TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / b579ccd529b6102babb2cfde76241936b6fab207 / . / tests / suites / test_suite_rsa.function
blob: b892ec2075387f9a3bf7583e38bcb225d840f5f0 [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/rsa.h"
Hanno Beckera565f542017-10-11 11:00:19 +0100[diff] [blame]3#include "mbedtls/rsa_internal.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]4#include "mbedtls/md2.h"
5#include "mbedtls/md4.h"
6#include "mbedtls/md5.h"
7#include "mbedtls/sha1.h"
8#include "mbedtls/sha256.h"
9#include "mbedtls/sha512.h"
10#include "mbedtls/entropy.h"
11#include "mbedtls/ctr_drbg.h"
Hanno Becker47deec42017-07-24 12:27:09 +0100[diff] [blame]12
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]13/* END_HEADER */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]14
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]15/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]16 * depends_on:MBEDTLS_RSA_C:MBEDTLS_BIGNUM_C:MBEDTLS_GENPRIME
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]17 * END_DEPENDENCIES
18 */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]19
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]20/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
21void rsa_invalid_param( )
22{
23 mbedtls_rsa_context ctx;
24 const int valid_padding = MBEDTLS_RSA_PKCS_V21;
25 const int invalid_padding = 42;
26 const int valid_mode = MBEDTLS_RSA_PRIVATE;
27 const int invalid_mode = 42;
28 unsigned char buf[42] = { 0 };
29 size_t olen;
30
31 TEST_INVALID_PARAM( mbedtls_rsa_init( NULL, valid_padding, 0 ) );
32 TEST_INVALID_PARAM( mbedtls_rsa_init( &ctx, invalid_padding, 0 ) );
33 TEST_VALID_PARAM( mbedtls_rsa_free( NULL ) );
34
35 /* No more variants because only the first argument must be non-NULL. */
36 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
37 mbedtls_rsa_import( NULL, NULL, NULL,
38 NULL, NULL, NULL ) );
39 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
40 mbedtls_rsa_import_raw( NULL,
41 NULL, 0,
42 NULL, 0,
43 NULL, 0,
44 NULL, 0,
45 NULL, 0 ) );
46
47 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
48 mbedtls_rsa_complete( NULL ) );
49
50 /* No more variants because only the first argument must be non-NULL. */
51 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
52 mbedtls_rsa_export( NULL, NULL, NULL,
53 NULL, NULL, NULL ) );
54 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
55 mbedtls_rsa_export_raw( NULL,
56 NULL, 0,
57 NULL, 0,
58 NULL, 0,
59 NULL, 0,
60 NULL, 0 ) );
61 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
62 mbedtls_rsa_export_crt( NULL, NULL, NULL, NULL ) );
63
64 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( NULL,
65 valid_padding, 0 ) );
66 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( &ctx,
67 invalid_padding, 0 ) );
68
69 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]70 mbedtls_rsa_gen_key( NULL,
71 mbedtls_test_rnd_std_rand,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]72 NULL, 0, 0 ) );
73 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
74 mbedtls_rsa_gen_key( &ctx, NULL,
75 NULL, 0, 0 ) );
76
77 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
78 mbedtls_rsa_check_pubkey( NULL ) );
79 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
80 mbedtls_rsa_check_privkey( NULL ) );
81
82 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
83 mbedtls_rsa_check_pub_priv( NULL, &ctx ) );
84 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
85 mbedtls_rsa_check_pub_priv( &ctx, NULL ) );
86
87 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
88 mbedtls_rsa_public( NULL, buf, buf ) );
89 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
90 mbedtls_rsa_public( &ctx, NULL, buf ) );
91 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
92 mbedtls_rsa_public( &ctx, buf, NULL ) );
93
94 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
95 mbedtls_rsa_private( NULL, NULL, NULL,
96 buf, buf ) );
97 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
98 mbedtls_rsa_private( &ctx, NULL, NULL,
99 NULL, buf ) );
100 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
101 mbedtls_rsa_private( &ctx, NULL, NULL,
102 buf, NULL ) );
103
104 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
105 mbedtls_rsa_pkcs1_encrypt( NULL, NULL, NULL,
106 valid_mode,
107 sizeof( buf ), buf,
108 buf ) );
109 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
110 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
111 invalid_mode,
112 sizeof( buf ), buf,
113 buf ) );
114 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
115 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
116 valid_mode,
117 sizeof( buf ), NULL,
118 buf ) );
119 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
120 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
121 valid_mode,
122 sizeof( buf ), buf,
123 NULL ) );
124
125 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
126 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( NULL, NULL,
127 NULL,
128 valid_mode,
129 sizeof( buf ), buf,
130 buf ) );
131 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
132 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
133 NULL,
134 invalid_mode,
135 sizeof( buf ), buf,
136 buf ) );
137 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
138 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
139 NULL,
140 valid_mode,
141 sizeof( buf ), NULL,
142 buf ) );
143 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
144 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
145 NULL,
146 valid_mode,
147 sizeof( buf ), buf,
148 NULL ) );
149
150 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
151 mbedtls_rsa_rsaes_oaep_encrypt( NULL, NULL, NULL,
152 valid_mode,
153 buf, sizeof( buf ),
154 sizeof( buf ), buf,
155 buf ) );
156 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
157 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
158 invalid_mode,
159 buf, sizeof( buf ),
160 sizeof( buf ), buf,
161 buf ) );
162 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
163 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
164 valid_mode,
165 NULL, sizeof( buf ),
166 sizeof( buf ), buf,
167 buf ) );
168 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
169 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
170 valid_mode,
171 buf, sizeof( buf ),
172 sizeof( buf ), NULL,
173 buf ) );
174 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
175 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
176 valid_mode,
177 buf, sizeof( buf ),
178 sizeof( buf ), buf,
179 NULL ) );
180
181 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
182 mbedtls_rsa_pkcs1_decrypt( NULL, NULL, NULL,
183 valid_mode, &olen,
184 buf, buf, 42 ) );
185 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
186 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
187 invalid_mode, &olen,
188 buf, buf, 42 ) );
189 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
190 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
191 valid_mode, NULL,
192 buf, buf, 42 ) );
193 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
194 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
195 valid_mode, &olen,
196 NULL, buf, 42 ) );
197 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
198 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
199 valid_mode, &olen,
200 buf, NULL, 42 ) );
201
202 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
203 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( NULL, NULL,
204 NULL,
205 valid_mode, &olen,
206 buf, buf, 42 ) );
207 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
208 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
209 NULL,
210 invalid_mode, &olen,
211 buf, buf, 42 ) );
212 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
213 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
214 NULL,
215 valid_mode, NULL,
216 buf, buf, 42 ) );
217 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
218 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
219 NULL,
220 valid_mode, &olen,
221 NULL, buf, 42 ) );
222 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
223 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
224 NULL,
225 valid_mode, &olen,
226 buf, NULL, 42 ) );
227
228 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
229 mbedtls_rsa_rsaes_oaep_decrypt( NULL, NULL, NULL,
230 valid_mode,
231 buf, sizeof( buf ),
232 &olen,
233 buf, buf, 42 ) );
234 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
235 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
236 invalid_mode,
237 buf, sizeof( buf ),
238 &olen,
239 buf, buf, 42 ) );
240 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
241 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
242 valid_mode,
243 NULL, sizeof( buf ),
244 NULL,
245 buf, buf, 42 ) );
246 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
247 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
248 valid_mode,
249 buf, sizeof( buf ),
250 &olen,
251 NULL, buf, 42 ) );
252 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
253 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
254 valid_mode,
255 buf, sizeof( buf ),
256 &olen,
257 buf, NULL, 42 ) );
258
259 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
260 mbedtls_rsa_pkcs1_sign( NULL, NULL, NULL,
261 valid_mode,
262 0, sizeof( buf ), buf,
263 buf ) );
264 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
265 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
266 invalid_mode,
267 0, sizeof( buf ), buf,
268 buf ) );
269 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
270 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
271 valid_mode,
272 0, sizeof( buf ), NULL,
273 buf ) );
274 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
275 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
276 valid_mode,
277 0, sizeof( buf ), buf,
278 NULL ) );
279 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
280 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
281 valid_mode,
282 MBEDTLS_MD_SHA1,
283 0, NULL,
284 buf ) );
285
286 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
287 mbedtls_rsa_rsassa_pkcs1_v15_sign( NULL, NULL, NULL,
288 valid_mode,
289 0, sizeof( buf ), buf,
290 buf ) );
291 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
292 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
293 invalid_mode,
294 0, sizeof( buf ), buf,
295 buf ) );
296 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
297 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
298 valid_mode,
299 0, sizeof( buf ), NULL,
300 buf ) );
301 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
302 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
303 valid_mode,
304 0, sizeof( buf ), buf,
305 NULL ) );
306 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
