TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 99914146a4a1eb6c147f348cf9a9f581882d88b8 / . / tests / suites / test_suite_pkcs1_v15.function
blob: 273c6044e5a916f46365584182dde03b049b3d89 [file] [log] [blame]
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]1/* BEGIN_HEADER */
2#include "mbedtls/rsa.h"
3#include "mbedtls/md.h"
4/* END_HEADER */
5
6/* BEGIN_DEPENDENCIES
7 * depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
8 * END_DEPENDENCIES
9 */
10
11/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]12void pkcs1_rsaes_v15_encrypt( int mod, int radix_N, char * input_N,
13 int radix_E, char * input_E, int hash,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]14 data_t * message_str, data_t * rnd_buf,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]15 data_t * result_str, int result )
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]16{
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]17 unsigned char output[128];
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]18 mbedtls_rsa_context ctx;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]19 mbedtls_test_rnd_buf_info info;
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]20 mbedtls_mpi N, E;
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]21
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]22 info.buf = rnd_buf->x;
23 info.length = rnd_buf->len;
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]24
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]25 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]26 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]27 memset( output, 0x00, sizeof( output ) );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]28
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]29 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
30 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
31 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
32 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]33 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
34
Gilles Peskine85a6dd42018-10-15 16:32:42 +0200[diff] [blame]35 if( message_str->len == 0 )
36 message_str->x = NULL;
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]37 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx,
38 &mbedtls_test_rnd_buffer_rand,
39 &info, MBEDTLS_RSA_PUBLIC,
40 message_str->len, message_str->x,
41 output ) == result );
42
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]43 if( result == 0 )
44 {
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]45 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
46 ctx.len, result_str->len ) == 0 );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]47 }
48
49exit:
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]50 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]51 mbedtls_rsa_free( &ctx );
52}
53/* END_CASE */
54
55/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]56void pkcs1_rsaes_v15_decrypt( int mod, int radix_P, char * input_P,
57 int radix_Q, char * input_Q, int radix_N,
58 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]59 int hash, data_t * result_str,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]60 char * seed, data_t * message_str,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]61 int result )
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]62{
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]63 unsigned char output[128];
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]64 mbedtls_rsa_context ctx;
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]65 size_t output_len;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]66 mbedtls_test_rnd_pseudo_info rnd_info;
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]67 mbedtls_mpi N, P, Q, E;
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]68 ((void) seed);
69
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]70 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
71 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]72 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
73
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]74 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]75 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]76
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]77 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
78 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
79 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
