TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / b9eaa7369ba7db91a1077634db3be1362ef6b361 / . / tests / suites / test_suite_rsa.function
blob: e70faac72b3eefd700591f5f67b57fbb7d2296de [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/rsa.h"
Chris Jones66a4cd42021-03-09 16:04:12 +0000[diff] [blame]3#include "rsa_alt_helpers.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]4#include "mbedtls/md2.h"
5#include "mbedtls/md4.h"
6#include "mbedtls/md5.h"
7#include "mbedtls/sha1.h"
8#include "mbedtls/sha256.h"
9#include "mbedtls/sha512.h"
10#include "mbedtls/entropy.h"
11#include "mbedtls/ctr_drbg.h"
Hanno Becker47deec42017-07-24 12:27:09 +0100[diff] [blame]12
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]13/* END_HEADER */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]14
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]15/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]16 * depends_on:MBEDTLS_RSA_C:MBEDTLS_BIGNUM_C:MBEDTLS_GENPRIME
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]17 * END_DEPENDENCIES
18 */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]19
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]20/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
21void rsa_invalid_param( )
22{
23 mbedtls_rsa_context ctx;
24 const int valid_padding = MBEDTLS_RSA_PKCS_V21;
25 const int invalid_padding = 42;
26 const int valid_mode = MBEDTLS_RSA_PRIVATE;
27 const int invalid_mode = 42;
28 unsigned char buf[42] = { 0 };
29 size_t olen;
30
31 TEST_INVALID_PARAM( mbedtls_rsa_init( NULL, valid_padding, 0 ) );
32 TEST_INVALID_PARAM( mbedtls_rsa_init( &ctx, invalid_padding, 0 ) );
33 TEST_VALID_PARAM( mbedtls_rsa_free( NULL ) );
34
35 /* No more variants because only the first argument must be non-NULL. */
36 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
37 mbedtls_rsa_import( NULL, NULL, NULL,
38 NULL, NULL, NULL ) );
39 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
40 mbedtls_rsa_import_raw( NULL,
41 NULL, 0,
42 NULL, 0,
43 NULL, 0,
44 NULL, 0,
45 NULL, 0 ) );
46
47 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
48 mbedtls_rsa_complete( NULL ) );
49
50 /* No more variants because only the first argument must be non-NULL. */
51 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
52 mbedtls_rsa_export( NULL, NULL, NULL,
53 NULL, NULL, NULL ) );
54 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
55 mbedtls_rsa_export_raw( NULL,
56 NULL, 0,
57 NULL, 0,
58 NULL, 0,
59 NULL, 0,
60 NULL, 0 ) );
61 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
62 mbedtls_rsa_export_crt( NULL, NULL, NULL, NULL ) );
63
64 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( NULL,
65 valid_padding, 0 ) );
66 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( &ctx,
67 invalid_padding, 0 ) );
68
69 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]70 mbedtls_rsa_gen_key( NULL,
71 mbedtls_test_rnd_std_rand,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]72 NULL, 0, 0 ) );
73 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
74 mbedtls_rsa_gen_key( &ctx, NULL,
75 NULL, 0, 0 ) );
76
77 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
78 mbedtls_rsa_check_pubkey( NULL ) );
79 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
80 mbedtls_rsa_check_privkey( NULL ) );
81
82 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
83 mbedtls_rsa_check_pub_priv( NULL, &ctx ) );
84 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
85 mbedtls_rsa_check_pub_priv( &ctx, NULL ) );
86
87 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
88 mbedtls_rsa_public( NULL, buf, buf ) );
89 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
90 mbedtls_rsa_public( &ctx, NULL, buf ) );
91 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
92 mbedtls_rsa_public( &ctx, buf, NULL ) );
93
94 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
95 mbedtls_rsa_private( NULL, NULL, NULL,
96 buf, buf ) );
97 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
98 mbedtls_rsa_private( &ctx, NULL, NULL,
99 NULL, buf ) );
100 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
101 mbedtls_rsa_private( &ctx, NULL, NULL,
102 buf, NULL ) );
103
104 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
105 mbedtls_rsa_pkcs1_encrypt( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]106 sizeof( buf ), buf,
107 buf ) );
108 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
109 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]110 sizeof( buf ), NULL,
111 buf ) );
112 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
113 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]114 sizeof( buf ), buf,
115 NULL ) );
116
117 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
118 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( NULL, NULL,
Thomas Daubney53e4ac62021-05-13 18:26:49 +0100[diff] [blame]119 NULL, sizeof( buf ),
120 buf, buf ) );
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]121 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
122 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
Thomas Daubney53e4ac62021-05-13 18:26:49 +0100[diff] [blame]123 NULL, sizeof( buf ),
124 NULL, buf ) );
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]125 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
126 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
Thomas Daubney53e4ac62021-05-13 18:26:49 +0100[diff] [blame]127 NULL, sizeof( buf ),
128 buf, NULL ) );
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]129
130 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
131 mbedtls_rsa_rsaes_oaep_encrypt( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]132 buf, sizeof( buf ),
133 sizeof( buf ), buf,
134 buf ) );
135 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
136 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]137 NULL, sizeof( buf ),
138 sizeof( buf ), buf,
139 buf ) );
140 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
141 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]142 buf, sizeof( buf ),
143 sizeof( buf ), NULL,
144 buf ) );
145 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
146 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]147 buf, sizeof( buf ),
148 sizeof( buf ), buf,
149 NULL ) );
150
151 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
152 mbedtls_rsa_pkcs1_decrypt( NULL, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]153 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]154 buf, buf, 42 ) );
155 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
156 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]157 NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]158 buf, buf, 42 ) );
159 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
160 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]161 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]162 NULL, buf, 42 ) );
163 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
164 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]165 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]166 buf, NULL, 42 ) );
167
168 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
169 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( NULL, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]170 NULL, &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]171 buf, buf, 42 ) );
172 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
173 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]174 NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]175 buf, buf, 42 ) );
176 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
177 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]178 NULL, &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]179 NULL, buf, 42 ) );
180 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
181 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]182 NULL, &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]183 buf, NULL, 42 ) );
184
185 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
186 mbedtls_rsa_rsaes_oaep_decrypt( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]187 buf, sizeof( buf ),
188 &olen,
189 buf, buf, 42 ) );
190 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
191 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]192 NULL, sizeof( buf ),
193 NULL,
194 buf, buf, 42 ) );
195 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
196 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]197 buf, sizeof( buf ),
198 &olen,
199 NULL, buf, 42 ) );
200 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
201 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]202 buf, sizeof( buf ),
203 &olen,
204 buf, NULL, 42 ) );
205
206 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
207 mbedtls_rsa_pkcs1_sign( NULL, NULL, NULL,
Thomas Daubney11425342021-05-18 11:57:05 +0100[diff] [blame]208 MBEDTLS_RSA_PRIVATE,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]209 0, sizeof( buf ), buf,
210 buf ) );
211 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
212 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
Thomas Daubney11425342021-05-18 11:57:05 +0100[diff] [blame]213 MBEDTLS_RSA_PRIVATE,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]214 0, sizeof( buf ), NULL,
215 buf ) );
216 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
217 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
Thomas Daubney11425342021-05-18 11:57:05 +0100[diff] [blame]218 MBEDTLS_RSA_PRIVATE,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]219 0, sizeof( buf ), buf,
220 NULL ) );
221 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
222 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
Thomas Daubney11425342021-05-18 11:57:05 +0100[diff] [blame]223 MBEDTLS_RSA_PRIVATE,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]224 MBEDTLS_MD_SHA1,
225 0, NULL,
226 buf ) );
227
228 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
229 mbedtls_rsa_rsassa_pkcs1_v15_sign( NULL, NULL, NULL,
Thomas Daubneyb9eaa732021-05-18 15:42:16 +0100[diff] [blame^]230 MBEDTLS_RSA_PRIVATE,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]231 0, sizeof( buf ), buf,
232 buf ) );
233 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
234 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
Thomas Daubneyb9eaa732021-05-18 15:42:16 +0100[diff] [blame^]235 MBEDTLS_RSA_PRIVATE,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]236 0, sizeof( buf ), NULL,
237 buf ) );
238 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
239 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
Thomas Daubneyb9eaa732021-05-18 15:42:16 +0100[diff] [blame^]240 MBEDTLS_RSA_PRIVATE,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]241 0, sizeof( buf ), buf,
242 NULL ) );
243 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
244 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
Thomas Daubneyb9eaa732021-05-18 15:42:16 +0100[diff] [blame^]245 MBEDTLS_RSA_PRIVATE,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]246 MBEDTLS_MD_SHA1,
247 0, NULL,
248 buf ) );
249
250 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
251 mbedtls_rsa_rsassa_pss_sign( NULL, NULL, NULL,
252 valid_mode,
253 0, sizeof( buf ), buf,
254 buf ) );
255 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
256 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
257 invalid_mode,
258 0, sizeof( buf ), buf,
259 buf ) );
260 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
261 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
262 valid_mode,
263 0, sizeof( buf ), NULL,
264 buf ) );
265 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
266 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
