen,
187 buf, buf, 42 ) );
188 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
189 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
190 valid_mode, NULL,
191 buf, buf, 42 ) );
192 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
193 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
194 valid_mode, &olen,
195 NULL, buf, 42 ) );
196 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
197 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
198 valid_mode, &olen,
199 buf, NULL, 42 ) );
200
201 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
202 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( NULL, NULL,
203 NULL,
204 valid_mode, &olen,
205 buf, buf, 42 ) );
206 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
207 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
208 NULL,
209 invalid_mode, &olen,
210 buf, buf, 42 ) );
211 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
212 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
213 NULL,
214 valid_mode, NULL,
215 buf, buf, 42 ) );
216 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
217 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
218 NULL,
219 valid_mode, &olen,
220 NULL, buf, 42 ) );
221 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
222 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
223 NULL,
224 valid_mode, &olen,
225 buf, NULL, 42 ) );
226
227 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
228 mbedtls_rsa_rsaes_oaep_decrypt( NULL, NULL, NULL,
229 valid_mode,
230 buf, sizeof( buf ),
231 &olen,
232 buf, buf, 42 ) );
233 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
234 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
235 invalid_mode,
236 buf, sizeof( buf ),
237 &olen,
238 buf, buf, 42 ) );
239 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
240 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
241 valid_mode,
242 NULL, sizeof( buf ),
243 NULL,
244 buf, buf, 42 ) );
245 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
246 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
247 valid_mode,
248 buf, sizeof( buf ),
249 &olen,
250 NULL, buf, 42 ) );
251 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
252 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
253 valid_mode,
254 buf, sizeof( buf ),
255 &olen,
256 buf, NULL, 42 ) );
257
258 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
259 mbedtls_rsa_pkcs1_sign( NULL, NULL, NULL,
260 valid_mode,
261 0, sizeof( buf ), buf,
262 buf ) );
263 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
264 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
265 invalid_mode,
266 0, sizeof( buf ), buf,
267 buf ) );
268 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
269 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
270 valid_mode,
271 0, sizeof( buf ), NULL,
272 buf ) );
273 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
274 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
275 valid_mode,
276 0, sizeof( buf ), buf,
277 NULL ) );
Hanno Becker05cf6da2018-12-18 13:33:37 +0000[diff] [blame]278 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
279 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
280 valid_mode,
281 MBEDTLS_MD_SHA1,
282 0, NULL,
283 buf ) );
Hanno Becker046d2022018-12-13 18:07:09 +0000[diff] [blame]284
285 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
286 mbedtls_rsa_rsassa_pkcs1_v15_sign( NULL, NULL, NULL,
287 valid_mode,
288 0, sizeof( buf ), buf,
289 buf ) );
290 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
291 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
292 invalid_mode,
293 0, sizeof( buf ), buf,
294 buf ) );
295 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
296 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
297 valid_mode,
298 0, sizeof( buf ), NULL,
299 buf ) );
300 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
301 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
302 valid_mode,
303 0, sizeof( buf ), buf,
304 NULL ) );
Hanno Beckerb06f1932018-12-18 14:04:28 +0000[diff] [blame]305 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
306 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
307 valid_mode,
308 MBEDTLS_MD_SHA1,
309 0, NULL,
310 buf ) );
Hanno Becker046d2022018-12-13 18:07:09 +0000[diff] [blame]311
312 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
313 mbedtls_rsa_rsassa_pss_sign( NULL, NULL, NULL,
314 valid_mode,
315 0, sizeof( buf ), buf,
316 buf ) );
317 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
318 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
319 invalid_mode,
320 0, sizeof( buf ), buf,
321 buf ) );
322 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
323 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
324 valid_mode,
325 0, sizeof( buf ), NULL,
326 buf ) );
327 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
328 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
329 valid_mode,
330 0, sizeof( buf ), buf,
331 NULL ) );
Hanno Beckerb06f1932018-12-18 14:04:28 +0000[diff] [blame]332 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
333 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
334 valid_mode,
335 MBEDTLS_MD_SHA1,
336 0, NULL,
337 buf ) );
Hanno Becker046d2022018-12-13 18:07:09 +0000[diff] [blame]338
339 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
340 mbedtls_rsa_pkcs1_verify( NULL, NULL, NULL,
341 valid_mode,
342 0, sizeof( buf ), buf,
343 buf ) );
344 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
345 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
346 invalid_mode,
347 0, sizeof( buf ), buf,
348 buf ) );
349 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
350 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
351 valid_mode,
352 0, sizeof( buf ), NULL,
353 buf ) );
354 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
355 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
356 valid_mode,
357 0, sizeof( buf ), buf,
358 NULL ) );
Hanno Beckerb06f1932018-12-18 14:04:28 +0000[diff] [blame]359 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
360 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
361 valid_mode,
362 MBEDTLS_MD_SHA1, 0, NULL,
363 buf ) );
Hanno Becker046d2022018-12-13 18:07:09 +0000[diff] [blame]364
365 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
366 mbedtls_rsa_rsassa_pkcs1_v15_verify( NULL, NULL,
367 NULL,
368 valid_mode,
369 0, sizeof( buf ), buf,
370 buf ) );
371 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
372 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
373 NULL,
374 invalid_mode,
375 0, sizeof( buf ), buf,
376 buf ) );
377 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
378 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
379 NULL,
380 valid_mode,
381 0, sizeof( buf ),
382 NULL, buf ) );
383 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
384 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
385 NULL,
386 valid_mode,
387 0, sizeof( buf ), buf,
388 NULL ) );
Hanno Beckerb06f1932018-12-18 14:04:28 +0000[diff] [blame]389 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
390 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
391 NULL,
392 valid_mode,
393 MBEDTLS_MD_SHA1,
394 0, NULL,
395 buf ) );
Hanno Becker046d2022018-12-13 18:07:09 +0000[diff] [blame]396
397 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
398 mbedtls_rsa_rsassa_pss_verify( NULL, NULL, NULL,
399 valid_mode,
400 0, sizeof( buf ),
401 buf, buf ) );
402 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
403 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
404 invalid_mode,
405 0, sizeof( buf ),
406 buf, buf ) );
407 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
408 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
409 valid_mode,
410 0, sizeof( buf ),
411 NULL, buf ) );
412 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
413 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
414 valid_mode,
415 0, sizeof( buf ),
416 buf, NULL ) );
Hanno Beckerb06f1932018-12-18 14:04:28 +0000[diff] [blame]417 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
418 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
419 valid_mode,
420 MBEDTLS_MD_SHA1,
421 0, NULL,
422 buf ) );
Hanno Becker046d2022018-12-13 18:07:09 +0000[diff] [blame]423
424 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
425 mbedtls_rsa_rsassa_pss_verify_ext( NULL, NULL, NULL,
426 valid_mode,
427 0, sizeof( buf ),
428 buf,
429 0, 0,
430 buf ) );
431 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
432 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
433 invalid_mode,
434 0, sizeof( buf ),
435 buf,
436 0, 0,
437 buf ) );
438 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
439 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
440 valid_mode,
441 0, sizeof( buf ),
442 NULL, 0, 0,
443 buf ) );
444 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
445 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
446 valid_mode,
447 0, sizeof( buf ),
448 buf, 0, 0,
449 NULL ) );
Hanno Beckerb06f1932018-12-18 14:04:28 +0000[diff] [blame]450 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
451 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
452 valid_mode,
453 MBEDTLS_MD_SHA1,
454 0, NULL,
455 0, 0,
456 buf ) );
Hanno Becker046d2022018-12-13 18:07:09 +0000[diff] [blame]457
458 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
459 mbedtls_rsa_copy( NULL, &ctx ) );
460 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
461 mbedtls_rsa_copy( &ctx, NULL ) );
462
463exit:
464 return;
465}
466/* END_CASE */
467
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]468/* BEGIN_CASE */
Gilles Peskineab584952021-02-01 17:55:24 +0100[diff] [blame]469void rsa_init_free( int reinit )
470{
471 mbedtls_rsa_context ctx;
472
473 /* Double free is not explicitly documented to work, but we rely on it
474 * even inside the library so that you can call mbedtls_rsa_free()
475 * unconditionally on an error path without checking whether it has
476 * already been called in the success path. */
477
478 mbedtls_rsa_init( &ctx, 0, 0 );
479 mbedtls_rsa_free( &ctx );
480
481 if( reinit )
482 mbedtls_rsa_init( &ctx, 0, 0 );
483 mbedtls_rsa_free( &ctx );
484
485 /* This test case always succeeds, functionally speaking. A plausible
486 * bug might trigger an invalid pointer dereference or a memory leak. */
487 goto exit;
488}
489/* END_CASE */
490
491/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]492void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]493 int digest, int mod, int radix_P, char * input_P,
494 int radix_Q, char * input_Q, int radix_N,
495 char * input_N, int radix_E, char * input_E,
Ronald Cronaea41df2020-06-26 14:33:03 +0200[diff] [blame]496 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]497{
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]498 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
499 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]500 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]501 mbedtls_mpi N, P, Q, E;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]502 rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]503
