TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / f66f294e2e1f1b6b414deb3387750deaad76a183 / . / tests / suites / test_suite_rsa.function
blob: fe70085f9385a7014fdc7c67dc6a1832ea24c17a [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/rsa.h"
Hanno Beckera565f542017-10-11 11:00:19 +0100[diff] [blame]3#include "mbedtls/rsa_internal.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]4#include "mbedtls/md2.h"
5#include "mbedtls/md4.h"
6#include "mbedtls/md5.h"
7#include "mbedtls/sha1.h"
8#include "mbedtls/sha256.h"
9#include "mbedtls/sha512.h"
10#include "mbedtls/entropy.h"
11#include "mbedtls/ctr_drbg.h"
Hanno Becker47deec42017-07-24 12:27:09 +0100[diff] [blame]12
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]13/* END_HEADER */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]14
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]15/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]16 * depends_on:MBEDTLS_RSA_C:MBEDTLS_BIGNUM_C:MBEDTLS_GENPRIME
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]17 * END_DEPENDENCIES
18 */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]19
Hanno Becker046d2022018-12-13 18:07:09 +0000[diff] [blame]20/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
21void rsa_invalid_param( )
22{
23 mbedtls_rsa_context ctx;
24 const int valid_padding = MBEDTLS_RSA_PKCS_V21;
25 const int invalid_padding = 42;
26 const int valid_mode = MBEDTLS_RSA_PRIVATE;
27 const int invalid_mode = 42;
28 unsigned char buf[42] = { 0 };
29 size_t olen;
30
31 TEST_INVALID_PARAM( mbedtls_rsa_init( NULL, 0, 0 ) );
32 TEST_VALID_PARAM( mbedtls_rsa_free( NULL ) );
33
34 /* No more variants because only the first argument must be non-NULL. */
35 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
36 mbedtls_rsa_import( NULL, NULL, NULL,
37 NULL, NULL, NULL ) );
38 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
39 mbedtls_rsa_import_raw( NULL,
40 NULL, 0,
41 NULL, 0,
42 NULL, 0,
43 NULL, 0,
44 NULL, 0 ) );
45
46 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
47 mbedtls_rsa_complete( NULL ) );
48
49 /* No more variants because only the first argument must be non-NULL. */
50 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
51 mbedtls_rsa_export( NULL, NULL, NULL,
52 NULL, NULL, NULL ) );
53 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
54 mbedtls_rsa_export( NULL, NULL, NULL,
55 NULL, NULL, NULL ) );
56 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
57 mbedtls_rsa_export_raw( NULL,
58 NULL, 0,
59 NULL, 0,
60 NULL, 0,
61 NULL, 0,
62 NULL, 0 ) );
63 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
64 mbedtls_rsa_export_crt( NULL, NULL, NULL, NULL ) );
65
66 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( NULL,
67 valid_padding, 0 ) );
68 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( &ctx,
69 invalid_padding, 0 ) );
70
71 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
72 mbedtls_rsa_gen_key( NULL, NULL, NULL, 0, 0 ) );
73
74 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
75 mbedtls_rsa_check_pubkey( NULL ) );
76 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
77 mbedtls_rsa_check_privkey( NULL ) );
78
79 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
80 mbedtls_rsa_check_pub_priv( NULL, &ctx ) );
81 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
82 mbedtls_rsa_check_pub_priv( &ctx, NULL ) );
83
84 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
85 mbedtls_rsa_public( NULL, buf, buf ) );
86 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
87 mbedtls_rsa_public( &ctx, NULL, buf ) );
88 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
89 mbedtls_rsa_public( &ctx, buf, NULL ) );
90
91 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
92 mbedtls_rsa_private( NULL, NULL, NULL,
93 buf, buf ) );
94 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
95 mbedtls_rsa_private( &ctx, NULL, NULL,
96 NULL, buf ) );
97 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
98 mbedtls_rsa_private( &ctx, NULL, NULL,
99 buf, NULL ) );
100
101 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
102 mbedtls_rsa_pkcs1_encrypt( NULL, NULL, NULL,
103 valid_mode,
104 sizeof( buf ), buf,
105 buf ) );
106 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
107 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
108 invalid_mode,
109 sizeof( buf ), buf,
110 buf ) );
111 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
112 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
113 valid_mode,
114 sizeof( buf ), NULL,
115 buf ) );
116 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
117 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
118 valid_mode,
119 sizeof( buf ), buf,
120 NULL ) );
121
122 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
123 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( NULL, NULL,
124 NULL,
125 valid_mode,
126 sizeof( buf ), buf,
127 buf ) );
128 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
129 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
130 NULL,
131 invalid_mode,
132 sizeof( buf ), buf,
133 buf ) );
134 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
135 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
136 NULL,
137 valid_mode,
138 sizeof( buf ), NULL,
139 buf ) );
140 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
141 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
142 NULL,
143 valid_mode,
144 sizeof( buf ), buf,
145 NULL ) );
146
147 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
148 mbedtls_rsa_rsaes_oaep_encrypt( NULL, NULL, NULL,
149 valid_mode,
150 buf, sizeof( buf ),
151 sizeof( buf ), buf,
152 buf ) );
153 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
154 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
155 invalid_mode,
156 buf, sizeof( buf ),
157 sizeof( buf ), buf,
158 buf ) );
159 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
160 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
161 valid_mode,
162 NULL, sizeof( buf ),
163 sizeof( buf ), buf,
164 buf ) );
165 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
166 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
167 valid_mode,
168 buf, sizeof( buf ),
169 sizeof( buf ), NULL,
170 buf ) );
171 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
172 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
173 valid_mode,
174 buf, sizeof( buf ),
175 sizeof( buf ), buf,
176 NULL ) );
177
178 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
179 mbedtls_rsa_pkcs1_decrypt( NULL, NULL, NULL,
180 valid_mode, &olen,
181 buf, buf, 42 ) );
182 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
183 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
184 invalid_mode, &olen,
185 buf, buf, 42 ) );
186 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
187 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
188 valid_mode, NULL,
189 buf, buf, 42 ) );
190 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
191 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
192 valid_mode, &olen,
193 NULL, buf, 42 ) );
194 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
195 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
196 valid_mode, &olen,
197 buf, NULL, 42 ) );
198
199 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
200 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( NULL, NULL,
201 NULL,
202 valid_mode, &olen,
203 buf, buf, 42 ) );
204 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
205 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
206 NULL,
207 invalid_mode, &olen,
208 buf, buf, 42 ) );
209 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
210 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
211 NULL,
212 valid_mode, NULL,
213 buf, buf, 42 ) );
214 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
215 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
216 NULL,
217 valid_mode, &olen,
218 NULL, buf, 42 ) );
219 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
220 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
221 NULL,
222 valid_mode, &olen,
223 buf, NULL, 42 ) );
224
225 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
226 mbedtls_rsa_rsaes_oaep_decrypt( NULL, NULL, NULL,
227 valid_mode,
228 buf, sizeof( buf ),
229 &olen,
230 buf, buf, 42 ) );
231 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
232 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
233 invalid_mode,
234 buf, sizeof( buf ),
235 &olen,
236 buf, buf, 42 ) );
237 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
238 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
239 valid_mode,
240 NULL, sizeof( buf ),
241 NULL,
242 buf, buf, 42 ) );
243 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
244 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
245 valid_mode,
246 buf, sizeof( buf ),
247 &olen,
248 NULL, buf, 42 ) );
249 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
250 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
251 valid_mode,
252 buf, sizeof( buf ),
253 &olen,
254 buf, NULL, 42 ) );
255
256 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
257 mbedtls_rsa_pkcs1_sign( NULL, NULL, NULL,
258 valid_mode,
259 0, sizeof( buf ), buf,
260 buf ) );
261 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
262 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
263 invalid_mode,
264 0, sizeof( buf ), buf,
265 buf ) );
266 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
267 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
268 valid_mode,
269 0, sizeof( buf ), NULL,
270 buf ) );
271 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
272 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
273 valid_mode,
274 0, sizeof( buf ), buf,
275 NULL ) );
276
277 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
278 mbedtls_rsa_rsassa_pkcs1_v15_sign( NULL, NULL, NULL,
279 valid_mode,
280 0, sizeof( buf ), buf,
281 buf ) );
282 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
283 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
284 invalid_mode,
285 0, sizeof( buf ), buf,
286 buf ) );
287 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
288 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
289 valid_mode,
290 0, sizeof( buf ), NULL,
291 buf ) );
292 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
293 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
294 valid_mode,
295 0, sizeof( buf ), buf,
296 NULL ) );
297
298 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
299 mbedtls_rsa_rsassa_pss_sign( NULL, NULL, NULL,
300 valid_mode,
301 0, sizeof( buf ), buf,
302 buf ) );
303 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
304 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
305 invalid_mode,
306 0, sizeof( buf ), buf,
307 buf ) );
308 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
309 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
310 valid_mode,
311 0, sizeof( buf ), NULL,
312 buf ) );
313 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
314 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
315 valid_mode,
316 0, sizeof( buf ), buf,
317 NULL ) );
318
319 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
320 mbedtls_rsa_pkcs1_verify( NULL, NULL, NULL,
321 valid_mode,
322 0, sizeof( buf ), buf,
323 buf ) );
324 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
325 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
326 invalid_mode,
327 0, sizeof( buf ), buf,
328 buf ) );
329 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
330 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
331 valid_mode,
332 0, sizeof( buf ), NULL,
