TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / c7feaf349ce3ad00ef478d0f69915c39061d3212 / . / tests / suites / test_suite_rsa.function
blob: 1313f55a4f36ded3532e242946d3ca44cbc2b27c [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/rsa.h"
Chris Jones66a4cd42021-03-09 16:04:12 +0000[diff] [blame]3#include "rsa_alt_helpers.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]4#include "mbedtls/md2.h"
5#include "mbedtls/md4.h"
6#include "mbedtls/md5.h"
7#include "mbedtls/sha1.h"
8#include "mbedtls/sha256.h"
9#include "mbedtls/sha512.h"
10#include "mbedtls/entropy.h"
11#include "mbedtls/ctr_drbg.h"
Hanno Becker47deec42017-07-24 12:27:09 +0100[diff] [blame]12
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]13/* END_HEADER */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]14
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]15/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]16 * depends_on:MBEDTLS_RSA_C:MBEDTLS_BIGNUM_C:MBEDTLS_GENPRIME
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]17 * END_DEPENDENCIES
18 */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]19
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]20/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
21void rsa_invalid_param( )
22{
23 mbedtls_rsa_context ctx;
24 const int valid_padding = MBEDTLS_RSA_PKCS_V21;
25 const int invalid_padding = 42;
26 const int valid_mode = MBEDTLS_RSA_PRIVATE;
27 const int invalid_mode = 42;
28 unsigned char buf[42] = { 0 };
29 size_t olen;
30
31 TEST_INVALID_PARAM( mbedtls_rsa_init( NULL, valid_padding, 0 ) );
32 TEST_INVALID_PARAM( mbedtls_rsa_init( &ctx, invalid_padding, 0 ) );
33 TEST_VALID_PARAM( mbedtls_rsa_free( NULL ) );
34
35 /* No more variants because only the first argument must be non-NULL. */
36 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
37 mbedtls_rsa_import( NULL, NULL, NULL,
38 NULL, NULL, NULL ) );
39 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
40 mbedtls_rsa_import_raw( NULL,
41 NULL, 0,
42 NULL, 0,
43 NULL, 0,
44 NULL, 0,
45 NULL, 0 ) );
46
47 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
48 mbedtls_rsa_complete( NULL ) );
49
50 /* No more variants because only the first argument must be non-NULL. */
51 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
52 mbedtls_rsa_export( NULL, NULL, NULL,
53 NULL, NULL, NULL ) );
54 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
55 mbedtls_rsa_export_raw( NULL,
56 NULL, 0,
57 NULL, 0,
58 NULL, 0,
59 NULL, 0,
60 NULL, 0 ) );
61 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
62 mbedtls_rsa_export_crt( NULL, NULL, NULL, NULL ) );
63
64 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( NULL,
65 valid_padding, 0 ) );
66 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( &ctx,
67 invalid_padding, 0 ) );
68
69 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]70 mbedtls_rsa_gen_key( NULL,
71 mbedtls_test_rnd_std_rand,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]72 NULL, 0, 0 ) );
73 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
74 mbedtls_rsa_gen_key( &ctx, NULL,
75 NULL, 0, 0 ) );
76
77 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
78 mbedtls_rsa_check_pubkey( NULL ) );
79 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
80 mbedtls_rsa_check_privkey( NULL ) );
81
82 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
83 mbedtls_rsa_check_pub_priv( NULL, &ctx ) );
84 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
85 mbedtls_rsa_check_pub_priv( &ctx, NULL ) );
86
87 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
88 mbedtls_rsa_public( NULL, buf, buf ) );
89 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
90 mbedtls_rsa_public( &ctx, NULL, buf ) );
91 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
92 mbedtls_rsa_public( &ctx, buf, NULL ) );
93
94 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
95 mbedtls_rsa_private( NULL, NULL, NULL,
96 buf, buf ) );
97 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
98 mbedtls_rsa_private( &ctx, NULL, NULL,
99 NULL, buf ) );
100 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
101 mbedtls_rsa_private( &ctx, NULL, NULL,
102 buf, NULL ) );
103
104 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
105 mbedtls_rsa_pkcs1_encrypt( NULL, NULL, NULL,
106 valid_mode,
107 sizeof( buf ), buf,
108 buf ) );
109 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
110 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
111 invalid_mode,
112 sizeof( buf ), buf,
113 buf ) );
114 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
115 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
116 valid_mode,
117 sizeof( buf ), NULL,
118 buf ) );
119 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
120 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
121 valid_mode,
122 sizeof( buf ), buf,
123 NULL ) );
124
125 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
126 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( NULL, NULL,
127 NULL,
128 valid_mode,
129 sizeof( buf ), buf,
130 buf ) );
131 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
132 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
133 NULL,
134 invalid_mode,
135 sizeof( buf ), buf,
136 buf ) );
137 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
138 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
139 NULL,
140 valid_mode,
141 sizeof( buf ), NULL,
142 buf ) );
143 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
144 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
145 NULL,
146 valid_mode,
147 sizeof( buf ), buf,
148 NULL ) );
149
150 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
151 mbedtls_rsa_rsaes_oaep_encrypt( NULL, NULL, NULL,
152 valid_mode,
153 buf, sizeof( buf ),
154 sizeof( buf ), buf,
155 buf ) );
156 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
157 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
158 invalid_mode,
159 buf, sizeof( buf ),
160 sizeof( buf ), buf,
161 buf ) );
162 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
163 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
164 valid_mode,
165 NULL, sizeof( buf ),
166 sizeof( buf ), buf,
167 buf ) );
168 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
169 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
170 valid_mode,
171 buf, sizeof( buf ),
172 sizeof( buf ), NULL,
173 buf ) );
174 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
175 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
176 valid_mode,
177 buf, sizeof( buf ),
178 sizeof( buf ), buf,
179 NULL ) );
180
181 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
182 mbedtls_rsa_pkcs1_decrypt( NULL, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame^]183 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]184 buf, buf, 42 ) );
185 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
186 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame^]187 NULL,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]188 buf, buf, 42 ) );
189 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
190 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame^]191 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]192 NULL, buf, 42 ) );
193 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
194 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame^]195 &olen,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]196 buf, NULL, 42 ) );
197
198 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
199 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( NULL, NULL,
200 NULL,
201 valid_mode, &olen,
202 buf, buf, 42 ) );
203 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
204 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
205 NULL,
206 invalid_mode, &olen,
207 buf, buf, 42 ) );
208 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
209 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
210 NULL,
211 valid_mode, NULL,
212 buf, buf, 42 ) );
213 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
214 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
215 NULL,
216 valid_mode, &olen,
217 NULL, buf, 42 ) );