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]504 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
505 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]506 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]507
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]508 memset( hash_result, 0x00, sizeof( hash_result ) );
509 memset( output, 0x00, sizeof( output ) );
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]510 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]511
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]512 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
513 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
514 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
515 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]516
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]517 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
518 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]519 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]520 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]521
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]522
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]523 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]524 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]525
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]526 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_pseudo_rand, &rnd_info,
527 MBEDTLS_RSA_PRIVATE, digest, 0,
528 hash_result, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]529 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]530 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]531
Ronald Cronaea41df2020-06-26 14:33:03 +0200[diff] [blame]532 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
533 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]534 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]535
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]536exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]537 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
538 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]539 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]540}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]541/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]542
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]543/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]544void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]545 int digest, int mod, int radix_N,
546 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]547 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]548{
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]549 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]550 mbedtls_rsa_context ctx;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]551
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]552 mbedtls_mpi N, E;
553
554 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]555 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]556 memset( hash_result, 0x00, sizeof( hash_result ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]557
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]558 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
559 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]560 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
561 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]562 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]563
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]564
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]565 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]566 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]567
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]568 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]569
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]570exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]571 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]572 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]573}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]574/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]575
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]576
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]577/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]578void rsa_pkcs1_sign_raw( data_t * hash_result,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]579 int padding_mode, int mod, int radix_P,
580 char * input_P, int radix_Q, char * input_Q,
581 int radix_N, char * input_N, int radix_E,
Ronald Cronaea41df2020-06-26 14:33:03 +0200[diff] [blame]582 char * input_E, data_t * result_str )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]583{
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]584 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]585 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]586 mbedtls_mpi N, P, Q, E;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]587 rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]588
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]589 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]590 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
591 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]592
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]593 memset( output, 0x00, sizeof( output ) );
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]594 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]595
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]596 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
597 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
598 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
599 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]600
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]601 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
602 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]603 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]604 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]605
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]606
Hanno Becker8fd55482017-08-23 14:07:48 +0100[diff] [blame]607 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_pseudo_rand, &rnd_info,
608 MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_NONE,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]609 hash_result->len, hash_result->x,
610 output ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]611
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]612
Ronald Cronaea41df2020-06-26 14:33:03 +0200[diff] [blame]613 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
614 ctx.len, result_str->len ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]615
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]616#if defined(MBEDTLS_PKCS1_V15)
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]617 /* For PKCS#1 v1.5, there is an alternative way to generate signatures */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]618 if( padding_mode == MBEDTLS_RSA_PKCS_V15 )
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]619 {
Manuel Pégourié-Gonnard1ba8a3f2018-03-13 13:27:14 +0100[diff] [blame]620 int res;
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]621 memset( output, 0x00, sizeof( output) );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]622
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]623 res = mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]624 &rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]625 hash_result->len, hash_result->x, output );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]626
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]627#if !defined(MBEDTLS_RSA_ALT)
628 TEST_ASSERT( res == 0 );
629#else
630 TEST_ASSERT( ( res == 0 ) ||
631 ( res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION ) );
632#endif
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]633
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]634 if( res == 0 )
635 {
Ronald Cronaea41df2020-06-26 14:33:03 +0200[diff] [blame]636 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron9fde3532020-06-10 11:42:32 +0200[diff] [blame]637 ctx.len,
Ronald Cronaea41df2020-06-26 14:33:03 +0200[diff] [blame]638 result_str->len ) == 0 );
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]639 }
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]640 }
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]641#endif /* MBEDTLS_PKCS1_V15 */
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]642
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]643exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]644 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
645 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
646
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]647 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]648}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]649/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]650
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]651/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]652void rsa_pkcs1_verify_raw( data_t * hash_result,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]653 int padding_mode, int mod, int radix_N,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]654 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]655 data_t * result_str, int correct )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]656{
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]657 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]658 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]659
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]660 mbedtls_mpi N, E;
661 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
662
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]663 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]664 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]665
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]666 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
667 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]668
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]669 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
670 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]671 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]672
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]673
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]674 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]675
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]676#if defined(MBEDTLS_PKCS1_V15)
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]677 /* For PKCS#1 v1.5, there is an alternative way to verify signatures */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]678 if( padding_mode == MBEDTLS_RSA_PKCS_V15 )
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]679 {
Manuel Pégourié-Gonnard1ba8a3f2018-03-13 13:27:14 +0100[diff] [blame]680 int res;
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]681 int ok;
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]682 size_t olen;
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]683
