TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / ac6ae3515085d633523da3da90fd0c2202365212 / . / tests / suites / test_suite_pkcs1_v15.function
blob: 068027b0e9c96e98e5ef4f82b3da9c7226c774f4 [file] [log] [blame]
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]1/* BEGIN_HEADER */
2#include "mbedtls/rsa.h"
3#include "mbedtls/md.h"
4/* END_HEADER */
5
6/* BEGIN_DEPENDENCIES
7 * depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
8 * END_DEPENDENCIES
9 */
10
11/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]12void pkcs1_rsaes_v15_encrypt( int mod, int radix_N, char * input_N,
13 int radix_E, char * input_E, int hash,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]14 data_t * message_str, data_t * rnd_buf,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame^]15 data_t * result_str, int result )
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]16{
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]17 unsigned char output[128];
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]18 mbedtls_rsa_context ctx;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]19 mbedtls_test_rnd_buf_info info;
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]20 mbedtls_mpi N, E;
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]21
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]22 info.buf = rnd_buf->x;
23 info.length = rnd_buf->len;
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]24
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]25 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]26 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]27 memset( output, 0x00, sizeof( output ) );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]28
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]29 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
30 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
31 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
32 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]33 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
34
Gilles Peskine85a6dd42018-10-15 16:32:42 +0200[diff] [blame]35 if( message_str->len == 0 )
36 message_str->x = NULL;
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]37 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx,
38 &mbedtls_test_rnd_buffer_rand,
39 &info, MBEDTLS_RSA_PUBLIC,
40 message_str->len, message_str->x,
41 output ) == result );
42
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]43 if( result == 0 )
44 {
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame^]45 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
46 ctx.len, result_str->len ) == 0 );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]47 }
48
49exit:
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]50 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]51 mbedtls_rsa_free( &ctx );
52}
53/* END_CASE */
54
55/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]56void pkcs1_rsaes_v15_decrypt( int mod, int radix_P, char * input_P,
57 int radix_Q, char * input_Q, int radix_N,
58 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame^]59 int hash, data_t * result_str,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]60 char * seed, data_t * message_str,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]61 int result )
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]62{
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]63 unsigned char output[128];
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]64 mbedtls_rsa_context ctx;
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]65 size_t output_len;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]66 mbedtls_test_rnd_pseudo_info rnd_info;
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]67 mbedtls_mpi N, P, Q, E;
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]68 ((void) seed);
69
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]70 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
71 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]72 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
73
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]74 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]75 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]76
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]77 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
78 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
79 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