267 valid_mode,
268 0, sizeof( buf ), buf,
269 NULL ) );
270 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
271 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
272 valid_mode,
273 MBEDTLS_MD_SHA1,
274 0, NULL,
275 buf ) );
276
277 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Cédric Meutera05cbec2020-04-25 15:02:34 +0200[diff] [blame]278 mbedtls_rsa_rsassa_pss_sign_ext( NULL, NULL, NULL,
279 0, sizeof( buf ), buf,
280 MBEDTLS_RSA_SALT_LEN_ANY,
281 buf ) );
282 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
283 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
284 0, sizeof( buf ), NULL,
285 MBEDTLS_RSA_SALT_LEN_ANY,
286 buf ) );
287 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
288 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
289 0, sizeof( buf ), buf,
290 MBEDTLS_RSA_SALT_LEN_ANY,
291 NULL ) );
292 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
293 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
294 MBEDTLS_MD_SHA1,
295 0, NULL,
296 MBEDTLS_RSA_SALT_LEN_ANY,
297 buf ) );
298
299 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]300 mbedtls_rsa_pkcs1_verify( NULL, NULL, NULL,
301 valid_mode,
302 0, sizeof( buf ), buf,
303 buf ) );
304 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
305 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
306 invalid_mode,
307 0, sizeof( buf ), buf,
308 buf ) );
309 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
310 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
311 valid_mode,
312 0, sizeof( buf ), NULL,
313 buf ) );
314 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
315 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
316 valid_mode,
317 0, sizeof( buf ), buf,
318 NULL ) );
319 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
320 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
321 valid_mode,
322 MBEDTLS_MD_SHA1, 0, NULL,
323 buf ) );
324
325 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
326 mbedtls_rsa_rsassa_pkcs1_v15_verify( NULL, NULL,
327 NULL,
328 valid_mode,
329 0, sizeof( buf ), buf,
330 buf ) );
331 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
332 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
333 NULL,
334 invalid_mode,
335 0, sizeof( buf ), buf,
336 buf ) );
337 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
338 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
339 NULL,
340 valid_mode,
341 0, sizeof( buf ),
342 NULL, buf ) );
343 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
344 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
345 NULL,
346 valid_mode,
347 0, sizeof( buf ), buf,
348 NULL ) );
349 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
350 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
351 NULL,
352 valid_mode,
353 MBEDTLS_MD_SHA1,
354 0, NULL,
355 buf ) );
356
357 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
358 mbedtls_rsa_rsassa_pss_verify( NULL, NULL, NULL,
359 valid_mode,
360 0, sizeof( buf ),
361 buf, buf ) );
362 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
363 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
364 invalid_mode,
365 0, sizeof( buf ),
366 buf, buf ) );
367 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
368 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
369 valid_mode,
370 0, sizeof( buf ),
371 NULL, buf ) );
372 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
373 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
374 valid_mode,
375 0, sizeof( buf ),
376 buf, NULL ) );
377 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
378 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
379 valid_mode,
380 MBEDTLS_MD_SHA1,
381 0, NULL,
382 buf ) );
383
384 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
385 mbedtls_rsa_rsassa_pss_verify_ext( NULL, NULL, NULL,
386 valid_mode,
387 0, sizeof( buf ),
388 buf,
389 0, 0,
390 buf ) );
391 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
392 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
393 invalid_mode,
394 0, sizeof( buf ),
395 buf,
396 0, 0,
397 buf ) );
398 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
399 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
400 valid_mode,
401 0, sizeof( buf ),
402 NULL, 0, 0,
403 buf ) );
404 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
405 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
406 valid_mode,
407 0, sizeof( buf ),
408 buf, 0, 0,
409 NULL ) );
410 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
411 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
412 valid_mode,
413 MBEDTLS_MD_SHA1,
414 0, NULL,
415 0, 0,
416 buf ) );
417
418 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
419 mbedtls_rsa_copy( NULL, &ctx ) );
420 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
421 mbedtls_rsa_copy( &ctx, NULL ) );
422
423exit:
424 return;
425}
426/* END_CASE */
427
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]428/* BEGIN_CASE */
Gilles Peskine914afe12021-02-01 17:55:24 +0100[diff] [blame]429void rsa_init_free( int reinit )
430{
431 mbedtls_rsa_context ctx;
432
433 /* Double free is not explicitly documented to work, but we rely on it
434 * even inside the library so that you can call mbedtls_rsa_free()
435 * unconditionally on an error path without checking whether it has
436 * already been called in the success path. */
437
438 mbedtls_rsa_init( &ctx, 0, 0 );
439 mbedtls_rsa_free( &ctx );
440
441 if( reinit )
442 mbedtls_rsa_init( &ctx, 0, 0 );
443 mbedtls_rsa_free( &ctx );
444
445 /* This test case always succeeds, functionally speaking. A plausible
446 * bug might trigger an invalid pointer dereference or a memory leak. */
447 goto exit;
448}
449/* END_CASE */
450
451/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]452void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]453 int digest, int mod, int radix_P, char * input_P,
454 int radix_Q, char * input_Q, int radix_N,
455 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]456 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]457{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]458 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
459 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]460 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]461 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]462 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]463
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]464 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
465 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]466 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]467
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]468 memset( hash_result, 0x00, sizeof( hash_result ) );
469 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]470 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]471
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]472 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
473 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
474 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
475 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]476
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]477 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
478 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]479 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]480 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]481
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]482
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]483 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]484 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]485
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]486 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
487 &rnd_info, MBEDTLS_RSA_PRIVATE, digest,
488 0, hash_result, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]489 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]490 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]491
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]492 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
493 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]494 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]495
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]496exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]497 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
498 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]499 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]500}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]501/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]502
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]503/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]504void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]505 int digest, int mod, int radix_N,
506 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]507 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]508{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]509 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]510 mbedtls_rsa_context ctx;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]511
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]512 mbedtls_mpi N, E;
513
514 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]515 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]516 memset( hash_result, 0x00, sizeof( hash_result ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]517
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]518 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
519 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
520 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
521 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]522 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]523
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]524
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]525 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]526 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]527
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]528 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]529
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]530exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]531 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]532 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]533}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]534/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]535
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]536
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]537/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]538void rsa_pkcs1_sign_raw( data_t * hash_result,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]539 int padding_mode, int mod, int radix_P,
540 char * input_P, int radix_Q, char * input_Q,
541 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]542 char * input_E, data_t * result_str )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]543{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]544 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]545 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]546 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]547 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]548
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]549 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]550 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
551 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]552