218 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
219 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
220 NULL,
221 valid_mode, &olen,
222 buf, NULL, 42 ) );
223
224 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
225 mbedtls_rsa_rsaes_oaep_decrypt( NULL, NULL, NULL,
226 valid_mode,
227 buf, sizeof( buf ),
228 &olen,
229 buf, buf, 42 ) );
230 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
231 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
232 invalid_mode,
233 buf, sizeof( buf ),
234 &olen,
235 buf, buf, 42 ) );
236 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
237 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
238 valid_mode,
239 NULL, sizeof( buf ),
240 NULL,
241 buf, buf, 42 ) );
242 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
243 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
244 valid_mode,
245 buf, sizeof( buf ),
246 &olen,
247 NULL, buf, 42 ) );
248 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
249 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
250 valid_mode,
251 buf, sizeof( buf ),
252 &olen,
253 buf, NULL, 42 ) );
254
255 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
256 mbedtls_rsa_pkcs1_sign( NULL, NULL, NULL,
257 valid_mode,
258 0, sizeof( buf ), buf,
259 buf ) );
260 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
261 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
262 invalid_mode,
263 0, sizeof( buf ), buf,
264 buf ) );
265 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
266 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
267 valid_mode,
268 0, sizeof( buf ), NULL,
269 buf ) );
270 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
271 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
272 valid_mode,
273 0, sizeof( buf ), buf,
274 NULL ) );
275 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
276 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
277 valid_mode,
278 MBEDTLS_MD_SHA1,
279 0, NULL,
280 buf ) );
281
282 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
283 mbedtls_rsa_rsassa_pkcs1_v15_sign( NULL, NULL, NULL,
284 valid_mode,
285 0, sizeof( buf ), buf,
286 buf ) );
287 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
288 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
289 invalid_mode,
290 0, sizeof( buf ), buf,
291 buf ) );
292 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
293 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
294 valid_mode,
295 0, sizeof( buf ), NULL,
296 buf ) );
297 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
298 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
299 valid_mode,
300 0, sizeof( buf ), buf,
301 NULL ) );
302 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
303 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
304 valid_mode,
305 MBEDTLS_MD_SHA1,
306 0, NULL,
307 buf ) );
308
309 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
310 mbedtls_rsa_rsassa_pss_sign( NULL, NULL, NULL,
311 valid_mode,
312 0, sizeof( buf ), buf,
313 buf ) );
314 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
315 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
316 invalid_mode,
317 0, sizeof( buf ), buf,
318 buf ) );
319 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
320 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
321 valid_mode,
322 0, sizeof( buf ), NULL,
323 buf ) );
324 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
325 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
326 valid_mode,
327 0, sizeof( buf ), buf,
328 NULL ) );
329 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
330 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
331 valid_mode,
332 MBEDTLS_MD_SHA1,
333 0, NULL,
334 buf ) );
335
336 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Cédric Meutera05cbec2020-04-25 15:02:34 +0200[diff] [blame]337 mbedtls_rsa_rsassa_pss_sign_ext( NULL, NULL, NULL,
338 0, sizeof( buf ), buf,
339 MBEDTLS_RSA_SALT_LEN_ANY,
340 buf ) );
341 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
342 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
343 0, sizeof( buf ), NULL,
344 MBEDTLS_RSA_SALT_LEN_ANY,
345 buf ) );
346 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
347 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
348 0, sizeof( buf ), buf,
349 MBEDTLS_RSA_SALT_LEN_ANY,
350 NULL ) );
351 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
352 mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
353 MBEDTLS_MD_SHA1,
354 0, NULL,
355 MBEDTLS_RSA_SALT_LEN_ANY,
356 buf ) );
357
358 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]359 mbedtls_rsa_pkcs1_verify( NULL, NULL, NULL,
360 valid_mode,
361 0, sizeof( buf ), buf,
362 buf ) );
363 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
364 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
365 invalid_mode,
366 0, sizeof( buf ), buf,
367 buf ) );
368 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
369 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
370 valid_mode,
371 0, sizeof( buf ), NULL,
372 buf ) );
373 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
374 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
375 valid_mode,
376 0, sizeof( buf ), buf,
377 NULL ) );
378 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
379 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
380 valid_mode,
381 MBEDTLS_MD_SHA1, 0, NULL,
382 buf ) );
383
384 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
385 mbedtls_rsa_rsassa_pkcs1_v15_verify( NULL, NULL,
386 NULL,
387 valid_mode,
388 0, sizeof( buf ), buf,
389 buf ) );
390 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
391 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
392 NULL,
393 invalid_mode,
394 0, sizeof( buf ), buf,
395 buf ) );
396 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
397 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
398 NULL,
399 valid_mode,
400 0, sizeof( buf ),
401 NULL, buf ) );
402 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
403 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
404 NULL,
405 valid_mode,
406 0, sizeof( buf ), buf,
407 NULL ) );
408 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
409 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
410 NULL,
411 valid_mode,
412 MBEDTLS_MD_SHA1,
413 0, NULL,
414 buf ) );
415
416 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
417 mbedtls_rsa_rsassa_pss_verify( NULL, NULL, NULL,
418 valid_mode,
419 0, sizeof( buf ),
420 buf, buf ) );
421 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
422 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
423 invalid_mode,
424 0, sizeof( buf ),
425 buf, buf ) );
426 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
427 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
428 valid_mode,
429 0, sizeof( buf ),
430 NULL, buf ) );
431 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
432 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
433 valid_mode,
434 0, sizeof( buf ),
435 buf, NULL ) );
436 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
437 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
438 valid_mode,
439 MBEDTLS_MD_SHA1,
440 0, NULL,
441 buf ) );
442
443 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
444 mbedtls_rsa_rsassa_pss_verify_ext( NULL, NULL, NULL,
445 valid_mode,
446 0, sizeof( buf ),
447 buf,
448 0, 0,
449 buf ) );
450 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
451 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
452 invalid_mode,
453 0, sizeof( buf ),
454 buf,
455 0, 0,
456 buf ) );
457 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
458 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
459 valid_mode,
460 0, sizeof( buf ),
461 NULL, 0, 0,
462 buf ) );
463 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
464 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
465 valid_mode,
466 0, sizeof( buf ),
467 buf, 0, 0,
468 NULL ) );
469 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
470 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
471 valid_mode,
472 MBEDTLS_MD_SHA1,
473 0, NULL,
474 0, 0,
