TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / bd51b262d1793dfc48366e92199feb21846de726 / . / tests / suites / test_suite_rsa.function
blob: 9b3d05af84b6fe0ee988d05cb7f18ca2b20d4bbe [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]2#include <polarssl/rsa.h>
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]3#include <polarssl/md2.h>
4#include <polarssl/md4.h>
5#include <polarssl/md5.h>
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]6#include <polarssl/sha1.h>
Paul Bakkerd2681d82013-06-30 14:49:12 +0200[diff] [blame]7#include <polarssl/sha256.h>
8#include <polarssl/sha512.h>
Paul Bakkerc0a1a312011-12-04 17:12:15 +0000[diff] [blame]9#include <polarssl/entropy.h>
10#include <polarssl/ctr_drbg.h>
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]11/* END_HEADER */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]12
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]13/* BEGIN_DEPENDENCIES
14 * depends_on:POLARSSL_RSA_C:POLARSSL_BIGNUM_C:POLARSSL_GENPRIME
15 * END_DEPENDENCIES
16 */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]17
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]18/* BEGIN_CASE */
19void rsa_pkcs1_sign( char *message_hex_string, int padding_mode, int digest,
20 int mod, int radix_P, char *input_P, int radix_Q,
21 char *input_Q, int radix_N, char *input_N, int radix_E,
22 char *input_E, char *result_hex_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]23{
24 unsigned char message_str[1000];
25 unsigned char hash_result[1000];
26 unsigned char output[1000];
27 unsigned char output_str[1000];
28 rsa_context ctx;
29 mpi P1, Q1, H, G;
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]30 int msg_len;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]31 rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]32
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]33 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]34 rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]35
36 memset( message_str, 0x00, 1000 );
37 memset( hash_result, 0x00, 1000 );
38 memset( output, 0x00, 1000 );
39 memset( output_str, 0x00, 1000 );
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]40 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]41
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]42 ctx.len = mod / 8;
43 TEST_ASSERT( mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
44 TEST_ASSERT( mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
45 TEST_ASSERT( mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
46 TEST_ASSERT( mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]47
48 TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
49 TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
50 TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
51 TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H ) == 0 );
52 TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
53 TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
54 TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
55 TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
56
57 TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
58
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]59 msg_len = unhexify( message_str, message_hex_string );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]60
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]61 if( md_info_from_type( digest ) != NULL )
62 TEST_ASSERT( md( md_info_from_type( digest ), message_str, msg_len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]63
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]64 TEST_ASSERT( rsa_pkcs1_sign( &ctx, &rnd_pseudo_rand, &rnd_info, RSA_PRIVATE, digest, 0, hash_result, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]65 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]66 {
67 hexify( output_str, output, ctx.len );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]68
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]69 TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]70 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]71
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame^]72exit:
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]73 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]74 rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]75}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]76/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]77
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]78/* BEGIN_CASE */
79void rsa_pkcs1_verify( char *message_hex_string, int padding_mode, int digest,
80 int mod, int radix_N, char *input_N, int radix_E,
81 char *input_E, char *result_hex_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]82{
83 unsigned char message_str[1000];
84 unsigned char hash_result[1000];
85 unsigned char result_str[1000];
86 rsa_context ctx;
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]87 int msg_len;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]88
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]89 rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]90 memset( message_str, 0x00, 1000 );
91 memset( hash_result, 0x00, 1000 );
92 memset( result_str, 0x00, 1000 );
93
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]94 ctx.len = mod / 8;
95 TEST_ASSERT( mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
96 TEST_ASSERT( mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]97
98 TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
99
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]100 msg_len = unhexify( message_str, message_hex_string );
101 unhexify( result_str, result_hex_str );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]102
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]103 if( md_info_from_type( digest ) != NULL )
104 TEST_ASSERT( md( md_info_from_type( digest ), message_str, msg_len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]105
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]106 TEST_ASSERT( rsa_pkcs1_verify( &ctx, NULL, NULL, RSA_PUBLIC, digest, 0, hash_result, result_str ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]107
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame^]108exit:
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]109 rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]110}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]111/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]112
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]113
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]114/* BEGIN_CASE */
115void rsa_pkcs1_sign_raw( char *message_hex_string, char *hash_result_string,
116 int padding_mode, int mod, int radix_P, char *input_P,
117 int radix_Q, char *input_Q, int radix_N,
118 char *input_N, int radix_E, char *input_E,
119 char *result_hex_str )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]120{
121 unsigned char message_str[1000];
122 unsigned char hash_result[1000];
123 unsigned char output[1000];