80 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]81
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]82 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
83 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]84 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]85 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
86
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]87 if( result_str->len == 0 )
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]88 {
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]89 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx,
90 &mbedtls_test_rnd_pseudo_rand,
91 &rnd_info,
92 MBEDTLS_RSA_PRIVATE,
93 &output_len, message_str->x,
94 NULL, 0 ) == result );
Gilles Peskine85a6dd42018-10-15 16:32:42 +0200[diff] [blame]95 }
96 else
97 {
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]98 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx,
99 &mbedtls_test_rnd_pseudo_rand,
100 &rnd_info, MBEDTLS_RSA_PRIVATE,
101 &output_len, message_str->x,
102 output, 1000 ) == result );
Gilles Peskine85a6dd42018-10-15 16:32:42 +0200[diff] [blame]103 if( result == 0 )
104 {
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]105 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]106 output_len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]107 result_str->len) == 0 );
Gilles Peskine85a6dd42018-10-15 16:32:42 +0200[diff] [blame]108 }
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]109 }
110
111exit:
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]112 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
113 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]114 mbedtls_rsa_free( &ctx );
115}
116/* END_CASE */
117
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]118/* BEGIN_CASE */
Thomas Daubney99914142021-05-06 15:17:03 +0100[diff] [blame^]119void pkcs1_v15_decode( data_t *input,
Gilles Peskine695a3462018-10-05 18:15:25 +0200[diff] [blame]120 int expected_plaintext_length_arg,
121 int output_size_arg,
122 int expected_result )
123{
124 size_t expected_plaintext_length = expected_plaintext_length_arg;
125 size_t output_size = output_size_arg;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]126 mbedtls_test_rnd_pseudo_info rnd_info;
Gilles Peskine695a3462018-10-05 18:15:25 +0200[diff] [blame]127 mbedtls_mpi Nmpi, Empi, Pmpi, Qmpi;
128 mbedtls_rsa_context ctx;
129 static unsigned char N[128] = {
130 0xc4, 0x79, 0x4c, 0x6d, 0xb2, 0xe9, 0xdf, 0xc5,
131 0xe5, 0xd7, 0x55, 0x4b, 0xfb, 0x6c, 0x2e, 0xec,
132 0x84, 0xd0, 0x88, 0x12, 0xaf, 0xbf, 0xb4, 0xf5,
133 0x47, 0x3c, 0x7e, 0x92, 0x4c, 0x58, 0xc8, 0x73,
134 0xfe, 0x8f, 0x2b, 0x8f, 0x8e, 0xc8, 0x5c, 0xf5,
135 0x05, 0xeb, 0xfb, 0x0d, 0x7b, 0x2a, 0x93, 0xde,
136 0x15, 0x0d, 0xc8, 0x13, 0xcf, 0xd2, 0x6f, 0x0d,
137 0x9d, 0xad, 0x30, 0xe5, 0x70, 0x20, 0x92, 0x9e,
138 0xb3, 0x6b, 0xba, 0x5c, 0x50, 0x0f, 0xc3, 0xb2,
139 0x7e, 0x64, 0x07, 0x94, 0x7e, 0xc9, 0x4e, 0xc1,
140 0x65, 0x04, 0xaf, 0xb3, 0x9f, 0xde, 0xa8, 0x46,
141 0xfa, 0x6c, 0xf3, 0x03, 0xaf, 0x1c, 0x1b, 0xec,
142 0x75, 0x44, 0x66, 0x77, 0xc9, 0xde, 0x51, 0x33,
143 0x64, 0x27, 0xb0, 0xd4, 0x8d, 0x31, 0x6a, 0x11,
144 0x27, 0x3c, 0x99, 0xd4, 0x22, 0xc0, 0x9d, 0x12,
145 0x01, 0xc7, 0x4a, 0x73, 0xac, 0xbf, 0xc2, 0xbb
146 };
147 static unsigned char E[1] = { 0x03 };
148 static unsigned char P[64] = {
149 0xe5, 0x53, 0x1f, 0x88, 0x51, 0xee, 0x59, 0xf8,
150 0xc1, 0xe4, 0xcc, 0x5b, 0xb3, 0x75, 0x8d, 0xc8,
151 0xe8, 0x95, 0x2f, 0xd0, 0xef, 0x37, 0xb4, 0xcd,
152 0xd3, 0x9e, 0x48, 0x8b, 0x81, 0x58, 0x60, 0xb9,
153 0x27, 0x1d, 0xb6, 0x28, 0x92, 0x64, 0xa3, 0xa5,
154 0x64, 0xbd, 0xcc, 0x53, 0x68, 0xdd, 0x3e, 0x55,
155 0xea, 0x9d, 0x5e, 0xcd, 0x1f, 0x96, 0x87, 0xf1,
156 0x29, 0x75, 0x92, 0x70, 0x8f, 0x28, 0xfb, 0x2b
157 };
158 static unsigned char Q[64] = {
159 0xdb, 0x53, 0xef, 0x74, 0x61, 0xb4, 0x20, 0x3b,
160 0x3b, 0x87, 0x76, 0x75, 0x81, 0x56, 0x11, 0x03,
161 0x59, 0x31, 0xe3, 0x38, 0x4b, 0x8c, 0x7a, 0x9c,
162 0x05, 0xd6, 0x7f, 0x1e, 0x5e, 0x60, 0xf0, 0x4e,
163 0x0b, 0xdc, 0x34, 0x54, 0x1c, 0x2e, 0x90, 0x83,
164 0x14, 0xef, 0xc0, 0x96, 0x5c, 0x30, 0x10, 0xcc,
165 0xc1, 0xba, 0xa0, 0x54, 0x3f, 0x96, 0x24, 0xca,
166 0xa3, 0xfb, 0x55, 0xbc, 0x71, 0x29, 0x4e, 0xb1
167 };
168 unsigned char original[128];
169 unsigned char intermediate[128];
170 static unsigned char default_content[128] = {
171 /* A randomly generated pattern. */
172 0x4c, 0x27, 0x54, 0xa0, 0xce, 0x0d, 0x09, 0x4a,
