TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / a7ee00225bbf98bcacdd0422d9b054514ef3d0e2 / . / tests / suites / test_suite_rsa.function
blob: a0ab86cb9ee4015b954dac37b3f66cba666dbe7e [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/rsa.h"
Hanno Beckera565f542017-10-11 11:00:19 +0100[diff] [blame]3#include "mbedtls/rsa_internal.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]4#include "mbedtls/md2.h"
5#include "mbedtls/md4.h"
6#include "mbedtls/md5.h"
7#include "mbedtls/sha1.h"
8#include "mbedtls/sha256.h"
9#include "mbedtls/sha512.h"
10#include "mbedtls/entropy.h"
11#include "mbedtls/ctr_drbg.h"
Hanno Becker47deec42017-07-24 12:27:09 +0100[diff] [blame]12
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]13/* END_HEADER */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]14
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]15/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]16 * depends_on:MBEDTLS_RSA_C:MBEDTLS_BIGNUM_C:MBEDTLS_GENPRIME
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]17 * END_DEPENDENCIES
18 */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]19
Hanno Becker046d2022018-12-13 18:07:09 +0000[diff] [blame]20/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
21void rsa_invalid_param( )
22{
23 mbedtls_rsa_context ctx;
24 const int valid_padding = MBEDTLS_RSA_PKCS_V21;
25 const int invalid_padding = 42;
26 const int valid_mode = MBEDTLS_RSA_PRIVATE;
27 const int invalid_mode = 42;
28 unsigned char buf[42] = { 0 };
29 size_t olen;
30
Hanno Beckera7ee0022018-12-18 13:30:20 +0000[diff] [blame^]31 TEST_INVALID_PARAM( mbedtls_rsa_init( NULL, valid_padding, 0 ) );
32 TEST_INVALID_PARAM( mbedtls_rsa_init( &ctx, invalid_padding, 0 ) );
Hanno Becker046d2022018-12-13 18:07:09 +0000[diff] [blame]33 TEST_VALID_PARAM( mbedtls_rsa_free( NULL ) );
34
35 /* No more variants because only the first argument must be non-NULL. */
36 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
37 mbedtls_rsa_import( NULL, NULL, NULL,
38 NULL, NULL, NULL ) );
39 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
40 mbedtls_rsa_import_raw( NULL,
41 NULL, 0,
42 NULL, 0,
43 NULL, 0,
44 NULL, 0,
45 NULL, 0 ) );
46
47 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
48 mbedtls_rsa_complete( NULL ) );
49
50 /* No more variants because only the first argument must be non-NULL. */
51 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
52 mbedtls_rsa_export( NULL, NULL, NULL,
53 NULL, NULL, NULL ) );
54 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
55 mbedtls_rsa_export( NULL, NULL, NULL,
56 NULL, NULL, NULL ) );
57 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
58 mbedtls_rsa_export_raw( NULL,
59 NULL, 0,
60 NULL, 0,
61 NULL, 0,
62 NULL, 0,
63 NULL, 0 ) );
64 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
65 mbedtls_rsa_export_crt( NULL, NULL, NULL, NULL ) );
66
67 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( NULL,
68 valid_padding, 0 ) );
69 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( &ctx,
70 invalid_padding, 0 ) );
71
72 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
73 mbedtls_rsa_gen_key( NULL, NULL, NULL, 0, 0 ) );
74
75 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
76 mbedtls_rsa_check_pubkey( NULL ) );
77 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
78 mbedtls_rsa_check_privkey( NULL ) );
79
80 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
81 mbedtls_rsa_check_pub_priv( NULL, &ctx ) );
82 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
83 mbedtls_rsa_check_pub_priv( &ctx, NULL ) );
84
85 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
86 mbedtls_rsa_public( NULL, buf, buf ) );
87 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
88 mbedtls_rsa_public( &ctx, NULL, buf ) );
89 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
90 mbedtls_rsa_public( &ctx, buf, NULL ) );
91
92 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
93 mbedtls_rsa_private( NULL, NULL, NULL,
94 buf, buf ) );
95 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
96 mbedtls_rsa_private( &ctx, NULL, NULL,
97 NULL, buf ) );
98 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
99 mbedtls_rsa_private( &ctx, NULL, NULL,
100 buf, NULL ) );
101
102 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
103 mbedtls_rsa_pkcs1_encrypt( NULL, NULL, NULL,
104 valid_mode,
105 sizeof( buf ), buf,
106 buf ) );
107 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
108 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
109 invalid_mode,
110 sizeof( buf ), buf,
111 buf ) );
112 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
113 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
114 valid_mode,
115 sizeof( buf ), NULL,
116 buf ) );
117 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
118 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
119 valid_mode,
120 sizeof( buf ), buf,
121 NULL ) );
122
123 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
124 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( NULL, NULL,
125 NULL,
126 valid_mode,
127 sizeof( buf ), buf,
128 buf ) );
129 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
130 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
131 NULL,
132 invalid_mode,
133 sizeof( buf ), buf,
134 buf ) );
135 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
136 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
137 NULL,
138 valid_mode,
139 sizeof( buf ), NULL,
140 buf ) );
141 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
142 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
143 NULL,
144 valid_mode,
145 sizeof( buf ), buf,
146 NULL ) );
147
148 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
149 mbedtls_rsa_rsaes_oaep_encrypt( NULL, NULL, NULL,
150 valid_mode,
151 buf, sizeof( buf ),
152 sizeof( buf ), buf,
153 buf ) );
154 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
155 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
156 invalid_mode,
157 buf, sizeof( buf ),
158 sizeof( buf ), buf,
159 buf ) );
160 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
161 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
162 valid_mode,
163 NULL, sizeof( buf ),
164 sizeof( buf ), buf,
165 buf ) );
166 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
167 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
168 valid_mode,
169 buf, sizeof( buf ),
170 sizeof( buf ), NULL,
171 buf ) );
172 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
173 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
174 valid_mode,
175 buf, sizeof( buf ),
176 sizeof( buf ), buf,
177 NULL ) );
178
179 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
180 mbedtls_rsa_pkcs1_decrypt( NULL, NULL, NULL,
181 valid_mode, &olen,
182 buf, buf, 42 ) );
183 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
184 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
185 invalid_mode, &olen,
186 buf, buf, 42 ) );
187 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
188 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
189 valid_mode, NULL,
190 buf, buf, 42 ) );
191 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
192 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
193 valid_mode, &olen,
194 NULL, buf, 42 ) );
195 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
196 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
197 valid_mode, &olen,
198 buf, NULL, 42 ) );
199
200 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
201 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( NULL, NULL,
202 NULL,
203 valid_mode, &olen,
204 buf, buf, 42 ) );
205 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
206 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
207 NULL,
208 invalid_mode, &olen,
209 buf, buf, 42 ) );
210 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
211 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
212 NULL,
213 valid_mode, NULL,
214 buf, buf, 42 ) );
215 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
216 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
217 NULL,
218 valid_mode, &olen,
219 NULL, buf, 42 ) );
220 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
221 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
222 NULL,
223 valid_mode, &olen,
224 buf, NULL, 42 ) );
225
226 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
227 mbedtls_rsa_rsaes_oaep_decrypt( NULL, NULL, NULL,
228 valid_mode,
229 buf, sizeof( buf ),
230 &olen,
231 buf, buf, 42 ) );
232 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
233 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
234 invalid_mode,
235 buf, sizeof( buf ),
236 &olen,
237 buf, buf, 42 ) );
238 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
239 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
240 valid_mode,
241 NULL, sizeof( buf ),
242 NULL,
243 buf, buf, 42 ) );
244 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
245 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
246 valid_mode,
247 buf, sizeof( buf ),
248 &olen,
249 NULL, buf, 42 ) );
250 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
251 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
252 valid_mode,
253 buf, sizeof( buf ),
254 &olen,
255 buf, NULL, 42 ) );
256
257 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
258 mbedtls_rsa_pkcs1_sign( NULL, NULL, NULL,
259 valid_mode,
260 0, sizeof( buf ), buf,
261 buf ) );
262 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
263 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
264 invalid_mode,
265 0, sizeof( buf ), buf,
266 buf ) );
267 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
268 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
269 valid_mode,
270 0, sizeof( buf ), NULL,
271 buf ) );
272 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
273 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
274 valid_mode,
275 0, sizeof( buf ), buf,
276 NULL ) );
277
278 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
279 mbedtls_rsa_rsassa_pkcs1_v15_sign( NULL, NULL, NULL,
280 valid_mode,
281 0, sizeof( buf ), buf,
282 buf ) );
283 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
284 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
285 invalid_mode,
286 0, sizeof( buf ), buf,
287 buf ) );
288 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
289 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
