TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / a05cbecc909e1ab95a68056d4c45eacec340c780 / . / tests / suites / test_suite_rsa.function
blob: bbe23608cc07fbd994c664dfb771497cbde1a939 [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/rsa.h"
Hanno Beckera565f542017-10-11 11:00:19 +0100[diff] [blame]3#include "mbedtls/rsa_internal.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]4#include "mbedtls/md2.h"
5#include "mbedtls/md4.h"
6#include "mbedtls/md5.h"
7#include "mbedtls/sha1.h"
8#include "mbedtls/sha256.h"
9#include "mbedtls/sha512.h"
10#include "mbedtls/entropy.h"
11#include "mbedtls/ctr_drbg.h"
Hanno Becker47deec42017-07-24 12:27:09 +0100[diff] [blame]12
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]13/* END_HEADER */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]14
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]15/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]16 * depends_on:MBEDTLS_RSA_C:MBEDTLS_BIGNUM_C:MBEDTLS_GENPRIME
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]17 * END_DEPENDENCIES
18 */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]19
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]20/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
21void rsa_invalid_param( )
22{
23 mbedtls_rsa_context ctx;
24 const int valid_padding = MBEDTLS_RSA_PKCS_V21;
25 const int invalid_padding = 42;
26 const int valid_mode = MBEDTLS_RSA_PRIVATE;
27 const int invalid_mode = 42;
Cédric Meutera05cbec2020-04-25 15:02:34 +0200[diff] [blame^]28 const int negative_salt_length = -2;
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]29 unsigned char buf[42] = { 0 };
30 size_t olen;
31
32 TEST_INVALID_PARAM( mbedtls_rsa_init( NULL, valid_padding, 0 ) );
33 TEST_INVALID_PARAM( mbedtls_rsa_init( &ctx, invalid_padding, 0 ) );
34 TEST_VALID_PARAM( mbedtls_rsa_free( NULL ) );
35
36 /* No more variants because only the first argument must be non-NULL. */
37 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
38 mbedtls_rsa_import( NULL, NULL, NULL,
39 NULL, NULL, NULL ) );
40 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
41 mbedtls_rsa_import_raw( NULL,
42 NULL, 0,
43 NULL, 0,
44 NULL, 0,
45 NULL, 0,
46 NULL, 0 ) );
47
48 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
49 mbedtls_rsa_complete( NULL ) );
50
51 /* No more variants because only the first argument must be non-NULL. */
52 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
53 mbedtls_rsa_export( NULL, NULL, NULL,
54 NULL, NULL, NULL ) );
55 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
56 mbedtls_rsa_export_raw( NULL,
57 NULL, 0,
58 NULL, 0,
59 NULL, 0,
60 NULL, 0,
61 NULL, 0 ) );
62 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
63 mbedtls_rsa_export_crt( NULL, NULL, NULL, NULL ) );
64
65 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( NULL,
66 valid_padding, 0 ) );
67 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( &ctx,
68 invalid_padding, 0 ) );
69
70 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]71 mbedtls_rsa_gen_key( NULL,
72 mbedtls_test_rnd_std_rand,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]73 NULL, 0, 0 ) );
74 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
75 mbedtls_rsa_gen_key( &ctx, NULL,
76 NULL, 0, 0 ) );
77
78 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
79 mbedtls_rsa_check_pubkey( NULL ) );
80 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
81 mbedtls_rsa_check_privkey( NULL ) );
82
83 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
84 mbedtls_rsa_check_pub_priv( NULL, &ctx ) );
85 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
86 mbedtls_rsa_check_pub_priv( &ctx, NULL ) );
87
88 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
89 mbedtls_rsa_public( NULL, buf, buf ) );
90 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
91 mbedtls_rsa_public( &ctx, NULL, buf ) );
92 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
93 mbedtls_rsa_public( &ctx, buf, NULL ) );
94
95 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
96 mbedtls_rsa_private( NULL, NULL, NULL,
97 buf, buf ) );
98 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
99 mbedtls_rsa_private( &ctx, NULL, NULL,
100 NULL, buf ) );
101 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
102 mbedtls_rsa_private( &ctx, NULL, NULL,
103 buf, NULL ) );
104
105 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
106 mbedtls_rsa_pkcs1_encrypt( NULL, NULL, NULL,
107 valid_mode,
108 sizeof( buf ), buf,
109 buf ) );
110 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
111 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
112 invalid_mode,
113 sizeof( buf ), buf,
114 buf ) );
115 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
116 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
117 valid_mode,
118 sizeof( buf ), NULL,
119 buf ) );
120 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
121 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
122 valid_mode,
123 sizeof( buf ), buf,
124 NULL ) );
125
126 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
127 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( NULL, NULL,
128 NULL,
129 valid_mode,
130 sizeof( buf ), buf,
131 buf ) );
132 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
133 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
134 NULL,
135 invalid_mode,
136 sizeof( buf ), buf,
137 buf ) );
138 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
139 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
140 NULL,
141 valid_mode,
142 sizeof( buf ), NULL,
143 buf ) );
144 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
145 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
146 NULL,
147 valid_mode,
148 sizeof( buf ), buf,
149 NULL ) );
150
151 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
152 mbedtls_rsa_rsaes_oaep_encrypt( NULL, NULL, NULL,
153 valid_mode,
154 buf, sizeof( buf ),
155 sizeof( buf ), buf,
156 buf ) );
157 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
158 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
159 invalid_mode,
160 buf, sizeof( buf ),
161 sizeof( buf ), buf,
162 buf ) );
163 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
164 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
165 valid_mode,
166 NULL, sizeof( buf ),
167 sizeof( buf ), buf,
168 buf ) );
169 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
170 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
171 valid_mode,
172 buf, sizeof( buf ),
173 sizeof( buf ), NULL,
174 buf ) );
175 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
176 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
177 valid_mode,
178 buf, sizeof( buf ),
179 sizeof( buf ), buf,
180 NULL ) );
181
182 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
183 mbedtls_rsa_pkcs1_decrypt( NULL, NULL, NULL,
184 valid_mode, &olen,
185 buf, buf, 42 ) );
186 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
187 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
188 invalid_mode, &olen,
189 buf, buf, 42 ) );
190 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
191 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
192 valid_mode, NULL,
193 buf, buf, 42 ) );
194 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
195 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
196 valid_mode, &olen,
197 NULL, buf, 42 ) );
198 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
199 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
200 valid_mode, &olen,
201 buf, NULL, 42 ) );
202
203 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
204 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( NULL, NULL,
205 NULL,
206 valid_mode, &olen,
207 buf, buf, 42 ) );
208 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
209 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
210 NULL,
211 invalid_mode, &olen,
212 buf, buf, 42 ) );
213 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
214 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
215 NULL,
216 valid_mode, NULL,
217 buf, buf, 42 ) );
218 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
219 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
220 NULL,
221 valid_mode, &olen,
222 NULL, buf, 42 ) );
223 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
224 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
225 NULL,
226 valid_mode, &olen,
227 buf, NULL, 42 ) );
228
229 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
230 mbedtls_rsa_rsaes_oaep_decrypt( NULL, NULL, NULL,
231 valid_mode,
232 buf, sizeof( buf ),
233 &olen,
234 buf, buf, 42 ) );
235 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
236 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
237 invalid_mode,
238 buf, sizeof( buf ),
239 &olen,
240 buf, buf, 42 ) );
241 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
242 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
243 valid_mode,
244 NULL, sizeof( buf ),
245 NULL,
246 buf, buf, 42 ) );
247 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
248 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
249 valid_mode,
250 buf, sizeof( buf ),
251 &olen,
252 NULL, buf, 42 ) );
253 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
254 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
255 valid_mode,
256 buf, sizeof( buf ),
257 &olen,
258 buf, NULL, 42 ) );
259
260 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
261 mbedtls_rsa_pkcs1_sign( NULL, NULL, NULL,
262 valid_mode,
263 0, sizeof( buf ), buf,
264 buf ) );
265 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
266 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
267 invalid_mode,
268 0, sizeof( buf ), buf,
269 buf ) );
270 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
271 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
272 valid_mode,
273 0, sizeof( buf ), NULL,
274 buf ) );
275 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
276 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
277 valid_mode,
278 0, sizeof( buf ), buf,
279 NULL ) );
280 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
281 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
282 valid_mode,
283 MBEDTLS_MD_SHA1,
284 0, NULL,
285 buf ) );
286
287 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
288 mbedtls_rsa_rsassa_pkcs1_v15_sign( NULL, NULL, NULL,
289 valid_mode,
290 0, sizeof( buf ), buf,
291 buf ) );
292 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
293 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
294 invalid_mode,
295 0, sizeof( buf ), buf,
296 buf ) );
297 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
298 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
299 valid_mode,
300 0, sizeof( buf ), NULL,
301 buf ) );
302 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
303 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