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]684 res = mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]685 NULL, NULL, MBEDTLS_RSA_PUBLIC,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]686 &olen, result_str->x, output, sizeof( output ) );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]687
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]688#if !defined(MBEDTLS_RSA_ALT)
689 TEST_ASSERT( res == 0 );
690#else
691 TEST_ASSERT( ( res == 0 ) ||
692 ( res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION ) );
693#endif
694
695 if( res == 0 )
696 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]697 ok = olen == hash_result->len && memcmp( output, hash_result->x, olen ) == 0;
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]698 if( correct == 0 )
699 TEST_ASSERT( ok == 1 );
700 else
701 TEST_ASSERT( ok == 0 );
702 }
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]703 }
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]704#endif /* MBEDTLS_PKCS1_V15 */
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]705
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]706exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]707 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]708 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]709}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]710/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]711
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]712/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]713void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]714 int mod, int radix_N, char * input_N,
715 int radix_E, char * input_E,
Ronald Cronaea41df2020-06-26 14:33:03 +0200[diff] [blame]716 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]717{
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]718 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]719 mbedtls_rsa_context ctx;
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]720 rnd_pseudo_info rnd_info;
721
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]722 mbedtls_mpi N, E;
723 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
724
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]725 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]726
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]727 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]728 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]729
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]730 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
731 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]732
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]733 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
734 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]735 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]736
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]737
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]738 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &rnd_pseudo_rand, &rnd_info,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]739 MBEDTLS_RSA_PUBLIC, message_str->len,
740 message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]741 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]742 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]743
Ronald Cronaea41df2020-06-26 14:33:03 +0200[diff] [blame]744 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
745 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]746 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]747
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]748exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]749 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]750 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]751}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]752/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]753
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]754/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]755void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]756 int mod, int radix_N, char * input_N,
757 int radix_E, char * input_E,
Ronald Cronaea41df2020-06-26 14:33:03 +0200[diff] [blame]758 data_t * result_str, int result )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]759{
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]760 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]761 mbedtls_rsa_context ctx;
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]762
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]763 mbedtls_mpi N, E;
764
765 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]766 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]767 memset( output, 0x00, sizeof( output ) );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]768
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]769 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
770 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]771
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]772 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
773 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]774 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]775
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]776
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]777 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &rnd_zero_rand, NULL,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]778 MBEDTLS_RSA_PUBLIC, message_str->len,
779 message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]780 if( result == 0 )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]781 {
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]782
Ronald Cronaea41df2020-06-26 14:33:03 +0200[diff] [blame]783 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
784 ctx.len, result_str->len ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]785 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]786
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]787exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]788 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]789 mbedtls_rsa_free( &ctx );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]790}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]791/* END_CASE */
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]792
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]793/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]794void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]795 int mod, int radix_P, char * input_P,
796 int radix_Q, char * input_Q, int radix_N,
797 char * input_N, int radix_E, char * input_E,
Ronald Cronaea41df2020-06-26 14:33:03 +0200[diff] [blame]798 int max_output, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]799 int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]800{
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]801 unsigned char output[32];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]802 mbedtls_rsa_context ctx;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]803 size_t output_len;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]804 rnd_pseudo_info rnd_info;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]805 mbedtls_mpi N, P, Q, E;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]806
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]807 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
808 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
809
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]810 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]811
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]812 memset( output, 0x00, sizeof( output ) );
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]813 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]814
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]815
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]816 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
817 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
818 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
819 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]820
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]821 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
822 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]823 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]824 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]825
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]826 output_len = 0;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]827
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]828 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE, &output_len, message_str->x, output, max_output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]829 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]830 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]831
Ronald Cronaea41df2020-06-26 14:33:03 +0200[diff] [blame]832 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron9fde3532020-06-10 11:42:32 +0200[diff] [blame]833 output_len,
Ronald Cronaea41df2020-06-26 14:33:03 +0200[diff] [blame]834 result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]835 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]836
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]837exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]838 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
839 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]840 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]841}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]842/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]843
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]844/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]845void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]846 char * input_N, int radix_E, char * input_E,
Ronald Cronaea41df2020-06-26 14:33:03 +0200[diff] [blame]847 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]848{
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]849 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]850 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]851
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]852 mbedtls_mpi N, E;
853
854 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]855 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
856 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]857 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]858
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]859 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
860 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]861
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]862 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Gilles Peskine4d106c12021-06-09 16:24:35 +0200[diff] [blame]863
864 /* Check test data consistency */
865 TEST_ASSERT( message_str->len == (size_t) ( mod / 8 ) );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]866 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]867 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]868
