TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 0fdd8d297a2d0374571fb0c8b026c83cfcfe2c81 / . / tests / suites / test_suite_rsa.function
blob: 1182cc6e69863c3d3762f72b0b955b1539886058 [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/rsa.h"
Chris Jones66a4cd42021-03-09 16:04:12 +0000[diff] [blame]3#include "rsa_alt_helpers.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]4#include "mbedtls/md2.h"
5#include "mbedtls/md4.h"
6#include "mbedtls/md5.h"
7#include "mbedtls/sha1.h"
8#include "mbedtls/sha256.h"
9#include "mbedtls/sha512.h"
10#include "mbedtls/entropy.h"
11#include "mbedtls/ctr_drbg.h"
Hanno Becker47deec42017-07-24 12:27:09 +0100[diff] [blame]12
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]13/* END_HEADER */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]14
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]15/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]16 * depends_on:MBEDTLS_RSA_C:MBEDTLS_BIGNUM_C:MBEDTLS_GENPRIME
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]17 * END_DEPENDENCIES
18 */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]19
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]20/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
21void rsa_invalid_param( )
22{
23 mbedtls_rsa_context ctx;
24 const int valid_padding = MBEDTLS_RSA_PKCS_V21;
25 const int invalid_padding = 42;
26 const int valid_mode = MBEDTLS_RSA_PRIVATE;
27 const int invalid_mode = 42;
28 unsigned char buf[42] = { 0 };
29 size_t olen;
30
31 TEST_INVALID_PARAM( mbedtls_rsa_init( NULL, valid_padding, 0 ) );
32 TEST_INVALID_PARAM( mbedtls_rsa_init( &ctx, invalid_padding, 0 ) );
33 TEST_VALID_PARAM( mbedtls_rsa_free( NULL ) );
34
35 /* No more variants because only the first argument must be non-NULL. */
36 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
37 mbedtls_rsa_import( NULL, NULL, NULL,
38 NULL, NULL, NULL ) );
39 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
40 mbedtls_rsa_import_raw( NULL,
41 NULL, 0,
42 NULL, 0,
43 NULL, 0,
44 NULL, 0,
45 NULL, 0 ) );
46
47 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
48 mbedtls_rsa_complete( NULL ) );
49
50 /* No more variants because only the first argument must be non-NULL. */
51 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
52 mbedtls_rsa_export( NULL, NULL, NULL,
53 NULL, NULL, NULL ) );
54 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
55 mbedtls_rsa_export_raw( NULL,
56 NULL, 0,
57 NULL, 0,
58 NULL, 0,
59 NULL, 0,
60 NULL, 0 ) );
61 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
62 mbedtls_rsa_export_crt( NULL, NULL, NULL, NULL ) );
63
64 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( NULL,
65 valid_padding, 0 ) );
66 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( &ctx,
67 invalid_padding, 0 ) );
68
69 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]70 mbedtls_rsa_gen_key( NULL,
71 mbedtls_test_rnd_std_rand,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]72 NULL, 0, 0 ) );
73 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
74 mbedtls_rsa_gen_key( &ctx, NULL,
75 NULL, 0, 0 ) );
76
77 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
78 mbedtls_rsa_check_pubkey( NULL ) );
79 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
80 mbedtls_rsa_check_privkey( NULL ) );
81
82 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
83 mbedtls_rsa_check_pub_priv( NULL, &ctx ) );
84 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
85 mbedtls_rsa_check_pub_priv( &ctx, NULL ) );
86
87 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
88 mbedtls_rsa_public( NULL, buf, buf ) );
89 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
90 mbedtls_rsa_public( &ctx, NULL, buf ) );
91 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
92 mbedtls_rsa_public( &ctx, buf, NULL ) );
93
94 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
95 mbedtls_rsa_private( NULL, NULL, NULL,
96 buf, buf ) );
97 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
98 mbedtls_rsa_private( &ctx, NULL, NULL,
99 NULL, buf ) );
100 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
101 mbedtls_rsa_private( &ctx, NULL, NULL,
102 buf, NULL ) );
103
104 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
105 mbedtls_rsa_pkcs1_encrypt( NULL, NULL, NULL,
106 valid_mode,
107 sizeof( buf ), buf,
108 buf ) );
109 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
110 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
111 invalid_mode,
112 sizeof( buf ), buf,
113 buf ) );
114 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
115 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
116 valid_mode,
117 sizeof( buf ), NULL,
118 buf ) );
119 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
120 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
121 valid_mode,
122 sizeof( buf ), buf,
123 NULL ) );
124
125 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
126 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( NULL, NULL,
127 NULL,
128 valid_mode,
129 sizeof( buf ), buf,
130 buf ) );
131 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
132 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
133 NULL,
134 invalid_mode,
135 sizeof( buf ), buf,
136 buf ) );
137 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
138 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
139 NULL,
140 valid_mode,
141 sizeof( buf ), NULL,
142 buf ) );
143 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
144 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
145 NULL,
146 valid_mode,
147 sizeof( buf ), buf,
148 NULL ) );
149
150 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
151 mbedtls_rsa_rsaes_oaep_encrypt( NULL, NULL, NULL,
152 valid_mode,
153 buf, sizeof( buf ),
154 sizeof( buf ), buf,
155 buf ) );
156 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
157 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
158 invalid_mode,
159 buf, sizeof( buf ),
160 sizeof( buf ), buf,
161 buf ) );
162 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
163 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
164 valid_mode,
165 NULL, sizeof( buf ),
166 sizeof( buf ), buf,
167 buf ) );
168 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
169 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
170 valid_mode,
171 buf, sizeof( buf ),
172 sizeof( buf ), NULL,
173 buf ) );
174 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
175 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
176 valid_mode,
177 buf, sizeof( buf ),
178 sizeof( buf ), buf,
179 NULL ) );
180
181 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
182 mbedtls_rsa_pkcs1_decrypt( NULL, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]183 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]184 buf, buf, 42 ) );
185 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
186 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]187 NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]188 buf, buf, 42 ) );
189 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
190 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]191 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]192 NULL, buf, 42 ) );
193 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
194 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]195 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]196 buf, NULL, 42 ) );
197
198 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
199 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( NULL, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]200 NULL, &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]201 buf, buf, 42 ) );
202 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
203 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]204 NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]205 buf, buf, 42 ) );
206 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
207 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]208 NULL, &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]209 NULL, buf, 42 ) );
210 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
211 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
Thomas Daubney34733082021-05-12 09:24:29 +0100[diff] [blame]212 NULL, &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]213 buf, NULL, 42 ) );
214
215 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
216 mbedtls_rsa_rsaes_oaep_decrypt( NULL, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]217 buf, sizeof( buf ),
218 &olen,
219 buf, buf, 42 ) );
220 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
221 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]222 NULL, sizeof( buf ),
223 NULL,
224 buf, buf, 42 ) );
225 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
226 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]227 buf, sizeof( buf ),
228 &olen,
229 NULL, buf, 42 ) );
230 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
231 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]232 buf, sizeof( buf ),
233 &olen,
234 buf, NULL, 42 ) );
235
236 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
237 mbedtls_rsa_pkcs1_sign( NULL, NULL, NULL,
238 valid_mode,
239 0, sizeof( buf ), buf,
240 buf ) );
241 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
242 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
243 invalid_mode,
244 0, sizeof( buf ), buf,
245 buf ) );
246 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
247 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
248 valid_mode,
249 0, sizeof( buf ), NULL,
250 buf ) );
251 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
252 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
253 valid_mode,
254 0, sizeof( buf ), buf,
255 NULL ) );
256 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
257 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
258 valid_mode,
259 MBEDTLS_MD_SHA1,
260 0, NULL,
261 buf ) );
262
263 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
264 mbedtls_rsa_rsassa_pkcs1_v15_sign( NULL, NULL, NULL,
265 valid_mode,
266 0, sizeof( buf ), buf,
267 buf ) );
268 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
269 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
270 invalid_mode,
271 0, sizeof( buf ), buf,
272 buf ) );
273 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
274 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
275 valid_mode,
276 0, sizeof( buf ), NULL,
277 buf ) );
278 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
279 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
280 valid_mode,
281 0, sizeof( buf ), buf,
282 NULL ) );