304 valid_mode,
305 0, sizeof( buf ), buf,
306 NULL ) );
307 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
308 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
309 valid_mode,
310 MBEDTLS_MD_SHA1,
311 0, NULL,
312 buf ) );
313
314 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
315 mbedtls_rsa_rsassa_pss_sign( NULL, NULL, NULL,
316 valid_mode,
317 0, sizeof( buf ), buf,
318 buf ) );
319 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
320 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
321 invalid_mode,
322 0, sizeof( buf ), buf,
323 buf ) );
324 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
325 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
326 valid_mode,
327 0, sizeof( buf ), NULL,
328 buf ) );
329 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
330 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
331 valid_mode,
332 0, sizeof( buf ), buf,
333 NULL ) );
334 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
335 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
336 valid_mode,
337 MBEDTLS_MD_SHA1,
338 0, NULL,
339 buf ) );
340
341 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Cédric Meutera05cbec2020-04-25 15:02:34 +0200[diff] [blame^]342 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
343 0, sizeof( buf ), buf,
344 negative_salt_length,
345 buf ) );
346 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
347 mbedtls_rsa_rsassa_pss_sign_ext( NULL, NULL, NULL,
348 0, sizeof( buf ), buf,
349 MBEDTLS_RSA_SALT_LEN_ANY,
350 buf ) );
351 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
352 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
353 0, sizeof( buf ), NULL,
354 MBEDTLS_RSA_SALT_LEN_ANY,
355 buf ) );
356 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
357 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
358 0, sizeof( buf ), buf,
359 MBEDTLS_RSA_SALT_LEN_ANY,
360 NULL ) );
361 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
362 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
363 MBEDTLS_MD_SHA1,
364 0, NULL,
365 MBEDTLS_RSA_SALT_LEN_ANY,
366 buf ) );
367
368 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]369 mbedtls_rsa_pkcs1_verify( NULL, NULL, NULL,
370 valid_mode,
371 0, sizeof( buf ), buf,
372 buf ) );
373 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
374 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
375 invalid_mode,
376 0, sizeof( buf ), buf,
377 buf ) );
378 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
379 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
380 valid_mode,
381 0, sizeof( buf ), NULL,
382 buf ) );
383 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
384 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
385 valid_mode,
386 0, sizeof( buf ), buf,
387 NULL ) );
388 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
389 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
390 valid_mode,
391 MBEDTLS_MD_SHA1, 0, NULL,
392 buf ) );
393
394 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
395 mbedtls_rsa_rsassa_pkcs1_v15_verify( NULL, NULL,
396 NULL,
397 valid_mode,
398 0, sizeof( buf ), buf,
399 buf ) );
400 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
401 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
402 NULL,
403 invalid_mode,
404 0, sizeof( buf ), buf,
405 buf ) );
406 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
407 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
408 NULL,
409 valid_mode,
410 0, sizeof( buf ),
411 NULL, buf ) );
412 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
413 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
414 NULL,
415 valid_mode,
416 0, sizeof( buf ), buf,
417 NULL ) );
418 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
419 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
420 NULL,
421 valid_mode,
422 MBEDTLS_MD_SHA1,
423 0, NULL,
424 buf ) );
425
426 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
427 mbedtls_rsa_rsassa_pss_verify( NULL, NULL, NULL,
428 valid_mode,
429 0, sizeof( buf ),
430 buf, buf ) );
431 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
432 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
433 invalid_mode,
434 0, sizeof( buf ),
435 buf, buf ) );
436 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
437 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
438 valid_mode,
439 0, sizeof( buf ),
440 NULL, buf ) );
441 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
442 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
443 valid_mode,
444 0, sizeof( buf ),
445 buf, NULL ) );
446 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
447 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
448 valid_mode,
449 MBEDTLS_MD_SHA1,
450 0, NULL,
451 buf ) );
452
453 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
454 mbedtls_rsa_rsassa_pss_verify_ext( NULL, NULL, NULL,
455 valid_mode,
456 0, sizeof( buf ),
457 buf,
458 0, 0,
459 buf ) );
460 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
461 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
462 invalid_mode,
463 0, sizeof( buf ),
464 buf,
465 0, 0,
466 buf ) );
467 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
468 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
469 valid_mode,
470 0, sizeof( buf ),
471 NULL, 0, 0,
472 buf ) );
473 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
474 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
475 valid_mode,
476 0, sizeof( buf ),
477 buf, 0, 0,
478 NULL ) );
479 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
480 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
481 valid_mode,
482 MBEDTLS_MD_SHA1,
483 0, NULL,
484 0, 0,
485 buf ) );
486
487 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
488 mbedtls_rsa_copy( NULL, &ctx ) );
489 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
490 mbedtls_rsa_copy( &ctx, NULL ) );
491
492exit:
493 return;
494}
495/* END_CASE */
496
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]497/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]498void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]499 int digest, int mod, int radix_P, char * input_P,
500 int radix_Q, char * input_Q, int radix_N,
501 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]502 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]503{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]504 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
505 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]506 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]507 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]508 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]509
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]510 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
511 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]512 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]513
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]514 memset( hash_result, 0x00, sizeof( hash_result ) );
515 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]516 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]517
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]518 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
519 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
520 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
521 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]522
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]523 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
524 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]525 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]526 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]527
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]528
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]529 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]530 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]531
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]532 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
533 &rnd_info, MBEDTLS_RSA_PRIVATE, digest,
534 0, hash_result, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]535 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]536 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]537
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]538 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
539 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]540 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]541
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]542exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]543 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
544 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]545 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]546}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]547/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]548
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]549/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]550void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]551 int digest, int mod, int radix_N,
552 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]553 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]554{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]555 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]556 mbedtls_rsa_context ctx;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]557
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]558 mbedtls_mpi N, E;
559
560 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]561 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]562 memset( hash_result, 0x00, sizeof( hash_result ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]563
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]564 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
565 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
566 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
567 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]568 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]569
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]570
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]571 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]572 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]573
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]574 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]575
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]576exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]577 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]578 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]579}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]580/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]581