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]869 TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]870 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]871 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]872
Ronald Cronaea41df2020-06-26 14:33:03 +0200[diff] [blame]873 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
874 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]875 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]876
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]877 /* And now with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]878 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]879 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]880 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]881
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]882 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]883
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]884 memset( output, 0x00, sizeof( output ) );
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]885 TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str->x, output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]886 if( result == 0 )
887 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]888
Ronald Cronaea41df2020-06-26 14:33:03 +0200[diff] [blame]889 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
890 ctx.len, result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]891 }
892
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]893exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]894 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]895 mbedtls_rsa_free( &ctx );
896 mbedtls_rsa_free( &ctx2 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]897}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]898/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]899
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]900/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]901void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]902 char * input_P, int radix_Q, char * input_Q,
903 int radix_N, char * input_N, int radix_E,
Ronald Cronaea41df2020-06-26 14:33:03 +0200[diff] [blame]904 char * input_E, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]905 int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]906{
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]907 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]908 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]909 mbedtls_mpi N, P, Q, E;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]910 rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]911 int i;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]912
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]913 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
914 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]915 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
916 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]917
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]918 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]919
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]920 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
921 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
922 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
923 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]924
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]925 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
Gilles Peskine4d106c12021-06-09 16:24:35 +0200[diff] [blame]926
927 /* Check test data consistency */
928 TEST_ASSERT( message_str->len == (size_t) ( mod / 8 ) );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]929 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]930 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]931 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]932
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]933 /* repeat three times to test updating of blinding values */
934 for( i = 0; i < 3; i++ )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]935 {
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]936 memset( output, 0x00, sizeof( output ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]937 TEST_ASSERT( mbedtls_rsa_private( &ctx, rnd_pseudo_rand, &rnd_info,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]938 message_str->x, output ) == result );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]939 if( result == 0 )
940 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]941
Ronald Cronaea41df2020-06-26 14:33:03 +0200[diff] [blame]942 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron9fde3532020-06-10 11:42:32 +0200[diff] [blame]943 ctx.len,
Ronald Cronaea41df2020-06-26 14:33:03 +0200[diff] [blame]944 result_str->len ) == 0 );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]945 }
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]946 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]947
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]948 /* And now one more time with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]949 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]950 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]951 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]952
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]953 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]954
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]955 memset( output, 0x00, sizeof( output ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]956 TEST_ASSERT( mbedtls_rsa_private( &ctx2, rnd_pseudo_rand, &rnd_info,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]957 message_str->x, output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]958 if( result == 0 )
959 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]960
Ronald Cronaea41df2020-06-26 14:33:03 +0200[diff] [blame]961 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron9fde3532020-06-10 11:42:32 +0200[diff] [blame]962 ctx2.len,
Ronald Cronaea41df2020-06-26 14:33:03 +0200[diff] [blame]963 result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]964 }
965
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]966exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]967 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
968 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
969
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]970 mbedtls_rsa_free( &ctx ); mbedtls_rsa_free( &ctx2 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]971}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]972/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]973
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]974/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]975void rsa_check_privkey_null( )
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]976{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]977 mbedtls_rsa_context ctx;
978 memset( &ctx, 0x00, sizeof( mbedtls_rsa_context ) );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]979
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]980 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]981}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]982/* END_CASE */
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]983
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]984/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]985void mbedtls_rsa_check_pubkey( int radix_N, char * input_N, int radix_E,
986 char * input_E, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]987{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]988 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]989 mbedtls_mpi N, E;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]990
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]991 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]992 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]993
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]994 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]995 {
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]996 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]997 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]998 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]999 {
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1000 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1001 }
1002
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]1003 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1004 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1005
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1006exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]1007 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1008 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1009}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1010/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1011
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1012/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1013void mbedtls_rsa_check_privkey( int mod, int radix_P, char * input_P,
1014 int radix_Q, char * input_Q, int radix_N,
1015 char * input_N, int radix_E, char * input_E,
1016 int radix_D, char * input_D, int radix_DP,
1017 char * input_DP, int radix_DQ,
1018 char * input_DQ, int radix_QP,
1019 char * input_QP, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1020{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1021 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1022
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1023 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1024
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1025 ctx.len = mod / 8;
1026 if( strlen( input_P ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1027 {
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1028 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.P, radix_P, input_P ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1029 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1030 if( strlen( input_Q ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1031 {
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1032 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.Q, radix_Q, input_Q ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1033 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1034 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1035 {
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1036 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1037 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1038 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1039 {
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1040 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1041 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1042 if( strlen( input_D ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1043 {
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1044 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.D, radix_D, input_D ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1045 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1046#if !defined(MBEDTLS_RSA_NO_CRT)