475 buf ) );
476
477 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
478 mbedtls_rsa_copy( NULL, &ctx ) );
479 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
480 mbedtls_rsa_copy( &ctx, NULL ) );
481
482exit:
483 return;
484}
485/* END_CASE */
486
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]487/* BEGIN_CASE */
Gilles Peskine914afe12021-02-01 17:55:24 +0100[diff] [blame]488void rsa_init_free( int reinit )
489{
490 mbedtls_rsa_context ctx;
491
492 /* Double free is not explicitly documented to work, but we rely on it
493 * even inside the library so that you can call mbedtls_rsa_free()
494 * unconditionally on an error path without checking whether it has
495 * already been called in the success path. */
496
497 mbedtls_rsa_init( &ctx, 0, 0 );
498 mbedtls_rsa_free( &ctx );
499
500 if( reinit )
501 mbedtls_rsa_init( &ctx, 0, 0 );
502 mbedtls_rsa_free( &ctx );
503
504 /* This test case always succeeds, functionally speaking. A plausible
505 * bug might trigger an invalid pointer dereference or a memory leak. */
506 goto exit;
507}
508/* END_CASE */
509
510/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]511void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]512 int digest, int mod, int radix_P, char * input_P,
513 int radix_Q, char * input_Q, int radix_N,
514 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]515 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]516{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]517 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
518 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]519 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]520 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]521 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]522
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]523 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
524 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]525 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]526
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]527 memset( hash_result, 0x00, sizeof( hash_result ) );
528 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]529 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]530
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]531 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
532 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
533 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
534 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]535
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]536 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
537 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]538 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]539 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]540
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]541
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]542 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]543 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]544
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]545 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
546 &rnd_info, MBEDTLS_RSA_PRIVATE, digest,
547 0, hash_result, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]548 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]549 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]550
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]551 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
552 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]553 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]554
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]555exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]556 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
557 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]558 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]559}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]560/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]561
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]562/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]563void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]564 int digest, int mod, int radix_N,
565 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]566 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]567{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]568 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]569 mbedtls_rsa_context ctx;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]570
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]571 mbedtls_mpi N, E;
572
573 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]574 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]575 memset( hash_result, 0x00, sizeof( hash_result ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]576
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]577 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
578 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
579 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
580 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]581 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]582
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]583
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]584 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]585 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]586
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]587 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]588
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]589exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]590 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]591 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]592}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]593/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]594
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]595
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]596/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]597void rsa_pkcs1_sign_raw( data_t * hash_result,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]598 int padding_mode, int mod, int radix_P,
599 char * input_P, int radix_Q, char * input_Q,
600 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]601 char * input_E, data_t * result_str )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]602{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]603 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]604 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]605 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]606 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]607
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]608 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]609 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
610 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]611
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]612 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]613 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]614
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]615 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
616 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
617 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
618 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]619
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]620 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
621 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]622 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]623 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]624
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]625
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]626 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand,
627 &rnd_info, MBEDTLS_RSA_PRIVATE,
628 MBEDTLS_MD_NONE, hash_result->len,
629 hash_result->x, output ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]630
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]631