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]582
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]583/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]584void rsa_pkcs1_sign_raw( data_t * hash_result,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]585 int padding_mode, int mod, int radix_P,
586 char * input_P, int radix_Q, char * input_Q,
587 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]588 char * input_E, data_t * result_str )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]589{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]590 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]591 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]592 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]593 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]594
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]595 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]596 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
597 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]598
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]599 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]600 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]601
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]602 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
603 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
604 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
605 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]606
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]607 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
608 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]609 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]610 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]611
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]612
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]613 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
614 &rnd_info, MBEDTLS_RSA_PRIVATE,
615 MBEDTLS_MD_NONE, hash_result->len,
616 hash_result->x, output ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]617
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]618
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]619 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
620 ctx.len, result_str->len ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]621
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]622#if defined(MBEDTLS_PKCS1_V15)
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]623 /* For PKCS#1 v1.5, there is an alternative way to generate signatures */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]624 if( padding_mode == MBEDTLS_RSA_PKCS_V15 )
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]625 {
Manuel Pégourié-Gonnard1ba8a3f2018-03-13 13:27:14 +0100[diff] [blame]626 int res;
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]627 memset( output, 0x00, sizeof( output) );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]628
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]629 res = mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]630 &mbedtls_test_rnd_pseudo_rand, &rnd_info,
631 MBEDTLS_RSA_PRIVATE, hash_result->len,
632 hash_result->x, output );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]633
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]634#if !defined(MBEDTLS_RSA_ALT)
635 TEST_ASSERT( res == 0 );
636#else
637 TEST_ASSERT( ( res == 0 ) ||
638 ( res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION ) );
639#endif
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]640
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]641 if( res == 0 )
642 {
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]643 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]644 ctx.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]645 result_str->len ) == 0 );
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]646 }
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]647 }
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]648#endif /* MBEDTLS_PKCS1_V15 */
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]649
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]650exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]651 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
652 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
653
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]654 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]655}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]656/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]657
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]658/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]659void rsa_pkcs1_verify_raw( data_t * hash_result,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]660 int padding_mode, int mod, int radix_N,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]661 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]662 data_t * result_str, int correct )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]663{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]664 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]665 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]666
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]667 mbedtls_mpi N, E;
668 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
669
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]670 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]671 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]672
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]673 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
674 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]675
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]676 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
677 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]678 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]679
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]680
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]681 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]682
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]683#if defined(MBEDTLS_PKCS1_V15)
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]684 /* For PKCS#1 v1.5, there is an alternative way to verify signatures */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]685 if( padding_mode == MBEDTLS_RSA_PKCS_V15 )
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]686 {
Manuel Pégourié-Gonnard1ba8a3f2018-03-13 13:27:14 +0100[diff] [blame]687 int res;
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]688 int ok;
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]689 size_t olen;
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]690
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]691 res = mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]692 NULL, NULL, MBEDTLS_RSA_PUBLIC,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]693 &olen, result_str->x, output, sizeof( output ) );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]694
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]695#if !defined(MBEDTLS_RSA_ALT)
696 TEST_ASSERT( res == 0 );
697#else
698 TEST_ASSERT( ( res == 0 ) ||
699 ( res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION ) );
700#endif
701
702 if( res == 0 )
703 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]704 ok = olen == hash_result->len && memcmp( output, hash_result->x, olen ) == 0;
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]705 if( correct == 0 )
706 TEST_ASSERT( ok == 1 );
707 else
708 TEST_ASSERT( ok == 0 );
709 }
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]710 }
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]711#endif /* MBEDTLS_PKCS1_V15 */
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]712
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]713exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]714 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]715 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]716}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]717/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]718
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]719/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]720void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]721 int mod, int radix_N, char * input_N,
722 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]723 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]724{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]725 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]726 mbedtls_rsa_context ctx;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]727 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]728
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]729 mbedtls_mpi N, E;
730 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
731
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]732 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]733
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]734 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]735 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]736
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]737 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
738 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]739
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]740 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
741 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]742 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]743
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]744
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]745 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx,
746 &mbedtls_test_rnd_pseudo_rand,
747 &rnd_info, MBEDTLS_RSA_PUBLIC,
748 message_str->len, message_str->x,
749 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]750 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]751 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]752
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]753 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
754 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]755 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]756
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]757exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]758 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]759 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]760}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]761/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]762
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]763/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]764void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]765 int mod, int radix_N, char * input_N,