173 0x1c, 0x38, 0x8e, 0x2d, 0xa3, 0xc4, 0xe0, 0x19,
174 0x4c, 0x99, 0xb2, 0xbf, 0xe6, 0x65, 0x7e, 0x58,
175 0xd7, 0xb6, 0x8a, 0x05, 0x2f, 0xa5, 0xec, 0xa4,
176 0x35, 0xad, 0x10, 0x36, 0xff, 0x0d, 0x08, 0x50,
177 0x74, 0x47, 0xc9, 0x9c, 0x4a, 0xe7, 0xfd, 0xfa,
178 0x83, 0x5f, 0x14, 0x5a, 0x1e, 0xe7, 0x35, 0x08,
179 0xad, 0xf7, 0x0d, 0x86, 0xdf, 0xb8, 0xd4, 0xcf,
180 0x32, 0xb9, 0x5c, 0xbe, 0xa3, 0xd2, 0x89, 0x70,
181 0x7b, 0xc6, 0x48, 0x7e, 0x58, 0x4d, 0xf3, 0xef,
182 0x34, 0xb7, 0x57, 0x54, 0x79, 0xc5, 0x8e, 0x0a,
183 0xa3, 0xbf, 0x6d, 0x42, 0x83, 0x25, 0x13, 0xa2,
184 0x95, 0xc0, 0x0d, 0x32, 0xec, 0x77, 0x91, 0x2b,
185 0x68, 0xb6, 0x8c, 0x79, 0x15, 0xfb, 0x94, 0xde,
186 0xb9, 0x2b, 0x94, 0xb3, 0x28, 0x23, 0x86, 0x3d,
187 0x37, 0x00, 0xe6, 0xf1, 0x1f, 0x4e, 0xd4, 0x42
188 };
189 unsigned char final[128];
190 size_t output_length = 0x7EA0;
191
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]192 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Gilles Peskine695a3462018-10-05 18:15:25 +0200[diff] [blame]193 mbedtls_mpi_init( &Nmpi ); mbedtls_mpi_init( &Empi );
194 mbedtls_mpi_init( &Pmpi ); mbedtls_mpi_init( &Qmpi );
195 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
196
197 TEST_ASSERT( mbedtls_mpi_read_binary( &Nmpi, N, sizeof( N ) ) == 0 );
198 TEST_ASSERT( mbedtls_mpi_read_binary( &Empi, E, sizeof( E ) ) == 0 );
199 TEST_ASSERT( mbedtls_mpi_read_binary( &Pmpi, P, sizeof( P ) ) == 0 );
200 TEST_ASSERT( mbedtls_mpi_read_binary( &Qmpi, Q, sizeof( Q ) ) == 0 );
201
202 TEST_ASSERT( mbedtls_rsa_import( &ctx, &Nmpi, &Pmpi, &Qmpi,
203 NULL, &Empi ) == 0 );
204 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
205
206 TEST_ASSERT( input->len <= sizeof( N ) );
207 memcpy( original, input->x, input->len );
208 memset( original + input->len, 'd', sizeof( original ) - input->len );
Thomas Daubney99914142021-05-06 15:17:03 +0100[diff] [blame^]209 TEST_ASSERT( mbedtls_rsa_public( &ctx, original, intermediate ) == 0 );
Gilles Peskine695a3462018-10-05 18:15:25 +0200[diff] [blame]210
211 memcpy( final, default_content, sizeof( final ) );
212 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]213 &mbedtls_test_rnd_pseudo_rand,
Thomas Daubney99914142021-05-06 15:17:03 +0100[diff] [blame^]214 &rnd_info, MBEDTLS_RSA_PRIVATE, &output_length,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]215 intermediate, final,
Gilles Peskine695a3462018-10-05 18:15:25 +0200[diff] [blame]216 output_size ) == expected_result );
217 if( expected_result == 0 )
218 {
219 TEST_ASSERT( output_length == expected_plaintext_length );
220 TEST_ASSERT( memcmp( original + sizeof( N ) - output_length,
221 final,
222 output_length ) == 0 );
223 }
224 else if( expected_result == MBEDTLS_ERR_RSA_INVALID_PADDING ||
225 expected_result == MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE )
226 {
227 size_t max_payload_length =
228 output_size > sizeof( N ) - 11 ? sizeof( N ) - 11 : output_size;
229 size_t i;
230 size_t count = 0;
231
232#if !defined(MBEDTLS_RSA_ALT)
233 /* Check that the output in invalid cases is what the default
234 * implementation currently does. Alternative implementations
235 * may produce different output, so we only perform these precise
236 * checks when using the default implementation. */
237 TEST_ASSERT( output_length == max_payload_length );
238 for( i = 0; i < max_payload_length; i++ )
239 TEST_ASSERT( final[i] == 0 );
240#endif
241 /* Even in alternative implementations, the outputs must have
242 * changed, otherwise it indicates at least a timing vulnerability
243 * because no write to the outputs is performed in the bad case. */
244 TEST_ASSERT( output_length != 0x7EA0 );
245 for( i = 0; i < max_payload_length; i++ )
246 count += ( final[i] == default_content[i] );
247 /* If more than 16 bytes are unchanged in final, that's evidence
248 * that final wasn't overwritten. */
249 TEST_ASSERT( count < 16 );
250 }
251
252exit:
253 mbedtls_mpi_free( &Nmpi ); mbedtls_mpi_free( &Empi );
254 mbedtls_mpi_free( &Pmpi ); mbedtls_mpi_free( &Qmpi );
255 mbedtls_rsa_free( &ctx );
256}
257/* END_CASE */
258
259/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]260void pkcs1_rsassa_v15_sign( int mod, int radix_P, char * input_P, int radix_Q,
261 char * input_Q, int radix_N, char * input_N,
262 int radix_E, char * input_E, int digest, int hash,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]263 data_t * message_str, data_t * rnd_buf,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]264 data_t * result_str, int result )