290 valid_mode,
291 0, sizeof( buf ), NULL,
292 buf ) );
293 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
294 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
295 valid_mode,
296 0, sizeof( buf ), buf,
297 NULL ) );
298
299 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
300 mbedtls_rsa_rsassa_pss_sign( NULL, NULL, NULL,
301 valid_mode,
302 0, sizeof( buf ), buf,
303 buf ) );
304 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
305 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
306 invalid_mode,
307 0, sizeof( buf ), buf,
308 buf ) );
309 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
310 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
311 valid_mode,
312 0, sizeof( buf ), NULL,
313 buf ) );
314 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
315 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
316 valid_mode,
317 0, sizeof( buf ), buf,
318 NULL ) );
319
320 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
321 mbedtls_rsa_pkcs1_verify( NULL, NULL, NULL,
322 valid_mode,
323 0, sizeof( buf ), buf,
324 buf ) );
325 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
326 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
327 invalid_mode,
328 0, sizeof( buf ), buf,
329 buf ) );
330 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
331 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
332 valid_mode,
333 0, sizeof( buf ), NULL,
334 buf ) );
335 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
336 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
337 valid_mode,
338 0, sizeof( buf ), buf,
339 NULL ) );
340
341 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
342 mbedtls_rsa_rsassa_pkcs1_v15_verify( NULL, NULL,
343 NULL,
344 valid_mode,
345 0, sizeof( buf ), buf,
346 buf ) );
347 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
348 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
349 NULL,
350 invalid_mode,
351 0, sizeof( buf ), buf,
352 buf ) );
353 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
354 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
355 NULL,
356 valid_mode,
357 0, sizeof( buf ),
358 NULL, buf ) );
359 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
360 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
361 NULL,
362 valid_mode,
363 0, sizeof( buf ), buf,
364 NULL ) );
365
366 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
367 mbedtls_rsa_rsassa_pss_verify( NULL, NULL, NULL,
368 valid_mode,
369 0, sizeof( buf ),
370 buf, buf ) );
371 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
372 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
373 invalid_mode,
374 0, sizeof( buf ),
375 buf, buf ) );
376 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
377 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
378 valid_mode,
379 0, sizeof( buf ),
380 NULL, buf ) );
381 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
382 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
383 valid_mode,
384 0, sizeof( buf ),
385 buf, NULL ) );
386
387 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
388 mbedtls_rsa_rsassa_pss_verify_ext( NULL, NULL, NULL,
389 valid_mode,
390 0, sizeof( buf ),
391 buf,
392 0, 0,
393 buf ) );
394 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
395 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
396 invalid_mode,
397 0, sizeof( buf ),
398 buf,
399 0, 0,
400 buf ) );
401 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
402 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
403 valid_mode,
404 0, sizeof( buf ),
405 NULL, 0, 0,
406 buf ) );
407 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
408 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
409 valid_mode,
410 0, sizeof( buf ),
411 buf, 0, 0,
412 NULL ) );
413
414 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
415 mbedtls_rsa_copy( NULL, &ctx ) );
416 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
417 mbedtls_rsa_copy( &ctx, NULL ) );
418
419exit:
420 return;
421}
422/* END_CASE */
423
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]424/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]425void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]426 int digest, int mod, int radix_P, char * input_P,
427 int radix_Q, char * input_Q, int radix_N,
428 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]429 data_t * result_hex_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]430{
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]431 unsigned char hash_result[1000];
432 unsigned char output[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]433 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]434 mbedtls_mpi N, P, Q, E;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]435 rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]436
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]437 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
438 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]439 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]440
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]441 memset( hash_result, 0x00, 1000 );
442 memset( output, 0x00, 1000 );
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]443 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]444
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]445 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
446 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
447 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
448 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]449
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]450 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
451 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]452 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]453 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]454
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]455
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]456 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]457 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]458
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]459 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_pseudo_rand, &rnd_info,
460 MBEDTLS_RSA_PRIVATE, digest, 0,
461 hash_result, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]462 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]463 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]464
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]465 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]466 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]467
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]468exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]469 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
470 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]471 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]472}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]473/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]474
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]475/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]476void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]477 int digest, int mod, int radix_N,
478 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]479 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]480{
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]481 unsigned char hash_result[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]482 mbedtls_rsa_context ctx;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]483
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]484 mbedtls_mpi N, E;
485
486 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]487 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]488 memset( hash_result, 0x00, 1000 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]489
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]490 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
491 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
492 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
493 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]494 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]495
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]496
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]497 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]498 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]499
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]500 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]501
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]502exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]503 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]504 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]505}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]506/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]507
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]508
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]509/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]510void rsa_pkcs1_sign_raw( data_t * hash_result,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]511 int padding_mode, int mod, int radix_P,
512 char * input_P, int radix_Q, char * input_Q,
513 int radix_N, char * input_N, int radix_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]514 char * input_E, data_t * result_hex_str )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]515{
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]516 unsigned char output[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]517 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]518 mbedtls_mpi N, P, Q, E;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]519 rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]520
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]521 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]522 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
523 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]524
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]525 memset( output, 0x00, 1000 );
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]526 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]527
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]528 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