283 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
284 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
285 valid_mode,
286 MBEDTLS_MD_SHA1,
287 0, NULL,
288 buf ) );
289
290 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
291 mbedtls_rsa_rsassa_pss_sign( NULL, NULL, NULL,
292 valid_mode,
293 0, sizeof( buf ), buf,
294 buf ) );
295 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
296 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
297 invalid_mode,
298 0, sizeof( buf ), buf,
299 buf ) );
300 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
301 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
302 valid_mode,
303 0, sizeof( buf ), NULL,
304 buf ) );
305 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
306 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
307 valid_mode,
308 0, sizeof( buf ), buf,
309 NULL ) );
310 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
311 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
312 valid_mode,
313 MBEDTLS_MD_SHA1,
314 0, NULL,
315 buf ) );
316
317 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Cédric Meutera05cbec2020-04-25 15:02:34 +0200[diff] [blame]318 mbedtls_rsa_rsassa_pss_sign_ext( NULL, NULL, NULL,
319 0, sizeof( buf ), buf,
320 MBEDTLS_RSA_SALT_LEN_ANY,
321 buf ) );
322 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
323 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
324 0, sizeof( buf ), NULL,
325 MBEDTLS_RSA_SALT_LEN_ANY,
326 buf ) );
327 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
328 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
329 0, sizeof( buf ), buf,
330 MBEDTLS_RSA_SALT_LEN_ANY,
331 NULL ) );
332 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
333 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
334 MBEDTLS_MD_SHA1,
335 0, NULL,
336 MBEDTLS_RSA_SALT_LEN_ANY,
337 buf ) );
338
339 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]340 mbedtls_rsa_pkcs1_verify( NULL, NULL, NULL,
341 valid_mode,
342 0, sizeof( buf ), buf,
343 buf ) );
344 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
345 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
346 invalid_mode,
347 0, sizeof( buf ), buf,
348 buf ) );
349 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
350 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
351 valid_mode,
352 0, sizeof( buf ), NULL,
353 buf ) );
354 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
355 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
356 valid_mode,
357 0, sizeof( buf ), buf,
358 NULL ) );
359 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
360 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
361 valid_mode,
362 MBEDTLS_MD_SHA1, 0, NULL,
363 buf ) );
364
365 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
366 mbedtls_rsa_rsassa_pkcs1_v15_verify( NULL, NULL,
367 NULL,
368 valid_mode,
369 0, sizeof( buf ), buf,
370 buf ) );
371 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
372 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
373 NULL,
374 invalid_mode,
375 0, sizeof( buf ), buf,
376 buf ) );
377 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
378 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
379 NULL,
380 valid_mode,
381 0, sizeof( buf ),
382 NULL, buf ) );
383 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
384 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
385 NULL,
386 valid_mode,
387 0, sizeof( buf ), buf,
388 NULL ) );
389 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
390 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
391 NULL,
392 valid_mode,
393 MBEDTLS_MD_SHA1,
394 0, NULL,
395 buf ) );
396
397 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
398 mbedtls_rsa_rsassa_pss_verify( NULL, NULL, NULL,
399 valid_mode,
400 0, sizeof( buf ),
401 buf, buf ) );
402 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
403 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
404 invalid_mode,
405 0, sizeof( buf ),
406 buf, buf ) );
407 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
408 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
409 valid_mode,
410 0, sizeof( buf ),
411 NULL, buf ) );
412 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
413 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
414 valid_mode,
415 0, sizeof( buf ),
416 buf, NULL ) );
417 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
418 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
419 valid_mode,
420 MBEDTLS_MD_SHA1,
421 0, NULL,
422 buf ) );
423
424 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
425 mbedtls_rsa_rsassa_pss_verify_ext( NULL, NULL, NULL,
426 valid_mode,
427 0, sizeof( buf ),
428 buf,
429 0, 0,
430 buf ) );
431 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
432 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
433 invalid_mode,
434 0, sizeof( buf ),
435 buf,
436 0, 0,
437 buf ) );
438 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
439 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
440 valid_mode,
441 0, sizeof( buf ),
442 NULL, 0, 0,
443 buf ) );
444 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
445 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
446 valid_mode,
447 0, sizeof( buf ),
448 buf, 0, 0,
449 NULL ) );
450 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
451 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
452 valid_mode,
453 MBEDTLS_MD_SHA1,
454 0, NULL,
455 0, 0,
456 buf ) );
457
458 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
459 mbedtls_rsa_copy( NULL, &ctx ) );
460 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
461 mbedtls_rsa_copy( &ctx, NULL ) );
462
463exit:
464 return;
465}
466/* END_CASE */
467
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]468/* BEGIN_CASE */
Gilles Peskine914afe12021-02-01 17:55:24 +0100[diff] [blame]469void rsa_init_free( int reinit )
470{
471 mbedtls_rsa_context ctx;
472
473 /* Double free is not explicitly documented to work, but we rely on it
474 * even inside the library so that you can call mbedtls_rsa_free()
475 * unconditionally on an error path without checking whether it has
476 * already been called in the success path. */
477
478 mbedtls_rsa_init( &ctx, 0, 0 );
479 mbedtls_rsa_free( &ctx );
480
481 if( reinit )
482 mbedtls_rsa_init( &ctx, 0, 0 );
483 mbedtls_rsa_free( &ctx );
484
485 /* This test case always succeeds, functionally speaking. A plausible
486 * bug might trigger an invalid pointer dereference or a memory leak. */
487 goto exit;
488}
489/* END_CASE */
490
491/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]492void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]493 int digest, int mod, int radix_P, char * input_P,
494 int radix_Q, char * input_Q, int radix_N,
495 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]496 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]497{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]498 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
499 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]500 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]501 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]502 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]503
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]504 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
505 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]506 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]507
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]508 memset( hash_result, 0x00, sizeof( hash_result ) );
509 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]510 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]511
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]512 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
513 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
514 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
515 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]516
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]517 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
518 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]519 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]520 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]521
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]522
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]523 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]524 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]525
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]526 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
527 &rnd_info, MBEDTLS_RSA_PRIVATE, digest,
528 0, hash_result, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]529 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]530 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]531
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]532 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
533 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]534 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]535
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]536exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]537 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
538 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]539 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]540}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]541/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]542
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]543/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]544void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]545 int digest, int mod, int radix_N,
546 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]547 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]548{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]549 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]550 mbedtls_rsa_context ctx;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]551
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]552 mbedtls_mpi N, E;
553
554 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]555 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]556 memset( hash_result, 0x00, sizeof( hash_result ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]557
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]558 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
559 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
560 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
561 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]562 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]563