307 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
308 valid_mode,
309 MBEDTLS_MD_SHA1,
310 0, NULL,
311 buf ) );
312
313 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
314 mbedtls_rsa_rsassa_pss_sign( NULL, NULL, NULL,
315 valid_mode,
316 0, sizeof( buf ), buf,
317 buf ) );
318 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
319 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
320 invalid_mode,
321 0, sizeof( buf ), buf,
322 buf ) );
323 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
324 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
325 valid_mode,
326 0, sizeof( buf ), NULL,
327 buf ) );
328 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
329 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
330 valid_mode,
331 0, sizeof( buf ), buf,
332 NULL ) );
333 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
334 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
335 valid_mode,
336 MBEDTLS_MD_SHA1,
337 0, NULL,
338 buf ) );
339
340 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
341 mbedtls_rsa_pkcs1_verify( NULL, NULL, NULL,
342 valid_mode,
343 0, sizeof( buf ), buf,
344 buf ) );
345 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
346 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
347 invalid_mode,
348 0, sizeof( buf ), buf,
349 buf ) );
350 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
351 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
352 valid_mode,
353 0, sizeof( buf ), NULL,
354 buf ) );
355 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
356 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
357 valid_mode,
358 0, sizeof( buf ), buf,
359 NULL ) );
360 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
361 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
362 valid_mode,
363 MBEDTLS_MD_SHA1, 0, NULL,
364 buf ) );
365
366 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
367 mbedtls_rsa_rsassa_pkcs1_v15_verify( NULL, NULL,
368 NULL,
369 valid_mode,
370 0, sizeof( buf ), buf,
371 buf ) );
372 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
373 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
374 NULL,
375 invalid_mode,
376 0, sizeof( buf ), buf,
377 buf ) );
378 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
379 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
380 NULL,
381 valid_mode,
382 0, sizeof( buf ),
383 NULL, buf ) );
384 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
385 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
386 NULL,
387 valid_mode,
388 0, sizeof( buf ), buf,
389 NULL ) );
390 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
391 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
392 NULL,
393 valid_mode,
394 MBEDTLS_MD_SHA1,
395 0, NULL,
396 buf ) );
397
398 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
399 mbedtls_rsa_rsassa_pss_verify( NULL, NULL, NULL,
400 valid_mode,
401 0, sizeof( buf ),
402 buf, buf ) );
403 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
404 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
405 invalid_mode,
406 0, sizeof( buf ),
407 buf, buf ) );
408 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
409 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
410 valid_mode,
411 0, sizeof( buf ),
412 NULL, buf ) );
413 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
414 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
415 valid_mode,
416 0, sizeof( buf ),
417 buf, NULL ) );
418 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
419 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
420 valid_mode,
421 MBEDTLS_MD_SHA1,
422 0, NULL,
423 buf ) );
424
425 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
426 mbedtls_rsa_rsassa_pss_verify_ext( NULL, NULL, NULL,
427 valid_mode,
428 0, sizeof( buf ),
429 buf,
430 0, 0,
431 buf ) );
432 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
433 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
434 invalid_mode,
435 0, sizeof( buf ),
436 buf,
437 0, 0,
438 buf ) );
439 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
440 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
441 valid_mode,
442 0, sizeof( buf ),
443 NULL, 0, 0,
444 buf ) );
445 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
446 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
447 valid_mode,
448 0, sizeof( buf ),
449 buf, 0, 0,
450 NULL ) );
451 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
452 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
453 valid_mode,
454 MBEDTLS_MD_SHA1,
455 0, NULL,
456 0, 0,
457 buf ) );
458
459 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
460 mbedtls_rsa_copy( NULL, &ctx ) );
461 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
462 mbedtls_rsa_copy( &ctx, NULL ) );
463
464exit:
465 return;
466}
467/* END_CASE */
468
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]469/* BEGIN_CASE */
Gilles Peskine914afe12021-02-01 17:55:24 +0100[diff] [blame]470void rsa_init_free( int reinit )
471{
472 mbedtls_rsa_context ctx;
473
474 /* Double free is not explicitly documented to work, but we rely on it
475 * even inside the library so that you can call mbedtls_rsa_free()
476 * unconditionally on an error path without checking whether it has
477 * already been called in the success path. */
478
479 mbedtls_rsa_init( &ctx, 0, 0 );
480 mbedtls_rsa_free( &ctx );
481
482 if( reinit )
483 mbedtls_rsa_init( &ctx, 0, 0 );
484 mbedtls_rsa_free( &ctx );
485
486 /* This test case always succeeds, functionally speaking. A plausible
487 * bug might trigger an invalid pointer dereference or a memory leak. */
488 goto exit;
489}
490/* END_CASE */
491
492/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]493void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]494 int digest, int mod, int radix_P, char * input_P,
495 int radix_Q, char * input_Q, int radix_N,
496 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]497 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]498{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]499 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
500 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]501 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]502 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]503 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]504
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]505 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
506 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]507 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]508
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]509 memset( hash_result, 0x00, sizeof( hash_result ) );
510 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]511 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]512
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]513 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
514 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
515 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
516 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]517
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]518 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
519 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]520 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]521 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]522
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]523
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]524 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]525 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]526
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]527 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
528 &rnd_info, MBEDTLS_RSA_PRIVATE, digest,
529 0, hash_result, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]530 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]531 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]532
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]533 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
534 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]535 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]536
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]537exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]538 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
539 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]540 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]541}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]542/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]543
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]544/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]545void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]546 int digest, int mod, int radix_N,
547 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]548 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]549{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]550 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]551 mbedtls_rsa_context ctx;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]552
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]553 mbedtls_mpi N, E;
554
555 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]556 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]557 memset( hash_result, 0x00, sizeof( hash_result ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]558
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]559 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
560 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
561 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
562 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]563 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]564
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]565
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]566 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]567 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]568
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]569 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]570
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]571exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]572 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]573 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]574}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]575/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]576
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]577
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]578/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]579void rsa_pkcs1_sign_raw( data_t * hash_result,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]580 int padding_mode, int mod, int radix_P,