529 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
530 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
531 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]532
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]533 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
534 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]535 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]536 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]537
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]538
Hanno Becker8fd55482017-08-23 14:07:48 +0100[diff] [blame]539 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_pseudo_rand, &rnd_info,
540 MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_NONE,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]541 hash_result->len, hash_result->x,
542 output ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]543
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]544
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]545 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]546
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]547#if defined(MBEDTLS_PKCS1_V15)
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]548 /* For PKCS#1 v1.5, there is an alternative way to generate signatures */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]549 if( padding_mode == MBEDTLS_RSA_PKCS_V15 )
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]550 {
Manuel Pégourié-Gonnard1ba8a3f2018-03-13 13:27:14 +0100[diff] [blame]551 int res;
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]552 memset( output, 0x00, 1000 );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]553
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]554 res = mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]555 &rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]556 hash_result->len, hash_result->x, output );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]557
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]558#if !defined(MBEDTLS_RSA_ALT)
559 TEST_ASSERT( res == 0 );
560#else
561 TEST_ASSERT( ( res == 0 ) ||
562 ( res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION ) );
563#endif
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]564
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]565 if( res == 0 )
566 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]567 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]568 }
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]569 }
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]570#endif /* MBEDTLS_PKCS1_V15 */
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]571
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]572exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]573 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
574 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
575
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]576 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]577}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]578/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]579
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]580/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]581void rsa_pkcs1_verify_raw( data_t * hash_result,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]582 int padding_mode, int mod, int radix_N,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]583 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]584 data_t * result_str, int correct )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]585{
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]586 unsigned char output[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]587 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]588
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]589 mbedtls_mpi N, E;
590 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
591
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]592 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]593 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]594
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]595 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
596 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]597
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]598 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
599 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]600 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]601
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]602
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]603 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]604
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]605#if defined(MBEDTLS_PKCS1_V15)
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]606 /* For PKCS#1 v1.5, there is an alternative way to verify signatures */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]607 if( padding_mode == MBEDTLS_RSA_PKCS_V15 )
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]608 {
Manuel Pégourié-Gonnard1ba8a3f2018-03-13 13:27:14 +0100[diff] [blame]609 int res;
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]610 int ok;
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]611 size_t olen;
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]612
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]613 res = mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]614 NULL, NULL, MBEDTLS_RSA_PUBLIC,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]615 &olen, result_str->x, output, sizeof( output ) );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]616
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]617#if !defined(MBEDTLS_RSA_ALT)
618 TEST_ASSERT( res == 0 );
619#else
620 TEST_ASSERT( ( res == 0 ) ||
621 ( res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION ) );
622#endif
623
624 if( res == 0 )
625 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]626 ok = olen == hash_result->len && memcmp( output, hash_result->x, olen ) == 0;
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]627 if( correct == 0 )
628 TEST_ASSERT( ok == 1 );
629 else
630 TEST_ASSERT( ok == 0 );
631 }
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]632 }
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]633#endif /* MBEDTLS_PKCS1_V15 */
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]634
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]635exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]636 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]637 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]638}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]639/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]640
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]641/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]642void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]643 int mod, int radix_N, char * input_N,
644 int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]645 data_t * result_hex_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]646{
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]647 unsigned char output[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]648 mbedtls_rsa_context ctx;
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]649 rnd_pseudo_info rnd_info;
650
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]651 mbedtls_mpi N, E;
652 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
653
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]654 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]655
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]656 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]657 memset( output, 0x00, 1000 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]658
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]659 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
660 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]661
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]662 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
663 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]664 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]665
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]666
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]667 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &rnd_pseudo_rand, &rnd_info,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]668 MBEDTLS_RSA_PUBLIC, message_str->len,
669 message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]670 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]671 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]672
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]673 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]674 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]675
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]676exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]677 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]678 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]679}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]680/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]681
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]682/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]683void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]684 int mod, int radix_N, char * input_N,
685 int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]686 data_t * result_hex_str, int result )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]687{
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]688 unsigned char output[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]689 mbedtls_rsa_context ctx;
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]690
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]691 mbedtls_mpi N, E;
692
693 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]694 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]695 memset( output, 0x00, 1000 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]696
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]697 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
698 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]699
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]700 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