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]564
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]565 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]566 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]567
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]568 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]569
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]570exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]571 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]572 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]573}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]574/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]575
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]576
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]577/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]578void rsa_pkcs1_sign_raw( data_t * hash_result,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]579 int padding_mode, int mod, int radix_P,
580 char * input_P, int radix_Q, char * input_Q,
581 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]582 char * input_E, data_t * result_str )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]583{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]584 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]585 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]586 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]587 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]588
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]589 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]590 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
591 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]592
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]593 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]594 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]595
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]596 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
597 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
598 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
599 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]600
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]601 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
602 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]603 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]604 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]605
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]606
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]607 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
608 &rnd_info, MBEDTLS_RSA_PRIVATE,
609 MBEDTLS_MD_NONE, hash_result->len,
610 hash_result->x, output ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]611
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]612
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]613 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
614 ctx.len, result_str->len ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]615
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]616#if defined(MBEDTLS_PKCS1_V15)
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]617 /* For PKCS#1 v1.5, there is an alternative way to generate signatures */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]618 if( padding_mode == MBEDTLS_RSA_PKCS_V15 )
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]619 {
Manuel Pégourié-Gonnard1ba8a3f2018-03-13 13:27:14 +0100[diff] [blame]620 int res;
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]621 memset( output, 0x00, sizeof( output) );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]622
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]623 res = mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]624 &mbedtls_test_rnd_pseudo_rand, &rnd_info,
625 MBEDTLS_RSA_PRIVATE, hash_result->len,
626 hash_result->x, output );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]627
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]628#if !defined(MBEDTLS_RSA_ALT)
629 TEST_ASSERT( res == 0 );
630#else
631 TEST_ASSERT( ( res == 0 ) ||
TRodziewiczb579ccd2021-04-13 14:28:28 +0200[diff] [blame]632 ( res == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ) );
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]633#endif
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]634
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]635 if( res == 0 )
636 {
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]637 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]638 ctx.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]639 result_str->len ) == 0 );
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]640 }
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]641 }
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]642#endif /* MBEDTLS_PKCS1_V15 */
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]643
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]644exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]645 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
646 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
647
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]648 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]649}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]650/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]651
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]652/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]653void rsa_pkcs1_verify_raw( data_t * hash_result,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]654 int padding_mode, int mod, int radix_N,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]655 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]656 data_t * result_str, int correct )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]657{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]658 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]659 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]660
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]661 mbedtls_mpi N, E;
662 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
663
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]664 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]665 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]666
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]667 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
668 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]669
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]670 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
671 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]672 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]673
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]674
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]675 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]676
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]677exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]678 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]679 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]680}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]681/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]682
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]683/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]684void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]685 int mod, int radix_N, char * input_N,
686 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]687 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]688{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]689 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]690 mbedtls_rsa_context ctx;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]691 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]692
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]693 mbedtls_mpi N, E;
694 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
695
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]696 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]697
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]698 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]699 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]700
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]701 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
702 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]703
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]704 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
705 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]706 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]707
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]708
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]709 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx,
710 &mbedtls_test_rnd_pseudo_rand,
711 &rnd_info, MBEDTLS_RSA_PUBLIC,
712 message_str->len, message_str->x,
713 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]714 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]715 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]716
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]717 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
718 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]719 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]720
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]721exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]722 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]723 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]724}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]725/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]726
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]727/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]728void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]729 int mod, int radix_N, char * input_N,
730 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]731 data_t * result_str, int result )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]732{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]733 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]734 mbedtls_rsa_context ctx;
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]735
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]736 mbedtls_mpi N, E;
737
738 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]739 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]740 memset( output, 0x00, sizeof( output ) );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]741
