Blame - tests/suites/test_suite_rsa.function - mirror/mbed-tls

blob: 169a677260edc3eb36b6202674be41c0b8a868e1 [file] [log] [blame]

Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	1	BEGIN_HEADER
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	2	#include <polarssl/config.h>
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	3	#include <polarssl/rsa.h>
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	4	#include <polarssl/md2.h>
				5	#include <polarssl/md4.h>
				6	#include <polarssl/md5.h>
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	7	#include <polarssl/sha1.h>
				8	#include <polarssl/sha2.h>
				9	#include <polarssl/sha4.h>
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	10	#include <polarssl/havege.h>
Paul Bakker	545570e	2010-07-18 09:00:25 +0000	[diff] [blame]	11
Paul Bakker	a665685	2010-07-18 19:47:14 +0000	[diff] [blame]	12	static int badrand( void *rng_state )
				13	{
				14	if( rng_state != NULL )
				15	rng_state = NULL;
				16
				17	return( 0 );
				18	}
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	19	END_HEADER
				20
				21	BEGIN_CASE
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	22	rsa_pkcs1_sign:message_hex_string:padding_mode:digest:mod:radix_P:input_P:radix_Q:input_Q:radix_N:input_N:radix_E:input_E:result_hex_str:result
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	23	{
				24	unsigned char message_str[1000];
				25	unsigned char hash_result[1000];
				26	unsigned char output[1000];
				27	unsigned char output_str[1000];
				28	rsa_context ctx;
				29	mpi P1, Q1, H, G;
Paul Bakker	69998dd	2009-07-11 19:15:20 +0000	[diff] [blame]	30	int msg_len;
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	31
				32	mpi_init( &P1, &Q1, &H, &G, NULL );
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	33	rsa_init( &ctx, {padding_mode}, 0 );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	34
				35	memset( message_str, 0x00, 1000 );
				36	memset( hash_result, 0x00, 1000 );
				37	memset( output, 0x00, 1000 );
				38	memset( output_str, 0x00, 1000 );
				39
				40	ctx.len = {mod} / 8;
				41	TEST_ASSERT( mpi_read_string( &ctx.P, {radix_P}, {input_P} ) == 0 );
				42	TEST_ASSERT( mpi_read_string( &ctx.Q, {radix_Q}, {input_Q} ) == 0 );
				43	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				44	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				45
				46	TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
				47	TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
				48	TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
				49	TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H ) == 0 );
				50	TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
				51	TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
				52	TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
				53	TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
				54
				55	TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
				56
Paul Bakker	69998dd	2009-07-11 19:15:20 +0000	[diff] [blame]	57	msg_len = unhexify( message_str, {message_hex_string} );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	58
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	59	switch( {digest} )
				60	{
				61	#ifdef POLARSSL_MD2_C
				62	case SIG_RSA_MD2:
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	63	md2( message_str, msg_len, hash_result );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	64	break;
				65	#endif
				66	#ifdef POLARSSL_MD4_C
				67	case SIG_RSA_MD4:
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	68	md4( message_str, msg_len, hash_result );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	69	break;
				70	#endif
				71	#ifdef POLARSSL_MD5_C
				72	case SIG_RSA_MD5:
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	73	md5( message_str, msg_len, hash_result );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	74	break;
				75	#endif
				76	#ifdef POLARSSL_SHA1_C
				77	case SIG_RSA_SHA1:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	78	sha1( message_str, msg_len, hash_result );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	79	break;
				80	#endif
				81	#ifdef POLARSSL_SHA2_C
				82	case SIG_RSA_SHA224:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	83	sha2( message_str, msg_len, hash_result, 1 );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	84	break;
				85	case SIG_RSA_SHA256:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	86	sha2( message_str, msg_len, hash_result, 0 );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	87	break;
				88	#endif
				89	#ifdef POLARSSL_SHA4_C
				90	case SIG_RSA_SHA384:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	91	sha4( message_str, msg_len, hash_result, 1 );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	92	break;
				93	case SIG_RSA_SHA512:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	94	sha4( message_str, msg_len, hash_result, 0 );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	95	break;
				96	#endif
				97	}
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	98