701 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]702 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]703
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]704
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]705 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &rnd_zero_rand, NULL,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]706 MBEDTLS_RSA_PUBLIC, message_str->len,
707 message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]708 if( result == 0 )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]709 {
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]710
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]711 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]712 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]713
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]714exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]715 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]716 mbedtls_rsa_free( &ctx );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]717}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]718/* END_CASE */
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]719
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]720/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]721void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]722 int mod, int radix_P, char * input_P,
723 int radix_Q, char * input_Q, int radix_N,
724 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]725 int max_output, data_t * result_hex_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]726 int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]727{
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]728 unsigned char output[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]729 mbedtls_rsa_context ctx;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]730 size_t output_len;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]731 rnd_pseudo_info rnd_info;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]732 mbedtls_mpi N, P, Q, E;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]733
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]734 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
735 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
736
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]737 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]738
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]739 memset( output, 0x00, 1000 );
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]740 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]741
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]742
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]743 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
744 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
745 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
746 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]747
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]748 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
749 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]750 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]751 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]752
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]753 output_len = 0;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]754
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]755 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE, &output_len, message_str->x, output, max_output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]756 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]757 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]758
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]759 TEST_ASSERT( hexcmp( output, result_hex_str->x, output_len, result_hex_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]760 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]761
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]762exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]763 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
764 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]765 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]766}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]767/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]768
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]769/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]770void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]771 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]772 data_t * result_hex_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]773{
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]774 unsigned char output[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]775 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]776
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]777 mbedtls_mpi N, E;
778
779 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]780 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
781 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]782 memset( output, 0x00, 1000 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]783
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]784 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
785 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]786
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]787 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
788 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]789 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]790
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]791
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]792 TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]793 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]794 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]795
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]796 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]797 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]798
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]799 /* And now with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]800 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]801 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]802 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]803
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]804 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]805
806 memset( output, 0x00, 1000 );
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]807 TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str->x, output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]808 if( result == 0 )
809 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]810
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]811 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]812 }
813
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]814exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]815 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]816 mbedtls_rsa_free( &ctx );
817 mbedtls_rsa_free( &ctx2 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]818}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]819/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]820
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]821/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]822void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]823 char * input_P, int radix_Q, char * input_Q,
824 int radix_N, char * input_N, int radix_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]825 char * input_E, data_t * result_hex_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]826 int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]827{
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]828 unsigned char output[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]829 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]830 mbedtls_mpi N, P, Q, E;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]831 rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]832 int i;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]833
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]834 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
835 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]836 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
837 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]838
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]839 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]840
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]841 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
842 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
843 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
844 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]845
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]846 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
847 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]848 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]849 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]850
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]851
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]852 /* repeat three times to test updating of blinding values */
853 for( i = 0; i < 3; i++ )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]854 {
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]855 memset( output, 0x00, 1000 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]856 TEST_ASSERT( mbedtls_rsa_private( &ctx, rnd_pseudo_rand, &rnd_info,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]857 message_str->x, output ) == result );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]858 if( result == 0 )
859 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]860
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]861 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]862 }
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]863 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]864
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]865 /* And now one more time with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]866 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]867 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]868 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]869