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]553 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]554 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]555
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]556 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
557 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
558 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
559 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]560
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]561 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
562 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]563 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]564 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]565
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]566
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]567 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
568 &rnd_info, MBEDTLS_RSA_PRIVATE,
569 MBEDTLS_MD_NONE, hash_result->len,
570 hash_result->x, output ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]571
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]572
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]573 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
574 ctx.len, result_str->len ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]575
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]576exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]577 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
578 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
579
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]580 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]581}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]582/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]583
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]584/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]585void rsa_pkcs1_verify_raw( data_t * hash_result,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]586 int padding_mode, int mod, int radix_N,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]587 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]588 data_t * result_str, int correct )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]589{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]590 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]591 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]592
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]593 mbedtls_mpi N, E;
594 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
595
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]596 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]597 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]598
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]599 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
600 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]601
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]602 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
603 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]604 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]605
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]606
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]607 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]608
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]609exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]610 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]611 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]612}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]613/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]614
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]615/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]616void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]617 int mod, int radix_N, char * input_N,
618 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]619 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]620{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]621 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]622 mbedtls_rsa_context ctx;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]623 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]624
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]625 mbedtls_mpi N, E;
626 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
627
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]628 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]629
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]630 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]631 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]632
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]633 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
634 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]635
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]636 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
637 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]638 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]639
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]640
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]641 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx,
642 &mbedtls_test_rnd_pseudo_rand,
Thomas Daubney21772772021-05-13 17:30:32 +0100[diff] [blame]643 &rnd_info, message_str->len,
644 message_str->x,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]645 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]646 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]647 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]648
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]649 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
650 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]651 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]652
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]653exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]654 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]655 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]656}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]657/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]658
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]659/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]660void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]661 int mod, int radix_N, char * input_N,
662 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]663 data_t * result_str, int result )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]664{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]665 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]666 mbedtls_rsa_context ctx;
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]667
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]668 mbedtls_mpi N, E;
669
670 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]671 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]672 memset( output, 0x00, sizeof( output ) );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]673
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]674 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
675 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]676
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]677 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
678 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]679 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]680
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]681
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]682 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &mbedtls_test_rnd_zero_rand,
Thomas Daubney21772772021-05-13 17:30:32 +0100[diff] [blame]683 NULL, message_str->len,
684 message_str->x,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]685 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]686 if( result == 0 )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]687 {
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]688
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]689 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
690 ctx.len, result_str->len ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]691 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]692
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]693exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]694 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]695 mbedtls_rsa_free( &ctx );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]696}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]697/* END_CASE */
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]698
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]699/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]700void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]701 int mod, int radix_P, char * input_P,
702 int radix_Q, char * input_Q, int radix_N,
703 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]704 int max_output, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]705 int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]706{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]707 unsigned char output[32];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]708 mbedtls_rsa_context ctx;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]709 size_t output_len;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]710 mbedtls_test_rnd_pseudo_info rnd_info;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]711 mbedtls_mpi N, P, Q, E;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]712
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]713 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
714 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
715
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]716 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]717
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]718 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]719 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]720
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]721
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]722 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
723 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
724 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
725 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]726
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]727 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
728 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]729 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]730 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]731
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]732 output_len = 0;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]733
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]734 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, mbedtls_test_rnd_pseudo_rand,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]735 &rnd_info,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]736 &output_len, message_str->x, output,
737 max_output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]738 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]739 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]740
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]741 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]742 output_len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]743 result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]744 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]745