766 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]767 data_t * result_str, int result )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]768{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]769 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]770 mbedtls_rsa_context ctx;
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]771
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]772 mbedtls_mpi N, E;
773
774 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]775 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]776 memset( output, 0x00, sizeof( output ) );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]777
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]778 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
779 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]780
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]781 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
782 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]783 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]784
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]785
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]786 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &mbedtls_test_rnd_zero_rand,
787 NULL, MBEDTLS_RSA_PUBLIC,
788 message_str->len, message_str->x,
789 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]790 if( result == 0 )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]791 {
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]792
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]793 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
794 ctx.len, result_str->len ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]795 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]796
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]797exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]798 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]799 mbedtls_rsa_free( &ctx );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]800}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]801/* END_CASE */
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]802
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]803/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]804void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]805 int mod, int radix_P, char * input_P,
806 int radix_Q, char * input_Q, int radix_N,
807 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]808 int max_output, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]809 int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]810{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]811 unsigned char output[32];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]812 mbedtls_rsa_context ctx;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]813 size_t output_len;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]814 mbedtls_test_rnd_pseudo_info rnd_info;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]815 mbedtls_mpi N, P, Q, E;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]816
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]817 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
818 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
819
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]820 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]821
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]822 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]823 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]824
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]825
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]826 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
827 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
828 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
829 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]830
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]831 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
832 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]833 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]834 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]835
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]836 output_len = 0;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]837
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]838 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, mbedtls_test_rnd_pseudo_rand,
839 &rnd_info, MBEDTLS_RSA_PRIVATE,
840 &output_len, message_str->x, output,
841 max_output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]842 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]843 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]844
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]845 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]846 output_len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]847 result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]848 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]849
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]850exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]851 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
852 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]853 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]854}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]855/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]856
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]857/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]858void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]859 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]860 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]861{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]862 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]863 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]864
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]865 mbedtls_mpi N, E;
866
867 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]868 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
869 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]870 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]871
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]872 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
873 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]874
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]875 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
876 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]877 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]878
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]879
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]880 TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]881 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]882 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]883
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]884 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
885 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]886 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]887
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]888 /* And now with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]889 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]890 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]891 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]892
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]893 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]894
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]895 memset( output, 0x00, sizeof( output ) );
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]896 TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str->x, output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]897 if( result == 0 )
898 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]899
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]900 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
901 ctx.len, result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]902 }
903
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]904exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]905 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]906 mbedtls_rsa_free( &ctx );
907 mbedtls_rsa_free( &ctx2 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]908}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]909/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]910
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]911/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]912void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]913 char * input_P, int radix_Q, char * input_Q,
914 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]915 char * input_E, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]916 int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]917{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]918 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]919 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]920 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]921 mbedtls_test_rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]922 int i;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]923
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]924 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
925 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]926 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
927 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]928
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]929 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]930
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]931 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
932 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
933 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
934 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]935
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]936 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
937 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]938 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]939 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]940
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]941
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]942 /* repeat three times to test updating of blinding values */
943 for( i = 0; i < 3; i++ )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]944 {
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]945 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]946 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_test_rnd_pseudo_rand,