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]870 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]871
872 memset( output, 0x00, 1000 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]873 TEST_ASSERT( mbedtls_rsa_private( &ctx2, rnd_pseudo_rand, &rnd_info,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]874 message_str->x, output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]875 if( result == 0 )
876 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]877
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]878 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx2.len, result_hex_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]879 }
880
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]881exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]882 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
883 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
884
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]885 mbedtls_rsa_free( &ctx ); mbedtls_rsa_free( &ctx2 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]886}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]887/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]888
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]889/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]890void rsa_check_privkey_null( )
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]891{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]892 mbedtls_rsa_context ctx;
893 memset( &ctx, 0x00, sizeof( mbedtls_rsa_context ) );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]894
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]895 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]896}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]897/* END_CASE */
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]898
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]899/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]900void mbedtls_rsa_check_pubkey( int radix_N, char * input_N, int radix_E,
901 char * input_E, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]902{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]903 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]904 mbedtls_mpi N, E;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]905
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]906 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]907 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]908
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]909 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]910 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]911 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]912 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]913 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]914 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]915 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]916 }
917
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]918 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]919 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]920
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]921exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]922 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]923 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]924}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]925/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]926
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]927/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]928void mbedtls_rsa_check_privkey( int mod, int radix_P, char * input_P,
929 int radix_Q, char * input_Q, int radix_N,
930 char * input_N, int radix_E, char * input_E,
931 int radix_D, char * input_D, int radix_DP,
932 char * input_DP, int radix_DQ,
933 char * input_DQ, int radix_QP,
934 char * input_QP, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]935{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]936 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]937
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]938 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]939
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]940 ctx.len = mod / 8;
941 if( strlen( input_P ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]942 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]943 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]944 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]945 if( strlen( input_Q ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]946 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]947 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]948 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]949 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]950 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]951 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]952 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]953 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]954 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]955 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]956 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]957 if( strlen( input_D ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]958 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]959 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.D, radix_D, input_D ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]960 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]961#if !defined(MBEDTLS_RSA_NO_CRT)
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]962 if( strlen( input_DP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]963 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]964 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DP, radix_DP, input_DP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]965 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]966 if( strlen( input_DQ ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]967 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]968 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]969 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]970 if( strlen( input_QP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]971 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]972 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.QP, radix_QP, input_QP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]973 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]974#else
975 ((void) radix_DP); ((void) input_DP);
976 ((void) radix_DQ); ((void) input_DQ);
977 ((void) radix_QP); ((void) input_QP);
978#endif
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]979
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]980 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]981
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]982exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]983 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]984}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]985/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]986
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]987/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]988void rsa_check_pubpriv( int mod, int radix_Npub, char * input_Npub,
989 int radix_Epub, char * input_Epub, int radix_P,
990 char * input_P, int radix_Q, char * input_Q,
991 int radix_N, char * input_N, int radix_E,
992 char * input_E, int radix_D, char * input_D,
993 int radix_DP, char * input_DP, int radix_DQ,
994 char * input_DQ, int radix_QP, char * input_QP,
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]995 int result )
996{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]997 mbedtls_rsa_context pub, prv;
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]998
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]999 mbedtls_rsa_init( &pub, MBEDTLS_RSA_PKCS_V15, 0 );
1000 mbedtls_rsa_init( &prv, MBEDTLS_RSA_PKCS_V15, 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1001
1002 pub.len = mod / 8;
1003 prv.len = mod / 8;
1004
1005 if( strlen( input_Npub ) )
1006 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1007 TEST_ASSERT( mbedtls_mpi_read_string( &pub.N, radix_Npub, input_Npub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1008 }
1009 if( strlen( input_Epub ) )
1010 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1011 TEST_ASSERT( mbedtls_mpi_read_string( &pub.E, radix_Epub, input_Epub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1012 }
1013
1014 if( strlen( input_P ) )
1015 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1016 TEST_ASSERT( mbedtls_mpi_read_string( &prv.P, radix_P, input_P ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1017 }
1018 if( strlen( input_Q ) )
1019 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1020 TEST_ASSERT( mbedtls_mpi_read_string( &prv.Q, radix_Q, input_Q ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1021 }
1022 if( strlen( input_N ) )
1023 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1024 TEST_ASSERT( mbedtls_mpi_read_string( &prv.N, radix_N, input_N ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1025 }
1026 if( strlen( input_E ) )
1027 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1028 TEST_ASSERT( mbedtls_mpi_read_string( &prv.E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1029 }
1030 if( strlen( input_D ) )
1031 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1032 TEST_ASSERT( mbedtls_mpi_read_string( &prv.D, radix_D, input_D ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1033 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1034#if !defined(MBEDTLS_RSA_NO_CRT)
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1035 if( strlen( input_DP ) )
1036 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1037 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DP, radix_DP, input_DP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1038 }
1039 if( strlen( input_DQ ) )
1040 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1041 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DQ, radix_DQ, input_DQ ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1042 }
1043 if( strlen( input_QP ) )