124 unsigned char output_str[1000];
125 rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]126 mpi P1, Q1, H, G;
Paul Bakkereaf90d92011-07-13 14:21:52 +0000[diff] [blame]127 int hash_len;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]128 rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]129
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]130 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]131 rsa_init( &ctx, padding_mode, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]132
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]133 memset( message_str, 0x00, 1000 );
134 memset( hash_result, 0x00, 1000 );
135 memset( output, 0x00, 1000 );
136 memset( output_str, 0x00, 1000 );
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]137 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]138
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]139 ctx.len = mod / 8;
140 TEST_ASSERT( mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
141 TEST_ASSERT( mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
142 TEST_ASSERT( mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
143 TEST_ASSERT( mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]144
145 TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
146 TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
147 TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
148 TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H ) == 0 );
149 TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
150 TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
151 TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
152 TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
153
154 TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
155
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]156 unhexify( message_str, message_hex_string );
157 hash_len = unhexify( hash_result, hash_result_string );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]158
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]159 TEST_ASSERT( rsa_pkcs1_sign( &ctx, &rnd_pseudo_rand, &rnd_info, RSA_PRIVATE, POLARSSL_MD_NONE, hash_len, hash_result, output ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]160
161 hexify( output_str, output, ctx.len );
162
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]163 TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]164
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]165 /* For PKCS#1 v1.5, there is an alternative way to generate signatures */
166 if( padding_mode == RSA_PKCS_V15 )
167 {
168 memset( output, 0x00, 1000 );
169 memset( output_str, 0x00, 1000 );
170
171 TEST_ASSERT( rsa_rsaes_pkcs1_v15_encrypt( &ctx,
172 &rnd_pseudo_rand, &rnd_info, RSA_PRIVATE,
173 hash_len, hash_result, output ) == 0 );
174
175 hexify( output_str, output, ctx.len );
176
177 TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
178 }
179
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame^]180exit:
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]181 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]182 rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]183}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]184/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]185
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]186/* BEGIN_CASE */
187void rsa_pkcs1_verify_raw( char *message_hex_string, char *hash_result_string,
188 int padding_mode, int mod, int radix_N,
189 char *input_N, int radix_E, char *input_E,
190 char *result_hex_str, int correct )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]191{
192 unsigned char message_str[1000];
193 unsigned char hash_result[1000];
194 unsigned char result_str[1000];
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]195 unsigned char output[1000];
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]196 rsa_context ctx;
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]197 size_t hash_len, olen;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]198
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]199 rsa_init( &ctx, padding_mode, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]200 memset( message_str, 0x00, 1000 );
201 memset( hash_result, 0x00, 1000 );
202 memset( result_str, 0x00, 1000 );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]203 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]204
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]205 ctx.len = mod / 8;
206 TEST_ASSERT( mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
207 TEST_ASSERT( mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]208
209 TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
210
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]211 unhexify( message_str, message_hex_string );
212 hash_len = unhexify( hash_result, hash_result_string );
213 unhexify( result_str, result_hex_str );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]214
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]215 TEST_ASSERT( rsa_pkcs1_verify( &ctx, NULL, NULL, RSA_PUBLIC, POLARSSL_MD_NONE, hash_len, hash_result, result_str ) == correct );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]216
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]217 /* For PKCS#1 v1.5, there is an alternative way to verify signatures */
218 if( padding_mode == RSA_PKCS_V15 )
219 {
220 int ok;
221
222 TEST_ASSERT( rsa_rsaes_pkcs1_v15_decrypt( &ctx,
223 NULL, NULL, RSA_PUBLIC,
224 &olen, result_str, output, sizeof( output ) ) == 0 );
225
226 ok = olen == hash_len && memcmp( output, hash_result, olen ) == 0;
227 if( correct == 0 )
228 TEST_ASSERT( ok == 1 );
229 else
230 TEST_ASSERT( ok == 0 );
231 }
232
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame^]233exit:
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]234 rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]235}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]236/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]237
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]238/* BEGIN_CASE */
239void rsa_pkcs1_encrypt( char *message_hex_string, int padding_mode, int mod,
240 int radix_N, char *input_N, int radix_E, char *input_E,
241 char *result_hex_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]242{
243 unsigned char message_str[1000];
244 unsigned char output[1000];
245 unsigned char output_str[1000];
246 rsa_context ctx;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]247 size_t msg_len;
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]248 rnd_pseudo_info rnd_info;
249
250 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]251
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]252 rsa_init( &ctx, padding_mode, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]253 memset( message_str, 0x00, 1000 );
254 memset( output, 0x00, 1000 );
255 memset( output_str, 0x00, 1000 );
256
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]257 ctx.len = mod / 8;
258 TEST_ASSERT( mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