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]632 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
633 ctx.len, result_str->len ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]634
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]635#if defined(MBEDTLS_PKCS1_V15)
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]636 /* For PKCS#1 v1.5, there is an alternative way to generate signatures */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]637 if( padding_mode == MBEDTLS_RSA_PKCS_V15 )
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]638 {
Manuel Pégourié-Gonnard1ba8a3f2018-03-13 13:27:14 +0100[diff] [blame]639 int res;
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]640 memset( output, 0x00, sizeof( output) );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]641
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]642 res = mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]643 &mbedtls_test_rnd_pseudo_rand, &rnd_info,
644 MBEDTLS_RSA_PRIVATE, hash_result->len,
645 hash_result->x, output );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]646
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]647#if !defined(MBEDTLS_RSA_ALT)
648 TEST_ASSERT( res == 0 );
649#else
650 TEST_ASSERT( ( res == 0 ) ||
TRodziewiczb579ccd2021-04-13 14:28:28 +0200[diff] [blame]651 ( res == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ) );
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]652#endif
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]653
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]654 if( res == 0 )
655 {
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]656 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]657 ctx.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]658 result_str->len ) == 0 );
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]659 }
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]660 }
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]661#endif /* MBEDTLS_PKCS1_V15 */
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]662
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]663exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]664 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
665 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
666
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]667 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]668}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]669/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]670
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]671/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]672void rsa_pkcs1_verify_raw( data_t * hash_result,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]673 int padding_mode, int mod, int radix_N,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]674 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]675 data_t * result_str, int correct )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]676{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]677 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]678 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]679
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]680 mbedtls_mpi N, E;
681 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
682
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]683 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]684 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]685
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]686 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
687 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]688
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]689 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
690 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]691 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]692
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]693
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]694 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]695
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]696exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]697 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]698 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]699}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]700/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]701
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]702/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]703void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]704 int mod, int radix_N, char * input_N,
705 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]706 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]707{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]708 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]709 mbedtls_rsa_context ctx;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]710 mbedtls_test_rnd_pseudo_info rnd_info;
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]711
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]712 mbedtls_mpi N, E;
713 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
714
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]715 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]716
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]717 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]718 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]719
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]720 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
721 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]722
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]723 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
724 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]725 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]726
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]727
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]728 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx,
729 &mbedtls_test_rnd_pseudo_rand,
730 &rnd_info, MBEDTLS_RSA_PUBLIC,
731 message_str->len, message_str->x,
732 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]733 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]734 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]735
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]736 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
737 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]738 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]739
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]740exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]741 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]742 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]743}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]744/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]745
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]746/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]747void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]748 int mod, int radix_N, char * input_N,
749 int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]750 data_t * result_str, int result )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]751{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]752 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]753 mbedtls_rsa_context ctx;
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]754
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]755 mbedtls_mpi N, E;
756
757 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]758 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]759 memset( output, 0x00, sizeof( output ) );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]760
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]761 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
762 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]763
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]764 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