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1047 if( strlen( input_DP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1048 {
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1049 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.DP, radix_DP, input_DP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1050 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1051 if( strlen( input_DQ ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1052 {
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1053 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1054 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1055 if( strlen( input_QP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1056 {
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1057 TEST_ASSERT( mbedtls_test_read_mpi( &ctx.QP, radix_QP, input_QP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1058 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1059#else
1060 ((void) radix_DP); ((void) input_DP);
1061 ((void) radix_DQ); ((void) input_DQ);
1062 ((void) radix_QP); ((void) input_QP);
1063#endif
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1064
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1065 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1066
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1067exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1068 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1069}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1070/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1071
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1072/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1073void rsa_check_pubpriv( int mod, int radix_Npub, char * input_Npub,
1074 int radix_Epub, char * input_Epub, int radix_P,
1075 char * input_P, int radix_Q, char * input_Q,
1076 int radix_N, char * input_N, int radix_E,
1077 char * input_E, int radix_D, char * input_D,
1078 int radix_DP, char * input_DP, int radix_DQ,
1079 char * input_DQ, int radix_QP, char * input_QP,
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1080 int result )
1081{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1082 mbedtls_rsa_context pub, prv;
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1083
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1084 mbedtls_rsa_init( &pub, MBEDTLS_RSA_PKCS_V15, 0 );
1085 mbedtls_rsa_init( &prv, MBEDTLS_RSA_PKCS_V15, 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1086
1087 pub.len = mod / 8;
1088 prv.len = mod / 8;
1089
1090 if( strlen( input_Npub ) )
1091 {
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1092 TEST_ASSERT( mbedtls_test_read_mpi( &pub.N, radix_Npub, input_Npub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1093 }
1094 if( strlen( input_Epub ) )
1095 {
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1096 TEST_ASSERT( mbedtls_test_read_mpi( &pub.E, radix_Epub, input_Epub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1097 }
1098
1099 if( strlen( input_P ) )
1100 {
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1101 TEST_ASSERT( mbedtls_test_read_mpi( &prv.P, radix_P, input_P ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1102 }
1103 if( strlen( input_Q ) )
1104 {
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1105 TEST_ASSERT( mbedtls_test_read_mpi( &prv.Q, radix_Q, input_Q ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1106 }
1107 if( strlen( input_N ) )
1108 {
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1109 TEST_ASSERT( mbedtls_test_read_mpi( &prv.N, radix_N, input_N ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1110 }
1111 if( strlen( input_E ) )
1112 {
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1113 TEST_ASSERT( mbedtls_test_read_mpi( &prv.E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1114 }
1115 if( strlen( input_D ) )
1116 {
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1117 TEST_ASSERT( mbedtls_test_read_mpi( &prv.D, radix_D, input_D ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1118 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1119#if !defined(MBEDTLS_RSA_NO_CRT)
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1120 if( strlen( input_DP ) )
1121 {
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1122 TEST_ASSERT( mbedtls_test_read_mpi( &prv.DP, radix_DP, input_DP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1123 }
1124 if( strlen( input_DQ ) )
1125 {
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1126 TEST_ASSERT( mbedtls_test_read_mpi( &prv.DQ, radix_DQ, input_DQ ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1127 }
1128 if( strlen( input_QP ) )
1129 {
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1130 TEST_ASSERT( mbedtls_test_read_mpi( &prv.QP, radix_QP, input_QP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1131 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1132#else
1133 ((void) radix_DP); ((void) input_DP);
1134 ((void) radix_DQ); ((void) input_DQ);
1135 ((void) radix_QP); ((void) input_QP);
1136#endif
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1137
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1138 TEST_ASSERT( mbedtls_rsa_check_pub_priv( &pub, &prv ) == result );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1139
1140exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1141 mbedtls_rsa_free( &pub );
1142 mbedtls_rsa_free( &prv );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1143}
1144/* END_CASE */
1145
Hanno Beckerd4a872e2017-09-07 08:09:33 +0100[diff] [blame]1146/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1147void mbedtls_rsa_gen_key( int nrbits, int exponent, int result)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1148{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1149 mbedtls_rsa_context ctx;
1150 mbedtls_entropy_context entropy;
1151 mbedtls_ctr_drbg_context ctr_drbg;
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]1152 const char *pers = "test_suite_rsa";
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1153
Manuel Pégourié-Gonnard8d128ef2015-04-28 22:38:08 +0200[diff] [blame]1154 mbedtls_ctr_drbg_init( &ctr_drbg );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1155 mbedtls_entropy_init( &entropy );
Hanno Becker7e8e57c2017-07-23 10:19:29 +0100[diff] [blame]1156 mbedtls_rsa_init ( &ctx, 0, 0 );
Paul Bakkerc0a1a312011-12-04 17:12:15 +0000[diff] [blame]1157
Hanno Beckera47023e2017-12-22 17:08:03 +0000[diff] [blame]1158 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1159 &entropy, (const unsigned char *) pers,
1160 strlen( pers ) ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1161
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1162 TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1163 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1164 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1165 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Janos Follathef441782016-09-21 13:18:12 +0100[diff] [blame]1166 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &ctx.Q ) > 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1167 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1168
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1169exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1170 mbedtls_rsa_free( &ctx );
1171 mbedtls_ctr_drbg_free( &ctr_drbg );
1172 mbedtls_entropy_free( &entropy );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1173}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1174/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1175
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1176/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Hanno Becker0f65e0c2017-10-03 14:39:16 +0100[diff] [blame]1177void mbedtls_rsa_deduce_primes( int radix_N, char *input_N,
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1178 int radix_D, char *input_D,
1179 int radix_E, char *input_E,
1180 int radix_P, char *output_P,
1181 int radix_Q, char *output_Q,
1182 int corrupt, int result )
1183{
1184 mbedtls_mpi N, P, Pp, Q, Qp, D, E;
1185
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1186 mbedtls_mpi_init( &N );
1187 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1188 mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp );
1189 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1190
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1191 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
1192 TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
1193 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
1194 TEST_ASSERT( mbedtls_test_read_mpi( &Qp, radix_P, output_P ) == 0 );
1195 TEST_ASSERT( mbedtls_test_read_mpi( &Pp, radix_Q, output_Q ) == 0 );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1196
1197 if( corrupt )
1198 TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 );
1199
1200 /* Try to deduce P, Q from N, D, E only. */
Hanno Beckerf9e184b2017-10-10 16:49:26 +0100[diff] [blame]1201 TEST_ASSERT( mbedtls_rsa_deduce_primes( &N, &D, &E, &P, &Q ) == result );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1202
1203 if( !corrupt )
1204 {
1205 /* Check if (P,Q) = (Pp, Qp) or (P,Q) = (Qp, Pp) */
1206 TEST_ASSERT( ( mbedtls_mpi_cmp_mpi( &P, &Pp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Qp ) == 0 ) ||
1207 ( mbedtls_mpi_cmp_mpi( &P, &Qp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Pp ) == 0 ) );
1208 }
1209
1210exit:
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1211 mbedtls_mpi_free( &N );
1212 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1213 mbedtls_mpi_free( &Pp ); mbedtls_mpi_free( &Qp );
1214 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1215}
1216/* END_CASE */
1217
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1218/* BEGIN_CASE */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1219void mbedtls_rsa_deduce_private_exponent( int radix_P, char *input_P,
1220 int radix_Q, char *input_Q,
1221 int radix_E, char *input_E,
1222 int radix_D, char *output_D,
1223 int corrupt, int result )
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1224{
1225 mbedtls_mpi P, Q, D, Dp, E, R, Rp;
1226
1227 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1228 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &Dp );
1229 mbedtls_mpi_init( &E );
1230 mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp );
1231
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1232 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
1233 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
1234 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
1235 TEST_ASSERT( mbedtls_test_read_mpi( &Dp, radix_D, output_D ) == 0 );
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1236
1237 if( corrupt )
1238 {
1239 /* Make E even */
1240 TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 0 ) == 0 );
1241 }
1242
1243 /* Try to deduce D from N, P, Q, E. */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1244 TEST_ASSERT( mbedtls_rsa_deduce_private_exponent( &P, &Q,
1245 &E, &D ) == result );
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1246
1247 if( !corrupt )
1248 {
1249 /*
1250 * Check that D and Dp agree modulo LCM(P-1, Q-1).