333 buf ) );
334 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
335 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
336 valid_mode,
337 0, sizeof( buf ), buf,
338 NULL ) );
339
340 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
341 mbedtls_rsa_rsassa_pkcs1_v15_verify( NULL, NULL,
342 NULL,
343 valid_mode,
344 0, sizeof( buf ), buf,
345 buf ) );
346 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
347 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
348 NULL,
349 invalid_mode,
350 0, sizeof( buf ), buf,
351 buf ) );
352 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
353 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
354 NULL,
355 valid_mode,
356 0, sizeof( buf ),
357 NULL, buf ) );
358 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
359 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
360 NULL,
361 valid_mode,
362 0, sizeof( buf ), buf,
363 NULL ) );
364
365 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
366 mbedtls_rsa_rsassa_pss_verify( NULL, NULL, NULL,
367 valid_mode,
368 0, sizeof( buf ),
369 buf, buf ) );
370 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
371 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
372 invalid_mode,
373 0, sizeof( buf ),
374 buf, buf ) );
375 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
376 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
377 valid_mode,
378 0, sizeof( buf ),
379 NULL, buf ) );
380 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
381 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
382 valid_mode,
383 0, sizeof( buf ),
384 buf, NULL ) );
385
386 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
387 mbedtls_rsa_rsassa_pss_verify_ext( NULL, NULL, NULL,
388 valid_mode,
389 0, sizeof( buf ),
390 buf,
391 0, 0,
392 buf ) );
393 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
394 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
395 invalid_mode,
396 0, sizeof( buf ),
397 buf,
398 0, 0,
399 buf ) );
400 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
401 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
402 valid_mode,
403 0, sizeof( buf ),
404 NULL, 0, 0,
405 buf ) );
406 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
407 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
408 valid_mode,
409 0, sizeof( buf ),
410 buf, 0, 0,
411 NULL ) );
412
413 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
414 mbedtls_rsa_copy( NULL, &ctx ) );
415 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
416 mbedtls_rsa_copy( &ctx, NULL ) );
417
418exit:
419 return;
420}
421/* END_CASE */
422
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]423/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]424void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]425 int digest, int mod, int radix_P, char * input_P,
426 int radix_Q, char * input_Q, int radix_N,
427 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]428 data_t * result_hex_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]429{
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]430 unsigned char hash_result[1000];
431 unsigned char output[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]432 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]433 mbedtls_mpi N, P, Q, E;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]434 rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]435
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]436 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
437 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]438 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]439
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]440 memset( hash_result, 0x00, 1000 );
441 memset( output, 0x00, 1000 );
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]442 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]443
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]444 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
445 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
446 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
447 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]448
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]449 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
450 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]451 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]452 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]453
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]454
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]455 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]456 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]457
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]458 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_pseudo_rand, &rnd_info,
459 MBEDTLS_RSA_PRIVATE, digest, 0,
460 hash_result, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]461 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]462 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]463
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]464 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]465 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]466
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]467exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]468 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
469 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]470 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]471}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]472/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]473
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]474/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]475void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]476 int digest, int mod, int radix_N,
477 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]478 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]479{
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]480 unsigned char hash_result[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]481 mbedtls_rsa_context ctx;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]482
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]483 mbedtls_mpi N, E;
484
485 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]486 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]487 memset( hash_result, 0x00, 1000 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]488
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]489 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
490 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
491 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
492 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]493 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]494
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]495
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]496 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]497 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]498
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]499 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]500
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]501exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]502 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]503 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]504}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]505/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]506
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]507
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]508/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]509void rsa_pkcs1_sign_raw( data_t * hash_result,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]510 int padding_mode, int mod, int radix_P,
511 char * input_P, int radix_Q, char * input_Q,
512 int radix_N, char * input_N, int radix_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]513 char * input_E, data_t * result_hex_str )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]514{
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]515 unsigned char output[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]516 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]517 mbedtls_mpi N, P, Q, E;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]518 rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]519
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]520 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]521 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
522 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]523
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]524 memset( output, 0x00, 1000 );
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]525 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]526
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]527 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
528 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
529 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
530 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]531
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]532 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
533 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]534 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]535 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]536
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]537
Hanno Becker8fd55482017-08-23 14:07:48 +0100[diff] [blame]538 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_pseudo_rand, &rnd_info,
539 MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_NONE,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]540 hash_result->len, hash_result->x,
541 output ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]542
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]543
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]544 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]545
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]546#if defined(MBEDTLS_PKCS1_V15)
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]547 /* For PKCS#1 v1.5, there is an alternative way to generate signatures */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]548 if( padding_mode == MBEDTLS_RSA_PKCS_V15 )
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]549 {
Manuel Pégourié-Gonnard1ba8a3f2018-03-13 13:27:14 +0100[diff] [blame]550 int res;
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]551 memset( output, 0x00, 1000 );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]552
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]553 res = mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]554 &rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]555 hash_result->len, hash_result->x, output );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]556
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]557#if !defined(MBEDTLS_RSA_ALT)
558 TEST_ASSERT( res == 0 );
559#else
560 TEST_ASSERT( ( res == 0 ) ||
561 ( res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION ) );
562#endif
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]563
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]564 if( res == 0 )
565 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]566 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]567 }
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]568 }
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]569#endif /* MBEDTLS_PKCS1_V15 */
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]570