765 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]766 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]767
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]768
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]769 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &mbedtls_test_rnd_zero_rand,
770 NULL, MBEDTLS_RSA_PUBLIC,
771 message_str->len, message_str->x,
772 output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]773 if( result == 0 )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]774 {
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]775
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]776 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
777 ctx.len, result_str->len ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]778 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]779
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]780exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]781 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]782 mbedtls_rsa_free( &ctx );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]783}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]784/* END_CASE */
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]785
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]786/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]787void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]788 int mod, int radix_P, char * input_P,
789 int radix_Q, char * input_Q, int radix_N,
790 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]791 int max_output, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]792 int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]793{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]794 unsigned char output[32];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]795 mbedtls_rsa_context ctx;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]796 size_t output_len;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]797 mbedtls_test_rnd_pseudo_info rnd_info;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]798 mbedtls_mpi N, P, Q, E;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]799
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]800 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
801 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
802
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]803 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]804
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]805 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]806 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]807
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]808
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]809 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
810 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
811 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
812 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]813
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]814 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
815 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]816 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]817 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]818
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]819 output_len = 0;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]820
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]821 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, mbedtls_test_rnd_pseudo_rand,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame^]822 &rnd_info,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]823 &output_len, message_str->x, output,
824 max_output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]825 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]826 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]827
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]828 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]829 output_len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]830 result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]831 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]832
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]833exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]834 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
835 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]836 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]837}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]838/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]839
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]840/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]841void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]842 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]843 data_t * result_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]844{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]845 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]846 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]847
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]848 mbedtls_mpi N, E;
849
850 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]851 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
852 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]853 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]854
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]855 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
856 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]857
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]858 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
859 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]860 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]861
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]862
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]863 TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]864 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]865 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]866
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]867 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
868 ctx.len, result_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]869 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]870
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]871 /* And now with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]872 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]873 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]874 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]875
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]876 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]877
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]878 memset( output, 0x00, sizeof( output ) );
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]879 TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str->x, output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]880 if( result == 0 )
881 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]882
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]883 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
884 ctx.len, result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]885 }
886
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]887exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]888 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]889 mbedtls_rsa_free( &ctx );
890 mbedtls_rsa_free( &ctx2 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]891}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]892/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]893
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]894/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]895void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]896 char * input_P, int radix_Q, char * input_Q,
897 int radix_N, char * input_N, int radix_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]898 char * input_E, data_t * result_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]899 int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]900{