1251 */
1252
1253 /* Replace P,Q by P-1, Q-1 */
1254 TEST_ASSERT( mbedtls_mpi_sub_int( &P, &P, 1 ) == 0 );
1255 TEST_ASSERT( mbedtls_mpi_sub_int( &Q, &Q, 1 ) == 0 );
1256
1257 /* Check D == Dp modulo P-1 */
1258 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &P ) == 0 );
1259 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &P ) == 0 );
1260 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1261
1262 /* Check D == Dp modulo Q-1 */
1263 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &Q ) == 0 );
1264 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &Q ) == 0 );
1265 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1266 }
1267
1268exit:
1269
1270 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1271 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &Dp );
1272 mbedtls_mpi_free( &E );
1273 mbedtls_mpi_free( &R ); mbedtls_mpi_free( &Rp );
1274}
1275/* END_CASE */
1276
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1277/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1278void mbedtls_rsa_import( int radix_N, char *input_N,
1279 int radix_P, char *input_P,
1280 int radix_Q, char *input_Q,
1281 int radix_D, char *input_D,
1282 int radix_E, char *input_E,
1283 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1284 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1285 int res_check,
1286 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1287{
1288 mbedtls_mpi N, P, Q, D, E;
1289 mbedtls_rsa_context ctx;
1290
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1291 /* Buffers used for encryption-decryption test */
1292 unsigned char *buf_orig = NULL;
1293 unsigned char *buf_enc = NULL;
1294 unsigned char *buf_dec = NULL;
1295
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1296 mbedtls_entropy_context entropy;
1297 mbedtls_ctr_drbg_context ctr_drbg;
1298 const char *pers = "test_suite_rsa";
1299
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1300 const int have_N = ( strlen( input_N ) > 0 );
1301 const int have_P = ( strlen( input_P ) > 0 );
1302 const int have_Q = ( strlen( input_Q ) > 0 );
1303 const int have_D = ( strlen( input_D ) > 0 );
1304 const int have_E = ( strlen( input_E ) > 0 );
1305
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1306 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1307 mbedtls_entropy_init( &entropy );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1308 mbedtls_rsa_init( &ctx, 0, 0 );
1309
1310 mbedtls_mpi_init( &N );
1311 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1312 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1313
Hanno Beckerd4d60572018-01-10 07:12:01 +0000[diff] [blame]1314 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
1315 (const unsigned char *) pers, strlen( pers ) ) == 0 );
1316
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1317 if( have_N )
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1318 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1319
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1320 if( have_P )
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1321 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1322
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1323 if( have_Q )
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1324 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1325
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1326 if( have_D )
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1327 TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1328
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1329 if( have_E )
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1330 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1331
1332 if( !successive )
1333 {
1334 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1335 have_N ? &N : NULL,
1336 have_P ? &P : NULL,
1337 have_Q ? &Q : NULL,
1338 have_D ? &D : NULL,
1339 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1340 }
1341 else
1342 {
1343 /* Import N, P, Q, D, E separately.