947 &rnd_info, message_str->x,
948 output ) == result );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]949 if( result == 0 )
950 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]951
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]952 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]953 ctx.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]954 result_str->len ) == 0 );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]955 }
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]956 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]957
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]958 /* And now one more time with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]959 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]960 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]961 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]962
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]963 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]964
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]965 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]966 TEST_ASSERT( mbedtls_rsa_private( &ctx2, mbedtls_test_rnd_pseudo_rand,
967 &rnd_info, message_str->x,
968 output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]969 if( result == 0 )
970 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]971
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]972 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]973 ctx2.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]974 result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]975 }
976
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]977exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]978 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
979 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
980
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]981 mbedtls_rsa_free( &ctx ); mbedtls_rsa_free( &ctx2 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]982}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]983/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]984
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]985/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]986void rsa_check_privkey_null( )
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]987{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]988 mbedtls_rsa_context ctx;
989 memset( &ctx, 0x00, sizeof( mbedtls_rsa_context ) );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]990
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]991 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]992}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]993/* END_CASE */
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]994
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]995/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]996void mbedtls_rsa_check_pubkey( int radix_N, char * input_N, int radix_E,
997 char * input_E, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]998{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]999 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]1000 mbedtls_mpi N, E;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1001
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]1002 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1003 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1004
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1005 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1006 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]1007 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1008 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1009 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1010 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]1011 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1012 }
1013
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]1014 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1015 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1016
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1017exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]1018 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1019 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1020}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1021/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1022
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1023/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1024void mbedtls_rsa_check_privkey( int mod, int radix_P, char * input_P,
1025 int radix_Q, char * input_Q, int radix_N,
1026 char * input_N, int radix_E, char * input_E,
1027 int radix_D, char * input_D, int radix_DP,
1028 char * input_DP, int radix_DQ,
1029 char * input_DQ, int radix_QP,
1030 char * input_QP, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1031{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1032 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1033
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1034 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1035
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1036 ctx.len = mod / 8;
1037 if( strlen( input_P ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1038 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1039 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1040 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1041 if( strlen( input_Q ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1042 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1043 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1044 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1045 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1046 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1047 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1048 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1049 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1050 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1051 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1052 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1053 if( strlen( input_D ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1054 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1055 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.D, radix_D, input_D ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1056 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1057#if !defined(MBEDTLS_RSA_NO_CRT)
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1058 if( strlen( input_DP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1059 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1060 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DP, radix_DP, input_DP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1061 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1062 if( strlen( input_DQ ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1063 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1064 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1065 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1066 if( strlen( input_QP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1067 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1068 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.QP, radix_QP, input_QP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1069 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1070#else
1071 ((void) radix_DP); ((void) input_DP);
1072 ((void) radix_DQ); ((void) input_DQ);
1073 ((void) radix_QP); ((void) input_QP);
1074#endif
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1075
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1076 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1077
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1078exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1079 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1080}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1081/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1082
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1083/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1084void rsa_check_pubpriv( int mod, int radix_Npub, char * input_Npub,
1085 int radix_Epub, char * input_Epub, int radix_P,
1086 char * input_P, int radix_Q, char * input_Q,
1087 int radix_N, char * input_N, int radix_E,
1088 char * input_E, int radix_D, char * input_D,
1089 int radix_DP, char * input_DP, int radix_DQ,
1090 char * input_DQ, int radix_QP, char * input_QP,
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1091 int result )
1092{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1093 mbedtls_rsa_context pub, prv;
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1094
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1095 mbedtls_rsa_init( &pub, MBEDTLS_RSA_PKCS_V15, 0 );
1096 mbedtls_rsa_init( &prv, MBEDTLS_RSA_PKCS_V15, 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1097
1098 pub.len = mod / 8;
1099 prv.len = mod / 8;
1100
1101 if( strlen( input_Npub ) )
1102 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1103 TEST_ASSERT( mbedtls_mpi_read_string( &pub.N, radix_Npub, input_Npub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1104 }
1105 if( strlen( input_Epub ) )
1106 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1107 TEST_ASSERT( mbedtls_mpi_read_string( &pub.E, radix_Epub, input_Epub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1108 }
1109
1110 if( strlen( input_P ) )
1111 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1112 TEST_ASSERT( mbedtls_mpi_read_string( &prv.P, radix_P, input_P ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1113 }
1114 if( strlen( input_Q ) )
1115 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1116 TEST_ASSERT( mbedtls_mpi_read_string( &prv.Q, radix_Q, input_Q ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1117 }
1118 if( strlen( input_N ) )
1119 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1120 TEST_ASSERT( mbedtls_mpi_read_string( &prv.N, radix_N, input_N ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1121 }
1122 if( strlen( input_E ) )
1123 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1124 TEST_ASSERT( mbedtls_mpi_read_string( &prv.E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1125 }
1126 if( strlen( input_D ) )
1127 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1128 TEST_ASSERT( mbedtls_mpi_read_string( &prv.D, radix_D, input_D ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1129 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1130#if !defined(MBEDTLS_RSA_NO_CRT)
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1131 if( strlen( input_DP ) )