80 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]81
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]82 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
83 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]84 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]85 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
86
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame^]87 if( result_str->len == 0 )
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]88 {
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]89 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx,
90 &mbedtls_test_rnd_pseudo_rand,
91 &rnd_info,
92 MBEDTLS_RSA_PRIVATE,
93 &output_len, message_str->x,
94 NULL, 0 ) == result );
Gilles Peskine85a6dd42018-10-15 16:32:42 +0200[diff] [blame]95 }
96 else
97 {
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]98 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx,
99 &mbedtls_test_rnd_pseudo_rand,
100 &rnd_info, MBEDTLS_RSA_PRIVATE,
101 &output_len, message_str->x,
102 output, 1000 ) == result );
Gilles Peskine85a6dd42018-10-15 16:32:42 +0200[diff] [blame]103 if( result == 0 )
104 {
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame^]105 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]106 output_len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame^]107 result_str->len) == 0 );
Gilles Peskine85a6dd42018-10-15 16:32:42 +0200[diff] [blame]108 }
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]109 }
110
111exit:
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]112 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
113 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]114 mbedtls_rsa_free( &ctx );
115}
116/* END_CASE */
117
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]118/* BEGIN_CASE */
Gilles Peskine695a3462018-10-05 18:15:25 +0200[diff] [blame]119void pkcs1_v15_decode( int mode,
120 data_t *input,
121 int expected_plaintext_length_arg,
122 int output_size_arg,
123 int expected_result )
124{
125 size_t expected_plaintext_length = expected_plaintext_length_arg;
126 size_t output_size = output_size_arg;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]127 mbedtls_test_rnd_pseudo_info rnd_info;
Gilles Peskine695a3462018-10-05 18:15:25 +0200[diff] [blame]128 mbedtls_mpi Nmpi, Empi, Pmpi, Qmpi;
129 mbedtls_rsa_context ctx;
130 static unsigned char N[128] = {
131 0xc4, 0x79, 0x4c, 0x6d, 0xb2, 0xe9, 0xdf, 0xc5,
132 0xe5, 0xd7, 0x55, 0x4b, 0xfb, 0x6c, 0x2e, 0xec,
133 0x84, 0xd0, 0x88, 0x12, 0xaf, 0xbf, 0xb4, 0xf5,
134 0x47, 0x3c, 0x7e, 0x92, 0x4c, 0x58, 0xc8, 0x73,
135 0xfe, 0x8f, 0x2b, 0x8f, 0x8e, 0xc8, 0x5c, 0xf5,
136 0x05, 0xeb, 0xfb, 0x0d, 0x7b, 0x2a, 0x93, 0xde,
137 0x15, 0x0d, 0xc8, 0x13, 0xcf, 0xd2, 0x6f, 0x0d,
138 0x9d, 0xad, 0x30, 0xe5, 0x70, 0x20, 0x92, 0x9e,
139 0xb3, 0x6b, 0xba, 0x5c, 0x50, 0x0f, 0xc3, 0xb2,
140 0x7e, 0x64, 0x07, 0x94, 0x7e, 0xc9, 0x4e, 0xc1,
141 0x65, 0x04, 0xaf, 0xb3, 0x9f, 0xde, 0xa8, 0x46,
142 0xfa, 0x6c, 0xf3, 0x03, 0xaf, 0x1c, 0x1b, 0xec,
143 0x75, 0x44, 0x66, 0x77, 0xc9, 0xde, 0x51, 0x33,
144 0x64, 0x27, 0xb0, 0xd4, 0x8d, 0x31, 0x6a, 0x11,
145 0x27, 0x3c, 0x99, 0xd4, 0x22, 0xc0, 0x9d, 0x12,
146 0x01, 0xc7, 0x4a, 0x73, 0xac, 0xbf, 0xc2, 0xbb
147 };
148 static unsigned char E[1] = { 0x03 };
149 static unsigned char P[64] = {
150 0xe5, 0x53, 0x1f, 0x88, 0x51, 0xee, 0x59, 0xf8,
151 0xc1, 0xe4, 0xcc, 0x5b, 0xb3, 0x75, 0x8d, 0xc8,
152 0xe8, 0x95, 0x2f, 0xd0, 0xef, 0x37, 0xb4, 0xcd,
153 0xd3, 0x9e, 0x48, 0x8b, 0x81, 0x58, 0x60, 0xb9,
154 0x27, 0x1d, 0xb6, 0x28, 0x92, 0x64, 0xa3, 0xa5,
155 0x64, 0xbd, 0xcc, 0x53, 0x68, 0xdd, 0x3e, 0x55,
156 0xea, 0x9d, 0x5e, 0xcd, 0x1f, 0x96, 0x87, 0xf1,
157 0x29, 0x75, 0x92, 0x70, 0x8f, 0x28, 0xfb, 0x2b
158 };
159 static unsigned char Q[64] = {
160 0xdb, 0x53, 0xef, 0x74, 0x61, 0xb4, 0x20, 0x3b,
161 0x3b, 0x87, 0x76, 0x75, 0x81, 0x56, 0x11, 0x03,
162 0x59, 0x31, 0xe3, 0x38, 0x4b, 0x8c, 0x7a, 0x9c,
163 0x05, 0xd6, 0x7f, 0x1e, 0x5e, 0x60, 0xf0, 0x4e,
164 0x0b, 0xdc, 0x34, 0x54, 0x1c, 0x2e, 0x90, 0x83,
165 0x14, 0xef, 0xc0, 0x96, 0x5c, 0x30, 0x10, 0xcc,
166 0xc1, 0xba, 0xa0, 0x54, 0x3f, 0x96, 0x24, 0xca,
167 0xa3, 0xfb, 0x55, 0xbc, 0x71, 0x29, 0x4e, 0xb1
168 };
169 unsigned char original[128];
170 unsigned char intermediate[128];
171 static unsigned char default_content[128] = {
172 /* A randomly generated pattern. */
173 0x4c, 0x27, 0x54, 0xa0, 0xce, 0x0d, 0x09, 0x4a,
174 0x1c, 0x38, 0x8e, 0x2d, 0xa3, 0xc4, 0xe0, 0x19,