259 TEST_ASSERT( mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]260
261 TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
262
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]263 msg_len = unhexify( message_str, message_hex_string );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]264
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]265 TEST_ASSERT( rsa_pkcs1_encrypt( &ctx, &rnd_pseudo_rand, &rnd_info, RSA_PUBLIC, msg_len, message_str, output ) == result );
266 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]267 {
268 hexify( output_str, output, ctx.len );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]269
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]270 TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]271 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]272
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame^]273exit:
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]274 rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]275}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]276/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]277
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]278/* BEGIN_CASE */
279void rsa_pkcs1_encrypt_bad_rng( char *message_hex_string, int padding_mode,
280 int mod, int radix_N, char *input_N,
281 int radix_E, char *input_E,
282 char *result_hex_str, int result )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]283{
284 unsigned char message_str[1000];
285 unsigned char output[1000];
286 unsigned char output_str[1000];
287 rsa_context ctx;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]288 size_t msg_len;
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]289
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]290 rsa_init( &ctx, padding_mode, 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]291 memset( message_str, 0x00, 1000 );
292 memset( output, 0x00, 1000 );
293 memset( output_str, 0x00, 1000 );
294
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]295 ctx.len = mod / 8;
296 TEST_ASSERT( mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
297 TEST_ASSERT( mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]298
299 TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
300
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]301 msg_len = unhexify( message_str, message_hex_string );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]302
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]303 TEST_ASSERT( rsa_pkcs1_encrypt( &ctx, &rnd_zero_rand, NULL, RSA_PUBLIC, msg_len, message_str, output ) == result );
304 if( result == 0 )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]305 {
306 hexify( output_str, output, ctx.len );
307
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]308 TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]309 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]310
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame^]311exit:
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]312 rsa_free( &ctx );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]313}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]314/* END_CASE */
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]315
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]316/* BEGIN_CASE */
317void rsa_pkcs1_decrypt( char *message_hex_string, int padding_mode, int mod,
318 int radix_P, char *input_P, int radix_Q, char *input_Q,
319 int radix_N, char *input_N, int radix_E, char *input_E,
320 int max_output, char *result_hex_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]321{
322 unsigned char message_str[1000];
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]323 unsigned char output[1000];
324 unsigned char output_str[1000];
325 rsa_context ctx;
326 mpi P1, Q1, H, G;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]327 size_t output_len;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]328 rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]329
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]330 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]331 rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]332
333 memset( message_str, 0x00, 1000 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]334 memset( output, 0x00, 1000 );
335 memset( output_str, 0x00, 1000 );
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]336 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]337
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]338 ctx.len = mod / 8;
339 TEST_ASSERT( mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
340 TEST_ASSERT( mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
341 TEST_ASSERT( mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
342 TEST_ASSERT( mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]343
344 TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
345 TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
346 TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
347 TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H ) == 0 );
348 TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
349 TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
350 TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
351 TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
352
353 TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
354
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]355 unhexify( message_str, message_hex_string );
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]356 output_len = 0;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]357
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]358 TEST_ASSERT( rsa_pkcs1_decrypt( &ctx, rnd_pseudo_rand, &rnd_info, RSA_PRIVATE, &output_len, message_str, output, max_output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]359 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]360 {
361 hexify( output_str, output, ctx.len );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]362
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]363 TEST_ASSERT( strncasecmp( (char *) output_str, result_hex_str, strlen( result_hex_str ) ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]364 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]365
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame^]366exit:
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]367 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]368 rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]369}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]370/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]371
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]372/* BEGIN_CASE */
373void rsa_public( char *message_hex_string, int mod, int radix_N, char *input_N,
374 int radix_E, char *input_E, char *result_hex_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]375{
376 unsigned char message_str[1000];
377 unsigned char output[1000];
378 unsigned char output_str[1000];