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]571exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]572 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
573 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
574
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]575 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]576}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]577/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]578
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]579/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]580void rsa_pkcs1_verify_raw( data_t * hash_result,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]581 int padding_mode, int mod, int radix_N,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]582 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]583 data_t * result_str, int correct )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]584{
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]585 unsigned char output[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]586 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]587
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]588 mbedtls_mpi N, E;
589 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
590
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]591 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]592 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]593
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]594 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
595 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]596
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]597 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
598 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]599 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]600
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]601
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]602 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]603
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]604#if defined(MBEDTLS_PKCS1_V15)
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]605 /* For PKCS#1 v1.5, there is an alternative way to verify signatures */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]606 if( padding_mode == MBEDTLS_RSA_PKCS_V15 )
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]607 {
Manuel Pégourié-Gonnard1ba8a3f2018-03-13 13:27:14 +0100[diff] [blame]608 int res;
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]609 int ok;
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]610 size_t olen;
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]611
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]612 res = mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]613 NULL, NULL, MBEDTLS_RSA_PUBLIC,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]614 &olen, result_str->x, output, sizeof( output ) );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]615
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]616#if !defined(MBEDTLS_RSA_ALT)
617 TEST_ASSERT( res == 0 );
618#else
619 TEST_ASSERT( ( res == 0 ) ||
620 ( res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION ) );
621#endif
622
623 if( res == 0 )
624 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]625 ok = olen == hash_result->len && memcmp( output, hash_result->x, olen ) == 0;
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]626 if( correct == 0 )
627 TEST_ASSERT( ok == 1 );
628 else
629 TEST_ASSERT( ok == 0 );
630 }
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]631 }
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]632#endif /* MBEDTLS_PKCS1_V15 */
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]633
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]634exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]635 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]636 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]637}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]638/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]639
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]640/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]641void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]642 int mod, int radix_N, char * input_N,
643 int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]644 data_t * result_hex_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]645{
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]646 unsigned char output[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]647 mbedtls_rsa_context ctx;
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]648 rnd_pseudo_info rnd_info;
649
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]650 mbedtls_mpi N, E;
651 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
652
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]653 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]654
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]655 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]656 memset( output, 0x00, 1000 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]657
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]658 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
659 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]660
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]661 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
662 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]663 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]664
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]665
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]666 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &rnd_pseudo_rand, &rnd_info,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]667 MBEDTLS_RSA_PUBLIC, message_str->len,
668 message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]669 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]670 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]671
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]672 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]673 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]674
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]675exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]676 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]677 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]678}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]679/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]680
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]681/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]682void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]683 int mod, int radix_N, char * input_N,
684 int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]685 data_t * result_hex_str, int result )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]686{
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]687 unsigned char output[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]688 mbedtls_rsa_context ctx;
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]689
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]690 mbedtls_mpi N, E;
691
692 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]693 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]694 memset( output, 0x00, 1000 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]695
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]696 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
697 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]698
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]699 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
700 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]701 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]702
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]703
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]704 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &rnd_zero_rand, NULL,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]705 MBEDTLS_RSA_PUBLIC, message_str->len,
706 message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]707 if( result == 0 )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]708 {
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]709
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]710 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]711 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]712
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]713exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]714 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]715 mbedtls_rsa_free( &ctx );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]716}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]717/* END_CASE */
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]718
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]719/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]720void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]721 int mod, int radix_P, char * input_P,
722 int radix_Q, char * input_Q, int radix_N,
723 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]724 int max_output, data_t * result_hex_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]725 int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]726{
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]727 unsigned char output[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]728 mbedtls_rsa_context ctx;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]729 size_t output_len;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]730 rnd_pseudo_info rnd_info;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]731 mbedtls_mpi N, P, Q, E;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]732
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]733 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
734 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
735
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]736 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]737
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]738 memset( output, 0x00, 1000 );
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]739 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]740
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]741
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]742 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
743 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
744 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
745 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]746
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]747 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
748 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]749 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]750 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]751
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]752 output_len = 0;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]753
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]754 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE, &output_len, message_str->x, output, max_output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]755 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]756 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]757
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]758 TEST_ASSERT( hexcmp( output, result_hex_str->x, output_len, result_hex_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]759 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]760