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]742 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
743 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]744
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]745 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
746 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]747 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]748
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]749
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]750 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &mbedtls_test_rnd_zero_rand,
751 NULL, MBEDTLS_RSA_PUBLIC,
752 message_str->len, message_str->x,
753 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]754 if( result == 0 )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]755 {
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]756
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]757 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
758 ctx.len, result_str->len ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]759 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]760
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]761exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]762 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]763 mbedtls_rsa_free( &ctx );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]764}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]765/* END_CASE */
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]766
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]767/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]768void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]769 int mod, int radix_P, char * input_P,
770 int radix_Q, char * input_Q, int radix_N,
771 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]772 int max_output, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]773 int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]774{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]775 unsigned char output[32];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]776 mbedtls_rsa_context ctx;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]777 size_t output_len;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]778 mbedtls_test_rnd_pseudo_info rnd_info;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]779 mbedtls_mpi N, P, Q, E;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]780
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]781 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
782 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
783
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]784 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]785
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]786 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]787 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]788
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]789
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]790 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
791 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
792 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
793 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]794
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]795 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
796 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]797 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]798 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]799
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]800 output_len = 0;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]801
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]802 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, mbedtls_test_rnd_pseudo_rand,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]803 &rnd_info,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]804 &output_len, message_str->x, output,
805 max_output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]806 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]807 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]808
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]809 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]810 output_len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]811 result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]812 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]813
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]814exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]815 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
816 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]817 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]818}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]819/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]820
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]821/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]822void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]823 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]824 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]825{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]826 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]827 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]828
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]829 mbedtls_mpi N, E;
830
831 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]832 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
833 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]834 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]835
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]836 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
837 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]838
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]839 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
840 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]841 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]842
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]843
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]844 TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]845 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]846 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]847
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]848 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
849 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]850 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]851
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]852 /* And now with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]853 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]854 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]855 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]856
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]857 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]858
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]859 memset( output, 0x00, sizeof( output ) );
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]860 TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str->x, output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]861 if( result == 0 )
862 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]863
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]864 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
865 ctx.len, result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]866 }
867
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]868exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]869 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]870 mbedtls_rsa_free( &ctx );
871 mbedtls_rsa_free( &ctx2 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]872}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]873/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]874
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]875/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]876void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]877 char * input_P, int radix_Q, char * input_Q,
878 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]879 char * input_E, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]880 int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]881{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]882 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]883 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]884 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]885 mbedtls_test_rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]886 int i;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]887
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]888 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
889 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]890 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
891 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]892
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]893 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]894
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]895 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
896 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
897 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
898 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]899
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]900 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
901 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]902 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]903 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]904
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]905
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]906 /* repeat three times to test updating of blinding values */
907 for( i = 0; i < 3; i++ )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]908 {
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]909 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]910 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_test_rnd_pseudo_rand,
911 &rnd_info, message_str->x,
912 output ) == result );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]913 if( result == 0 )
914 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]915
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]916 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]917 ctx.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]918 result_str->len ) == 0 );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]919 }