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]379 rsa_context ctx, ctx2; /* Also test rsa_copy() while at it */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]380
Paul Bakkerebcef6d2010-08-16 11:10:49 +0000[diff] [blame]381 rsa_init( &ctx, RSA_PKCS_V15, 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]382 rsa_init( &ctx2, RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]383 memset( message_str, 0x00, 1000 );
384 memset( output, 0x00, 1000 );
385 memset( output_str, 0x00, 1000 );
386
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]387 ctx.len = mod / 8;
388 TEST_ASSERT( mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
389 TEST_ASSERT( mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]390
391 TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
392
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]393 unhexify( message_str, message_hex_string );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]394
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]395 TEST_ASSERT( rsa_public( &ctx, message_str, output ) == result );
396 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]397 {
398 hexify( output_str, output, ctx.len );
399
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]400 TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]401 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]402
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]403 /* And now with the copy */
404 TEST_ASSERT( rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame^]405 /* clear the original to be sure */
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]406 rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]407
408 TEST_ASSERT( rsa_check_pubkey( &ctx2 ) == 0 );
409
410 memset( output, 0x00, 1000 );
411 memset( output_str, 0x00, 1000 );
412 TEST_ASSERT( rsa_public( &ctx2, message_str, output ) == result );
413 if( result == 0 )
414 {
415 hexify( output_str, output, ctx2.len );
416
417 TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
418 }
419
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame^]420exit:
421 rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]422 rsa_free( &ctx2 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]423}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]424/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]425
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]426/* BEGIN_CASE */
427void rsa_private( char *message_hex_string, int mod, int radix_P, char *input_P,
428 int radix_Q, char *input_Q, int radix_N, char *input_N,
429 int radix_E, char *input_E, char *result_hex_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]430{
431 unsigned char message_str[1000];
432 unsigned char output[1000];
433 unsigned char output_str[1000];
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]434 rsa_context ctx, ctx2; /* Also test rsa_copy() while at it */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]435 mpi P1, Q1, H, G;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]436 rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]437 int i;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]438
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]439 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
Paul Bakkerebcef6d2010-08-16 11:10:49 +0000[diff] [blame]440 rsa_init( &ctx, RSA_PKCS_V15, 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]441 rsa_init( &ctx2, RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]442
443 memset( message_str, 0x00, 1000 );
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]444 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]445
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]446 ctx.len = mod / 8;
447 TEST_ASSERT( mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
448 TEST_ASSERT( mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
449 TEST_ASSERT( mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
450 TEST_ASSERT( mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]451
452 TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
453 TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
454 TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
455 TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H ) == 0 );
456 TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
457 TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
458 TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
459 TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
460
461 TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
462
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]463 unhexify( message_str, message_hex_string );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]464
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]465 /* repeat three times to test updating of blinding values */
466 for( i = 0; i < 3; i++ )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]467 {
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]468 memset( output, 0x00, 1000 );
469 memset( output_str, 0x00, 1000 );
470 TEST_ASSERT( rsa_private( &ctx, rnd_pseudo_rand, &rnd_info,
471 message_str, output ) == result );
472 if( result == 0 )
473 {
474 hexify( output_str, output, ctx.len );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]475
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]476 TEST_ASSERT( strcasecmp( (char *) output_str,
477 result_hex_str ) == 0 );
478 }
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]479 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]480
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]481 /* And now one more time with the copy */
482 TEST_ASSERT( rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame^]483 /* clear the original to be sure */
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]484 rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]485
486 TEST_ASSERT( rsa_check_privkey( &ctx2 ) == 0 );
487
488 memset( output, 0x00, 1000 );
489 memset( output_str, 0x00, 1000 );
490 TEST_ASSERT( rsa_private( &ctx2, rnd_pseudo_rand, &rnd_info,
491 message_str, output ) == result );
492 if( result == 0 )
493 {
494 hexify( output_str, output, ctx2.len );
495
496 TEST_ASSERT( strcasecmp( (char *) output_str,
497 result_hex_str ) == 0 );
498 }
499
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame^]500exit:
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]501 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame^]502 rsa_free( &ctx ); rsa_free( &ctx2 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]503}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]504/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]505
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]506/* BEGIN_CASE */
507void rsa_check_privkey_null()
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]508{
509 rsa_context ctx;
510 memset( &ctx, 0x00, sizeof( rsa_context ) );
511
512 TEST_ASSERT( rsa_check_privkey( &ctx ) == POLARSSL_ERR_RSA_KEY_CHECK_FAILED );