581 char * input_P, int radix_Q, char * input_Q,
582 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]583 char * input_E, data_t * result_str )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]584{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]585 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]586 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]587 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]588 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]589
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]590 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]591 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
592 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]593
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]594 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]595 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]596
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]597 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
598 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
599 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
600 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]601
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]602 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
603 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]604 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]605 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]606
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]607
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]608 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
609 &rnd_info, MBEDTLS_RSA_PRIVATE,
610 MBEDTLS_MD_NONE, hash_result->len,
611 hash_result->x, output ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]612
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]613
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]614 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
615 ctx.len, result_str->len ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]616
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]617#if defined(MBEDTLS_PKCS1_V15)
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]618 /* For PKCS#1 v1.5, there is an alternative way to generate signatures */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]619 if( padding_mode == MBEDTLS_RSA_PKCS_V15 )
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]620 {
Manuel Pégourié-Gonnard1ba8a3f2018-03-13 13:27:14 +0100[diff] [blame]621 int res;
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]622 memset( output, 0x00, sizeof( output) );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]623
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]624 res = mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]625 &mbedtls_test_rnd_pseudo_rand, &rnd_info,
626 MBEDTLS_RSA_PRIVATE, hash_result->len,
627 hash_result->x, output );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]628
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]629#if !defined(MBEDTLS_RSA_ALT)
630 TEST_ASSERT( res == 0 );
631#else
632 TEST_ASSERT( ( res == 0 ) ||
TRodziewiczb579ccd2021-04-13 14:28:28 +0200[diff] [blame^]633 ( res == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ) );
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]634#endif
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]635
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]636 if( res == 0 )
637 {
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]638 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]639 ctx.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]640 result_str->len ) == 0 );
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]641 }
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]642 }
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]643#endif /* MBEDTLS_PKCS1_V15 */
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]644
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]645exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]646 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
647 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
648
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]649 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]650}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]651/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]652
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]653/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]654void rsa_pkcs1_verify_raw( data_t * hash_result,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]655 int padding_mode, int mod, int radix_N,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]656 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]657 data_t * result_str, int correct )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]658{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]659 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]660 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]661
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]662 mbedtls_mpi N, E;
663 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
664
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]665 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]666 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]667
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]668 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
669 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]670
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]671 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
672 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]673 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]674
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]675
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]676 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]677
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]678#if defined(MBEDTLS_PKCS1_V15)
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]679 /* For PKCS#1 v1.5, there is an alternative way to verify signatures */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]680 if( padding_mode == MBEDTLS_RSA_PKCS_V15 )
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]681 {
Manuel Pégourié-Gonnard1ba8a3f2018-03-13 13:27:14 +0100[diff] [blame]682 int res;
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]683 int ok;
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]684 size_t olen;
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]685
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]686 res = mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]687 NULL, NULL, MBEDTLS_RSA_PUBLIC,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]688 &olen, result_str->x, output, sizeof( output ) );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]689
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]690#if !defined(MBEDTLS_RSA_ALT)
691 TEST_ASSERT( res == 0 );
692#else
693 TEST_ASSERT( ( res == 0 ) ||
TRodziewiczb579ccd2021-04-13 14:28:28 +0200[diff] [blame^]694 ( res == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ) );
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]695#endif
696
697 if( res == 0 )
698 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]699 ok = olen == hash_result->len && memcmp( output, hash_result->x, olen ) == 0;
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]700 if( correct == 0 )
701 TEST_ASSERT( ok == 1 );
702 else
703 TEST_ASSERT( ok == 0 );
704 }
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]705 }
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]706#endif /* MBEDTLS_PKCS1_V15 */
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]707
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]708exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]709 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]710 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]711}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]712/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]713
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]714/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]715void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]716 int mod, int radix_N, char * input_N,
717 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]718 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]719{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]720 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]721 mbedtls_rsa_context ctx;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]722 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]723
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]724 mbedtls_mpi N, E;
725 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
726
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]727 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]728
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]729 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]730 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]731
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]732 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
733 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]734
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]735 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
736 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]737 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]738
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]739
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]740 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx,
741 &mbedtls_test_rnd_pseudo_rand,
742 &rnd_info, MBEDTLS_RSA_PUBLIC,
743 message_str->len, message_str->x,
744 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]745 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]746 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]747
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]748 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
749 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]750 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]751
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]752exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]753 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]754 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]755}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]756/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]757
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]758/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]759void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]760 int mod, int radix_N, char * input_N,