1132 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1133 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DP, radix_DP, input_DP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1134 }
1135 if( strlen( input_DQ ) )
1136 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1137 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DQ, radix_DQ, input_DQ ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1138 }
1139 if( strlen( input_QP ) )
1140 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1141 TEST_ASSERT( mbedtls_mpi_read_string( &prv.QP, radix_QP, input_QP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1142 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1143#else
1144 ((void) radix_DP); ((void) input_DP);
1145 ((void) radix_DQ); ((void) input_DQ);
1146 ((void) radix_QP); ((void) input_QP);
1147#endif
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1148
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1149 TEST_ASSERT( mbedtls_rsa_check_pub_priv( &pub, &prv ) == result );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1150
1151exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1152 mbedtls_rsa_free( &pub );
1153 mbedtls_rsa_free( &prv );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1154}
1155/* END_CASE */
1156
Hanno Beckerd4a872e2017-09-07 08:09:33 +0100[diff] [blame]1157/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1158void mbedtls_rsa_gen_key( int nrbits, int exponent, int result)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1159{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1160 mbedtls_rsa_context ctx;
1161 mbedtls_entropy_context entropy;
1162 mbedtls_ctr_drbg_context ctr_drbg;
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]1163 const char *pers = "test_suite_rsa";
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1164
Manuel Pégourié-Gonnard8d128ef2015-04-28 22:38:08 +0200[diff] [blame]1165 mbedtls_ctr_drbg_init( &ctr_drbg );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1166 mbedtls_entropy_init( &entropy );
Hanno Becker7e8e57c2017-07-23 10:19:29 +0100[diff] [blame]1167 mbedtls_rsa_init ( &ctx, 0, 0 );
Paul Bakkerc0a1a312011-12-04 17:12:15 +0000[diff] [blame]1168
Hanno Beckera47023e2017-12-22 17:08:03 +0000[diff] [blame]1169 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1170 &entropy, (const unsigned char *) pers,
1171 strlen( pers ) ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1172
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1173 TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1174 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1175 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1176 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Janos Follathef441782016-09-21 13:18:12 +0100[diff] [blame]1177 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &ctx.Q ) > 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1178 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1179
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1180exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1181 mbedtls_rsa_free( &ctx );
1182 mbedtls_ctr_drbg_free( &ctr_drbg );
1183 mbedtls_entropy_free( &entropy );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1184}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1185/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1186
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1187/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Hanno Becker0f65e0c2017-10-03 14:39:16 +0100[diff] [blame]1188void mbedtls_rsa_deduce_primes( int radix_N, char *input_N,
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1189 int radix_D, char *input_D,
1190 int radix_E, char *input_E,
1191 int radix_P, char *output_P,
1192 int radix_Q, char *output_Q,
1193 int corrupt, int result )
1194{
1195 mbedtls_mpi N, P, Pp, Q, Qp, D, E;
1196
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1197 mbedtls_mpi_init( &N );
1198 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1199 mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp );
1200 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1201
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1202 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1203 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1204 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1205 TEST_ASSERT( mbedtls_mpi_read_string( &Qp, radix_P, output_P ) == 0 );
1206 TEST_ASSERT( mbedtls_mpi_read_string( &Pp, radix_Q, output_Q ) == 0 );
1207
1208 if( corrupt )
1209 TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 );
1210
1211 /* Try to deduce P, Q from N, D, E only. */
Hanno Beckerf9e184b2017-10-10 16:49:26 +0100[diff] [blame]1212 TEST_ASSERT( mbedtls_rsa_deduce_primes( &N, &D, &E, &P, &Q ) == result );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1213
1214 if( !corrupt )
1215 {
1216 /* Check if (P,Q) = (Pp, Qp) or (P,Q) = (Qp, Pp) */
1217 TEST_ASSERT( ( mbedtls_mpi_cmp_mpi( &P, &Pp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Qp ) == 0 ) ||
1218 ( mbedtls_mpi_cmp_mpi( &P, &Qp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Pp ) == 0 ) );
1219 }
1220
1221exit:
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1222 mbedtls_mpi_free( &N );
1223 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1224 mbedtls_mpi_free( &Pp ); mbedtls_mpi_free( &Qp );
1225 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1226}
1227/* END_CASE */
1228
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1229/* BEGIN_CASE */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1230void mbedtls_rsa_deduce_private_exponent( int radix_P, char *input_P,
1231 int radix_Q, char *input_Q,
1232 int radix_E, char *input_E,
1233 int radix_D, char *output_D,
1234 int corrupt, int result )
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1235{
1236 mbedtls_mpi P, Q, D, Dp, E, R, Rp;
1237
1238 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1239 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &Dp );
1240 mbedtls_mpi_init( &E );
1241 mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp );
1242
1243 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1244 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1245 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1246 TEST_ASSERT( mbedtls_mpi_read_string( &Dp, radix_D, output_D ) == 0 );
1247
1248 if( corrupt )
1249 {
1250 /* Make E even */
1251 TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 0 ) == 0 );
1252 }
1253
1254 /* Try to deduce D from N, P, Q, E. */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1255 TEST_ASSERT( mbedtls_rsa_deduce_private_exponent( &P, &Q,
1256 &E, &D ) == result );
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1257
1258 if( !corrupt )
1259 {
1260 /*
1261 * Check that D and Dp agree modulo LCM(P-1, Q-1).
1262 */
1263
1264 /* Replace P,Q by P-1, Q-1 */
1265 TEST_ASSERT( mbedtls_mpi_sub_int( &P, &P, 1 ) == 0 );
1266 TEST_ASSERT( mbedtls_mpi_sub_int( &Q, &Q, 1 ) == 0 );
1267
1268 /* Check D == Dp modulo P-1 */
1269 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &P ) == 0 );
1270 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &P ) == 0 );
1271 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1272
1273 /* Check D == Dp modulo Q-1 */
1274 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &Q ) == 0 );
1275 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &Q ) == 0 );
1276 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1277 }
1278
1279exit:
1280
1281 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1282 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &Dp );
1283 mbedtls_mpi_free( &E );
1284 mbedtls_mpi_free( &R ); mbedtls_mpi_free( &Rp );
1285}
1286/* END_CASE */
1287
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1288/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1289void mbedtls_rsa_import( int radix_N, char *input_N,
1290 int radix_P, char *input_P,
1291 int radix_Q, char *input_Q,
1292 int radix_D, char *input_D,
1293 int radix_E, char *input_E,
1294 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1295 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1296 int res_check,
1297 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1298{
1299 mbedtls_mpi N, P, Q, D, E;
1300 mbedtls_rsa_context ctx;
1301
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1302 /* Buffers used for encryption-decryption test */
1303 unsigned char *buf_orig = NULL;
1304 unsigned char *buf_enc = NULL;
1305 unsigned char *buf_dec = NULL;
1306
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1307 mbedtls_entropy_context entropy;
1308 mbedtls_ctr_drbg_context ctr_drbg;
1309 const char *pers = "test_suite_rsa";
1310
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1311 const int have_N = ( strlen( input_N ) > 0 );
1312 const int have_P = ( strlen( input_P ) > 0 );
1313 const int have_Q = ( strlen( input_Q ) > 0 );
1314 const int have_D = ( strlen( input_D ) > 0 );
1315 const int have_E = ( strlen( input_E ) > 0 );
1316
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1317 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1318 mbedtls_entropy_init( &entropy );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1319 mbedtls_rsa_init( &ctx, 0, 0 );
1320
1321 mbedtls_mpi_init( &N );
1322 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1323 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1324
Hanno Beckerd4d60572018-01-10 07:12:01 +0000[diff] [blame]1325 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
1326 (const unsigned char *) pers, strlen( pers ) ) == 0 );
1327
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1328 if( have_N )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1329 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1330
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1331 if( have_P )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1332 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1333
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1334 if( have_Q )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1335 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1336
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1337 if( have_D )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1338 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1339
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1340 if( have_E )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1341 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1342
1343 if( !successive )
1344 {
1345 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1346 have_N ? &N : NULL,
1347 have_P ? &P : NULL,
1348 have_Q ? &Q : NULL,
1349 have_D ? &D : NULL,
1350 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1351 }
1352 else
1353 {
1354 /* Import N, P, Q, D, E separately.