1344 * This should make no functional difference. */
1345
1346 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1347 have_N ? &N : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1348 NULL, NULL, NULL, NULL ) == 0 );
1349
1350 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1351 NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1352 have_P ? &P : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1353 NULL, NULL, NULL ) == 0 );
1354
1355 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1356 NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1357 have_Q ? &Q : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1358 NULL, NULL ) == 0 );
1359
1360 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1361 NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1362 have_D ? &D : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1363 NULL ) == 0 );
1364
1365 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1366 NULL, NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1367 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1368 }
1369
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1370 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1371
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1372 /* On expected success, perform some public and private
1373 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1374 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1375 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1376 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1377 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1378 else
1379 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1380
1381 if( res_check != 0 )
1382 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1383
1384 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1385 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1386 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1387 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1388 goto exit;
1389
1390 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1391 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1392
1393 /* Make sure the number we're generating is smaller than the modulus */
1394 buf_orig[0] = 0x00;
1395
1396 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1397
1398 if( is_priv )
1399 {
1400 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1401 &ctr_drbg, buf_enc,
1402 buf_dec ) == 0 );
1403
1404 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1405 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1406 }
1407 }
1408
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1409exit:
1410
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1411 mbedtls_free( buf_orig );
1412 mbedtls_free( buf_enc );
1413 mbedtls_free( buf_dec );
1414
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1415 mbedtls_rsa_free( &ctx );
1416
1417 mbedtls_ctr_drbg_free( &ctr_drbg );
1418 mbedtls_entropy_free( &entropy );
1419
1420 mbedtls_mpi_free( &N );
1421 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1422 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1423}
1424/* END_CASE */
1425
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1426/* BEGIN_CASE */
1427void mbedtls_rsa_export( int radix_N, char *input_N,
1428 int radix_P, char *input_P,
1429 int radix_Q, char *input_Q,
1430 int radix_D, char *input_D,
1431 int radix_E, char *input_E,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1432 int is_priv,
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1433 int successive )
1434{
1435 /* Original MPI's with which we set up the RSA context */
1436 mbedtls_mpi N, P, Q, D, E;
1437
1438 /* Exported MPI's */
1439 mbedtls_mpi Ne, Pe, Qe, De, Ee;
1440
1441 const int have_N = ( strlen( input_N ) > 0 );
1442 const int have_P = ( strlen( input_P ) > 0 );
1443 const int have_Q = ( strlen( input_Q ) > 0 );
1444 const int have_D = ( strlen( input_D ) > 0 );
1445 const int have_E = ( strlen( input_E ) > 0 );
1446
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1447 mbedtls_rsa_context ctx;
1448
1449 mbedtls_rsa_init( &ctx, 0, 0 );
1450
1451 mbedtls_mpi_init( &N );
1452 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1453 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1454
1455 mbedtls_mpi_init( &Ne );
1456 mbedtls_mpi_init( &Pe ); mbedtls_mpi_init( &Qe );
1457 mbedtls_mpi_init( &De ); mbedtls_mpi_init( &Ee );
1458
1459 /* Setup RSA context */
1460
1461 if( have_N )
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1462 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1463
1464 if( have_P )
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1465 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1466
1467 if( have_Q )
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1468 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1469
1470 if( have_D )
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1471 TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1472
1473 if( have_E )
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1474 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1475
1476 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1477 strlen( input_N ) ? &N : NULL,
1478 strlen( input_P ) ? &P : NULL,
1479 strlen( input_Q ) ? &Q : NULL,
1480 strlen( input_D ) ? &D : NULL,
1481 strlen( input_E ) ? &E : NULL ) == 0 );
1482
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1483 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1484
1485 /*
1486 * Export parameters and compare to original ones.
1487 */
1488
1489 /* N and E must always be present. */
1490 if( !successive )
1491 {
1492 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, &Ee ) == 0 );
1493 }
1494 else
1495 {
1496 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, NULL ) == 0 );
1497 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL, NULL, &Ee ) == 0 );
1498 }
1499 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &Ne ) == 0 );
1500 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &E, &Ee ) == 0 );
1501
1502 /* If we were providing enough information to setup a complete private context,
1503 * we expect to be able to export all core parameters. */
1504
1505 if( is_priv )
1506 {
1507 if( !successive )
1508 {
1509 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, &Qe,
1510 &De, NULL ) == 0 );
1511 }
1512 else
1513 {
1514 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, NULL,
1515 NULL, NULL ) == 0 );
1516 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, &Qe,
1517 NULL, NULL ) == 0 );
1518 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL,
1519 &De, NULL ) == 0 );
1520 }
1521
1522 if( have_P )
1523 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P, &Pe ) == 0 );
1524
1525 if( have_Q )
1526 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &Qe ) == 0 );
1527
1528 if( have_D )
1529 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &D, &De ) == 0 );
1530
1531 /* While at it, perform a sanity check */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1532 TEST_ASSERT( mbedtls_rsa_validate_params( &Ne, &Pe, &Qe, &De, &Ee,
1533 NULL, NULL ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1534 }
1535
1536exit:
1537
1538 mbedtls_rsa_free( &ctx );
1539
1540 mbedtls_mpi_free( &N );
1541 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1542 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1543
1544 mbedtls_mpi_free( &Ne );
1545 mbedtls_mpi_free( &Pe ); mbedtls_mpi_free( &Qe );
1546 mbedtls_mpi_free( &De ); mbedtls_mpi_free( &Ee );
1547}
1548/* END_CASE */
1549
Manuel Pégourié-Gonnardf2c6e342020-05-20 10:34:25 +0200[diff] [blame]1550/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1551void mbedtls_rsa_validate_params( int radix_N, char *input_N,
1552 int radix_P, char *input_P,
1553 int radix_Q, char *input_Q,
1554 int radix_D, char *input_D,
1555 int radix_E, char *input_E,
1556 int prng, int result )
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1557{
1558 /* Original MPI's with which we set up the RSA context */
1559 mbedtls_mpi N, P, Q, D, E;
1560
1561 const int have_N = ( strlen( input_N ) > 0 );
1562 const int have_P = ( strlen( input_P ) > 0 );
1563 const int have_Q = ( strlen( input_Q ) > 0 );
1564 const int have_D = ( strlen( input_D ) > 0 );
1565 const int have_E = ( strlen( input_E ) > 0 );
1566
1567 mbedtls_entropy_context entropy;
1568 mbedtls_ctr_drbg_context ctr_drbg;
1569 const char *pers = "test_suite_rsa";
1570
1571 mbedtls_mpi_init( &N );
1572 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1573 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1574
1575 mbedtls_ctr_drbg_init( &ctr_drbg );
1576 mbedtls_entropy_init( &entropy );
1577 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1578 &entropy, (const unsigned char *) pers,
1579 strlen( pers ) ) == 0 );
1580
1581 if( have_N )
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1582 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1583
1584 if( have_P )
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1585 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1586
1587 if( have_Q )
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1588 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1589
1590 if( have_D )
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1591 TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1592
1593 if( have_E )
Gilles Peskineb8e15342021-06-10 23:18:39 +0200[diff] [blame]1594 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1595
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1596 TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL,
1597 have_P ? &P : NULL,
1598 have_Q ? &Q : NULL,
1599 have_D ? &D : NULL,
1600 have_E ? &E : NULL,
1601 prng ? mbedtls_ctr_drbg_random : NULL,
1602 prng ? &ctr_drbg : NULL ) == result );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1603exit:
1604
1605 mbedtls_ctr_drbg_free( &ctr_drbg );
1606 mbedtls_entropy_free( &entropy );
1607
1608 mbedtls_mpi_free( &N );
1609 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1610 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1611}
1612/* END_CASE */
1613
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1614/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1615void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P,
1616 data_t *input_Q, data_t *input_D,
1617 data_t *input_E, int is_priv,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1618 int successive )
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1619{
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1620 /* Exported buffers */
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]1621 unsigned char bufNe[256];
1622 unsigned char bufPe[128];
1623 unsigned char bufQe[128];
1624 unsigned char bufDe[256];
1625 unsigned char bufEe[1];
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1626
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1627 mbedtls_rsa_context ctx;
1628
1629 mbedtls_rsa_init( &ctx, 0, 0 );
1630
1631 /* Setup RSA context */
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1632 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1633 input_N->len ? input_N->x : NULL, input_N->len,
1634 input_P->len ? input_P->x : NULL, input_P->len,
1635 input_Q->len ? input_Q->x : NULL, input_Q->len,
1636 input_D->len ? input_D->x : NULL, input_D->len,
1637 input_E->len ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1638
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1639 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1640
1641 /*
1642 * Export parameters and compare to original ones.