761 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]762 data_t * result_str, int result )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]763{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]764 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]765 mbedtls_rsa_context ctx;
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]766
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]767 mbedtls_mpi N, E;
768
769 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]770 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]771 memset( output, 0x00, sizeof( output ) );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]772
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]773 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
774 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]775
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]776 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
777 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]778 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]779
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]780
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]781 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &mbedtls_test_rnd_zero_rand,
782 NULL, MBEDTLS_RSA_PUBLIC,
783 message_str->len, message_str->x,
784 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]785 if( result == 0 )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]786 {
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]787
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]788 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
789 ctx.len, result_str->len ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]790 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]791
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]792exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]793 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]794 mbedtls_rsa_free( &ctx );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]795}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]796/* END_CASE */
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]797
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]798/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]799void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]800 int mod, int radix_P, char * input_P,
801 int radix_Q, char * input_Q, int radix_N,
802 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]803 int max_output, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]804 int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]805{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]806 unsigned char output[32];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]807 mbedtls_rsa_context ctx;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]808 size_t output_len;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]809 mbedtls_test_rnd_pseudo_info rnd_info;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]810 mbedtls_mpi N, P, Q, E;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]811
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]812 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
813 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
814
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]815 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]816
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]817 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]818 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]819
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]820
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]821 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
822 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
823 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
824 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]825
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]826 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
827 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]828 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]829 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]830
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]831 output_len = 0;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]832
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]833 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, mbedtls_test_rnd_pseudo_rand,
834 &rnd_info, MBEDTLS_RSA_PRIVATE,
835 &output_len, message_str->x, output,
836 max_output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]837 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]838 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]839
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]840 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]841 output_len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]842 result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]843 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]844
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]845exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]846 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
847 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]848 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]849}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]850/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]851
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]852/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]853void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]854 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]855 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]856{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]857 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]858 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]859
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]860 mbedtls_mpi N, E;
861
862 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]863 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
864 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]865 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]866
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]867 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
868 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]869
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]870 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
871 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]872 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]873
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]874
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]875 TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]876 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]877 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]878
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]879 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
880 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]881 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]882
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]883 /* And now with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]884 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]885 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]886 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]887
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]888 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]889
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]890 memset( output, 0x00, sizeof( output ) );
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]891 TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str->x, output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]892 if( result == 0 )
893 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]894
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]895 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
896 ctx.len, result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]897 }
898
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]899exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]900 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]901 mbedtls_rsa_free( &ctx );
902 mbedtls_rsa_free( &ctx2 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]903}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]904/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]905
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]906/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]907void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]908 char * input_P, int radix_Q, char * input_Q,
909 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]910 char * input_E, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]911 int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]912{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]913 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]914 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]915 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]916 mbedtls_test_rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]917 int i;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]918
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]919 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
920 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]921 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
922 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]923
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]924 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]925
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]926 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
927 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
928 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
929 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]930
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]931 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
932 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]933 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]934 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]935
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]936
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]937 /* repeat three times to test updating of blinding values */
938 for( i = 0; i < 3; i++ )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]939 {
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]940 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]941 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_test_rnd_pseudo_rand,
942 &rnd_info, message_str->x,