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]920 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]921
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]922 /* And now one more time with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]923 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]924 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]925 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]926
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]927 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]928
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]929 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]930 TEST_ASSERT( mbedtls_rsa_private( &ctx2, mbedtls_test_rnd_pseudo_rand,
931 &rnd_info, message_str->x,
932 output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]933 if( result == 0 )
934 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]935
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]936 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]937 ctx2.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]938 result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]939 }
940
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]941exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]942 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
943 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
944
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]945 mbedtls_rsa_free( &ctx ); mbedtls_rsa_free( &ctx2 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]946}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]947/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]948
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]949/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]950void rsa_check_privkey_null( )
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]951{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]952 mbedtls_rsa_context ctx;
953 memset( &ctx, 0x00, sizeof( mbedtls_rsa_context ) );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]954
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]955 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]956}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]957/* END_CASE */
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]958
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]959/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]960void mbedtls_rsa_check_pubkey( int radix_N, char * input_N, int radix_E,
961 char * input_E, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]962{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]963 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]964 mbedtls_mpi N, E;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]965
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]966 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]967 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]968
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]969 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]970 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]971 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]972 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]973 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]974 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]975 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]976 }
977
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]978 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]979 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]980
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]981exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]982 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]983 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]984}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]985/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]986
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]987/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]988void mbedtls_rsa_check_privkey( int mod, int radix_P, char * input_P,
989 int radix_Q, char * input_Q, int radix_N,
990 char * input_N, int radix_E, char * input_E,
991 int radix_D, char * input_D, int radix_DP,
992 char * input_DP, int radix_DQ,
993 char * input_DQ, int radix_QP,
994 char * input_QP, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]995{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]996 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]997
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]998 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]999
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1000 ctx.len = mod / 8;
1001 if( strlen( input_P ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1002 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1003 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1004 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1005 if( strlen( input_Q ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1006 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1007 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1008 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1009 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1010 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1011 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1012 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1013 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1014 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1015 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1016 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1017 if( strlen( input_D ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1018 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1019 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.D, radix_D, input_D ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1020 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1021#if !defined(MBEDTLS_RSA_NO_CRT)
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1022 if( strlen( input_DP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1023 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1024 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DP, radix_DP, input_DP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1025 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1026 if( strlen( input_DQ ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1027 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1028 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1029 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1030 if( strlen( input_QP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1031 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1032 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.QP, radix_QP, input_QP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1033 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1034#else
1035 ((void) radix_DP); ((void) input_DP);
1036 ((void) radix_DQ); ((void) input_DQ);
1037 ((void) radix_QP); ((void) input_QP);
1038#endif
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1039
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1040 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1041
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1042exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1043 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1044}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1045/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1046
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1047/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1048void rsa_check_pubpriv( int mod, int radix_Npub, char * input_Npub,
1049 int radix_Epub, char * input_Epub, int radix_P,
1050 char * input_P, int radix_Q, char * input_Q,
1051 int radix_N, char * input_N, int radix_E,
1052 char * input_E, int radix_D, char * input_D,
1053 int radix_DP, char * input_DP, int radix_DQ,
1054 char * input_DQ, int radix_QP, char * input_QP,
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1055 int result )
1056{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1057 mbedtls_rsa_context pub, prv;
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1058
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1059 mbedtls_rsa_init( &pub, MBEDTLS_RSA_PKCS_V15, 0 );
1060 mbedtls_rsa_init( &prv, MBEDTLS_RSA_PKCS_V15, 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1061
1062 pub.len = mod / 8;
1063 prv.len = mod / 8;
1064
1065 if( strlen( input_Npub ) )
1066 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1067 TEST_ASSERT( mbedtls_mpi_read_string( &pub.N, radix_Npub, input_Npub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1068 }
1069 if( strlen( input_Epub ) )
1070 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1071 TEST_ASSERT( mbedtls_mpi_read_string( &pub.E, radix_Epub, input_Epub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1072 }
1073
1074 if( strlen( input_P ) )
1075 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1076 TEST_ASSERT( mbedtls_mpi_read_string( &prv.P, radix_P, input_P ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1077 }
1078 if( strlen( input_Q ) )
1079 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1080 TEST_ASSERT( mbedtls_mpi_read_string( &prv.Q, radix_Q, input_Q ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1081 }
1082 if( strlen( input_N ) )
1083 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1084 TEST_ASSERT( mbedtls_mpi_read_string( &prv.N, radix_N, input_N ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1085 }
1086 if( strlen( input_E ) )
1087 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1088 TEST_ASSERT( mbedtls_mpi_read_string( &prv.E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1089 }
1090 if( strlen( input_D ) )
1091 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1092 TEST_ASSERT( mbedtls_mpi_read_string( &prv.D, radix_D, input_D ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1093 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1094#if !defined(MBEDTLS_RSA_NO_CRT)
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1095 if( strlen( input_DP ) )
1096 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1097 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DP, radix_DP, input_DP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1098 }
1099 if( strlen( input_DQ ) )