1355 * This should make no functional difference. */
1356
1357 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1358 have_N ? &N : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1359 NULL, NULL, NULL, NULL ) == 0 );
1360
1361 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1362 NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1363 have_P ? &P : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1364 NULL, NULL, NULL ) == 0 );
1365
1366 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1367 NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1368 have_Q ? &Q : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1369 NULL, NULL ) == 0 );
1370
1371 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1372 NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1373 have_D ? &D : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1374 NULL ) == 0 );
1375
1376 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1377 NULL, NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1378 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1379 }
1380
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1381 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1382
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1383 /* On expected success, perform some public and private
1384 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1385 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1386 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1387 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1388 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1389 else
1390 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1391
1392 if( res_check != 0 )
1393 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1394
1395 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1396 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1397 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1398 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1399 goto exit;
1400
1401 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1402 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1403
1404 /* Make sure the number we're generating is smaller than the modulus */
1405 buf_orig[0] = 0x00;
1406
1407 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1408
1409 if( is_priv )
1410 {
1411 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1412 &ctr_drbg, buf_enc,
1413 buf_dec ) == 0 );
1414
1415 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1416 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1417 }
1418 }
1419
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1420exit:
1421
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1422 mbedtls_free( buf_orig );
1423 mbedtls_free( buf_enc );
1424 mbedtls_free( buf_dec );
1425
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1426 mbedtls_rsa_free( &ctx );
1427
1428 mbedtls_ctr_drbg_free( &ctr_drbg );
1429 mbedtls_entropy_free( &entropy );
1430
1431 mbedtls_mpi_free( &N );
1432 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1433 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1434}
1435/* END_CASE */
1436
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1437/* BEGIN_CASE */
1438void mbedtls_rsa_export( int radix_N, char *input_N,
1439 int radix_P, char *input_P,
1440 int radix_Q, char *input_Q,
1441 int radix_D, char *input_D,
1442 int radix_E, char *input_E,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1443 int is_priv,
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1444 int successive )
1445{
1446 /* Original MPI's with which we set up the RSA context */
1447 mbedtls_mpi N, P, Q, D, E;
1448
1449 /* Exported MPI's */
1450 mbedtls_mpi Ne, Pe, Qe, De, Ee;
1451
1452 const int have_N = ( strlen( input_N ) > 0 );
1453 const int have_P = ( strlen( input_P ) > 0 );
1454 const int have_Q = ( strlen( input_Q ) > 0 );
1455 const int have_D = ( strlen( input_D ) > 0 );
1456 const int have_E = ( strlen( input_E ) > 0 );
1457
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1458 mbedtls_rsa_context ctx;
1459
1460 mbedtls_rsa_init( &ctx, 0, 0 );
1461
1462 mbedtls_mpi_init( &N );
1463 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1464 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1465
1466 mbedtls_mpi_init( &Ne );
1467 mbedtls_mpi_init( &Pe ); mbedtls_mpi_init( &Qe );
1468 mbedtls_mpi_init( &De ); mbedtls_mpi_init( &Ee );
1469
1470 /* Setup RSA context */
1471
1472 if( have_N )
1473 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1474
1475 if( have_P )
1476 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1477
1478 if( have_Q )
1479 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1480
1481 if( have_D )
1482 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1483
1484 if( have_E )
1485 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1486
1487 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1488 strlen( input_N ) ? &N : NULL,
1489 strlen( input_P ) ? &P : NULL,
1490 strlen( input_Q ) ? &Q : NULL,
1491 strlen( input_D ) ? &D : NULL,
1492 strlen( input_E ) ? &E : NULL ) == 0 );
1493
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1494 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1495
1496 /*
1497 * Export parameters and compare to original ones.
1498 */
1499
1500 /* N and E must always be present. */
1501 if( !successive )
1502 {
1503 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, &Ee ) == 0 );
1504 }
1505 else
1506 {
1507 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, NULL ) == 0 );
1508 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL, NULL, &Ee ) == 0 );
1509 }
1510 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &Ne ) == 0 );
1511 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &E, &Ee ) == 0 );
1512
1513 /* If we were providing enough information to setup a complete private context,
1514 * we expect to be able to export all core parameters. */
1515
1516 if( is_priv )
1517 {
1518 if( !successive )
1519 {
1520 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, &Qe,
1521 &De, NULL ) == 0 );
1522 }
1523 else
1524 {
1525 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, NULL,
1526 NULL, NULL ) == 0 );
1527 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, &Qe,
1528 NULL, NULL ) == 0 );
1529 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL,
1530 &De, NULL ) == 0 );
1531 }
1532
1533 if( have_P )
1534 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P, &Pe ) == 0 );
1535
1536 if( have_Q )
1537 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &Qe ) == 0 );
1538
1539 if( have_D )
1540 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &D, &De ) == 0 );
1541
1542 /* While at it, perform a sanity check */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1543 TEST_ASSERT( mbedtls_rsa_validate_params( &Ne, &Pe, &Qe, &De, &Ee,
1544 NULL, NULL ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1545 }
1546
1547exit:
1548
1549 mbedtls_rsa_free( &ctx );
1550
1551 mbedtls_mpi_free( &N );
1552 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1553 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1554
1555 mbedtls_mpi_free( &Ne );
1556 mbedtls_mpi_free( &Pe ); mbedtls_mpi_free( &Qe );
1557 mbedtls_mpi_free( &De ); mbedtls_mpi_free( &Ee );
1558}
1559/* END_CASE */
1560
Manuel Pégourié-Gonnardd12402f2020-05-20 10:34:25 +0200[diff] [blame]1561/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1562void mbedtls_rsa_validate_params( int radix_N, char *input_N,
1563 int radix_P, char *input_P,
1564 int radix_Q, char *input_Q,
1565 int radix_D, char *input_D,
1566 int radix_E, char *input_E,
1567 int prng, int result )
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1568{
1569 /* Original MPI's with which we set up the RSA context */
1570 mbedtls_mpi N, P, Q, D, E;
1571
1572 const int have_N = ( strlen( input_N ) > 0 );
1573 const int have_P = ( strlen( input_P ) > 0 );
1574 const int have_Q = ( strlen( input_Q ) > 0 );
1575 const int have_D = ( strlen( input_D ) > 0 );
1576 const int have_E = ( strlen( input_E ) > 0 );
1577
1578 mbedtls_entropy_context entropy;
1579 mbedtls_ctr_drbg_context ctr_drbg;
1580 const char *pers = "test_suite_rsa";
1581
1582 mbedtls_mpi_init( &N );
1583 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1584 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1585
1586 mbedtls_ctr_drbg_init( &ctr_drbg );
1587 mbedtls_entropy_init( &entropy );
1588 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1589 &entropy, (const unsigned char *) pers,
1590 strlen( pers ) ) == 0 );
1591
1592 if( have_N )
1593 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1594
1595 if( have_P )
1596 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1597
1598 if( have_Q )
1599 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1600
1601 if( have_D )
1602 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1603
1604 if( have_E )
1605 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1606
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1607 TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL,
1608 have_P ? &P : NULL,
1609 have_Q ? &Q : NULL,
1610 have_D ? &D : NULL,
1611 have_E ? &E : NULL,
1612 prng ? mbedtls_ctr_drbg_random : NULL,
1613 prng ? &ctr_drbg : NULL ) == result );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1614exit:
1615
1616 mbedtls_ctr_drbg_free( &ctr_drbg );
1617 mbedtls_entropy_free( &entropy );
1618
1619 mbedtls_mpi_free( &N );
1620 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1621 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1622}
1623/* END_CASE */
1624
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1625/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1626void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P,
1627 data_t *input_Q, data_t *input_D,
1628 data_t *input_E, int is_priv,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1629 int successive )
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1630{
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1631 /* Exported buffers */
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]1632 unsigned char bufNe[256];
1633 unsigned char bufPe[128];
1634 unsigned char bufQe[128];
1635 unsigned char bufDe[256];
1636 unsigned char bufEe[1];
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1637
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1638 mbedtls_rsa_context ctx;
1639
1640 mbedtls_rsa_init( &ctx, 0, 0 );
1641
1642 /* Setup RSA context */
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1643 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1644 input_N->len ? input_N->x : NULL, input_N->len,
1645 input_P->len ? input_P->x : NULL, input_P->len,
1646 input_Q->len ? input_Q->x : NULL, input_Q->len,
1647 input_D->len ? input_D->x : NULL, input_D->len,
1648 input_E->len ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1649
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1650 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1651
1652 /*
1653 * Export parameters and compare to original ones.