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]761exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]762 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
763 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]764 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]765}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]766/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]767
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]768/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]769void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]770 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]771 data_t * result_hex_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]772{
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]773 unsigned char output[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]774 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]775
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]776 mbedtls_mpi N, E;
777
778 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]779 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
780 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]781 memset( output, 0x00, 1000 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]782
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]783 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
784 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]785
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]786 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
787 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]788 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]789
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]790
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]791 TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]792 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]793 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]794
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]795 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]796 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]797
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]798 /* And now with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]799 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]800 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]801 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]802
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]803 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]804
805 memset( output, 0x00, 1000 );
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]806 TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str->x, output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]807 if( result == 0 )
808 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]809
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]810 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]811 }
812
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]813exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]814 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]815 mbedtls_rsa_free( &ctx );
816 mbedtls_rsa_free( &ctx2 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]817}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]818/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]819
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]820/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]821void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]822 char * input_P, int radix_Q, char * input_Q,
823 int radix_N, char * input_N, int radix_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]824 char * input_E, data_t * result_hex_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]825 int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]826{
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]827 unsigned char output[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]828 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]829 mbedtls_mpi N, P, Q, E;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]830 rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]831 int i;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]832
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]833 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
834 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]835 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
836 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]837
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]838 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]839
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]840 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
841 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
842 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
843 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]844
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]845 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
846 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]847 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]848 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]849
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]850
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]851 /* repeat three times to test updating of blinding values */
852 for( i = 0; i < 3; i++ )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]853 {
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]854 memset( output, 0x00, 1000 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]855 TEST_ASSERT( mbedtls_rsa_private( &ctx, rnd_pseudo_rand, &rnd_info,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]856 message_str->x, output ) == result );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]857 if( result == 0 )
858 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]859
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]860 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]861 }
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]862 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]863
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]864 /* And now one more time with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]865 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]866 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]867 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]868
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]869 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]870
871 memset( output, 0x00, 1000 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]872 TEST_ASSERT( mbedtls_rsa_private( &ctx2, rnd_pseudo_rand, &rnd_info,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]873 message_str->x, output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]874 if( result == 0 )
875 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]876
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]877 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx2.len, result_hex_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]878 }
879
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]880exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]881 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
882 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
883
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]884 mbedtls_rsa_free( &ctx ); mbedtls_rsa_free( &ctx2 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]885}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]886/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]887
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]888/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]889void rsa_check_privkey_null( )
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]890{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]891 mbedtls_rsa_context ctx;
892 memset( &ctx, 0x00, sizeof( mbedtls_rsa_context ) );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]893
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]894 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]895}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]896/* END_CASE */
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]897
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]898/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]899void mbedtls_rsa_check_pubkey( int radix_N, char * input_N, int radix_E,
900 char * input_E, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]901{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]902 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]903 mbedtls_mpi N, E;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]904
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]905 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]906 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]907
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]908 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]909 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]910 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]911 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]912 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]913 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]914 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]915 }
916
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]917 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]918 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]919
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]920exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]921 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]922 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]923}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]924/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]925
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]926/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]927void mbedtls_rsa_check_privkey( int mod, int radix_P, char * input_P,
928 int radix_Q, char * input_Q, int radix_N,
929 char * input_N, int radix_E, char * input_E,
930 int radix_D, char * input_D, int radix_DP,
931 char * input_DP, int radix_DQ,
932 char * input_DQ, int radix_QP,
933 char * input_QP, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]934{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]935 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]936
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]937 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]938
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]939 ctx.len = mod / 8;
940 if( strlen( input_P ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]941 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]942 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]943 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]944 if( strlen( input_Q ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]945 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]946 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]947 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]948 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]949 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]950 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]951 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]952 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]953 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]954 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]955 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]956 if( strlen( input_D ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]957 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]958 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.D, radix_D, input_D ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]959 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]960#if !defined(MBEDTLS_RSA_NO_CRT)