Paul Bakker	9dcc322	2011-03-08 14:16:06 +0000	[diff] [blame]	99	TEST_ASSERT( rsa_pkcs1_sign( &ctx, NULL, NULL, RSA_PRIVATE, {digest}, 0, hash_result, output ) == {result} );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	100	if( {result} == 0 )
				101	{
				102	hexify( output_str, output, ctx.len );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	103
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	104	TEST_ASSERT( strcasecmp( (char *) output_str, {result_hex_str} ) == 0 );
				105	}
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	106	}
				107	END_CASE
				108
				109	BEGIN_CASE
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	110	rsa_pkcs1_verify:message_hex_string:padding_mode:digest:mod:radix_N:input_N:radix_E:input_E:result_hex_str:result
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	111	{
				112	unsigned char message_str[1000];
				113	unsigned char hash_result[1000];
				114	unsigned char result_str[1000];
				115	rsa_context ctx;
Paul Bakker	69998dd	2009-07-11 19:15:20 +0000	[diff] [blame]	116	int msg_len;
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	117
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	118	rsa_init( &ctx, {padding_mode}, 0 );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	119	memset( message_str, 0x00, 1000 );
				120	memset( hash_result, 0x00, 1000 );
				121	memset( result_str, 0x00, 1000 );
				122
				123	ctx.len = {mod} / 8;
				124	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				125	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				126
				127	TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
				128
Paul Bakker	69998dd	2009-07-11 19:15:20 +0000	[diff] [blame]	129	msg_len = unhexify( message_str, {message_hex_string} );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	130	unhexify( result_str, {result_hex_str} );
				131
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	132	switch( {digest} )
				133	{
				134	#ifdef POLARSSL_MD2_C
				135	case SIG_RSA_MD2:
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	136	md2( message_str, msg_len, hash_result );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	137	break;
				138	#endif
				139	#ifdef POLARSSL_MD4_C
				140	case SIG_RSA_MD4:
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	141	md4( message_str, msg_len, hash_result );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	142	break;
				143	#endif
				144	#ifdef POLARSSL_MD5_C
				145	case SIG_RSA_MD5:
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	146	md5( message_str, msg_len, hash_result );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	147	break;
				148	#endif
				149	#ifdef POLARSSL_SHA1_C
				150	case SIG_RSA_SHA1:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	151	sha1( message_str, msg_len, hash_result );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	152	break;
				153	#endif
				154	#ifdef POLARSSL_SHA2_C
				155	case SIG_RSA_SHA224:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	156	sha2( message_str, msg_len, hash_result, 1 );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	157	break;
				158	case SIG_RSA_SHA256:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	159	sha2( message_str, msg_len, hash_result, 0 );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	160	break;
				161	#endif
				162	#ifdef POLARSSL_SHA4_C
				163	case SIG_RSA_SHA384:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	164	sha4( message_str, msg_len, hash_result, 1 );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	165	break;
				166	case SIG_RSA_SHA512:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	167	sha4( message_str, msg_len, hash_result, 0 );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	168	break;
				169	#endif
				170	}
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	171
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	172	TEST_ASSERT( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, {digest}, 0, hash_result, result_str ) == {result} );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	173	}
				174	END_CASE
				175
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	176
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	177	BEGIN_CASE
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	178	rsa_pkcs1_sign_raw:message_hex_string:hash_result_string:padding_mode:mod:radix_P:input_P:radix_Q:input_Q:radix_N:input_N:radix_E:input_E:result_hex_str
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	179	{
				180	unsigned char message_str[1000];
				181	unsigned char hash_result[1000];
				182	unsigned char output[1000];
				183	unsigned char output_str[1000];
				184	rsa_context ctx;
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	185	mpi P1, Q1, H, G;
				186	int msg_len, hash_len;
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	187
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	188	mpi_init( &P1, &Q1, &H, &G, NULL );
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	189	rsa_init( &ctx, {padding_mode}, 0 );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	190