1044 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1045 TEST_ASSERT( mbedtls_mpi_read_string( &prv.QP, radix_QP, input_QP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1046 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1047#else
1048 ((void) radix_DP); ((void) input_DP);
1049 ((void) radix_DQ); ((void) input_DQ);
1050 ((void) radix_QP); ((void) input_QP);
1051#endif
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1052
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1053 TEST_ASSERT( mbedtls_rsa_check_pub_priv( &pub, &prv ) == result );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1054
1055exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1056 mbedtls_rsa_free( &pub );
1057 mbedtls_rsa_free( &prv );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1058}
1059/* END_CASE */
1060
Hanno Beckerd4a872e2017-09-07 08:09:33 +0100[diff] [blame]1061/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1062void mbedtls_rsa_gen_key( int nrbits, int exponent, int result)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1063{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1064 mbedtls_rsa_context ctx;
1065 mbedtls_entropy_context entropy;
1066 mbedtls_ctr_drbg_context ctr_drbg;
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]1067 const char *pers = "test_suite_rsa";
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1068
Manuel Pégourié-Gonnard8d128ef2015-04-28 22:38:08 +0200[diff] [blame]1069 mbedtls_ctr_drbg_init( &ctr_drbg );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1070 mbedtls_entropy_init( &entropy );
Hanno Becker7e8e57c2017-07-23 10:19:29 +0100[diff] [blame]1071 mbedtls_rsa_init ( &ctx, 0, 0 );
Paul Bakkerc0a1a312011-12-04 17:12:15 +0000[diff] [blame]1072
Hanno Beckera47023e2017-12-22 17:08:03 +0000[diff] [blame]1073 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1074 &entropy, (const unsigned char *) pers,
1075 strlen( pers ) ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1076
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1077 TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1078 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1079 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1080 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Janos Follathef441782016-09-21 13:18:12 +0100[diff] [blame]1081 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &ctx.Q ) > 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1082 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1083
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1084exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1085 mbedtls_rsa_free( &ctx );
1086 mbedtls_ctr_drbg_free( &ctr_drbg );
1087 mbedtls_entropy_free( &entropy );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1088}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1089/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1090
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1091/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Hanno Becker0f65e0c2017-10-03 14:39:16 +0100[diff] [blame]1092void mbedtls_rsa_deduce_primes( int radix_N, char *input_N,
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1093 int radix_D, char *input_D,
1094 int radix_E, char *input_E,
1095 int radix_P, char *output_P,
1096 int radix_Q, char *output_Q,
1097 int corrupt, int result )
1098{
1099 mbedtls_mpi N, P, Pp, Q, Qp, D, E;
1100
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1101 mbedtls_mpi_init( &N );
1102 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1103 mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp );
1104 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1105
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1106 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1107 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1108 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1109 TEST_ASSERT( mbedtls_mpi_read_string( &Qp, radix_P, output_P ) == 0 );
1110 TEST_ASSERT( mbedtls_mpi_read_string( &Pp, radix_Q, output_Q ) == 0 );
1111
1112 if( corrupt )
1113 TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 );
1114
1115 /* Try to deduce P, Q from N, D, E only. */
Hanno Beckerf9e184b2017-10-10 16:49:26 +0100[diff] [blame]1116 TEST_ASSERT( mbedtls_rsa_deduce_primes( &N, &D, &E, &P, &Q ) == result );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1117
1118 if( !corrupt )
1119 {
1120 /* Check if (P,Q) = (Pp, Qp) or (P,Q) = (Qp, Pp) */
1121 TEST_ASSERT( ( mbedtls_mpi_cmp_mpi( &P, &Pp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Qp ) == 0 ) ||
1122 ( mbedtls_mpi_cmp_mpi( &P, &Qp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Pp ) == 0 ) );
1123 }
1124
1125exit:
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1126 mbedtls_mpi_free( &N );
1127 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1128 mbedtls_mpi_free( &Pp ); mbedtls_mpi_free( &Qp );
1129 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1130}
1131/* END_CASE */
1132
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1133/* BEGIN_CASE */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1134void mbedtls_rsa_deduce_private_exponent( int radix_P, char *input_P,
1135 int radix_Q, char *input_Q,
1136 int radix_E, char *input_E,
1137 int radix_D, char *output_D,
1138 int corrupt, int result )
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1139{
1140 mbedtls_mpi P, Q, D, Dp, E, R, Rp;
1141
1142 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1143 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &Dp );
1144 mbedtls_mpi_init( &E );
1145 mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp );
1146
1147 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1148 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1149 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1150 TEST_ASSERT( mbedtls_mpi_read_string( &Dp, radix_D, output_D ) == 0 );
1151
1152 if( corrupt )
1153 {
1154 /* Make E even */
1155 TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 0 ) == 0 );
1156 }
1157
1158 /* Try to deduce D from N, P, Q, E. */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1159 TEST_ASSERT( mbedtls_rsa_deduce_private_exponent( &P, &Q,
1160 &E, &D ) == result );
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1161
1162 if( !corrupt )
1163 {
1164 /*
1165 * Check that D and Dp agree modulo LCM(P-1, Q-1).
1166 */
1167
1168 /* Replace P,Q by P-1, Q-1 */
1169 TEST_ASSERT( mbedtls_mpi_sub_int( &P, &P, 1 ) == 0 );
1170 TEST_ASSERT( mbedtls_mpi_sub_int( &Q, &Q, 1 ) == 0 );
1171
1172 /* Check D == Dp modulo P-1 */
1173 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &P ) == 0 );
1174 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &P ) == 0 );
1175 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1176
1177 /* Check D == Dp modulo Q-1 */
1178 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &Q ) == 0 );
1179 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &Q ) == 0 );
1180 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1181 }
1182
1183exit:
1184
1185 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1186 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &Dp );
1187 mbedtls_mpi_free( &E );
1188 mbedtls_mpi_free( &R ); mbedtls_mpi_free( &Rp );
1189}
1190/* END_CASE */
1191
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1192/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1193void mbedtls_rsa_import( int radix_N, char *input_N,
1194 int radix_P, char *input_P,
1195 int radix_Q, char *input_Q,
1196 int radix_D, char *input_D,
1197 int radix_E, char *input_E,
1198 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1199 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1200 int res_check,
1201 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1202{
1203 mbedtls_mpi N, P, Q, D, E;
1204 mbedtls_rsa_context ctx;
1205
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1206 /* Buffers used for encryption-decryption test */
1207 unsigned char *buf_orig = NULL;
1208 unsigned char *buf_enc = NULL;
1209 unsigned char *buf_dec = NULL;
1210
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1211 mbedtls_entropy_context entropy;
1212 mbedtls_ctr_drbg_context ctr_drbg;
1213 const char *pers = "test_suite_rsa";
1214
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1215 const int have_N = ( strlen( input_N ) > 0 );
1216 const int have_P = ( strlen( input_P ) > 0 );
1217 const int have_Q = ( strlen( input_Q ) > 0 );
1218 const int have_D = ( strlen( input_D ) > 0 );
1219 const int have_E = ( strlen( input_E ) > 0 );
1220
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1221 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1222 mbedtls_entropy_init( &entropy );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1223 mbedtls_rsa_init( &ctx, 0, 0 );
1224
1225 mbedtls_mpi_init( &N );
1226 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1227 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1228
Hanno Beckerd4d60572018-01-10 07:12:01 +0000[diff] [blame]1229 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
1230 (const unsigned char *) pers, strlen( pers ) ) == 0 );
1231
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1232 if( have_N )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1233 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1234
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1235 if( have_P )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1236 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1237
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1238 if( have_Q )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1239 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1240
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1241 if( have_D )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1242 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1243
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1244 if( have_E )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1245 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1246
1247 if( !successive )
1248 {
1249 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1250 have_N ? &N : NULL,
1251 have_P ? &P : NULL,
1252 have_Q ? &Q : NULL,
1253 have_D ? &D : NULL,
1254 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1255 }
1256 else
1257 {
1258 /* Import N, P, Q, D, E separately.