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]961 if( strlen( input_DP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]962 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]963 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DP, radix_DP, input_DP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]964 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]965 if( strlen( input_DQ ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]966 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]967 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]968 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]969 if( strlen( input_QP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]970 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]971 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.QP, radix_QP, input_QP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]972 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]973#else
974 ((void) radix_DP); ((void) input_DP);
975 ((void) radix_DQ); ((void) input_DQ);
976 ((void) radix_QP); ((void) input_QP);
977#endif
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]978
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]979 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]980
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]981exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]982 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]983}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]984/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]985
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]986/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]987void rsa_check_pubpriv( int mod, int radix_Npub, char * input_Npub,
988 int radix_Epub, char * input_Epub, int radix_P,
989 char * input_P, int radix_Q, char * input_Q,
990 int radix_N, char * input_N, int radix_E,
991 char * input_E, int radix_D, char * input_D,
992 int radix_DP, char * input_DP, int radix_DQ,
993 char * input_DQ, int radix_QP, char * input_QP,
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]994 int result )
995{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]996 mbedtls_rsa_context pub, prv;
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]997
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]998 mbedtls_rsa_init( &pub, MBEDTLS_RSA_PKCS_V15, 0 );
999 mbedtls_rsa_init( &prv, MBEDTLS_RSA_PKCS_V15, 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1000
1001 pub.len = mod / 8;
1002 prv.len = mod / 8;
1003
1004 if( strlen( input_Npub ) )
1005 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1006 TEST_ASSERT( mbedtls_mpi_read_string( &pub.N, radix_Npub, input_Npub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1007 }
1008 if( strlen( input_Epub ) )
1009 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1010 TEST_ASSERT( mbedtls_mpi_read_string( &pub.E, radix_Epub, input_Epub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1011 }
1012
1013 if( strlen( input_P ) )
1014 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1015 TEST_ASSERT( mbedtls_mpi_read_string( &prv.P, radix_P, input_P ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1016 }
1017 if( strlen( input_Q ) )
1018 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1019 TEST_ASSERT( mbedtls_mpi_read_string( &prv.Q, radix_Q, input_Q ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1020 }
1021 if( strlen( input_N ) )
1022 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1023 TEST_ASSERT( mbedtls_mpi_read_string( &prv.N, radix_N, input_N ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1024 }
1025 if( strlen( input_E ) )
1026 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1027 TEST_ASSERT( mbedtls_mpi_read_string( &prv.E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1028 }
1029 if( strlen( input_D ) )
1030 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1031 TEST_ASSERT( mbedtls_mpi_read_string( &prv.D, radix_D, input_D ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1032 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1033#if !defined(MBEDTLS_RSA_NO_CRT)
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1034 if( strlen( input_DP ) )
1035 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1036 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DP, radix_DP, input_DP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1037 }
1038 if( strlen( input_DQ ) )
1039 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1040 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DQ, radix_DQ, input_DQ ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1041 }
1042 if( strlen( input_QP ) )
1043 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1044 TEST_ASSERT( mbedtls_mpi_read_string( &prv.QP, radix_QP, input_QP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1045 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1046#else
1047 ((void) radix_DP); ((void) input_DP);
1048 ((void) radix_DQ); ((void) input_DQ);
1049 ((void) radix_QP); ((void) input_QP);
1050#endif
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1051
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1052 TEST_ASSERT( mbedtls_rsa_check_pub_priv( &pub, &prv ) == result );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1053
1054exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1055 mbedtls_rsa_free( &pub );
1056 mbedtls_rsa_free( &prv );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1057}
1058/* END_CASE */
1059
Hanno Beckerd4a872e2017-09-07 08:09:33 +0100[diff] [blame]1060/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1061void mbedtls_rsa_gen_key( int nrbits, int exponent, int result)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1062{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1063 mbedtls_rsa_context ctx;
1064 mbedtls_entropy_context entropy;
1065 mbedtls_ctr_drbg_context ctr_drbg;
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]1066 const char *pers = "test_suite_rsa";
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1067
Manuel Pégourié-Gonnard8d128ef2015-04-28 22:38:08 +0200[diff] [blame]1068 mbedtls_ctr_drbg_init( &ctr_drbg );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1069 mbedtls_entropy_init( &entropy );
Hanno Becker7e8e57c2017-07-23 10:19:29 +0100[diff] [blame]1070 mbedtls_rsa_init ( &ctx, 0, 0 );
Paul Bakkerc0a1a312011-12-04 17:12:15 +0000[diff] [blame]1071
Hanno Beckera47023e2017-12-22 17:08:03 +0000[diff] [blame]1072 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1073 &entropy, (const unsigned char *) pers,
1074 strlen( pers ) ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1075
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1076 TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1077 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1078 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1079 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Janos Follathef441782016-09-21 13:18:12 +0100[diff] [blame]1080 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &ctx.Q ) > 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1081 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1082
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1083exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1084 mbedtls_rsa_free( &ctx );
1085 mbedtls_ctr_drbg_free( &ctr_drbg );
1086 mbedtls_entropy_free( &entropy );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1087}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1088/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1089
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1090/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Hanno Becker0f65e0c2017-10-03 14:39:16 +0100[diff] [blame]1091void mbedtls_rsa_deduce_primes( int radix_N, char *input_N,
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1092 int radix_D, char *input_D,
1093 int radix_E, char *input_E,
1094 int radix_P, char *output_P,
1095 int radix_Q, char *output_Q,
1096 int corrupt, int result )
1097{
1098 mbedtls_mpi N, P, Pp, Q, Qp, D, E;
1099
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1100 mbedtls_mpi_init( &N );
1101 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1102 mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp );
1103 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1104
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1105 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1106 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1107 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1108 TEST_ASSERT( mbedtls_mpi_read_string( &Qp, radix_P, output_P ) == 0 );
1109 TEST_ASSERT( mbedtls_mpi_read_string( &Pp, radix_Q, output_Q ) == 0 );
1110
1111 if( corrupt )
1112 TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 );
1113
1114 /* Try to deduce P, Q from N, D, E only. */
Hanno Beckerf9e184b2017-10-10 16:49:26 +0100[diff] [blame]1115 TEST_ASSERT( mbedtls_rsa_deduce_primes( &N, &D, &E, &P, &Q ) == result );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1116
1117 if( !corrupt )
1118 {
1119 /* Check if (P,Q) = (Pp, Qp) or (P,Q) = (Qp, Pp) */
1120 TEST_ASSERT( ( mbedtls_mpi_cmp_mpi( &P, &Pp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Qp ) == 0 ) ||
1121 ( mbedtls_mpi_cmp_mpi( &P, &Qp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Pp ) == 0 ) );
1122 }
1123
1124exit:
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1125 mbedtls_mpi_free( &N );
1126 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1127 mbedtls_mpi_free( &Pp ); mbedtls_mpi_free( &Qp );
1128 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1129}
1130/* END_CASE */
1131
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1132/* BEGIN_CASE */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1133void mbedtls_rsa_deduce_private_exponent( int radix_P, char *input_P,
1134 int radix_Q, char *input_Q,
1135 int radix_E, char *input_E,
1136 int radix_D, char *output_D,
1137 int corrupt, int result )
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1138{
1139 mbedtls_mpi P, Q, D, Dp, E, R, Rp;
1140
1141 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1142 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &Dp );
1143 mbedtls_mpi_init( &E );
1144 mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp );
1145
1146 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1147 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1148 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1149 TEST_ASSERT( mbedtls_mpi_read_string( &Dp, radix_D, output_D ) == 0 );
1150
1151 if( corrupt )
1152 {
1153 /* Make E even */
1154 TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 0 ) == 0 );
1155 }
1156
1157 /* Try to deduce D from N, P, Q, E. */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1158 TEST_ASSERT( mbedtls_rsa_deduce_private_exponent( &P, &Q,
1159 &E, &D ) == result );
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1160
1161 if( !corrupt )
1162 {
1163 /*
1164 * Check that D and Dp agree modulo LCM(P-1, Q-1).