175 0x4c, 0x99, 0xb2, 0xbf, 0xe6, 0x65, 0x7e, 0x58,
176 0xd7, 0xb6, 0x8a, 0x05, 0x2f, 0xa5, 0xec, 0xa4,
177 0x35, 0xad, 0x10, 0x36, 0xff, 0x0d, 0x08, 0x50,
178 0x74, 0x47, 0xc9, 0x9c, 0x4a, 0xe7, 0xfd, 0xfa,
179 0x83, 0x5f, 0x14, 0x5a, 0x1e, 0xe7, 0x35, 0x08,
180 0xad, 0xf7, 0x0d, 0x86, 0xdf, 0xb8, 0xd4, 0xcf,
181 0x32, 0xb9, 0x5c, 0xbe, 0xa3, 0xd2, 0x89, 0x70,
182 0x7b, 0xc6, 0x48, 0x7e, 0x58, 0x4d, 0xf3, 0xef,
183 0x34, 0xb7, 0x57, 0x54, 0x79, 0xc5, 0x8e, 0x0a,
184 0xa3, 0xbf, 0x6d, 0x42, 0x83, 0x25, 0x13, 0xa2,
185 0x95, 0xc0, 0x0d, 0x32, 0xec, 0x77, 0x91, 0x2b,
186 0x68, 0xb6, 0x8c, 0x79, 0x15, 0xfb, 0x94, 0xde,
187 0xb9, 0x2b, 0x94, 0xb3, 0x28, 0x23, 0x86, 0x3d,
188 0x37, 0x00, 0xe6, 0xf1, 0x1f, 0x4e, 0xd4, 0x42
189 };
190 unsigned char final[128];
191 size_t output_length = 0x7EA0;
192
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]193 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Gilles Peskine695a3462018-10-05 18:15:25 +0200[diff] [blame]194 mbedtls_mpi_init( &Nmpi ); mbedtls_mpi_init( &Empi );
195 mbedtls_mpi_init( &Pmpi ); mbedtls_mpi_init( &Qmpi );
196 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
197
198 TEST_ASSERT( mbedtls_mpi_read_binary( &Nmpi, N, sizeof( N ) ) == 0 );
199 TEST_ASSERT( mbedtls_mpi_read_binary( &Empi, E, sizeof( E ) ) == 0 );
200 TEST_ASSERT( mbedtls_mpi_read_binary( &Pmpi, P, sizeof( P ) ) == 0 );
201 TEST_ASSERT( mbedtls_mpi_read_binary( &Qmpi, Q, sizeof( Q ) ) == 0 );
202
203 TEST_ASSERT( mbedtls_rsa_import( &ctx, &Nmpi, &Pmpi, &Qmpi,
204 NULL, &Empi ) == 0 );
205 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
206
207 TEST_ASSERT( input->len <= sizeof( N ) );
208 memcpy( original, input->x, input->len );
209 memset( original + input->len, 'd', sizeof( original ) - input->len );
210 if( mode == MBEDTLS_RSA_PRIVATE )
211 TEST_ASSERT( mbedtls_rsa_public( &ctx, original, intermediate ) == 0 );
212 else
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]213 TEST_ASSERT( mbedtls_rsa_private( &ctx, &mbedtls_test_rnd_pseudo_rand,
214 &rnd_info, original,
215 intermediate ) == 0 );
Gilles Peskine695a3462018-10-05 18:15:25 +0200[diff] [blame]216
217 memcpy( final, default_content, sizeof( final ) );
218 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]219 &mbedtls_test_rnd_pseudo_rand,
220 &rnd_info, mode, &output_length,
221 intermediate, final,
Gilles Peskine695a3462018-10-05 18:15:25 +0200[diff] [blame]222 output_size ) == expected_result );
223 if( expected_result == 0 )
224 {
225 TEST_ASSERT( output_length == expected_plaintext_length );
226 TEST_ASSERT( memcmp( original + sizeof( N ) - output_length,
227 final,
228 output_length ) == 0 );
229 }
230 else if( expected_result == MBEDTLS_ERR_RSA_INVALID_PADDING ||
231 expected_result == MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE )
232 {
233 size_t max_payload_length =
234 output_size > sizeof( N ) - 11 ? sizeof( N ) - 11 : output_size;
235 size_t i;
236 size_t count = 0;
237
238#if !defined(MBEDTLS_RSA_ALT)
239 /* Check that the output in invalid cases is what the default
240 * implementation currently does. Alternative implementations
241 * may produce different output, so we only perform these precise
242 * checks when using the default implementation. */
243 TEST_ASSERT( output_length == max_payload_length );
244 for( i = 0; i < max_payload_length; i++ )
245 TEST_ASSERT( final[i] == 0 );
246#endif
247 /* Even in alternative implementations, the outputs must have
248 * changed, otherwise it indicates at least a timing vulnerability
249 * because no write to the outputs is performed in the bad case. */
250 TEST_ASSERT( output_length != 0x7EA0 );
251 for( i = 0; i < max_payload_length; i++ )
252 count += ( final[i] == default_content[i] );
253 /* If more than 16 bytes are unchanged in final, that's evidence
254 * that final wasn't overwritten. */
255 TEST_ASSERT( count < 16 );
256 }
257
258exit:
259 mbedtls_mpi_free( &Nmpi ); mbedtls_mpi_free( &Empi );
260 mbedtls_mpi_free( &Pmpi ); mbedtls_mpi_free( &Qmpi );
261 mbedtls_rsa_free( &ctx );
262}
263/* END_CASE */
264
265/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]266void pkcs1_rsassa_v15_sign( int mod, int radix_P, char * input_P, int radix_Q,
267 char * input_Q, int radix_N, char * input_N,
268 int radix_E, char * input_E, int digest, int hash,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]269 data_t * message_str, data_t * rnd_buf,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame^]270 data_t * result_str, int result )