513}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]514/* END_CASE */
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]515
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]516/* BEGIN_CASE */
517void rsa_check_pubkey( int radix_N, char *input_N, int radix_E, char *input_E,
518 int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]519{
520 rsa_context ctx;
521
Paul Bakkerebcef6d2010-08-16 11:10:49 +0000[diff] [blame]522 rsa_init( &ctx, RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]523
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]524 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]525 {
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]526 TEST_ASSERT( mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]527 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]528 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]529 {
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]530 TEST_ASSERT( mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]531 }
532
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]533 TEST_ASSERT( rsa_check_pubkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]534
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame^]535exit:
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]536 rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]537}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]538/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]539
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]540/* BEGIN_CASE */
541void rsa_check_privkey( int mod, int radix_P, char *input_P, int radix_Q,
542 char *input_Q, int radix_N, char *input_N,
543 int radix_E, char *input_E, int radix_D, char *input_D,
544 int radix_DP, char *input_DP, int radix_DQ,
545 char *input_DQ, int radix_QP, char *input_QP,
546 int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]547{
548 rsa_context ctx;
549
Paul Bakkerebcef6d2010-08-16 11:10:49 +0000[diff] [blame]550 rsa_init( &ctx, RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]551
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]552 ctx.len = mod / 8;
553 if( strlen( input_P ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]554 {
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]555 TEST_ASSERT( mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]556 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]557 if( strlen( input_Q ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]558 {
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]559 TEST_ASSERT( mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]560 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]561 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]562 {
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]563 TEST_ASSERT( mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]564 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]565 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]566 {
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]567 TEST_ASSERT( mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]568 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]569 if( strlen( input_D ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]570 {
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]571 TEST_ASSERT( mpi_read_string( &ctx.D, radix_D, input_D ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]572 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]573 if( strlen( input_DP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]574 {
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]575 TEST_ASSERT( mpi_read_string( &ctx.DP, radix_DP, input_DP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]576 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]577 if( strlen( input_DQ ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]578 {
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]579 TEST_ASSERT( mpi_read_string( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]580 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]581 if( strlen( input_QP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]582 {
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]583 TEST_ASSERT( mpi_read_string( &ctx.QP, radix_QP, input_QP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]584 }
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]585
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]586 TEST_ASSERT( rsa_check_privkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]587
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame^]588exit:
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]589 rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]590}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]591/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]592
Manuel Pégourié-Gonnarda0d758b2013-12-01 16:27:00 +0100[diff] [blame]593/* BEGIN_CASE depends_on:POLARSSL_CTR_DRBG_C:POLARSSL_ENTROPY_C */
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]594void rsa_gen_key( int nrbits, int exponent, int result)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]595{
596 rsa_context ctx;
Paul Bakkerc0a1a312011-12-04 17:12:15 +0000[diff] [blame]597 entropy_context entropy;
598 ctr_drbg_context ctr_drbg;
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]599 const char *pers = "test_suite_rsa";
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]600
Paul Bakkerc0a1a312011-12-04 17:12:15 +0000[diff] [blame]601 entropy_init( &entropy );
602 TEST_ASSERT( ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]603 (const unsigned char *) pers, strlen( pers ) ) == 0 );
Paul Bakkerc0a1a312011-12-04 17:12:15 +0000[diff] [blame]604
Paul Bakkerebcef6d2010-08-16 11:10:49 +0000[diff] [blame]605 rsa_init( &ctx, 0, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]606
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]607 TEST_ASSERT( rsa_gen_key( &ctx, ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result );
608 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]609 {
610 TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
611 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]612
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame^]613exit:
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]614 rsa_free( &ctx );
Paul Bakkera317a982014-06-18 16:44:11 +0200[diff] [blame]615 ctr_drbg_free( &ctr_drbg );
Paul Bakker1ffefac2013-09-28 15:23:03 +0200[diff] [blame]616 entropy_free( &entropy );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]617}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]618/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]619
Manuel Pégourié-Gonnard20140162013-10-10 12:48:03 +0200[diff] [blame]620/* BEGIN_CASE depends_on:POLARSSL_SELF_TEST */
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]621void rsa_selftest()
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]622{
623 TEST_ASSERT( rsa_self_test( 0 ) == 0 );
624}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]625/* END_CASE */