1643 */
1644
1645 /* N and E must always be present. */
1646 if( !successive )
1647 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1648 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1649 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1650 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1651 }
1652 else
1653 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1654 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1655 NULL, 0, NULL, 0, NULL, 0,
1656 NULL, 0 ) == 0 );
1657 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
1658 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1659 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1660 }
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1661 TEST_ASSERT( memcmp( input_N->x, bufNe, input_N->len ) == 0 );
1662 TEST_ASSERT( memcmp( input_E->x, bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1663
1664 /* If we were providing enough information to setup a complete private context,
1665 * we expect to be able to export all core parameters. */
1666
1667 if( is_priv )
1668 {
1669 if( !successive )
1670 {
1671 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1672 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
1673 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
1674 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1675 NULL, 0 ) == 0 );
1676 }
1677 else
1678 {
1679 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1680 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1681 NULL, 0, NULL, 0,
1682 NULL, 0 ) == 0 );
1683
1684 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1685 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1686 NULL, 0, NULL, 0 ) == 0 );
1687
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1688 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0, NULL, 0,
1689 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1690 NULL, 0 ) == 0 );
1691 }
1692
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1693 if( input_P->len )
1694 TEST_ASSERT( memcmp( input_P->x, bufPe, input_P->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1695
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1696 if( input_Q->len )
1697 TEST_ASSERT( memcmp( input_Q->x, bufQe, input_Q->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1698
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1699 if( input_D->len )
1700 TEST_ASSERT( memcmp( input_D->x, bufDe, input_D->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1701
1702 }
1703
1704exit:
1705 mbedtls_rsa_free( &ctx );
1706}
1707/* END_CASE */
1708
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1709/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1710void mbedtls_rsa_import_raw( data_t *input_N,
1711 data_t *input_P, data_t *input_Q,
1712 data_t *input_D, data_t *input_E,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1713 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1714 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1715 int res_check,
1716 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1717{
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1718 /* Buffers used for encryption-decryption test */
1719 unsigned char *buf_orig = NULL;
1720 unsigned char *buf_enc = NULL;
1721 unsigned char *buf_dec = NULL;
1722
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1723 mbedtls_rsa_context ctx;
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1724 mbedtls_entropy_context entropy;
1725 mbedtls_ctr_drbg_context ctr_drbg;
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1726
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1727 const char *pers = "test_suite_rsa";
1728
1729 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1730 mbedtls_entropy_init( &entropy );
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1731 mbedtls_rsa_init( &ctx, 0, 0 );
1732
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1733 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1734 &entropy, (const unsigned char *) pers,
1735 strlen( pers ) ) == 0 );
1736
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1737 if( !successive )
1738 {
1739 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1740 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
1741 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
1742 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
1743 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
1744 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1745 }
1746 else
1747 {
1748 /* Import N, P, Q, D, E separately.
1749 * This should make no functional difference. */
1750
1751 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1752 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1753 NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1754
1755 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1756 NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1757 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1758 NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1759
1760 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1761 NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1762 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1763 NULL, 0, NULL, 0 ) == 0 );
1764
1765 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1766 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1767 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1768 NULL, 0 ) == 0 );
1769
1770 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1771 NULL, 0, NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1772 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1773 }
1774
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1775 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1776
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1777 /* On expected success, perform some public and private
1778 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1779 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1780 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1781 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1782 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1783 else
1784 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1785
1786 if( res_check != 0 )
1787 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1788
1789 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1790 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1791 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1792 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1793 goto exit;
1794
1795 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1796 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1797
1798 /* Make sure the number we're generating is smaller than the modulus */
1799 buf_orig[0] = 0x00;
1800
1801 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1802
1803 if( is_priv )
1804 {
1805 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1806 &ctr_drbg, buf_enc,
1807 buf_dec ) == 0 );
1808
1809 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1810 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1811 }
1812 }
1813
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1814exit:
1815
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1816 mbedtls_free( buf_orig );
1817 mbedtls_free( buf_enc );
1818 mbedtls_free( buf_dec );
1819
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1820 mbedtls_rsa_free( &ctx );
1821
1822 mbedtls_ctr_drbg_free( &ctr_drbg );
1823 mbedtls_entropy_free( &entropy );
1824
1825}
1826/* END_CASE */
1827
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1828/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1829void rsa_selftest( )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1830{
Andres AG93012e82016-09-09 09:10:28 +0100[diff] [blame]1831 TEST_ASSERT( mbedtls_rsa_self_test( 1 ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1832}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1833/* END_CASE */