1259 * This should make no functional difference. */
1260
1261 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1262 have_N ? &N : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1263 NULL, NULL, NULL, NULL ) == 0 );
1264
1265 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1266 NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1267 have_P ? &P : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1268 NULL, NULL, NULL ) == 0 );
1269
1270 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1271 NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1272 have_Q ? &Q : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1273 NULL, NULL ) == 0 );
1274
1275 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1276 NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1277 have_D ? &D : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1278 NULL ) == 0 );
1279
1280 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1281 NULL, NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1282 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1283 }
1284
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1285 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1286
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1287 /* On expected success, perform some public and private
1288 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1289 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1290 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1291 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1292 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1293 else
1294 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1295
1296 if( res_check != 0 )
1297 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1298
1299 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1300 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1301 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1302 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1303 goto exit;
1304
1305 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1306 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1307
1308 /* Make sure the number we're generating is smaller than the modulus */
1309 buf_orig[0] = 0x00;
1310
1311 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1312
1313 if( is_priv )
1314 {
1315 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1316 &ctr_drbg, buf_enc,
1317 buf_dec ) == 0 );
1318
1319 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1320 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1321 }
1322 }
1323
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1324exit:
1325
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1326 mbedtls_free( buf_orig );
1327 mbedtls_free( buf_enc );
1328 mbedtls_free( buf_dec );
1329
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1330 mbedtls_rsa_free( &ctx );
1331
1332 mbedtls_ctr_drbg_free( &ctr_drbg );
1333 mbedtls_entropy_free( &entropy );
1334
1335 mbedtls_mpi_free( &N );
1336 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1337 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1338}
1339/* END_CASE */
1340
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1341/* BEGIN_CASE */
1342void mbedtls_rsa_export( int radix_N, char *input_N,
1343 int radix_P, char *input_P,
1344 int radix_Q, char *input_Q,
1345 int radix_D, char *input_D,
1346 int radix_E, char *input_E,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1347 int is_priv,
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1348 int successive )
1349{
1350 /* Original MPI's with which we set up the RSA context */
1351 mbedtls_mpi N, P, Q, D, E;
1352
1353 /* Exported MPI's */
1354 mbedtls_mpi Ne, Pe, Qe, De, Ee;
1355
1356 const int have_N = ( strlen( input_N ) > 0 );
1357 const int have_P = ( strlen( input_P ) > 0 );
1358 const int have_Q = ( strlen( input_Q ) > 0 );
1359 const int have_D = ( strlen( input_D ) > 0 );
1360 const int have_E = ( strlen( input_E ) > 0 );
1361
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1362 mbedtls_rsa_context ctx;
1363
1364 mbedtls_rsa_init( &ctx, 0, 0 );
1365
1366 mbedtls_mpi_init( &N );
1367 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1368 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1369
1370 mbedtls_mpi_init( &Ne );
1371 mbedtls_mpi_init( &Pe ); mbedtls_mpi_init( &Qe );
1372 mbedtls_mpi_init( &De ); mbedtls_mpi_init( &Ee );
1373
1374 /* Setup RSA context */
1375
1376 if( have_N )
1377 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1378
1379 if( have_P )
1380 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1381
1382 if( have_Q )
1383 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1384
1385 if( have_D )
1386 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1387
1388 if( have_E )
1389 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1390
1391 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1392 strlen( input_N ) ? &N : NULL,
1393 strlen( input_P ) ? &P : NULL,
1394 strlen( input_Q ) ? &Q : NULL,
1395 strlen( input_D ) ? &D : NULL,
1396 strlen( input_E ) ? &E : NULL ) == 0 );
1397
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1398 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1399
1400 /*
1401 * Export parameters and compare to original ones.
1402 */
1403
1404 /* N and E must always be present. */
1405 if( !successive )
1406 {
1407 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, &Ee ) == 0 );
1408 }
1409 else
1410 {
1411 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, NULL ) == 0 );
1412 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL, NULL, &Ee ) == 0 );
1413 }
1414 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &Ne ) == 0 );
1415 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &E, &Ee ) == 0 );
1416
1417 /* If we were providing enough information to setup a complete private context,
1418 * we expect to be able to export all core parameters. */
1419
1420 if( is_priv )
1421 {
1422 if( !successive )
1423 {
1424 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, &Qe,
1425 &De, NULL ) == 0 );
1426 }
1427 else
1428 {
1429 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, NULL,
1430 NULL, NULL ) == 0 );
1431 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, &Qe,
1432 NULL, NULL ) == 0 );
1433 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL,
1434 &De, NULL ) == 0 );
1435 }
1436
1437 if( have_P )
1438 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P, &Pe ) == 0 );
1439
1440 if( have_Q )
1441 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &Qe ) == 0 );
1442
1443 if( have_D )
1444 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &D, &De ) == 0 );
1445
1446 /* While at it, perform a sanity check */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1447 TEST_ASSERT( mbedtls_rsa_validate_params( &Ne, &Pe, &Qe, &De, &Ee,
1448 NULL, NULL ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1449 }
1450
1451exit:
1452
1453 mbedtls_rsa_free( &ctx );
1454
1455 mbedtls_mpi_free( &N );
1456 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1457 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1458
1459 mbedtls_mpi_free( &Ne );
1460 mbedtls_mpi_free( &Pe ); mbedtls_mpi_free( &Qe );
1461 mbedtls_mpi_free( &De ); mbedtls_mpi_free( &Ee );
1462}
1463/* END_CASE */
1464
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1465/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1466void mbedtls_rsa_validate_params( int radix_N, char *input_N,
1467 int radix_P, char *input_P,
1468 int radix_Q, char *input_Q,
1469 int radix_D, char *input_D,
1470 int radix_E, char *input_E,
1471 int prng, int result )
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1472{
1473 /* Original MPI's with which we set up the RSA context */
1474 mbedtls_mpi N, P, Q, D, E;
1475
1476 const int have_N = ( strlen( input_N ) > 0 );
1477 const int have_P = ( strlen( input_P ) > 0 );
1478 const int have_Q = ( strlen( input_Q ) > 0 );
1479 const int have_D = ( strlen( input_D ) > 0 );
1480 const int have_E = ( strlen( input_E ) > 0 );
1481
1482 mbedtls_entropy_context entropy;
1483 mbedtls_ctr_drbg_context ctr_drbg;
1484 const char *pers = "test_suite_rsa";
1485
1486 mbedtls_mpi_init( &N );
1487 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1488 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1489
1490 mbedtls_ctr_drbg_init( &ctr_drbg );
1491 mbedtls_entropy_init( &entropy );
1492 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1493 &entropy, (const unsigned char *) pers,
1494 strlen( pers ) ) == 0 );
1495
1496 if( have_N )
1497 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1498
1499 if( have_P )
1500 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1501
1502 if( have_Q )
1503 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1504
1505 if( have_D )
1506 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1507
1508 if( have_E )
1509 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1510
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1511 TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL,
1512 have_P ? &P : NULL,
1513 have_Q ? &Q : NULL,
1514 have_D ? &D : NULL,
1515 have_E ? &E : NULL,
1516 prng ? mbedtls_ctr_drbg_random : NULL,
1517 prng ? &ctr_drbg : NULL ) == result );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1518exit:
1519
1520 mbedtls_ctr_drbg_free( &ctr_drbg );
1521 mbedtls_entropy_free( &entropy );
1522
1523 mbedtls_mpi_free( &N );
1524 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1525 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1526}
1527/* END_CASE */
1528
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1529/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1530void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P,
1531 data_t *input_Q, data_t *input_D,
1532 data_t *input_E, int is_priv,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1533 int successive )
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1534{
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1535 /* Exported buffers */
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1536 unsigned char bufNe[1000];
1537 unsigned char bufPe[1000];
1538 unsigned char bufQe[1000];
1539 unsigned char bufDe[1000];
1540 unsigned char bufEe[1000];
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1541
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1542 mbedtls_rsa_context ctx;
1543
1544 mbedtls_rsa_init( &ctx, 0, 0 );
1545
1546 /* Setup RSA context */
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1547 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1548 input_N->len ? input_N->x : NULL, input_N->len,
1549 input_P->len ? input_P->x : NULL, input_P->len,
1550 input_Q->len ? input_Q->x : NULL, input_Q->len,
1551 input_D->len ? input_D->x : NULL, input_D->len,
1552 input_E->len ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1553
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1554 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1555
1556 /*
1557 * Export parameters and compare to original ones.