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	191	memset( message_str, 0x00, 1000 );
				192	memset( hash_result, 0x00, 1000 );
				193	memset( output, 0x00, 1000 );
				194	memset( output_str, 0x00, 1000 );
				195
				196	ctx.len = {mod} / 8;
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	197	TEST_ASSERT( mpi_read_string( &ctx.P, {radix_P}, {input_P} ) == 0 );
				198	TEST_ASSERT( mpi_read_string( &ctx.Q, {radix_Q}, {input_Q} ) == 0 );
				199	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				200	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				201
				202	TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
				203	TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
				204	TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
				205	TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H ) == 0 );
				206	TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
				207	TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
				208	TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
				209	TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
				210
				211	TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
				212
				213	msg_len = unhexify( message_str, {message_hex_string} );
				214	hash_len = unhexify( hash_result, {hash_result_string} );
				215
Paul Bakker	9dcc322	2011-03-08 14:16:06 +0000	[diff] [blame]	216	TEST_ASSERT( rsa_pkcs1_sign( &ctx, NULL, NULL, RSA_PRIVATE, SIG_RSA_RAW, hash_len, hash_result, output ) == 0 );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	217
				218	hexify( output_str, output, ctx.len );
				219
				220	TEST_ASSERT( strcasecmp( (char *) output_str, {result_hex_str} ) == 0 );
				221	}
				222	END_CASE
				223
				224	BEGIN_CASE
				225	rsa_pkcs1_verify_raw:message_hex_string:hash_result_string:padding_mode:mod:radix_N:input_N:radix_E:input_E:result_hex_str:correct
				226	{
				227	unsigned char message_str[1000];
				228	unsigned char hash_result[1000];
				229	unsigned char result_str[1000];
				230	rsa_context ctx;
				231	int msg_len, hash_len;
				232
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	233	rsa_init( &ctx, {padding_mode}, 0 );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	234	memset( message_str, 0x00, 1000 );
				235	memset( hash_result, 0x00, 1000 );
				236	memset( result_str, 0x00, 1000 );
				237
				238	ctx.len = {mod} / 8;
				239	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				240	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				241
				242	TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
				243
				244	msg_len = unhexify( message_str, {message_hex_string} );
				245	hash_len = unhexify( hash_result, {hash_result_string} );
				246	unhexify( result_str, {result_hex_str} );
				247
Paul Bakker	fc22c44	2009-07-19 20:36:27 +0000	[diff] [blame]	248	TEST_ASSERT( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_RAW, hash_len, hash_result, result_str ) == {correct} );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	249	}
				250	END_CASE
				251
				252	BEGIN_CASE
				253	rsa_pkcs1_encrypt:message_hex_string:padding_mode:mod:radix_N:input_N:radix_E:input_E:result_hex_str:result
				254	{
				255	unsigned char message_str[1000];
				256	unsigned char output[1000];
				257	unsigned char output_str[1000];
				258	rsa_context ctx;
				259	int msg_len;
Paul Bakker	997bbd1	2011-03-13 15:45:42 +0000	[diff] [blame^]	260	rnd_pseudo_info rnd_info;
				261
				262	memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	263
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	264	rsa_init( &ctx, {padding_mode}, 0 );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	265	memset( message_str, 0x00, 1000 );
				266	memset( output, 0x00, 1000 );
				267	memset( output_str, 0x00, 1000 );
				268
				269	ctx.len = {mod} / 8;
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	270	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				271	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				272
				273	TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
				274
Paul Bakker	69998dd	2009-07-11 19:15:20 +0000	[diff] [blame]	275	msg_len = unhexify( message_str, {message_hex_string} );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	276
Paul Bakker	997bbd1	2011-03-13 15:45:42 +0000	[diff] [blame^]	277	TEST_ASSERT( rsa_pkcs1_encrypt( &ctx, &rnd_pseudo_rand, &rnd_info, RSA_PUBLIC, msg_len, message_str, output ) == {result} );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	278	if( {result} == 0 )
				279	{
				280	hexify( output_str, output, ctx.len );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	281
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	282	TEST_ASSERT( strcasecmp( (char *) output_str, {result_hex_str} ) == 0 );
				283	}
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	284	}
				285	END_CASE
				286
				287	BEGIN_CASE
Paul Bakker	a665685	2010-07-18 19:47:14 +0000	[diff] [blame]	288	rsa_pkcs1_encrypt_bad_rng:message_hex_string:padding_mode:mod:radix_N:input_N:radix_E:input_E:result_hex_str:result