943 output ) == result );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]944 if( result == 0 )
945 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]946
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]947 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]948 ctx.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]949 result_str->len ) == 0 );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]950 }
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]951 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]952
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]953 /* And now one more time with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]954 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]955 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]956 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]957
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]958 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]959
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]960 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]961 TEST_ASSERT( mbedtls_rsa_private( &ctx2, mbedtls_test_rnd_pseudo_rand,
962 &rnd_info, message_str->x,
963 output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]964 if( result == 0 )
965 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]966
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]967 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]968 ctx2.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]969 result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]970 }
971
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]972exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]973 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
974 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
975
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]976 mbedtls_rsa_free( &ctx ); mbedtls_rsa_free( &ctx2 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]977}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]978/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]979
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]980/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]981void rsa_check_privkey_null( )
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]982{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]983 mbedtls_rsa_context ctx;
984 memset( &ctx, 0x00, sizeof( mbedtls_rsa_context ) );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]985
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]986 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]987}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]988/* END_CASE */
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]989
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]990/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]991void mbedtls_rsa_check_pubkey( int radix_N, char * input_N, int radix_E,
992 char * input_E, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]993{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]994 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]995 mbedtls_mpi N, E;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]996
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]997 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]998 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]999
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1000 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1001 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]1002 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1003 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1004 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1005 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]1006 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1007 }
1008
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]1009 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1010 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1011
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1012exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]1013 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1014 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1015}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1016/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1017
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1018/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1019void mbedtls_rsa_check_privkey( int mod, int radix_P, char * input_P,
1020 int radix_Q, char * input_Q, int radix_N,
1021 char * input_N, int radix_E, char * input_E,
1022 int radix_D, char * input_D, int radix_DP,
1023 char * input_DP, int radix_DQ,
1024 char * input_DQ, int radix_QP,
1025 char * input_QP, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1026{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1027 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1028
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1029 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1030
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1031 ctx.len = mod / 8;
1032 if( strlen( input_P ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1033 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1034 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1035 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1036 if( strlen( input_Q ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1037 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1038 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1039 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1040 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1041 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1042 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1043 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1044 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1045 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1046 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1047 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1048 if( strlen( input_D ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1049 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1050 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.D, radix_D, input_D ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1051 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1052#if !defined(MBEDTLS_RSA_NO_CRT)
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1053 if( strlen( input_DP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1054 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1055 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DP, radix_DP, input_DP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1056 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1057 if( strlen( input_DQ ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1058 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1059 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1060 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1061 if( strlen( input_QP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1062 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1063 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.QP, radix_QP, input_QP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1064 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1065#else
1066 ((void) radix_DP); ((void) input_DP);
1067 ((void) radix_DQ); ((void) input_DQ);
1068 ((void) radix_QP); ((void) input_QP);
1069#endif
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1070
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1071 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1072
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1073exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1074 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1075}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1076/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1077
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1078/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1079void rsa_check_pubpriv( int mod, int radix_Npub, char * input_Npub,
1080 int radix_Epub, char * input_Epub, int radix_P,
1081 char * input_P, int radix_Q, char * input_Q,
1082 int radix_N, char * input_N, int radix_E,
1083 char * input_E, int radix_D, char * input_D,
1084 int radix_DP, char * input_DP, int radix_DQ,
1085 char * input_DQ, int radix_QP, char * input_QP,
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1086 int result )
1087{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1088 mbedtls_rsa_context pub, prv;
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1089
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1090 mbedtls_rsa_init( &pub, MBEDTLS_RSA_PKCS_V15, 0 );
1091 mbedtls_rsa_init( &prv, MBEDTLS_RSA_PKCS_V15, 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1092
1093 pub.len = mod / 8;
1094 prv.len = mod / 8;
1095
1096 if( strlen( input_Npub ) )
1097 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1098 TEST_ASSERT( mbedtls_mpi_read_string( &pub.N, radix_Npub, input_Npub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1099 }
1100 if( strlen( input_Epub ) )
1101 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1102 TEST_ASSERT( mbedtls_mpi_read_string( &pub.E, radix_Epub, input_Epub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1103 }
1104
1105 if( strlen( input_P ) )
1106 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1107 TEST_ASSERT( mbedtls_mpi_read_string( &prv.P, radix_P, input_P ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1108 }
1109 if( strlen( input_Q ) )
1110 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1111 TEST_ASSERT( mbedtls_mpi_read_string( &prv.Q, radix_Q, input_Q ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1112 }
1113 if( strlen( input_N ) )
1114 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1115 TEST_ASSERT( mbedtls_mpi_read_string( &prv.N, radix_N, input_N ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1116 }
1117 if( strlen( input_E ) )
1118 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1119 TEST_ASSERT( mbedtls_mpi_read_string( &prv.E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1120 }
1121 if( strlen( input_D ) )
1122 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1123 TEST_ASSERT( mbedtls_mpi_read_string( &prv.D, radix_D, input_D ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1124 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1125#if !defined(MBEDTLS_RSA_NO_CRT)
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1126 if( strlen( input_DP ) )