1100 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1101 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DQ, radix_DQ, input_DQ ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1102 }
1103 if( strlen( input_QP ) )
1104 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1105 TEST_ASSERT( mbedtls_mpi_read_string( &prv.QP, radix_QP, input_QP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1106 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1107#else
1108 ((void) radix_DP); ((void) input_DP);
1109 ((void) radix_DQ); ((void) input_DQ);
1110 ((void) radix_QP); ((void) input_QP);
1111#endif
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1112
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1113 TEST_ASSERT( mbedtls_rsa_check_pub_priv( &pub, &prv ) == result );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1114
1115exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1116 mbedtls_rsa_free( &pub );
1117 mbedtls_rsa_free( &prv );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1118}
1119/* END_CASE */
1120
Hanno Beckerd4a872e2017-09-07 08:09:33 +0100[diff] [blame]1121/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1122void mbedtls_rsa_gen_key( int nrbits, int exponent, int result)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1123{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1124 mbedtls_rsa_context ctx;
1125 mbedtls_entropy_context entropy;
1126 mbedtls_ctr_drbg_context ctr_drbg;
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]1127 const char *pers = "test_suite_rsa";
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1128
Manuel Pégourié-Gonnard8d128ef2015-04-28 22:38:08 +0200[diff] [blame]1129 mbedtls_ctr_drbg_init( &ctr_drbg );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1130 mbedtls_entropy_init( &entropy );
Hanno Becker7e8e57c2017-07-23 10:19:29 +0100[diff] [blame]1131 mbedtls_rsa_init ( &ctx, 0, 0 );
Paul Bakkerc0a1a312011-12-04 17:12:15 +0000[diff] [blame]1132
Hanno Beckera47023e2017-12-22 17:08:03 +0000[diff] [blame]1133 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1134 &entropy, (const unsigned char *) pers,
1135 strlen( pers ) ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1136
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1137 TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1138 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1139 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1140 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Janos Follathef441782016-09-21 13:18:12 +0100[diff] [blame]1141 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &ctx.Q ) > 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1142 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1143
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1144exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1145 mbedtls_rsa_free( &ctx );
1146 mbedtls_ctr_drbg_free( &ctr_drbg );
1147 mbedtls_entropy_free( &entropy );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1148}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1149/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1150
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1151/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Hanno Becker0f65e0c2017-10-03 14:39:16 +0100[diff] [blame]1152void mbedtls_rsa_deduce_primes( int radix_N, char *input_N,
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1153 int radix_D, char *input_D,
1154 int radix_E, char *input_E,
1155 int radix_P, char *output_P,
1156 int radix_Q, char *output_Q,
1157 int corrupt, int result )
1158{
1159 mbedtls_mpi N, P, Pp, Q, Qp, D, E;
1160
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1161 mbedtls_mpi_init( &N );
1162 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1163 mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp );
1164 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1165
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1166 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1167 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1168 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1169 TEST_ASSERT( mbedtls_mpi_read_string( &Qp, radix_P, output_P ) == 0 );
1170 TEST_ASSERT( mbedtls_mpi_read_string( &Pp, radix_Q, output_Q ) == 0 );
1171
1172 if( corrupt )
1173 TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 );
1174
1175 /* Try to deduce P, Q from N, D, E only. */
Hanno Beckerf9e184b2017-10-10 16:49:26 +0100[diff] [blame]1176 TEST_ASSERT( mbedtls_rsa_deduce_primes( &N, &D, &E, &P, &Q ) == result );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1177
1178 if( !corrupt )
1179 {
1180 /* Check if (P,Q) = (Pp, Qp) or (P,Q) = (Qp, Pp) */
1181 TEST_ASSERT( ( mbedtls_mpi_cmp_mpi( &P, &Pp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Qp ) == 0 ) ||
1182 ( mbedtls_mpi_cmp_mpi( &P, &Qp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Pp ) == 0 ) );
1183 }
1184
1185exit:
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1186 mbedtls_mpi_free( &N );
1187 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1188 mbedtls_mpi_free( &Pp ); mbedtls_mpi_free( &Qp );
1189 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1190}
1191/* END_CASE */
1192
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1193/* BEGIN_CASE */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1194void mbedtls_rsa_deduce_private_exponent( int radix_P, char *input_P,
1195 int radix_Q, char *input_Q,
1196 int radix_E, char *input_E,
1197 int radix_D, char *output_D,
1198 int corrupt, int result )
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1199{
1200 mbedtls_mpi P, Q, D, Dp, E, R, Rp;
1201
1202 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1203 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &Dp );
1204 mbedtls_mpi_init( &E );
1205 mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp );
1206
1207 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1208 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1209 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1210 TEST_ASSERT( mbedtls_mpi_read_string( &Dp, radix_D, output_D ) == 0 );
1211
1212 if( corrupt )
1213 {
1214 /* Make E even */
1215 TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 0 ) == 0 );
1216 }
1217
1218 /* Try to deduce D from N, P, Q, E. */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1219 TEST_ASSERT( mbedtls_rsa_deduce_private_exponent( &P, &Q,
1220 &E, &D ) == result );
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1221
1222 if( !corrupt )
1223 {
1224 /*
1225 * Check that D and Dp agree modulo LCM(P-1, Q-1).
1226 */
1227
1228 /* Replace P,Q by P-1, Q-1 */
1229 TEST_ASSERT( mbedtls_mpi_sub_int( &P, &P, 1 ) == 0 );
1230 TEST_ASSERT( mbedtls_mpi_sub_int( &Q, &Q, 1 ) == 0 );
1231
1232 /* Check D == Dp modulo P-1 */
1233 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &P ) == 0 );
1234 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &P ) == 0 );
1235 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1236
1237 /* Check D == Dp modulo Q-1 */
1238 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &Q ) == 0 );
1239 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &Q ) == 0 );
1240 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1241 }
1242
1243exit:
1244
1245 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1246 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &Dp );
1247 mbedtls_mpi_free( &E );
1248 mbedtls_mpi_free( &R ); mbedtls_mpi_free( &Rp );
1249}
1250/* END_CASE */
1251
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1252/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1253void mbedtls_rsa_import( int radix_N, char *input_N,
1254 int radix_P, char *input_P,
1255 int radix_Q, char *input_Q,
1256 int radix_D, char *input_D,
1257 int radix_E, char *input_E,
1258 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1259 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1260 int res_check,
1261 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1262{
1263 mbedtls_mpi N, P, Q, D, E;
1264 mbedtls_rsa_context ctx;
1265
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1266 /* Buffers used for encryption-decryption test */
1267 unsigned char *buf_orig = NULL;
1268 unsigned char *buf_enc = NULL;
1269 unsigned char *buf_dec = NULL;
1270
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1271 mbedtls_entropy_context entropy;
1272 mbedtls_ctr_drbg_context ctr_drbg;
1273 const char *pers = "test_suite_rsa";
1274
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1275 const int have_N = ( strlen( input_N ) > 0 );
1276 const int have_P = ( strlen( input_P ) > 0 );
1277 const int have_Q = ( strlen( input_Q ) > 0 );
1278 const int have_D = ( strlen( input_D ) > 0 );
1279 const int have_E = ( strlen( input_E ) > 0 );
1280
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1281 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1282 mbedtls_entropy_init( &entropy );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1283 mbedtls_rsa_init( &ctx, 0, 0 );
1284
1285 mbedtls_mpi_init( &N );
1286 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1287 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1288
Hanno Beckerd4d60572018-01-10 07:12:01 +0000[diff] [blame]1289 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
1290 (const unsigned char *) pers, strlen( pers ) ) == 0 );
1291
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1292 if( have_N )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1293 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1294
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1295 if( have_P )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1296 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1297
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1298 if( have_Q )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1299 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1300
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1301 if( have_D )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1302 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1303
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1304 if( have_E )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1305 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1306
1307 if( !successive )
1308 {
1309 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1310 have_N ? &N : NULL,
1311 have_P ? &P : NULL,
1312 have_Q ? &Q : NULL,
1313 have_D ? &D : NULL,
1314 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1315 }
1316 else
1317 {
1318 /* Import N, P, Q, D, E separately.