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]265{
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]266 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
267 unsigned char output[128];
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]268 mbedtls_rsa_context ctx;
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]269 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]270 mbedtls_test_rnd_buf_info info;
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]271
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]272 info.buf = rnd_buf->x;
273 info.length = rnd_buf->len;
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]274
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]275 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
276 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]277 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
278
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]279 memset( hash_result, 0x00, sizeof( hash_result ) );
280 memset( output, 0x00, sizeof( output ) );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]281
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]282 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
283 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
284 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
285 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]286
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]287 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
288 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]289 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]290 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
291
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]292
293 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]294 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]295
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]296 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_buffer_rand,
297 &info, MBEDTLS_RSA_PRIVATE, digest,
298 0, hash_result, output ) == result );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]299 if( result == 0 )
300 {
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]301
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]302 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
303 ctx.len, result_str->len ) == 0 );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]304 }
305
306exit:
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]307 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
308 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]309 mbedtls_rsa_free( &ctx );
310}
311/* END_CASE */
312
313/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]314void pkcs1_rsassa_v15_verify( int mod, int radix_N, char * input_N,
315 int radix_E, char * input_E, int digest,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]316 int hash, data_t * message_str, char * salt,
317 data_t * result_str, int result )
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]318{
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]319 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]320 mbedtls_rsa_context ctx;
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]321 mbedtls_mpi N, E;
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]322 ((void) salt);
323
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]324 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]325 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]326 memset( hash_result, 0x00, sizeof( hash_result ) );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]327
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]328 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
329 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
330 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
331 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]332 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
333
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]334
335 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]336 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]337
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]338 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]339
340exit:
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]341 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]342 mbedtls_rsa_free( &ctx );
343}
344/* END_CASE */