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]746exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]747 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
748 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]749 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]750}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]751/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]752
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]753/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]754void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]755 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]756 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]757{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]758 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]759 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]760
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]761 mbedtls_mpi N, E;
762
763 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]764 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
765 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]766 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]767
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]768 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
769 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]770
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]771 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
772 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]773 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]774
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]775
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]776 TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]777 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]778 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]779
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]780 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
781 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]782 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]783
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]784 /* And now with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]785 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]786 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]787 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]788
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]789 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]790
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]791 memset( output, 0x00, sizeof( output ) );
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]792 TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str->x, output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]793 if( result == 0 )
794 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]795
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]796 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
797 ctx.len, result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]798 }
799
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]800exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]801 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]802 mbedtls_rsa_free( &ctx );
803 mbedtls_rsa_free( &ctx2 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]804}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]805/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]806
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]807/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]808void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]809 char * input_P, int radix_Q, char * input_Q,
810 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]811 char * input_E, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]812 int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]813{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]814 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]815 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]816 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]817 mbedtls_test_rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]818 int i;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]819
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]820 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
821 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]822 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
823 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]824
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]825 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]826
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]827 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
828 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
829 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
830 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]831
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]832 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
833 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]834 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]835 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]836
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]837
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]838 /* repeat three times to test updating of blinding values */
839 for( i = 0; i < 3; i++ )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]840 {
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]841 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]842 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_test_rnd_pseudo_rand,
843 &rnd_info, message_str->x,
844 output ) == result );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]845 if( result == 0 )
846 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]847
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]848 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]849 ctx.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]850 result_str->len ) == 0 );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]851 }
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]852 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]853
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]854 /* And now one more time with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]855 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]856 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]857 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]858
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]859 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]860
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]861 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]862 TEST_ASSERT( mbedtls_rsa_private( &ctx2, mbedtls_test_rnd_pseudo_rand,
863 &rnd_info, message_str->x,
864 output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]865 if( result == 0 )
866 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]867
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]868 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]869 ctx2.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]870 result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]871 }
872
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]873exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]874 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
875 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
876
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]877 mbedtls_rsa_free( &ctx ); mbedtls_rsa_free( &ctx2 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]878}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]879/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]880
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]881/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]882void rsa_check_privkey_null( )
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]883{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]884 mbedtls_rsa_context ctx;
885 memset( &ctx, 0x00, sizeof( mbedtls_rsa_context ) );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]886
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]887 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]888}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]889/* END_CASE */
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]890
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]891/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]892void mbedtls_rsa_check_pubkey( int radix_N, char * input_N, int radix_E,
893 char * input_E, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]894{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]895 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]896 mbedtls_mpi N, E;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]897
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]898 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]899 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]900
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]901 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]902 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]903 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]904 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]905 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]906 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]907 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]908 }
909
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]910 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]911 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]912
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]913exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]914 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]915 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]916}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]917/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]918
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]919/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]920void mbedtls_rsa_check_privkey( int mod, int radix_P, char * input_P,
921 int radix_Q, char * input_Q, int radix_N,
922 char * input_N, int radix_E, char * input_E,
923 int radix_D, char * input_D, int radix_DP,
924 char * input_DP, int radix_DQ,
925 char * input_DQ, int radix_QP,
926 char * input_QP, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]927{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]928 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]929
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]930 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]931
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]932 ctx.len = mod / 8;
933 if( strlen( input_P ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]934 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]935 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]936 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]937 if( strlen( input_Q ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]938 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]939 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]940 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]941 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]942 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]943 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]944 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]945 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]946 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]947 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]948 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]949 if( strlen( input_D ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]950 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]951 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.D, radix_D, input_D ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]952 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]953#if !defined(MBEDTLS_RSA_NO_CRT)