1127 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1128 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DP, radix_DP, input_DP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1129 }
1130 if( strlen( input_DQ ) )
1131 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1132 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DQ, radix_DQ, input_DQ ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1133 }
1134 if( strlen( input_QP ) )
1135 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1136 TEST_ASSERT( mbedtls_mpi_read_string( &prv.QP, radix_QP, input_QP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1137 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1138#else
1139 ((void) radix_DP); ((void) input_DP);
1140 ((void) radix_DQ); ((void) input_DQ);
1141 ((void) radix_QP); ((void) input_QP);
1142#endif
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1143
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1144 TEST_ASSERT( mbedtls_rsa_check_pub_priv( &pub, &prv ) == result );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1145
1146exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1147 mbedtls_rsa_free( &pub );
1148 mbedtls_rsa_free( &prv );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1149}
1150/* END_CASE */
1151
Hanno Beckerd4a872e2017-09-07 08:09:33 +0100[diff] [blame]1152/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1153void mbedtls_rsa_gen_key( int nrbits, int exponent, int result)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1154{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1155 mbedtls_rsa_context ctx;
1156 mbedtls_entropy_context entropy;
1157 mbedtls_ctr_drbg_context ctr_drbg;
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]1158 const char *pers = "test_suite_rsa";
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1159
Manuel Pégourié-Gonnard8d128ef2015-04-28 22:38:08 +0200[diff] [blame]1160 mbedtls_ctr_drbg_init( &ctr_drbg );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1161 mbedtls_entropy_init( &entropy );
Hanno Becker7e8e57c2017-07-23 10:19:29 +0100[diff] [blame]1162 mbedtls_rsa_init ( &ctx, 0, 0 );
Paul Bakkerc0a1a312011-12-04 17:12:15 +0000[diff] [blame]1163
Hanno Beckera47023e2017-12-22 17:08:03 +0000[diff] [blame]1164 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1165 &entropy, (const unsigned char *) pers,
1166 strlen( pers ) ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1167
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1168 TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1169 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1170 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1171 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Janos Follathef441782016-09-21 13:18:12 +0100[diff] [blame]1172 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &ctx.Q ) > 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1173 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1174
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1175exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1176 mbedtls_rsa_free( &ctx );
1177 mbedtls_ctr_drbg_free( &ctr_drbg );
1178 mbedtls_entropy_free( &entropy );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1179}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1180/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1181
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1182/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Hanno Becker0f65e0c2017-10-03 14:39:16 +0100[diff] [blame]1183void mbedtls_rsa_deduce_primes( int radix_N, char *input_N,
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1184 int radix_D, char *input_D,
1185 int radix_E, char *input_E,
1186 int radix_P, char *output_P,
1187 int radix_Q, char *output_Q,
1188 int corrupt, int result )
1189{
1190 mbedtls_mpi N, P, Pp, Q, Qp, D, E;
1191
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1192 mbedtls_mpi_init( &N );
1193 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1194 mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp );
1195 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1196
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1197 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1198 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1199 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1200 TEST_ASSERT( mbedtls_mpi_read_string( &Qp, radix_P, output_P ) == 0 );
1201 TEST_ASSERT( mbedtls_mpi_read_string( &Pp, radix_Q, output_Q ) == 0 );
1202
1203 if( corrupt )
1204 TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 );
1205
1206 /* Try to deduce P, Q from N, D, E only. */
Hanno Beckerf9e184b2017-10-10 16:49:26 +0100[diff] [blame]1207 TEST_ASSERT( mbedtls_rsa_deduce_primes( &N, &D, &E, &P, &Q ) == result );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1208
1209 if( !corrupt )
1210 {
1211 /* Check if (P,Q) = (Pp, Qp) or (P,Q) = (Qp, Pp) */
1212 TEST_ASSERT( ( mbedtls_mpi_cmp_mpi( &P, &Pp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Qp ) == 0 ) ||
1213 ( mbedtls_mpi_cmp_mpi( &P, &Qp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Pp ) == 0 ) );
1214 }
1215
1216exit:
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1217 mbedtls_mpi_free( &N );
1218 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1219 mbedtls_mpi_free( &Pp ); mbedtls_mpi_free( &Qp );
1220 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1221}
1222/* END_CASE */
1223
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1224/* BEGIN_CASE */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1225void mbedtls_rsa_deduce_private_exponent( int radix_P, char *input_P,
1226 int radix_Q, char *input_Q,
1227 int radix_E, char *input_E,
1228 int radix_D, char *output_D,
1229 int corrupt, int result )
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1230{
1231 mbedtls_mpi P, Q, D, Dp, E, R, Rp;
1232
1233 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1234 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &Dp );
1235 mbedtls_mpi_init( &E );
1236 mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp );
1237
1238 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1239 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1240 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1241 TEST_ASSERT( mbedtls_mpi_read_string( &Dp, radix_D, output_D ) == 0 );
1242
1243 if( corrupt )
1244 {
1245 /* Make E even */
1246 TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 0 ) == 0 );
1247 }
1248
1249 /* Try to deduce D from N, P, Q, E. */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1250 TEST_ASSERT( mbedtls_rsa_deduce_private_exponent( &P, &Q,
1251 &E, &D ) == result );
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1252
1253 if( !corrupt )
1254 {
1255 /*
1256 * Check that D and Dp agree modulo LCM(P-1, Q-1).
1257 */
1258
1259 /* Replace P,Q by P-1, Q-1 */
1260 TEST_ASSERT( mbedtls_mpi_sub_int( &P, &P, 1 ) == 0 );
1261 TEST_ASSERT( mbedtls_mpi_sub_int( &Q, &Q, 1 ) == 0 );
1262
1263 /* Check D == Dp modulo P-1 */
1264 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &P ) == 0 );
1265 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &P ) == 0 );
1266 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1267
1268 /* Check D == Dp modulo Q-1 */
1269 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &Q ) == 0 );
1270 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &Q ) == 0 );
1271 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1272 }
1273
1274exit:
1275
1276 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1277 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &Dp );
1278 mbedtls_mpi_free( &E );
1279 mbedtls_mpi_free( &R ); mbedtls_mpi_free( &Rp );
1280}
1281/* END_CASE */
1282
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1283/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1284void mbedtls_rsa_import( int radix_N, char *input_N,
1285 int radix_P, char *input_P,
1286 int radix_Q, char *input_Q,
1287 int radix_D, char *input_D,
1288 int radix_E, char *input_E,
1289 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1290 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1291 int res_check,
1292 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1293{
1294 mbedtls_mpi N, P, Q, D, E;
1295 mbedtls_rsa_context ctx;
1296
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1297 /* Buffers used for encryption-decryption test */
1298 unsigned char *buf_orig = NULL;
1299 unsigned char *buf_enc = NULL;
1300 unsigned char *buf_dec = NULL;
1301
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1302 mbedtls_entropy_context entropy;
1303 mbedtls_ctr_drbg_context ctr_drbg;
1304 const char *pers = "test_suite_rsa";
1305
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1306 const int have_N = ( strlen( input_N ) > 0 );
1307 const int have_P = ( strlen( input_P ) > 0 );
1308 const int have_Q = ( strlen( input_Q ) > 0 );
1309 const int have_D = ( strlen( input_D ) > 0 );
1310 const int have_E = ( strlen( input_E ) > 0 );
1311
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1312 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1313 mbedtls_entropy_init( &entropy );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1314 mbedtls_rsa_init( &ctx, 0, 0 );
1315
1316 mbedtls_mpi_init( &N );
1317 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1318 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1319
Hanno Beckerd4d60572018-01-10 07:12:01 +0000[diff] [blame]1320 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
1321 (const unsigned char *) pers, strlen( pers ) ) == 0 );
1322
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1323 if( have_N )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1324 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1325
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1326 if( have_P )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1327 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1328
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1329 if( have_Q )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1330 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1331
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1332 if( have_D )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1333 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1334
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1335 if( have_E )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1336 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1337
1338 if( !successive )
1339 {
1340 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1341 have_N ? &N : NULL,
1342 have_P ? &P : NULL,
1343 have_Q ? &Q : NULL,
1344 have_D ? &D : NULL,
1345 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1346 }
1347 else
1348 {
1349 /* Import N, P, Q, D, E separately.