1654 */
1655
1656 /* N and E must always be present. */
1657 if( !successive )
1658 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1659 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1660 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1661 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1662 }
1663 else
1664 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1665 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1666 NULL, 0, NULL, 0, NULL, 0,
1667 NULL, 0 ) == 0 );
1668 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
1669 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1670 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1671 }
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1672 TEST_ASSERT( memcmp( input_N->x, bufNe, input_N->len ) == 0 );
1673 TEST_ASSERT( memcmp( input_E->x, bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1674
1675 /* If we were providing enough information to setup a complete private context,
1676 * we expect to be able to export all core parameters. */
1677
1678 if( is_priv )
1679 {
1680 if( !successive )
1681 {
1682 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1683 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
1684 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
1685 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1686 NULL, 0 ) == 0 );
1687 }
1688 else
1689 {
1690 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1691 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1692 NULL, 0, NULL, 0,
1693 NULL, 0 ) == 0 );
1694
1695 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1696 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1697 NULL, 0, NULL, 0 ) == 0 );
1698
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1699 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0, NULL, 0,
1700 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1701 NULL, 0 ) == 0 );
1702 }
1703
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1704 if( input_P->len )
1705 TEST_ASSERT( memcmp( input_P->x, bufPe, input_P->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1706
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1707 if( input_Q->len )
1708 TEST_ASSERT( memcmp( input_Q->x, bufQe, input_Q->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1709
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1710 if( input_D->len )
1711 TEST_ASSERT( memcmp( input_D->x, bufDe, input_D->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1712
1713 }
1714
1715exit:
1716 mbedtls_rsa_free( &ctx );
1717}
1718/* END_CASE */
1719
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1720/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1721void mbedtls_rsa_import_raw( data_t *input_N,
1722 data_t *input_P, data_t *input_Q,
1723 data_t *input_D, data_t *input_E,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1724 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1725 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1726 int res_check,
1727 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1728{
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1729 /* Buffers used for encryption-decryption test */
1730 unsigned char *buf_orig = NULL;
1731 unsigned char *buf_enc = NULL;
1732 unsigned char *buf_dec = NULL;
1733
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1734 mbedtls_rsa_context ctx;
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1735 mbedtls_entropy_context entropy;
1736 mbedtls_ctr_drbg_context ctr_drbg;
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1737
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1738 const char *pers = "test_suite_rsa";
1739
1740 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1741 mbedtls_entropy_init( &entropy );
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1742 mbedtls_rsa_init( &ctx, 0, 0 );
1743
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1744 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1745 &entropy, (const unsigned char *) pers,
1746 strlen( pers ) ) == 0 );
1747
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1748 if( !successive )
1749 {
1750 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1751 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
1752 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
1753 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
1754 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
1755 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1756 }
1757 else
1758 {
1759 /* Import N, P, Q, D, E separately.
1760 * This should make no functional difference. */
1761
1762 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1763 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1764 NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1765
1766 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1767 NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1768 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1769 NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1770
1771 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1772 NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1773 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1774 NULL, 0, NULL, 0 ) == 0 );
1775
1776 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1777 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1778 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1779 NULL, 0 ) == 0 );
1780
1781 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1782 NULL, 0, NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1783 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1784 }
1785
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1786 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1787
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1788 /* On expected success, perform some public and private
1789 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1790 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1791 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1792 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1793 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1794 else
1795 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1796
1797 if( res_check != 0 )
1798 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1799
1800 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1801 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1802 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1803 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1804 goto exit;
1805
1806 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1807 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1808
1809 /* Make sure the number we're generating is smaller than the modulus */
1810 buf_orig[0] = 0x00;
1811
1812 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1813
1814 if( is_priv )
1815 {
1816 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1817 &ctr_drbg, buf_enc,
1818 buf_dec ) == 0 );
1819
1820 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1821 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1822 }
1823 }
1824
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1825exit:
1826
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1827 mbedtls_free( buf_orig );
1828 mbedtls_free( buf_enc );
1829 mbedtls_free( buf_dec );
1830
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1831 mbedtls_rsa_free( &ctx );
1832
1833 mbedtls_ctr_drbg_free( &ctr_drbg );
1834 mbedtls_entropy_free( &entropy );
1835
1836}
1837/* END_CASE */
1838
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1839/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1840void rsa_selftest( )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1841{
Andres AG93012e82016-09-09 09:10:28 +0100[diff] [blame]1842 TEST_ASSERT( mbedtls_rsa_self_test( 1 ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1843}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1844/* END_CASE */