1165 */
1166
1167 /* Replace P,Q by P-1, Q-1 */
1168 TEST_ASSERT( mbedtls_mpi_sub_int( &P, &P, 1 ) == 0 );
1169 TEST_ASSERT( mbedtls_mpi_sub_int( &Q, &Q, 1 ) == 0 );
1170
1171 /* Check D == Dp modulo P-1 */
1172 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &P ) == 0 );
1173 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &P ) == 0 );
1174 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1175
1176 /* Check D == Dp modulo Q-1 */
1177 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &Q ) == 0 );
1178 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &Q ) == 0 );
1179 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1180 }
1181
1182exit:
1183
1184 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1185 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &Dp );
1186 mbedtls_mpi_free( &E );
1187 mbedtls_mpi_free( &R ); mbedtls_mpi_free( &Rp );
1188}
1189/* END_CASE */
1190
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1191/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1192void mbedtls_rsa_import( int radix_N, char *input_N,
1193 int radix_P, char *input_P,
1194 int radix_Q, char *input_Q,
1195 int radix_D, char *input_D,
1196 int radix_E, char *input_E,
1197 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1198 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1199 int res_check,
1200 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1201{
1202 mbedtls_mpi N, P, Q, D, E;
1203 mbedtls_rsa_context ctx;
1204
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1205 /* Buffers used for encryption-decryption test */
1206 unsigned char *buf_orig = NULL;
1207 unsigned char *buf_enc = NULL;
1208 unsigned char *buf_dec = NULL;
1209
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1210 mbedtls_entropy_context entropy;
1211 mbedtls_ctr_drbg_context ctr_drbg;
1212 const char *pers = "test_suite_rsa";
1213
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1214 const int have_N = ( strlen( input_N ) > 0 );
1215 const int have_P = ( strlen( input_P ) > 0 );
1216 const int have_Q = ( strlen( input_Q ) > 0 );
1217 const int have_D = ( strlen( input_D ) > 0 );
1218 const int have_E = ( strlen( input_E ) > 0 );
1219
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1220 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1221 mbedtls_entropy_init( &entropy );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1222 mbedtls_rsa_init( &ctx, 0, 0 );
1223
1224 mbedtls_mpi_init( &N );
1225 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1226 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1227
Hanno Beckerd4d60572018-01-10 07:12:01 +0000[diff] [blame]1228 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
1229 (const unsigned char *) pers, strlen( pers ) ) == 0 );
1230
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1231 if( have_N )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1232 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1233
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1234 if( have_P )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1235 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1236
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1237 if( have_Q )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1238 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1239
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1240 if( have_D )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1241 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1242
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1243 if( have_E )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1244 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1245
1246 if( !successive )
1247 {
1248 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1249 have_N ? &N : NULL,
1250 have_P ? &P : NULL,
1251 have_Q ? &Q : NULL,
1252 have_D ? &D : NULL,
1253 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1254 }
1255 else
1256 {
1257 /* Import N, P, Q, D, E separately.