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]954 if( strlen( input_DP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]955 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]956 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DP, radix_DP, input_DP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]957 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]958 if( strlen( input_DQ ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]959 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]960 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]961 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]962 if( strlen( input_QP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]963 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]964 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.QP, radix_QP, input_QP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]965 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]966#else
967 ((void) radix_DP); ((void) input_DP);
968 ((void) radix_DQ); ((void) input_DQ);
969 ((void) radix_QP); ((void) input_QP);
970#endif
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]971
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]972 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]973
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]974exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]975 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]976}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]977/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]978
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]979/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]980void rsa_check_pubpriv( int mod, int radix_Npub, char * input_Npub,
981 int radix_Epub, char * input_Epub, int radix_P,
982 char * input_P, int radix_Q, char * input_Q,
983 int radix_N, char * input_N, int radix_E,
984 char * input_E, int radix_D, char * input_D,
985 int radix_DP, char * input_DP, int radix_DQ,
986 char * input_DQ, int radix_QP, char * input_QP,
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]987 int result )
988{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]989 mbedtls_rsa_context pub, prv;
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]990
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]991 mbedtls_rsa_init( &pub, MBEDTLS_RSA_PKCS_V15, 0 );
992 mbedtls_rsa_init( &prv, MBEDTLS_RSA_PKCS_V15, 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]993
994 pub.len = mod / 8;
995 prv.len = mod / 8;
996
997 if( strlen( input_Npub ) )
998 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]999 TEST_ASSERT( mbedtls_mpi_read_string( &pub.N, radix_Npub, input_Npub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1000 }
1001 if( strlen( input_Epub ) )
1002 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1003 TEST_ASSERT( mbedtls_mpi_read_string( &pub.E, radix_Epub, input_Epub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1004 }
1005
1006 if( strlen( input_P ) )
1007 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1008 TEST_ASSERT( mbedtls_mpi_read_string( &prv.P, radix_P, input_P ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1009 }
1010 if( strlen( input_Q ) )
1011 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1012 TEST_ASSERT( mbedtls_mpi_read_string( &prv.Q, radix_Q, input_Q ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1013 }
1014 if( strlen( input_N ) )
1015 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1016 TEST_ASSERT( mbedtls_mpi_read_string( &prv.N, radix_N, input_N ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1017 }
1018 if( strlen( input_E ) )
1019 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1020 TEST_ASSERT( mbedtls_mpi_read_string( &prv.E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1021 }
1022 if( strlen( input_D ) )
1023 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1024 TEST_ASSERT( mbedtls_mpi_read_string( &prv.D, radix_D, input_D ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1025 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1026#if !defined(MBEDTLS_RSA_NO_CRT)
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1027 if( strlen( input_DP ) )
1028 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1029 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DP, radix_DP, input_DP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1030 }
1031 if( strlen( input_DQ ) )
1032 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1033 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DQ, radix_DQ, input_DQ ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1034 }
1035 if( strlen( input_QP ) )
1036 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1037 TEST_ASSERT( mbedtls_mpi_read_string( &prv.QP, radix_QP, input_QP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1038 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1039#else
1040 ((void) radix_DP); ((void) input_DP);
1041 ((void) radix_DQ); ((void) input_DQ);
1042 ((void) radix_QP); ((void) input_QP);
1043#endif
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1044
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1045 TEST_ASSERT( mbedtls_rsa_check_pub_priv( &pub, &prv ) == result );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1046
1047exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1048 mbedtls_rsa_free( &pub );
1049 mbedtls_rsa_free( &prv );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1050}
1051/* END_CASE */
1052
Hanno Beckerd4a872e2017-09-07 08:09:33 +0100[diff] [blame]1053/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1054void mbedtls_rsa_gen_key( int nrbits, int exponent, int result)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1055{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1056 mbedtls_rsa_context ctx;
1057 mbedtls_entropy_context entropy;
1058 mbedtls_ctr_drbg_context ctr_drbg;
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]1059 const char *pers = "test_suite_rsa";
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1060
Manuel Pégourié-Gonnard8d128ef2015-04-28 22:38:08 +0200[diff] [blame]1061 mbedtls_ctr_drbg_init( &ctr_drbg );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1062 mbedtls_entropy_init( &entropy );
Hanno Becker7e8e57c2017-07-23 10:19:29 +0100[diff] [blame]1063 mbedtls_rsa_init ( &ctx, 0, 0 );
Paul Bakkerc0a1a312011-12-04 17:12:15 +0000[diff] [blame]1064
Hanno Beckera47023e2017-12-22 17:08:03 +0000[diff] [blame]1065 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1066 &entropy, (const unsigned char *) pers,
1067 strlen( pers ) ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1068
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1069 TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1070 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1071 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1072 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Janos Follathef441782016-09-21 13:18:12 +0100[diff] [blame]1073 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &ctx.Q ) > 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1074 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1075
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1076exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1077 mbedtls_rsa_free( &ctx );
1078 mbedtls_ctr_drbg_free( &ctr_drbg );
1079 mbedtls_entropy_free( &entropy );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1080}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1081/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1082
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1083/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Hanno Becker0f65e0c2017-10-03 14:39:16 +0100[diff] [blame]1084void mbedtls_rsa_deduce_primes( int radix_N, char *input_N,
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1085 int radix_D, char *input_D,
1086 int radix_E, char *input_E,
1087 int radix_P, char *output_P,
1088 int radix_Q, char *output_Q,
1089 int corrupt, int result )
1090{
1091 mbedtls_mpi N, P, Pp, Q, Qp, D, E;
1092
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1093 mbedtls_mpi_init( &N );
1094 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1095 mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp );
1096 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1097
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1098 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1099 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1100 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1101 TEST_ASSERT( mbedtls_mpi_read_string( &Qp, radix_P, output_P ) == 0 );
1102 TEST_ASSERT( mbedtls_mpi_read_string( &Pp, radix_Q, output_Q ) == 0 );
1103
1104 if( corrupt )
1105 TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 );
1106
1107 /* Try to deduce P, Q from N, D, E only. */
Hanno Beckerf9e184b2017-10-10 16:49:26 +0100[diff] [blame]1108 TEST_ASSERT( mbedtls_rsa_deduce_primes( &N, &D, &E, &P, &Q ) == result );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1109
1110 if( !corrupt )
1111 {
1112 /* Check if (P,Q) = (Pp, Qp) or (P,Q) = (Qp, Pp) */
1113 TEST_ASSERT( ( mbedtls_mpi_cmp_mpi( &P, &Pp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Qp ) == 0 ) ||
1114 ( mbedtls_mpi_cmp_mpi( &P, &Qp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Pp ) == 0 ) );
1115 }
1116
1117exit:
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1118 mbedtls_mpi_free( &N );
1119 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1120 mbedtls_mpi_free( &Pp ); mbedtls_mpi_free( &Qp );
1121 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1122}
1123/* END_CASE */
1124
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1125/* BEGIN_CASE */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1126void mbedtls_rsa_deduce_private_exponent( int radix_P, char *input_P,
1127 int radix_Q, char *input_Q,
1128 int radix_E, char *input_E,
1129 int radix_D, char *output_D,
1130 int corrupt, int result )
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1131{
1132 mbedtls_mpi P, Q, D, Dp, E, R, Rp;
1133
1134 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1135 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &Dp );
1136 mbedtls_mpi_init( &E );
1137 mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp );
1138
1139 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1140 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1141 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1142 TEST_ASSERT( mbedtls_mpi_read_string( &Dp, radix_D, output_D ) == 0 );
1143
1144 if( corrupt )
1145 {
1146 /* Make E even */
1147 TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 0 ) == 0 );
1148 }
1149
1150 /* Try to deduce D from N, P, Q, E. */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1151 TEST_ASSERT( mbedtls_rsa_deduce_private_exponent( &P, &Q,
1152 &E, &D ) == result );
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1153
1154 if( !corrupt )
1155 {
1156 /*
1157 * Check that D and Dp agree modulo LCM(P-1, Q-1).