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]271{
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]272 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
273 unsigned char output[128];
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]274 mbedtls_rsa_context ctx;
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]275 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]276 mbedtls_test_rnd_buf_info info;
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]277
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]278 info.buf = rnd_buf->x;
279 info.length = rnd_buf->len;
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]280
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]281 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
282 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]283 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
284
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]285 memset( hash_result, 0x00, sizeof( hash_result ) );
286 memset( output, 0x00, sizeof( output ) );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]287
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]288 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
289 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
290 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
291 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]292
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]293 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
294 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]295 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]296 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
297
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]298
299 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]300 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]301
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]302 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_buffer_rand,
303 &info, MBEDTLS_RSA_PRIVATE, digest,
304 0, hash_result, output ) == result );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]305 if( result == 0 )
306 {
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]307
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame^]308 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
309 ctx.len, result_str->len ) == 0 );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]310 }
311
312exit:
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]313 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
314 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]315 mbedtls_rsa_free( &ctx );
316}
317/* END_CASE */
318
319/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]320void pkcs1_rsassa_v15_verify( int mod, int radix_N, char * input_N,
321 int radix_E, char * input_E, int digest,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]322 int hash, data_t * message_str, char * salt,
323 data_t * result_str, int result )
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]324{
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]325 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]326 mbedtls_rsa_context ctx;
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]327 mbedtls_mpi N, E;
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]328 ((void) salt);
329
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]330 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]331 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]332 memset( hash_result, 0x00, sizeof( hash_result ) );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]333
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]334 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
335 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
336 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
337 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]338 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
339
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]340
341 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]342 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]343
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]344 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]345
346exit:
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]347 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]348 mbedtls_rsa_free( &ctx );
349}
350/* END_CASE */