1558 */
1559
1560 /* N and E must always be present. */
1561 if( !successive )
1562 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1563 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1564 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1565 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1566 }
1567 else
1568 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1569 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1570 NULL, 0, NULL, 0, NULL, 0,
1571 NULL, 0 ) == 0 );
1572 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
1573 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1574 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1575 }
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1576 TEST_ASSERT( memcmp( input_N->x, bufNe, input_N->len ) == 0 );
1577 TEST_ASSERT( memcmp( input_E->x, bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1578
1579 /* If we were providing enough information to setup a complete private context,
1580 * we expect to be able to export all core parameters. */
1581
1582 if( is_priv )
1583 {
1584 if( !successive )
1585 {
1586 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1587 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
1588 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
1589 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1590 NULL, 0 ) == 0 );
1591 }
1592 else
1593 {
1594 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1595 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1596 NULL, 0, NULL, 0,
1597 NULL, 0 ) == 0 );
1598
1599 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1600 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1601 NULL, 0, NULL, 0 ) == 0 );
1602
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1603 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0, NULL, 0,
1604 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1605 NULL, 0 ) == 0 );
1606 }
1607
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1608 if( input_P->len )
1609 TEST_ASSERT( memcmp( input_P->x, bufPe, input_P->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1610
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1611 if( input_Q->len )
1612 TEST_ASSERT( memcmp( input_Q->x, bufQe, input_Q->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1613
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1614 if( input_D->len )
1615 TEST_ASSERT( memcmp( input_D->x, bufDe, input_D->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1616
1617 }
1618
1619exit:
1620 mbedtls_rsa_free( &ctx );
1621}
1622/* END_CASE */
1623
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1624/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1625void mbedtls_rsa_import_raw( data_t *input_N,
1626 data_t *input_P, data_t *input_Q,
1627 data_t *input_D, data_t *input_E,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1628 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1629 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1630 int res_check,
1631 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1632{
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1633 /* Buffers used for encryption-decryption test */
1634 unsigned char *buf_orig = NULL;
1635 unsigned char *buf_enc = NULL;
1636 unsigned char *buf_dec = NULL;
1637
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1638 mbedtls_rsa_context ctx;
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1639 mbedtls_entropy_context entropy;
1640 mbedtls_ctr_drbg_context ctr_drbg;
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1641
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1642 const char *pers = "test_suite_rsa";
1643
1644 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1645 mbedtls_entropy_init( &entropy );
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1646 mbedtls_rsa_init( &ctx, 0, 0 );
1647
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1648 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1649 &entropy, (const unsigned char *) pers,
1650 strlen( pers ) ) == 0 );
1651
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1652 if( !successive )
1653 {
1654 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1655 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
1656 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
1657 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
1658 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
1659 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1660 }
1661 else
1662 {
1663 /* Import N, P, Q, D, E separately.
1664 * This should make no functional difference. */
1665
1666 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1667 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1668 NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1669
1670 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1671 NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1672 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1673 NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1674
1675 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1676 NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1677 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1678 NULL, 0, NULL, 0 ) == 0 );
1679
1680 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1681 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1682 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1683 NULL, 0 ) == 0 );
1684
1685 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1686 NULL, 0, NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1687 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1688 }
1689
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1690 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1691
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1692 /* On expected success, perform some public and private
1693 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1694 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1695 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1696 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1697 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1698 else
1699 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1700
1701 if( res_check != 0 )
1702 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1703
1704 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1705 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1706 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1707 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1708 goto exit;
1709
1710 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1711 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1712
1713 /* Make sure the number we're generating is smaller than the modulus */
1714 buf_orig[0] = 0x00;
1715
1716 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1717
1718 if( is_priv )
1719 {
1720 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1721 &ctr_drbg, buf_enc,
1722 buf_dec ) == 0 );
1723
1724 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1725 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1726 }
1727 }
1728
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1729exit:
1730
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1731 mbedtls_free( buf_orig );
1732 mbedtls_free( buf_enc );
1733 mbedtls_free( buf_dec );
1734
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1735 mbedtls_rsa_free( &ctx );
1736
1737 mbedtls_ctr_drbg_free( &ctr_drbg );
1738 mbedtls_entropy_free( &entropy );
1739
1740}
1741/* END_CASE */
1742
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1743/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1744void rsa_selftest( )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1745{
Andres AG93012e82016-09-09 09:10:28 +0100[diff] [blame]1746 TEST_ASSERT( mbedtls_rsa_self_test( 1 ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1747}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1748/* END_CASE */