1158 */
1159
1160 /* Replace P,Q by P-1, Q-1 */
1161 TEST_ASSERT( mbedtls_mpi_sub_int( &P, &P, 1 ) == 0 );
1162 TEST_ASSERT( mbedtls_mpi_sub_int( &Q, &Q, 1 ) == 0 );
1163
1164 /* Check D == Dp modulo P-1 */
1165 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &P ) == 0 );
1166 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &P ) == 0 );
1167 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1168
1169 /* Check D == Dp modulo Q-1 */
1170 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &Q ) == 0 );
1171 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &Q ) == 0 );
1172 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1173 }
1174
1175exit:
1176
1177 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1178 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &Dp );
1179 mbedtls_mpi_free( &E );
1180 mbedtls_mpi_free( &R ); mbedtls_mpi_free( &Rp );
1181}
1182/* END_CASE */
1183
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1184/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1185void mbedtls_rsa_import( int radix_N, char *input_N,
1186 int radix_P, char *input_P,
1187 int radix_Q, char *input_Q,
1188 int radix_D, char *input_D,
1189 int radix_E, char *input_E,
1190 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1191 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1192 int res_check,
1193 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1194{
1195 mbedtls_mpi N, P, Q, D, E;
1196 mbedtls_rsa_context ctx;
1197
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1198 /* Buffers used for encryption-decryption test */
1199 unsigned char *buf_orig = NULL;
1200 unsigned char *buf_enc = NULL;
1201 unsigned char *buf_dec = NULL;
1202
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1203 mbedtls_entropy_context entropy;
1204 mbedtls_ctr_drbg_context ctr_drbg;
1205 const char *pers = "test_suite_rsa";
1206
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1207 const int have_N = ( strlen( input_N ) > 0 );
1208 const int have_P = ( strlen( input_P ) > 0 );
1209 const int have_Q = ( strlen( input_Q ) > 0 );
1210 const int have_D = ( strlen( input_D ) > 0 );
1211 const int have_E = ( strlen( input_E ) > 0 );
1212
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1213 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1214 mbedtls_entropy_init( &entropy );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1215 mbedtls_rsa_init( &ctx, 0, 0 );
1216
1217 mbedtls_mpi_init( &N );
1218 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1219 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1220
Hanno Beckerd4d60572018-01-10 07:12:01 +0000[diff] [blame]1221 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
1222 (const unsigned char *) pers, strlen( pers ) ) == 0 );
1223
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1224 if( have_N )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1225 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1226
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1227 if( have_P )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1228 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1229
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1230 if( have_Q )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1231 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1232
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1233 if( have_D )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1234 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1235
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1236 if( have_E )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1237 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1238
1239 if( !successive )
1240 {
1241 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1242 have_N ? &N : NULL,
1243 have_P ? &P : NULL,
1244 have_Q ? &Q : NULL,
1245 have_D ? &D : NULL,
1246 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1247 }
1248 else
1249 {
1250 /* Import N, P, Q, D, E separately.