1258 * This should make no functional difference. */
1259
1260 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1261 have_N ? &N : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1262 NULL, NULL, NULL, NULL ) == 0 );
1263
1264 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1265 NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1266 have_P ? &P : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1267 NULL, NULL, NULL ) == 0 );
1268
1269 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1270 NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1271 have_Q ? &Q : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1272 NULL, NULL ) == 0 );
1273
1274 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1275 NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1276 have_D ? &D : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1277 NULL ) == 0 );
1278
1279 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1280 NULL, NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1281 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1282 }
1283
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1284 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1285
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1286 /* On expected success, perform some public and private
1287 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1288 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1289 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1290 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1291 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1292 else
1293 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1294
1295 if( res_check != 0 )
1296 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1297
1298 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1299 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1300 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1301 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1302 goto exit;
1303
1304 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1305 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1306
1307 /* Make sure the number we're generating is smaller than the modulus */
1308 buf_orig[0] = 0x00;
1309
1310 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1311
1312 if( is_priv )
1313 {
1314 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1315 &ctr_drbg, buf_enc,
1316 buf_dec ) == 0 );
1317
1318 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1319 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1320 }
1321 }
1322
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1323exit:
1324
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1325 mbedtls_free( buf_orig );
1326 mbedtls_free( buf_enc );
1327 mbedtls_free( buf_dec );
1328
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1329 mbedtls_rsa_free( &ctx );
1330
1331 mbedtls_ctr_drbg_free( &ctr_drbg );
1332 mbedtls_entropy_free( &entropy );
1333
1334 mbedtls_mpi_free( &N );
1335 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1336 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1337}
1338/* END_CASE */
1339
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1340/* BEGIN_CASE */
1341void mbedtls_rsa_export( int radix_N, char *input_N,
1342 int radix_P, char *input_P,
1343 int radix_Q, char *input_Q,
1344 int radix_D, char *input_D,
1345 int radix_E, char *input_E,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1346 int is_priv,
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1347 int successive )
1348{
1349 /* Original MPI's with which we set up the RSA context */
1350 mbedtls_mpi N, P, Q, D, E;
1351
1352 /* Exported MPI's */
1353 mbedtls_mpi Ne, Pe, Qe, De, Ee;
1354
1355 const int have_N = ( strlen( input_N ) > 0 );
1356 const int have_P = ( strlen( input_P ) > 0 );
1357 const int have_Q = ( strlen( input_Q ) > 0 );
1358 const int have_D = ( strlen( input_D ) > 0 );
1359 const int have_E = ( strlen( input_E ) > 0 );
1360
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1361 mbedtls_rsa_context ctx;
1362
1363 mbedtls_rsa_init( &ctx, 0, 0 );
1364
1365 mbedtls_mpi_init( &N );
1366 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1367 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1368
1369 mbedtls_mpi_init( &Ne );
1370 mbedtls_mpi_init( &Pe ); mbedtls_mpi_init( &Qe );
1371 mbedtls_mpi_init( &De ); mbedtls_mpi_init( &Ee );
1372
1373 /* Setup RSA context */
1374
1375 if( have_N )
1376 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1377
1378 if( have_P )
1379 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1380
1381 if( have_Q )
1382 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1383
1384 if( have_D )
1385 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1386
1387 if( have_E )
1388 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1389
1390 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1391 strlen( input_N ) ? &N : NULL,
1392 strlen( input_P ) ? &P : NULL,
1393 strlen( input_Q ) ? &Q : NULL,
1394 strlen( input_D ) ? &D : NULL,
1395 strlen( input_E ) ? &E : NULL ) == 0 );
1396
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1397 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1398
1399 /*
1400 * Export parameters and compare to original ones.
1401 */
1402
1403 /* N and E must always be present. */
1404 if( !successive )
1405 {
1406 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, &Ee ) == 0 );
1407 }
1408 else
1409 {
1410 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, NULL ) == 0 );
1411 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL, NULL, &Ee ) == 0 );
1412 }
1413 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &Ne ) == 0 );
1414 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &E, &Ee ) == 0 );
1415
1416 /* If we were providing enough information to setup a complete private context,
1417 * we expect to be able to export all core parameters. */
1418
1419 if( is_priv )
1420 {
1421 if( !successive )
1422 {
1423 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, &Qe,
1424 &De, NULL ) == 0 );
1425 }
1426 else
1427 {
1428 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, NULL,
1429 NULL, NULL ) == 0 );
1430 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, &Qe,
1431 NULL, NULL ) == 0 );
1432 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL,
1433 &De, NULL ) == 0 );
1434 }
1435
1436 if( have_P )
1437 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P, &Pe ) == 0 );
1438
1439 if( have_Q )
1440 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &Qe ) == 0 );
1441
1442 if( have_D )
1443 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &D, &De ) == 0 );
1444
1445 /* While at it, perform a sanity check */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1446 TEST_ASSERT( mbedtls_rsa_validate_params( &Ne, &Pe, &Qe, &De, &Ee,
1447 NULL, NULL ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1448 }
1449
1450exit:
1451
1452 mbedtls_rsa_free( &ctx );
1453
1454 mbedtls_mpi_free( &N );
1455 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1456 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1457
1458 mbedtls_mpi_free( &Ne );
1459 mbedtls_mpi_free( &Pe ); mbedtls_mpi_free( &Qe );
1460 mbedtls_mpi_free( &De ); mbedtls_mpi_free( &Ee );
1461}
1462/* END_CASE */
1463
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1464/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1465void mbedtls_rsa_validate_params( int radix_N, char *input_N,
1466 int radix_P, char *input_P,
1467 int radix_Q, char *input_Q,
1468 int radix_D, char *input_D,
1469 int radix_E, char *input_E,
1470 int prng, int result )
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1471{
1472 /* Original MPI's with which we set up the RSA context */
1473 mbedtls_mpi N, P, Q, D, E;
1474
1475 const int have_N = ( strlen( input_N ) > 0 );
1476 const int have_P = ( strlen( input_P ) > 0 );
1477 const int have_Q = ( strlen( input_Q ) > 0 );
1478 const int have_D = ( strlen( input_D ) > 0 );
1479 const int have_E = ( strlen( input_E ) > 0 );
1480
1481 mbedtls_entropy_context entropy;
1482 mbedtls_ctr_drbg_context ctr_drbg;
1483 const char *pers = "test_suite_rsa";
1484
1485 mbedtls_mpi_init( &N );
1486 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1487 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1488
1489 mbedtls_ctr_drbg_init( &ctr_drbg );
1490 mbedtls_entropy_init( &entropy );
1491 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1492 &entropy, (const unsigned char *) pers,
1493 strlen( pers ) ) == 0 );
1494
1495 if( have_N )
1496 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1497
1498 if( have_P )
1499 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1500
1501 if( have_Q )
1502 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1503
1504 if( have_D )
1505 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1506
1507 if( have_E )
1508 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1509
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1510 TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL,
1511 have_P ? &P : NULL,
1512 have_Q ? &Q : NULL,
1513 have_D ? &D : NULL,
1514 have_E ? &E : NULL,
1515 prng ? mbedtls_ctr_drbg_random : NULL,
1516 prng ? &ctr_drbg : NULL ) == result );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1517exit:
1518
1519 mbedtls_ctr_drbg_free( &ctr_drbg );
1520 mbedtls_entropy_free( &entropy );
1521
1522 mbedtls_mpi_free( &N );
1523 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1524 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1525}
1526/* END_CASE */
1527
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1528/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1529void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P,
1530 data_t *input_Q, data_t *input_D,
1531 data_t *input_E, int is_priv,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1532 int successive )
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1533{
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1534 /* Exported buffers */
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1535 unsigned char bufNe[1000];
1536 unsigned char bufPe[1000];
1537 unsigned char bufQe[1000];
1538 unsigned char bufDe[1000];
1539 unsigned char bufEe[1000];
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1540
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1541 mbedtls_rsa_context ctx;
1542
1543 mbedtls_rsa_init( &ctx, 0, 0 );
1544
1545 /* Setup RSA context */
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1546 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1547 input_N->len ? input_N->x : NULL, input_N->len,
1548 input_P->len ? input_P->x : NULL, input_P->len,
1549 input_Q->len ? input_Q->x : NULL, input_Q->len,
1550 input_D->len ? input_D->x : NULL, input_D->len,
1551 input_E->len ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1552
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1553 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1554
1555 /*
1556 * Export parameters and compare to original ones.