1319 * This should make no functional difference. */
1320
1321 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1322 have_N ? &N : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1323 NULL, NULL, NULL, NULL ) == 0 );
1324
1325 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1326 NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1327 have_P ? &P : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1328 NULL, NULL, NULL ) == 0 );
1329
1330 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1331 NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1332 have_Q ? &Q : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1333 NULL, NULL ) == 0 );
1334
1335 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1336 NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1337 have_D ? &D : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1338 NULL ) == 0 );
1339
1340 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1341 NULL, NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1342 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1343 }
1344
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1345 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1346
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1347 /* On expected success, perform some public and private
1348 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1349 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1350 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1351 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1352 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1353 else
1354 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1355
1356 if( res_check != 0 )
1357 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1358
1359 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1360 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1361 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1362 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1363 goto exit;
1364
1365 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1366 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1367
1368 /* Make sure the number we're generating is smaller than the modulus */
1369 buf_orig[0] = 0x00;
1370
1371 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1372
1373 if( is_priv )
1374 {
1375 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1376 &ctr_drbg, buf_enc,
1377 buf_dec ) == 0 );
1378
1379 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1380 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1381 }
1382 }
1383
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1384exit:
1385
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1386 mbedtls_free( buf_orig );
1387 mbedtls_free( buf_enc );
1388 mbedtls_free( buf_dec );
1389
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1390 mbedtls_rsa_free( &ctx );
1391
1392 mbedtls_ctr_drbg_free( &ctr_drbg );
1393 mbedtls_entropy_free( &entropy );
1394
1395 mbedtls_mpi_free( &N );
1396 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1397 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1398}
1399/* END_CASE */
1400
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1401/* BEGIN_CASE */
1402void mbedtls_rsa_export( int radix_N, char *input_N,
1403 int radix_P, char *input_P,
1404 int radix_Q, char *input_Q,
1405 int radix_D, char *input_D,
1406 int radix_E, char *input_E,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1407 int is_priv,
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1408 int successive )
1409{
1410 /* Original MPI's with which we set up the RSA context */
1411 mbedtls_mpi N, P, Q, D, E;
1412
1413 /* Exported MPI's */
1414 mbedtls_mpi Ne, Pe, Qe, De, Ee;
1415
1416 const int have_N = ( strlen( input_N ) > 0 );
1417 const int have_P = ( strlen( input_P ) > 0 );
1418 const int have_Q = ( strlen( input_Q ) > 0 );
1419 const int have_D = ( strlen( input_D ) > 0 );
1420 const int have_E = ( strlen( input_E ) > 0 );
1421
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1422 mbedtls_rsa_context ctx;
1423
1424 mbedtls_rsa_init( &ctx, 0, 0 );
1425
1426 mbedtls_mpi_init( &N );
1427 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1428 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1429
1430 mbedtls_mpi_init( &Ne );
1431 mbedtls_mpi_init( &Pe ); mbedtls_mpi_init( &Qe );
1432 mbedtls_mpi_init( &De ); mbedtls_mpi_init( &Ee );
1433
1434 /* Setup RSA context */
1435
1436 if( have_N )
1437 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1438
1439 if( have_P )
1440 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1441
1442 if( have_Q )
1443 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1444
1445 if( have_D )
1446 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1447
1448 if( have_E )
1449 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1450
1451 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1452 strlen( input_N ) ? &N : NULL,
1453 strlen( input_P ) ? &P : NULL,
1454 strlen( input_Q ) ? &Q : NULL,
1455 strlen( input_D ) ? &D : NULL,
1456 strlen( input_E ) ? &E : NULL ) == 0 );
1457
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1458 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1459
1460 /*
1461 * Export parameters and compare to original ones.
1462 */
1463
1464 /* N and E must always be present. */
1465 if( !successive )
1466 {
1467 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, &Ee ) == 0 );
1468 }
1469 else
1470 {
1471 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, NULL ) == 0 );
1472 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL, NULL, &Ee ) == 0 );
1473 }
1474 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &Ne ) == 0 );
1475 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &E, &Ee ) == 0 );
1476
1477 /* If we were providing enough information to setup a complete private context,
1478 * we expect to be able to export all core parameters. */
1479
1480 if( is_priv )
1481 {
1482 if( !successive )
1483 {
1484 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, &Qe,
1485 &De, NULL ) == 0 );
1486 }
1487 else
1488 {
1489 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, NULL,
1490 NULL, NULL ) == 0 );
1491 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, &Qe,
1492 NULL, NULL ) == 0 );
1493 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL,
1494 &De, NULL ) == 0 );
1495 }
1496
1497 if( have_P )
1498 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P, &Pe ) == 0 );
1499
1500 if( have_Q )
1501 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &Qe ) == 0 );
1502
1503 if( have_D )
1504 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &D, &De ) == 0 );
1505
1506 /* While at it, perform a sanity check */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1507 TEST_ASSERT( mbedtls_rsa_validate_params( &Ne, &Pe, &Qe, &De, &Ee,
1508 NULL, NULL ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1509 }
1510
1511exit:
1512
1513 mbedtls_rsa_free( &ctx );
1514
1515 mbedtls_mpi_free( &N );
1516 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1517 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1518
1519 mbedtls_mpi_free( &Ne );
1520 mbedtls_mpi_free( &Pe ); mbedtls_mpi_free( &Qe );
1521 mbedtls_mpi_free( &De ); mbedtls_mpi_free( &Ee );
1522}
1523/* END_CASE */
1524
Manuel Pégourié-Gonnardd12402f2020-05-20 10:34:25 +0200[diff] [blame]1525/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1526void mbedtls_rsa_validate_params( int radix_N, char *input_N,
1527 int radix_P, char *input_P,
1528 int radix_Q, char *input_Q,
1529 int radix_D, char *input_D,
1530 int radix_E, char *input_E,
1531 int prng, int result )
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1532{
1533 /* Original MPI's with which we set up the RSA context */
1534 mbedtls_mpi N, P, Q, D, E;
1535
1536 const int have_N = ( strlen( input_N ) > 0 );
1537 const int have_P = ( strlen( input_P ) > 0 );
1538 const int have_Q = ( strlen( input_Q ) > 0 );
1539 const int have_D = ( strlen( input_D ) > 0 );
1540 const int have_E = ( strlen( input_E ) > 0 );
1541
1542 mbedtls_entropy_context entropy;
1543 mbedtls_ctr_drbg_context ctr_drbg;
1544 const char *pers = "test_suite_rsa";
1545
1546 mbedtls_mpi_init( &N );
1547 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1548 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1549
1550 mbedtls_ctr_drbg_init( &ctr_drbg );
1551 mbedtls_entropy_init( &entropy );
1552 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1553 &entropy, (const unsigned char *) pers,
1554 strlen( pers ) ) == 0 );
1555
1556 if( have_N )
1557 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1558
1559 if( have_P )
1560 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1561
1562 if( have_Q )
1563 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1564
1565 if( have_D )
1566 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1567
1568 if( have_E )
1569 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1570
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1571 TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL,
1572 have_P ? &P : NULL,
1573 have_Q ? &Q : NULL,
1574 have_D ? &D : NULL,
1575 have_E ? &E : NULL,
1576 prng ? mbedtls_ctr_drbg_random : NULL,
1577 prng ? &ctr_drbg : NULL ) == result );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1578exit:
1579
1580 mbedtls_ctr_drbg_free( &ctr_drbg );
1581 mbedtls_entropy_free( &entropy );
1582
1583 mbedtls_mpi_free( &N );
1584 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1585 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1586}
1587/* END_CASE */
1588
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1589/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1590void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P,
1591 data_t *input_Q, data_t *input_D,
1592 data_t *input_E, int is_priv,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1593 int successive )
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1594{
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1595 /* Exported buffers */
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]1596 unsigned char bufNe[256];
1597 unsigned char bufPe[128];
1598 unsigned char bufQe[128];
1599 unsigned char bufDe[256];
1600 unsigned char bufEe[1];
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1601
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1602 mbedtls_rsa_context ctx;
1603
1604 mbedtls_rsa_init( &ctx, 0, 0 );
1605
1606 /* Setup RSA context */
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1607 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1608 input_N->len ? input_N->x : NULL, input_N->len,
1609 input_P->len ? input_P->x : NULL, input_P->len,
1610 input_Q->len ? input_Q->x : NULL, input_Q->len,
1611 input_D->len ? input_D->x : NULL, input_D->len,
1612 input_E->len ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1613
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1614 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1615
1616 /*
1617 * Export parameters and compare to original ones.