1251 * This should make no functional difference. */
1252
1253 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1254 have_N ? &N : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1255 NULL, NULL, NULL, NULL ) == 0 );
1256
1257 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1258 NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1259 have_P ? &P : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1260 NULL, NULL, NULL ) == 0 );
1261
1262 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1263 NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1264 have_Q ? &Q : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1265 NULL, NULL ) == 0 );
1266
1267 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1268 NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1269 have_D ? &D : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1270 NULL ) == 0 );
1271
1272 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1273 NULL, NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1274 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1275 }
1276
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1277 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1278
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1279 /* On expected success, perform some public and private
1280 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1281 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1282 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1283 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1284 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1285 else
1286 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1287
1288 if( res_check != 0 )
1289 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1290
1291 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1292 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1293 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1294 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1295 goto exit;
1296
1297 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1298 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1299
1300 /* Make sure the number we're generating is smaller than the modulus */
1301 buf_orig[0] = 0x00;
1302
1303 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1304
1305 if( is_priv )
1306 {
1307 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1308 &ctr_drbg, buf_enc,
1309 buf_dec ) == 0 );
1310
1311 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1312 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1313 }
1314 }
1315
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1316exit:
1317
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1318 mbedtls_free( buf_orig );
1319 mbedtls_free( buf_enc );
1320 mbedtls_free( buf_dec );
1321
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1322 mbedtls_rsa_free( &ctx );
1323
1324 mbedtls_ctr_drbg_free( &ctr_drbg );
1325 mbedtls_entropy_free( &entropy );
1326
1327 mbedtls_mpi_free( &N );
1328 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1329 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1330}
1331/* END_CASE */
1332
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1333/* BEGIN_CASE */
1334void mbedtls_rsa_export( int radix_N, char *input_N,
1335 int radix_P, char *input_P,
1336 int radix_Q, char *input_Q,
1337 int radix_D, char *input_D,
1338 int radix_E, char *input_E,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1339 int is_priv,
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1340 int successive )
1341{
1342 /* Original MPI's with which we set up the RSA context */
1343 mbedtls_mpi N, P, Q, D, E;
1344
1345 /* Exported MPI's */
1346 mbedtls_mpi Ne, Pe, Qe, De, Ee;
1347
1348 const int have_N = ( strlen( input_N ) > 0 );
1349 const int have_P = ( strlen( input_P ) > 0 );
1350 const int have_Q = ( strlen( input_Q ) > 0 );
1351 const int have_D = ( strlen( input_D ) > 0 );
1352 const int have_E = ( strlen( input_E ) > 0 );
1353
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1354 mbedtls_rsa_context ctx;
1355
1356 mbedtls_rsa_init( &ctx, 0, 0 );
1357
1358 mbedtls_mpi_init( &N );
1359 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1360 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1361
1362 mbedtls_mpi_init( &Ne );
1363 mbedtls_mpi_init( &Pe ); mbedtls_mpi_init( &Qe );
1364 mbedtls_mpi_init( &De ); mbedtls_mpi_init( &Ee );
1365
1366 /* Setup RSA context */
1367
1368 if( have_N )
1369 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1370
1371 if( have_P )
1372 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1373
1374 if( have_Q )
1375 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1376
1377 if( have_D )
1378 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1379
1380 if( have_E )
1381 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1382
1383 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1384 strlen( input_N ) ? &N : NULL,
1385 strlen( input_P ) ? &P : NULL,
1386 strlen( input_Q ) ? &Q : NULL,
1387 strlen( input_D ) ? &D : NULL,
1388 strlen( input_E ) ? &E : NULL ) == 0 );
1389
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1390 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1391
1392 /*
1393 * Export parameters and compare to original ones.
1394 */
1395
1396 /* N and E must always be present. */
1397 if( !successive )
1398 {
1399 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, &Ee ) == 0 );
1400 }
1401 else
1402 {
1403 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, NULL ) == 0 );
1404 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL, NULL, &Ee ) == 0 );
1405 }
1406 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &Ne ) == 0 );
1407 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &E, &Ee ) == 0 );
1408
1409 /* If we were providing enough information to setup a complete private context,
1410 * we expect to be able to export all core parameters. */
1411
1412 if( is_priv )
1413 {
1414 if( !successive )
1415 {
1416 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, &Qe,
1417 &De, NULL ) == 0 );
1418 }
1419 else
1420 {
1421 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, NULL,
1422 NULL, NULL ) == 0 );
1423 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, &Qe,
1424 NULL, NULL ) == 0 );
1425 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL,
1426 &De, NULL ) == 0 );
1427 }
1428
1429 if( have_P )
1430 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P, &Pe ) == 0 );
1431
1432 if( have_Q )
1433 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &Qe ) == 0 );
1434
1435 if( have_D )
1436 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &D, &De ) == 0 );
1437
1438 /* While at it, perform a sanity check */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1439 TEST_ASSERT( mbedtls_rsa_validate_params( &Ne, &Pe, &Qe, &De, &Ee,
1440 NULL, NULL ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1441 }
1442
1443exit:
1444
1445 mbedtls_rsa_free( &ctx );
1446
1447 mbedtls_mpi_free( &N );
1448 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1449 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1450
1451 mbedtls_mpi_free( &Ne );
1452 mbedtls_mpi_free( &Pe ); mbedtls_mpi_free( &Qe );
1453 mbedtls_mpi_free( &De ); mbedtls_mpi_free( &Ee );
1454}
1455/* END_CASE */
1456
Manuel Pégourié-Gonnardd12402f2020-05-20 10:34:25 +0200[diff] [blame]1457/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1458void mbedtls_rsa_validate_params( int radix_N, char *input_N,
1459 int radix_P, char *input_P,
1460 int radix_Q, char *input_Q,
1461 int radix_D, char *input_D,
1462 int radix_E, char *input_E,
1463 int prng, int result )
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1464{
1465 /* Original MPI's with which we set up the RSA context */
1466 mbedtls_mpi N, P, Q, D, E;
1467
1468 const int have_N = ( strlen( input_N ) > 0 );
1469 const int have_P = ( strlen( input_P ) > 0 );
1470 const int have_Q = ( strlen( input_Q ) > 0 );
1471 const int have_D = ( strlen( input_D ) > 0 );
1472 const int have_E = ( strlen( input_E ) > 0 );
1473
1474 mbedtls_entropy_context entropy;
1475 mbedtls_ctr_drbg_context ctr_drbg;
1476 const char *pers = "test_suite_rsa";
1477
1478 mbedtls_mpi_init( &N );
1479 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1480 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1481
1482 mbedtls_ctr_drbg_init( &ctr_drbg );
1483 mbedtls_entropy_init( &entropy );
1484 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1485 &entropy, (const unsigned char *) pers,
1486 strlen( pers ) ) == 0 );
1487
1488 if( have_N )
1489 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1490
1491 if( have_P )
1492 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1493
1494 if( have_Q )
1495 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1496
1497 if( have_D )
1498 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1499
1500 if( have_E )
1501 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1502
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1503 TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL,
1504 have_P ? &P : NULL,
1505 have_Q ? &Q : NULL,
1506 have_D ? &D : NULL,
1507 have_E ? &E : NULL,
1508 prng ? mbedtls_ctr_drbg_random : NULL,
1509 prng ? &ctr_drbg : NULL ) == result );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1510exit:
1511
1512 mbedtls_ctr_drbg_free( &ctr_drbg );
1513 mbedtls_entropy_free( &entropy );
1514
1515 mbedtls_mpi_free( &N );
1516 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1517 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1518}
1519/* END_CASE */
1520
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1521/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1522void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P,
1523 data_t *input_Q, data_t *input_D,
1524 data_t *input_E, int is_priv,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1525 int successive )
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1526{
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1527 /* Exported buffers */
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]1528 unsigned char bufNe[256];
1529 unsigned char bufPe[128];
1530 unsigned char bufQe[128];
1531 unsigned char bufDe[256];
1532 unsigned char bufEe[1];
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1533
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1534 mbedtls_rsa_context ctx;
1535
1536 mbedtls_rsa_init( &ctx, 0, 0 );
1537
1538 /* Setup RSA context */
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1539 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1540 input_N->len ? input_N->x : NULL, input_N->len,
1541 input_P->len ? input_P->x : NULL, input_P->len,
1542 input_Q->len ? input_Q->x : NULL, input_Q->len,
1543 input_D->len ? input_D->x : NULL, input_D->len,
1544 input_E->len ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1545
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1546 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1547
1548 /*
1549 * Export parameters and compare to original ones.