1557 */
1558
1559 /* N and E must always be present. */
1560 if( !successive )
1561 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1562 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1563 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1564 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1565 }
1566 else
1567 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1568 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1569 NULL, 0, NULL, 0, NULL, 0,
1570 NULL, 0 ) == 0 );
1571 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
1572 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1573 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1574 }
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1575 TEST_ASSERT( memcmp( input_N->x, bufNe, input_N->len ) == 0 );
1576 TEST_ASSERT( memcmp( input_E->x, bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1577
1578 /* If we were providing enough information to setup a complete private context,
1579 * we expect to be able to export all core parameters. */
1580
1581 if( is_priv )
1582 {
1583 if( !successive )
1584 {
1585 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1586 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
1587 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
1588 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1589 NULL, 0 ) == 0 );
1590 }
1591 else
1592 {
1593 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1594 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1595 NULL, 0, NULL, 0,
1596 NULL, 0 ) == 0 );
1597
1598 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1599 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1600 NULL, 0, NULL, 0 ) == 0 );
1601
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1602 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0, NULL, 0,
1603 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1604 NULL, 0 ) == 0 );
1605 }
1606
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1607 if( input_P->len )
1608 TEST_ASSERT( memcmp( input_P->x, bufPe, input_P->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1609
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1610 if( input_Q->len )
1611 TEST_ASSERT( memcmp( input_Q->x, bufQe, input_Q->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1612
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1613 if( input_D->len )
1614 TEST_ASSERT( memcmp( input_D->x, bufDe, input_D->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1615
1616 }
1617
1618exit:
1619 mbedtls_rsa_free( &ctx );
1620}
1621/* END_CASE */
1622
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1623/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1624void mbedtls_rsa_import_raw( data_t *input_N,
1625 data_t *input_P, data_t *input_Q,
1626 data_t *input_D, data_t *input_E,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1627 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1628 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1629 int res_check,
1630 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1631{
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1632 /* Buffers used for encryption-decryption test */
1633 unsigned char *buf_orig = NULL;
1634 unsigned char *buf_enc = NULL;
1635 unsigned char *buf_dec = NULL;
1636
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1637 mbedtls_rsa_context ctx;
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1638 mbedtls_entropy_context entropy;
1639 mbedtls_ctr_drbg_context ctr_drbg;
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1640
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1641 const char *pers = "test_suite_rsa";
1642
1643 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1644 mbedtls_entropy_init( &entropy );
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1645 mbedtls_rsa_init( &ctx, 0, 0 );
1646
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1647 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1648 &entropy, (const unsigned char *) pers,
1649 strlen( pers ) ) == 0 );
1650
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1651 if( !successive )
1652 {
1653 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1654 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
1655 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
1656 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
1657 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
1658 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1659 }
1660 else
1661 {
1662 /* Import N, P, Q, D, E separately.
1663 * This should make no functional difference. */
1664
1665 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1666 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1667 NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1668
1669 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1670 NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1671 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1672 NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1673
1674 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1675 NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1676 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1677 NULL, 0, NULL, 0 ) == 0 );
1678
1679 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1680 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1681 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1682 NULL, 0 ) == 0 );
1683
1684 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1685 NULL, 0, NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1686 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1687 }
1688
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1689 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1690
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1691 /* On expected success, perform some public and private
1692 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1693 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1694 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1695 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1696 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1697 else
1698 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1699
1700 if( res_check != 0 )
1701 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1702
1703 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1704 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1705 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1706 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1707 goto exit;
1708
1709 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1710 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1711
1712 /* Make sure the number we're generating is smaller than the modulus */
1713 buf_orig[0] = 0x00;
1714
1715 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1716
1717 if( is_priv )
1718 {
1719 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1720 &ctr_drbg, buf_enc,
1721 buf_dec ) == 0 );
1722
1723 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1724 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1725 }
1726 }
1727
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1728exit:
1729
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1730 mbedtls_free( buf_orig );
1731 mbedtls_free( buf_enc );
1732 mbedtls_free( buf_dec );
1733
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1734 mbedtls_rsa_free( &ctx );
1735
1736 mbedtls_ctr_drbg_free( &ctr_drbg );
1737 mbedtls_entropy_free( &entropy );
1738
1739}
1740/* END_CASE */
1741
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1742/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1743void rsa_selftest( )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1744{
Andres AG93012e82016-09-09 09:10:28 +0100[diff] [blame]1745 TEST_ASSERT( mbedtls_rsa_self_test( 1 ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1746}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1747/* END_CASE */