				289	{
				290	unsigned char message_str[1000];
				291	unsigned char output[1000];
				292	unsigned char output_str[1000];
				293	rsa_context ctx;
				294	int msg_len;
Paul Bakker	a665685	2010-07-18 19:47:14 +0000	[diff] [blame]	295
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	296	rsa_init( &ctx, {padding_mode}, 0 );
Paul Bakker	a665685	2010-07-18 19:47:14 +0000	[diff] [blame]	297	memset( message_str, 0x00, 1000 );
				298	memset( output, 0x00, 1000 );
				299	memset( output_str, 0x00, 1000 );
				300
				301	ctx.len = {mod} / 8;
				302	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				303	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				304
				305	TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
				306
				307	msg_len = unhexify( message_str, {message_hex_string} );
				308
Paul Bakker	997bbd1	2011-03-13 15:45:42 +0000	[diff] [blame^]	309	TEST_ASSERT( rsa_pkcs1_encrypt( &ctx, &rnd_zero_rand, NULL, RSA_PUBLIC, msg_len, message_str, output ) == {result} );
Paul Bakker	a665685	2010-07-18 19:47:14 +0000	[diff] [blame]	310	if( {result} == 0 )
				311	{
				312	hexify( output_str, output, ctx.len );
				313
				314	TEST_ASSERT( strcasecmp( (char *) output_str, {result_hex_str} ) == 0 );
				315	}
				316	}
				317	END_CASE
				318
				319	BEGIN_CASE
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	320	rsa_pkcs1_decrypt:message_hex_string:padding_mode:mod:radix_P:input_P:radix_Q:input_Q:radix_N:input_N:radix_E:input_E:max_output:result_hex_str:result
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	321	{
				322	unsigned char message_str[1000];
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	323	unsigned char output[1000];
				324	unsigned char output_str[1000];
				325	rsa_context ctx;
				326	mpi P1, Q1, H, G;
Paul Bakker	69998dd	2009-07-11 19:15:20 +0000	[diff] [blame]	327	int output_len;
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	328
				329	mpi_init( &P1, &Q1, &H, &G, NULL );
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	330	rsa_init( &ctx, {padding_mode}, 0 );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	331
				332	memset( message_str, 0x00, 1000 );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	333	memset( output, 0x00, 1000 );
				334	memset( output_str, 0x00, 1000 );
				335
				336	ctx.len = {mod} / 8;
				337	TEST_ASSERT( mpi_read_string( &ctx.P, {radix_P}, {input_P} ) == 0 );
				338	TEST_ASSERT( mpi_read_string( &ctx.Q, {radix_Q}, {input_Q} ) == 0 );
				339	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				340	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				341
				342	TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
				343	TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
				344	TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
				345	TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H ) == 0 );
				346	TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
				347	TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
				348	TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
				349	TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
				350
				351	TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
				352
				353	unhexify( message_str, {message_hex_string} );
Paul Bakker	69998dd	2009-07-11 19:15:20 +0000	[diff] [blame]	354	output_len = 0;
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	355
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	356	TEST_ASSERT( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, {max_output} ) == {result} );
				357	if( {result} == 0 )
				358	{
				359	hexify( output_str, output, ctx.len );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	360
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	361	TEST_ASSERT( strncasecmp( (char *) output_str, {result_hex_str}, strlen( {result_hex_str} ) ) == 0 );
				362	}
				363	}
				364	END_CASE
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	365
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	366	BEGIN_CASE
				367	rsa_public:message_hex_string:mod:radix_N:input_N:radix_E:input_E:result_hex_str:result
				368	{
				369	unsigned char message_str[1000];
				370	unsigned char output[1000];
				371	unsigned char output_str[1000];
				372	rsa_context ctx;
				373
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	374	rsa_init( &ctx, RSA_PKCS_V15, 0 );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	375	memset( message_str, 0x00, 1000 );
				376	memset( output, 0x00, 1000 );
				377	memset( output_str, 0x00, 1000 );
				378
				379	ctx.len = {mod} / 8;
				380	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				381	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				382
				383	TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
				384
				385	unhexify( message_str, {message_hex_string} );
				386
				387	TEST_ASSERT( rsa_public( &ctx, message_str, output ) == {result} );
				388	if( {result} == 0 )
				389	{