1618 */
1619
1620 /* N and E must always be present. */
1621 if( !successive )
1622 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1623 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1624 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1625 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1626 }
1627 else
1628 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1629 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1630 NULL, 0, NULL, 0, NULL, 0,
1631 NULL, 0 ) == 0 );
1632 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
1633 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1634 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1635 }
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1636 TEST_ASSERT( memcmp( input_N->x, bufNe, input_N->len ) == 0 );
1637 TEST_ASSERT( memcmp( input_E->x, bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1638
1639 /* If we were providing enough information to setup a complete private context,
1640 * we expect to be able to export all core parameters. */
1641
1642 if( is_priv )
1643 {
1644 if( !successive )
1645 {
1646 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1647 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
1648 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
1649 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1650 NULL, 0 ) == 0 );
1651 }
1652 else
1653 {
1654 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1655 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1656 NULL, 0, NULL, 0,
1657 NULL, 0 ) == 0 );
1658
1659 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1660 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1661 NULL, 0, NULL, 0 ) == 0 );
1662
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1663 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0, NULL, 0,
1664 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1665 NULL, 0 ) == 0 );
1666 }
1667
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1668 if( input_P->len )
1669 TEST_ASSERT( memcmp( input_P->x, bufPe, input_P->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1670
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1671 if( input_Q->len )
1672 TEST_ASSERT( memcmp( input_Q->x, bufQe, input_Q->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1673
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1674 if( input_D->len )
1675 TEST_ASSERT( memcmp( input_D->x, bufDe, input_D->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1676
1677 }
1678
1679exit:
1680 mbedtls_rsa_free( &ctx );
1681}
1682/* END_CASE */
1683
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1684/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1685void mbedtls_rsa_import_raw( data_t *input_N,
1686 data_t *input_P, data_t *input_Q,
1687 data_t *input_D, data_t *input_E,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1688 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1689 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1690 int res_check,
1691 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1692{
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1693 /* Buffers used for encryption-decryption test */
1694 unsigned char *buf_orig = NULL;
1695 unsigned char *buf_enc = NULL;
1696 unsigned char *buf_dec = NULL;
1697
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1698 mbedtls_rsa_context ctx;
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1699 mbedtls_entropy_context entropy;
1700 mbedtls_ctr_drbg_context ctr_drbg;
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1701
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1702 const char *pers = "test_suite_rsa";
1703
1704 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1705 mbedtls_entropy_init( &entropy );
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1706 mbedtls_rsa_init( &ctx, 0, 0 );
1707
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1708 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1709 &entropy, (const unsigned char *) pers,
1710 strlen( pers ) ) == 0 );
1711
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1712 if( !successive )
1713 {
1714 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1715 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
1716 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
1717 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
1718 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
1719 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1720 }
1721 else
1722 {
1723 /* Import N, P, Q, D, E separately.
1724 * This should make no functional difference. */
1725
1726 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1727 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1728 NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1729
1730 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1731 NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1732 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1733 NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1734
1735 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1736 NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1737 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1738 NULL, 0, NULL, 0 ) == 0 );
1739
1740 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1741 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1742 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1743 NULL, 0 ) == 0 );
1744
1745 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1746 NULL, 0, NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1747 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1748 }
1749
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1750 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1751
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1752 /* On expected success, perform some public and private
1753 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1754 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1755 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1756 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1757 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1758 else
1759 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1760
1761 if( res_check != 0 )
1762 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1763
1764 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1765 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1766 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1767 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1768 goto exit;
1769
1770 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1771 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1772
1773 /* Make sure the number we're generating is smaller than the modulus */
1774 buf_orig[0] = 0x00;
1775
1776 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1777
1778 if( is_priv )
1779 {
1780 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1781 &ctr_drbg, buf_enc,
1782 buf_dec ) == 0 );
1783
1784 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1785 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1786 }
1787 }
1788
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1789exit:
1790
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1791 mbedtls_free( buf_orig );
1792 mbedtls_free( buf_enc );
1793 mbedtls_free( buf_dec );
1794
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1795 mbedtls_rsa_free( &ctx );
1796
1797 mbedtls_ctr_drbg_free( &ctr_drbg );
1798 mbedtls_entropy_free( &entropy );
1799
1800}
1801/* END_CASE */
1802
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1803/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1804void rsa_selftest( )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1805{
Andres AG93012e82016-09-09 09:10:28 +0100[diff] [blame]1806 TEST_ASSERT( mbedtls_rsa_self_test( 1 ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1807}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1808/* END_CASE */