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]901 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]902 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]903 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]904 mbedtls_test_rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]905 int i;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]906
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]907 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
908 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]909 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
910 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]911
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]912 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]913
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]914 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
915 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
916 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
917 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]918
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]919 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
920 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]921 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]922 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]923
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]924
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]925 /* repeat three times to test updating of blinding values */
926 for( i = 0; i < 3; i++ )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]927 {
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]928 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]929 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_test_rnd_pseudo_rand,
930 &rnd_info, message_str->x,
931 output ) == result );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]932 if( result == 0 )
933 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]934
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]935 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]936 ctx.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]937 result_str->len ) == 0 );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]938 }
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]939 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]940
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]941 /* And now one more time with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]942 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]943 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]944 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]945
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]946 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]947
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]948 memset( output, 0x00, sizeof( output ) );
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]949 TEST_ASSERT( mbedtls_rsa_private( &ctx2, mbedtls_test_rnd_pseudo_rand,
950 &rnd_info, message_str->x,
951 output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]952 if( result == 0 )
953 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]954
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]955 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]956 ctx2.len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]957 result_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]958 }
959
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]960exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]961 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
962 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
963
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]964 mbedtls_rsa_free( &ctx ); mbedtls_rsa_free( &ctx2 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]965}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]966/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]967
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]968/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]969void rsa_check_privkey_null( )
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]970{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]971 mbedtls_rsa_context ctx;
972 memset( &ctx, 0x00, sizeof( mbedtls_rsa_context ) );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]973
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]974 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]975}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]976/* END_CASE */
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]977
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]978/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]979void mbedtls_rsa_check_pubkey( int radix_N, char * input_N, int radix_E,
980 char * input_E, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]981{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]982 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]983 mbedtls_mpi N, E;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]984
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]985 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]986 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]987
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]988 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]989 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]990 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]991 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]992 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]993 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]994 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]995 }
996
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]997 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]998 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]999
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1000exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]1001 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1002 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1003}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1004/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1005
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1006/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1007void mbedtls_rsa_check_privkey( int mod, int radix_P, char * input_P,
1008 int radix_Q, char * input_Q, int radix_N,
1009 char * input_N, int radix_E, char * input_E,
1010 int radix_D, char * input_D, int radix_DP,
1011 char * input_DP, int radix_DQ,
1012 char * input_DQ, int radix_QP,
1013 char * input_QP, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1014{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1015 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1016
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1017 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1018
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1019 ctx.len = mod / 8;
1020 if( strlen( input_P ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1021 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1022 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1023 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1024 if( strlen( input_Q ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1025 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1026 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1027 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1028 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1029 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1030 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1031 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1032 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1033 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1034 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1035 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1036 if( strlen( input_D ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1037 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1038 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.D, radix_D, input_D ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1039 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1040#if !defined(MBEDTLS_RSA_NO_CRT)