				390	hexify( output_str, output, ctx.len );
				391
				392	TEST_ASSERT( strcasecmp( (char *) output_str, {result_hex_str} ) == 0 );
				393	}
				394	}
				395	END_CASE
				396
				397	BEGIN_CASE
				398	rsa_private:message_hex_string:mod:radix_P:input_P:radix_Q:input_Q:radix_N:input_N:radix_E:input_E:result_hex_str:result
				399	{
				400	unsigned char message_str[1000];
				401	unsigned char output[1000];
				402	unsigned char output_str[1000];
				403	rsa_context ctx;
				404	mpi P1, Q1, H, G;
				405
				406	mpi_init( &P1, &Q1, &H, &G, NULL );
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	407	rsa_init( &ctx, RSA_PKCS_V15, 0 );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	408
				409	memset( message_str, 0x00, 1000 );
				410	memset( output, 0x00, 1000 );
				411	memset( output_str, 0x00, 1000 );
				412
				413	ctx.len = {mod} / 8;
				414	TEST_ASSERT( mpi_read_string( &ctx.P, {radix_P}, {input_P} ) == 0 );
				415	TEST_ASSERT( mpi_read_string( &ctx.Q, {radix_Q}, {input_Q} ) == 0 );
				416	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				417	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				418
				419	TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
				420	TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
				421	TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
				422	TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H ) == 0 );
				423	TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
				424	TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
				425	TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
				426	TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
				427
				428	TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
				429
				430	unhexify( message_str, {message_hex_string} );
				431
				432	TEST_ASSERT( rsa_private( &ctx, message_str, output ) == {result} );
				433	if( {result} == 0 )
				434	{
				435	hexify( output_str, output, ctx.len );
				436
				437	TEST_ASSERT( strcasecmp( (char *) output_str, {result_hex_str} ) == 0 );
				438	}
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	439	}
				440	END_CASE
				441
				442	BEGIN_CASE
Paul Bakker	37940d9f	2009-07-10 22:38:58 +0000	[diff] [blame]	443	rsa_check_privkey_null:
				444	{
				445	rsa_context ctx;
				446	memset( &ctx, 0x00, sizeof( rsa_context ) );
				447
				448	TEST_ASSERT( rsa_check_privkey( &ctx ) == POLARSSL_ERR_RSA_KEY_CHECK_FAILED );
				449	}
				450	END_CASE
				451
				452	BEGIN_CASE
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	453	rsa_check_pubkey:radix_N:input_N:radix_E:input_E:result
				454	{
				455	rsa_context ctx;
				456
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	457	rsa_init( &ctx, RSA_PKCS_V15, 0 );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	458
				459	if( strlen( {input_N} ) )
				460	{
				461	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				462	}
				463	if( strlen( {input_E} ) )
				464	{
				465	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				466	}
				467
				468	TEST_ASSERT( rsa_check_pubkey( &ctx ) == {result} );
				469	}
				470	END_CASE
				471
				472	BEGIN_CASE
				473	rsa_check_privkey:mod:radix_P:input_P:radix_Q:input_Q:radix_N:input_N:radix_E:input_E:radix_D:input_D:result
				474	{
				475	rsa_context ctx;
				476
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	477	rsa_init( &ctx, RSA_PKCS_V15, 0 );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	478
				479	ctx.len = {mod} / 8;
				480	if( strlen( {input_P} ) )
				481	{
				482	TEST_ASSERT( mpi_read_string( &ctx.P, {radix_P}, {input_P} ) == 0 );
				483	}
				484	if( strlen( {input_Q} ) )
				485	{
				486	TEST_ASSERT( mpi_read_string( &ctx.Q, {radix_Q}, {input_Q} ) == 0 );
				487	}
				488	if( strlen( {input_N} ) )
				489	{
				490	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				491	}
				492	if( strlen( {input_E} ) )
				493	{
				494	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				495	}
				496	if( strlen( {input_D} ) )
				497	{
				498	TEST_ASSERT( mpi_read_string( &ctx.D, {radix_D}, {input_D} ) == 0 );
				499	}
				500
				501	TEST_ASSERT( rsa_check_privkey( &ctx ) == {result} );
				502	}
				503	END_CASE
				504
				505	BEGIN_CASE
				506	rsa_gen_key:nrbits:exponent:result
				507	{
				508	rsa_context ctx;
				509	havege_state hs;
				510
				511	havege_init( &hs );
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	512	rsa_init( &ctx, 0, 0 );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	513
Paul Bakker	a802e1a	2010-08-16 11:56:45 +0000	[diff] [blame]	514	TEST_ASSERT( rsa_gen_key( &ctx, havege_rand, &hs, {nrbits}, {exponent} ) == {result} );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	515	if( {result} == 0 )
				516	{
				517	TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
				518	}
				519	}
				520	END_CASE
				521
				522	BEGIN_CASE
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	523	rsa_selftest:
				524	{
				525	TEST_ASSERT( rsa_self_test( 0 ) == 0 );
				526	}
				527	END_CASE