1350 * This should make no functional difference. */
1351
1352 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1353 have_N ? &N : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1354 NULL, NULL, NULL, NULL ) == 0 );
1355
1356 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1357 NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1358 have_P ? &P : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1359 NULL, NULL, NULL ) == 0 );
1360
1361 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1362 NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1363 have_Q ? &Q : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1364 NULL, NULL ) == 0 );
1365
1366 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1367 NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1368 have_D ? &D : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1369 NULL ) == 0 );
1370
1371 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1372 NULL, NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1373 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1374 }
1375
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1376 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1377
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1378 /* On expected success, perform some public and private
1379 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1380 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1381 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1382 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1383 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1384 else
1385 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1386
1387 if( res_check != 0 )
1388 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1389
1390 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1391 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1392 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1393 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1394 goto exit;
1395
1396 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1397 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1398
1399 /* Make sure the number we're generating is smaller than the modulus */
1400 buf_orig[0] = 0x00;
1401
1402 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1403
1404 if( is_priv )
1405 {
1406 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1407 &ctr_drbg, buf_enc,
1408 buf_dec ) == 0 );
1409
1410 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1411 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1412 }
1413 }
1414
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1415exit:
1416
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1417 mbedtls_free( buf_orig );
1418 mbedtls_free( buf_enc );
1419 mbedtls_free( buf_dec );
1420
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1421 mbedtls_rsa_free( &ctx );
1422
1423 mbedtls_ctr_drbg_free( &ctr_drbg );
1424 mbedtls_entropy_free( &entropy );
1425
1426 mbedtls_mpi_free( &N );
1427 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1428 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1429}
1430/* END_CASE */
1431
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1432/* BEGIN_CASE */
1433void mbedtls_rsa_export( int radix_N, char *input_N,
1434 int radix_P, char *input_P,
1435 int radix_Q, char *input_Q,
1436 int radix_D, char *input_D,
1437 int radix_E, char *input_E,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1438 int is_priv,
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1439 int successive )
1440{
1441 /* Original MPI's with which we set up the RSA context */
1442 mbedtls_mpi N, P, Q, D, E;
1443
1444 /* Exported MPI's */
1445 mbedtls_mpi Ne, Pe, Qe, De, Ee;
1446
1447 const int have_N = ( strlen( input_N ) > 0 );
1448 const int have_P = ( strlen( input_P ) > 0 );
1449 const int have_Q = ( strlen( input_Q ) > 0 );
1450 const int have_D = ( strlen( input_D ) > 0 );
1451 const int have_E = ( strlen( input_E ) > 0 );
1452
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1453 mbedtls_rsa_context ctx;
1454
1455 mbedtls_rsa_init( &ctx, 0, 0 );
1456
1457 mbedtls_mpi_init( &N );
1458 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1459 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1460
1461 mbedtls_mpi_init( &Ne );
1462 mbedtls_mpi_init( &Pe ); mbedtls_mpi_init( &Qe );
1463 mbedtls_mpi_init( &De ); mbedtls_mpi_init( &Ee );
1464
1465 /* Setup RSA context */
1466
1467 if( have_N )
1468 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1469
1470 if( have_P )
1471 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1472
1473 if( have_Q )
1474 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1475
1476 if( have_D )
1477 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1478
1479 if( have_E )
1480 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1481
1482 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1483 strlen( input_N ) ? &N : NULL,
1484 strlen( input_P ) ? &P : NULL,
1485 strlen( input_Q ) ? &Q : NULL,
1486 strlen( input_D ) ? &D : NULL,
1487 strlen( input_E ) ? &E : NULL ) == 0 );
1488
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1489 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1490
1491 /*
1492 * Export parameters and compare to original ones.
1493 */
1494
1495 /* N and E must always be present. */
1496 if( !successive )
1497 {
1498 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, &Ee ) == 0 );
1499 }
1500 else
1501 {
1502 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, NULL ) == 0 );
1503 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL, NULL, &Ee ) == 0 );
1504 }
1505 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &Ne ) == 0 );
1506 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &E, &Ee ) == 0 );
1507
1508 /* If we were providing enough information to setup a complete private context,
1509 * we expect to be able to export all core parameters. */
1510
1511 if( is_priv )
1512 {
1513 if( !successive )
1514 {
1515 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, &Qe,
1516 &De, NULL ) == 0 );
1517 }
1518 else
1519 {
1520 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, NULL,
1521 NULL, NULL ) == 0 );
1522 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, &Qe,
1523 NULL, NULL ) == 0 );
1524 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL,
1525 &De, NULL ) == 0 );
1526 }
1527
1528 if( have_P )
1529 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P, &Pe ) == 0 );
1530
1531 if( have_Q )
1532 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &Qe ) == 0 );
1533
1534 if( have_D )
1535 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &D, &De ) == 0 );
1536
1537 /* While at it, perform a sanity check */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1538 TEST_ASSERT( mbedtls_rsa_validate_params( &Ne, &Pe, &Qe, &De, &Ee,
1539 NULL, NULL ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1540 }
1541
1542exit:
1543
1544 mbedtls_rsa_free( &ctx );
1545
1546 mbedtls_mpi_free( &N );
1547 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1548 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1549
1550 mbedtls_mpi_free( &Ne );
1551 mbedtls_mpi_free( &Pe ); mbedtls_mpi_free( &Qe );
1552 mbedtls_mpi_free( &De ); mbedtls_mpi_free( &Ee );
1553}
1554/* END_CASE */
1555
Manuel Pégourié-Gonnardd12402f2020-05-20 10:34:25 +0200[diff] [blame]1556/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1557void mbedtls_rsa_validate_params( int radix_N, char *input_N,
1558 int radix_P, char *input_P,
1559 int radix_Q, char *input_Q,
1560 int radix_D, char *input_D,
1561 int radix_E, char *input_E,
1562 int prng, int result )
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1563{
1564 /* Original MPI's with which we set up the RSA context */
1565 mbedtls_mpi N, P, Q, D, E;
1566
1567 const int have_N = ( strlen( input_N ) > 0 );
1568 const int have_P = ( strlen( input_P ) > 0 );
1569 const int have_Q = ( strlen( input_Q ) > 0 );
1570 const int have_D = ( strlen( input_D ) > 0 );
1571 const int have_E = ( strlen( input_E ) > 0 );
1572
1573 mbedtls_entropy_context entropy;
1574 mbedtls_ctr_drbg_context ctr_drbg;
1575 const char *pers = "test_suite_rsa";
1576
1577 mbedtls_mpi_init( &N );
1578 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1579 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1580
1581 mbedtls_ctr_drbg_init( &ctr_drbg );
1582 mbedtls_entropy_init( &entropy );
1583 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1584 &entropy, (const unsigned char *) pers,
1585 strlen( pers ) ) == 0 );
1586
1587 if( have_N )
1588 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1589
1590 if( have_P )
1591 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1592
1593 if( have_Q )
1594 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1595
1596 if( have_D )
1597 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1598
1599 if( have_E )
1600 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1601
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1602 TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL,
1603 have_P ? &P : NULL,
1604 have_Q ? &Q : NULL,
1605 have_D ? &D : NULL,
1606 have_E ? &E : NULL,
1607 prng ? mbedtls_ctr_drbg_random : NULL,
1608 prng ? &ctr_drbg : NULL ) == result );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1609exit:
1610
1611 mbedtls_ctr_drbg_free( &ctr_drbg );
1612 mbedtls_entropy_free( &entropy );
1613
1614 mbedtls_mpi_free( &N );
1615 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1616 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1617}
1618/* END_CASE */
1619
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1620/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1621void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P,
1622 data_t *input_Q, data_t *input_D,
1623 data_t *input_E, int is_priv,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1624 int successive )
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1625{
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1626 /* Exported buffers */
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]1627 unsigned char bufNe[256];
1628 unsigned char bufPe[128];
1629 unsigned char bufQe[128];
1630 unsigned char bufDe[256];
1631 unsigned char bufEe[1];
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1632
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1633 mbedtls_rsa_context ctx;
1634
1635 mbedtls_rsa_init( &ctx, 0, 0 );
1636
1637 /* Setup RSA context */
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1638 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1639 input_N->len ? input_N->x : NULL, input_N->len,
1640 input_P->len ? input_P->x : NULL, input_P->len,
1641 input_Q->len ? input_Q->x : NULL, input_Q->len,
1642 input_D->len ? input_D->x : NULL, input_D->len,
1643 input_E->len ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1644
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1645 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1646
1647 /*
1648 * Export parameters and compare to original ones.