1550 */
1551
1552 /* N and E must always be present. */
1553 if( !successive )
1554 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1555 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1556 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1557 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1558 }
1559 else
1560 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1561 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1562 NULL, 0, NULL, 0, NULL, 0,
1563 NULL, 0 ) == 0 );
1564 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
1565 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1566 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1567 }
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1568 TEST_ASSERT( memcmp( input_N->x, bufNe, input_N->len ) == 0 );
1569 TEST_ASSERT( memcmp( input_E->x, bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1570
1571 /* If we were providing enough information to setup a complete private context,
1572 * we expect to be able to export all core parameters. */
1573
1574 if( is_priv )
1575 {
1576 if( !successive )
1577 {
1578 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1579 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
1580 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
1581 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1582 NULL, 0 ) == 0 );
1583 }
1584 else
1585 {
1586 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1587 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1588 NULL, 0, NULL, 0,
1589 NULL, 0 ) == 0 );
1590
1591 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1592 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1593 NULL, 0, NULL, 0 ) == 0 );
1594
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1595 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0, NULL, 0,
1596 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1597 NULL, 0 ) == 0 );
1598 }
1599
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1600 if( input_P->len )
1601 TEST_ASSERT( memcmp( input_P->x, bufPe, input_P->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1602
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1603 if( input_Q->len )
1604 TEST_ASSERT( memcmp( input_Q->x, bufQe, input_Q->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1605
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1606 if( input_D->len )
1607 TEST_ASSERT( memcmp( input_D->x, bufDe, input_D->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1608
1609 }
1610
1611exit:
1612 mbedtls_rsa_free( &ctx );
1613}
1614/* END_CASE */
1615
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1616/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1617void mbedtls_rsa_import_raw( data_t *input_N,
1618 data_t *input_P, data_t *input_Q,
1619 data_t *input_D, data_t *input_E,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1620 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1621 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1622 int res_check,
1623 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1624{
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1625 /* Buffers used for encryption-decryption test */
1626 unsigned char *buf_orig = NULL;
1627 unsigned char *buf_enc = NULL;
1628 unsigned char *buf_dec = NULL;
1629
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1630 mbedtls_rsa_context ctx;
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1631 mbedtls_entropy_context entropy;
1632 mbedtls_ctr_drbg_context ctr_drbg;
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1633
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1634 const char *pers = "test_suite_rsa";
1635
1636 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1637 mbedtls_entropy_init( &entropy );
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1638 mbedtls_rsa_init( &ctx, 0, 0 );
1639
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1640 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1641 &entropy, (const unsigned char *) pers,
1642 strlen( pers ) ) == 0 );
1643
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1644 if( !successive )
1645 {
1646 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1647 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
1648 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
1649 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
1650 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
1651 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1652 }
1653 else
1654 {
1655 /* Import N, P, Q, D, E separately.
1656 * This should make no functional difference. */
1657
1658 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1659 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1660 NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1661
1662 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1663 NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1664 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1665 NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1666
1667 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1668 NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1669 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1670 NULL, 0, NULL, 0 ) == 0 );
1671
1672 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1673 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1674 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1675 NULL, 0 ) == 0 );
1676
1677 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1678 NULL, 0, NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1679 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1680 }
1681
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1682 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1683
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1684 /* On expected success, perform some public and private
1685 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1686 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1687 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1688 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1689 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1690 else
1691 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1692
1693 if( res_check != 0 )
1694 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1695
1696 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1697 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1698 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1699 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1700 goto exit;
1701
1702 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1703 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1704
1705 /* Make sure the number we're generating is smaller than the modulus */
1706 buf_orig[0] = 0x00;
1707
1708 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1709
1710 if( is_priv )
1711 {
1712 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1713 &ctr_drbg, buf_enc,
1714 buf_dec ) == 0 );
1715
1716 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1717 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1718 }
1719 }
1720
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1721exit:
1722
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1723 mbedtls_free( buf_orig );
1724 mbedtls_free( buf_enc );
1725 mbedtls_free( buf_dec );
1726
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1727 mbedtls_rsa_free( &ctx );
1728
1729 mbedtls_ctr_drbg_free( &ctr_drbg );
1730 mbedtls_entropy_free( &entropy );
1731
1732}
1733/* END_CASE */
1734
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1735/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1736void rsa_selftest( )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1737{
Andres AG93012e82016-09-09 09:10:28 +0100[diff] [blame]1738 TEST_ASSERT( mbedtls_rsa_self_test( 1 ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1739}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1740/* END_CASE */