1649 */
1650
1651 /* N and E must always be present. */
1652 if( !successive )
1653 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1654 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1655 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1656 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1657 }
1658 else
1659 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1660 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1661 NULL, 0, NULL, 0, NULL, 0,
1662 NULL, 0 ) == 0 );
1663 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
1664 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1665 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1666 }
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1667 TEST_ASSERT( memcmp( input_N->x, bufNe, input_N->len ) == 0 );
1668 TEST_ASSERT( memcmp( input_E->x, bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1669
1670 /* If we were providing enough information to setup a complete private context,
1671 * we expect to be able to export all core parameters. */
1672
1673 if( is_priv )
1674 {
1675 if( !successive )
1676 {
1677 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1678 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
1679 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
1680 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1681 NULL, 0 ) == 0 );
1682 }
1683 else
1684 {
1685 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1686 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1687 NULL, 0, NULL, 0,
1688 NULL, 0 ) == 0 );
1689
1690 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1691 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1692 NULL, 0, NULL, 0 ) == 0 );
1693
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1694 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0, NULL, 0,
1695 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1696 NULL, 0 ) == 0 );
1697 }
1698
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1699 if( input_P->len )
1700 TEST_ASSERT( memcmp( input_P->x, bufPe, input_P->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1701
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1702 if( input_Q->len )
1703 TEST_ASSERT( memcmp( input_Q->x, bufQe, input_Q->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1704
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1705 if( input_D->len )
1706 TEST_ASSERT( memcmp( input_D->x, bufDe, input_D->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1707
1708 }
1709
1710exit:
1711 mbedtls_rsa_free( &ctx );
1712}
1713/* END_CASE */
1714
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1715/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1716void mbedtls_rsa_import_raw( data_t *input_N,
1717 data_t *input_P, data_t *input_Q,
1718 data_t *input_D, data_t *input_E,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1719 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1720 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1721 int res_check,
1722 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1723{
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1724 /* Buffers used for encryption-decryption test */
1725 unsigned char *buf_orig = NULL;
1726 unsigned char *buf_enc = NULL;
1727 unsigned char *buf_dec = NULL;
1728
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1729 mbedtls_rsa_context ctx;
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1730 mbedtls_entropy_context entropy;
1731 mbedtls_ctr_drbg_context ctr_drbg;
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1732
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1733 const char *pers = "test_suite_rsa";
1734
1735 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1736 mbedtls_entropy_init( &entropy );
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1737 mbedtls_rsa_init( &ctx, 0, 0 );
1738
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1739 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1740 &entropy, (const unsigned char *) pers,
1741 strlen( pers ) ) == 0 );
1742
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1743 if( !successive )
1744 {
1745 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1746 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
1747 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
1748 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
1749 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
1750 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1751 }
1752 else
1753 {
1754 /* Import N, P, Q, D, E separately.
1755 * This should make no functional difference. */
1756
1757 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1758 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1759 NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1760
1761 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1762 NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1763 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1764 NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1765
1766 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1767 NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1768 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1769 NULL, 0, NULL, 0 ) == 0 );
1770
1771 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1772 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1773 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1774 NULL, 0 ) == 0 );
1775
1776 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1777 NULL, 0, NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1778 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1779 }
1780
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1781 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1782
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1783 /* On expected success, perform some public and private
1784 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1785 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1786 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1787 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1788 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1789 else
1790 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1791
1792 if( res_check != 0 )
1793 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1794
1795 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1796 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1797 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1798 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1799 goto exit;
1800
1801 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1802 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1803
1804 /* Make sure the number we're generating is smaller than the modulus */
1805 buf_orig[0] = 0x00;
1806
1807 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1808
1809 if( is_priv )
1810 {
1811 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1812 &ctr_drbg, buf_enc,
1813 buf_dec ) == 0 );
1814
1815 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1816 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1817 }
1818 }
1819
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1820exit:
1821
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1822 mbedtls_free( buf_orig );
1823 mbedtls_free( buf_enc );
1824 mbedtls_free( buf_dec );
1825
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1826 mbedtls_rsa_free( &ctx );
1827
1828 mbedtls_ctr_drbg_free( &ctr_drbg );
1829 mbedtls_entropy_free( &entropy );
1830
1831}
1832/* END_CASE */
1833
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1834/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1835void rsa_selftest( )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1836{
Andres AG93012e82016-09-09 09:10:28 +0100[diff] [blame]1837 TEST_ASSERT( mbedtls_rsa_self_test( 1 ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1838}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1839/* END_CASE */