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1041 if( strlen( input_DP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1042 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1043 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DP, radix_DP, input_DP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1044 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1045 if( strlen( input_DQ ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1046 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1047 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1048 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1049 if( strlen( input_QP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1050 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1051 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.QP, radix_QP, input_QP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1052 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1053#else
1054 ((void) radix_DP); ((void) input_DP);
1055 ((void) radix_DQ); ((void) input_DQ);
1056 ((void) radix_QP); ((void) input_QP);
1057#endif
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1058
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1059 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1060
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1061exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1062 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1063}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1064/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1065
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1066/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1067void rsa_check_pubpriv( int mod, int radix_Npub, char * input_Npub,
1068 int radix_Epub, char * input_Epub, int radix_P,
1069 char * input_P, int radix_Q, char * input_Q,
1070 int radix_N, char * input_N, int radix_E,
1071 char * input_E, int radix_D, char * input_D,
1072 int radix_DP, char * input_DP, int radix_DQ,
1073 char * input_DQ, int radix_QP, char * input_QP,
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1074 int result )
1075{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1076 mbedtls_rsa_context pub, prv;
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1077
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1078 mbedtls_rsa_init( &pub, MBEDTLS_RSA_PKCS_V15, 0 );
1079 mbedtls_rsa_init( &prv, MBEDTLS_RSA_PKCS_V15, 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1080
1081 pub.len = mod / 8;
1082 prv.len = mod / 8;
1083
1084 if( strlen( input_Npub ) )
1085 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1086 TEST_ASSERT( mbedtls_mpi_read_string( &pub.N, radix_Npub, input_Npub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1087 }
1088 if( strlen( input_Epub ) )
1089 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1090 TEST_ASSERT( mbedtls_mpi_read_string( &pub.E, radix_Epub, input_Epub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1091 }
1092
1093 if( strlen( input_P ) )
1094 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1095 TEST_ASSERT( mbedtls_mpi_read_string( &prv.P, radix_P, input_P ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1096 }
1097 if( strlen( input_Q ) )
1098 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1099 TEST_ASSERT( mbedtls_mpi_read_string( &prv.Q, radix_Q, input_Q ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1100 }
1101 if( strlen( input_N ) )
1102 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1103 TEST_ASSERT( mbedtls_mpi_read_string( &prv.N, radix_N, input_N ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1104 }
1105 if( strlen( input_E ) )
1106 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1107 TEST_ASSERT( mbedtls_mpi_read_string( &prv.E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1108 }
1109 if( strlen( input_D ) )
1110 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1111 TEST_ASSERT( mbedtls_mpi_read_string( &prv.D, radix_D, input_D ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1112 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1113#if !defined(MBEDTLS_RSA_NO_CRT)
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1114 if( strlen( input_DP ) )
1115 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1116 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DP, radix_DP, input_DP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1117 }
1118 if( strlen( input_DQ ) )
1119 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1120 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DQ, radix_DQ, input_DQ ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1121 }
1122 if( strlen( input_QP ) )
1123 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1124 TEST_ASSERT( mbedtls_mpi_read_string( &prv.QP, radix_QP, input_QP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1125 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1126#else
1127 ((void) radix_DP); ((void) input_DP);
1128 ((void) radix_DQ); ((void) input_DQ);
1129 ((void) radix_QP); ((void) input_QP);
1130#endif
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1131
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1132 TEST_ASSERT( mbedtls_rsa_check_pub_priv( &pub, &prv ) == result );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1133
1134exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1135 mbedtls_rsa_free( &pub );
1136 mbedtls_rsa_free( &prv );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1137}
1138/* END_CASE */
1139
Hanno Beckerd4a872e2017-09-07 08:09:33 +0100[diff] [blame]1140/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1141void mbedtls_rsa_gen_key( int nrbits, int exponent, int result)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1142{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1143 mbedtls_rsa_context ctx;
1144 mbedtls_entropy_context entropy;
1145 mbedtls_ctr_drbg_context ctr_drbg;
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]1146 const char *pers = "test_suite_rsa";
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1147
Manuel Pégourié-Gonnard8d128ef2015-04-28 22:38:08 +0200[diff] [blame]1148 mbedtls_ctr_drbg_init( &ctr_drbg );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1149 mbedtls_entropy_init( &entropy );
Hanno Becker7e8e57c2017-07-23 10:19:29 +0100[diff] [blame]1150 mbedtls_rsa_init ( &ctx, 0, 0 );
Paul Bakkerc0a1a312011-12-04 17:12:15 +0000[diff] [blame]1151
Hanno Beckera47023e2017-12-22 17:08:03 +0000[diff] [blame]1152 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1153 &entropy, (const unsigned char *) pers,
1154 strlen( pers ) ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1155
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1156 TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1157 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1158 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1159 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Janos Follathef441782016-09-21 13:18:12 +0100[diff] [blame]1160 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &ctx.Q ) > 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1161 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1162
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1163exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1164 mbedtls_rsa_free( &ctx );
1165 mbedtls_ctr_drbg_free( &ctr_drbg );
1166 mbedtls_entropy_free( &entropy );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1167}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1168/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1169
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1170/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Hanno Becker0f65e0c2017-10-03 14:39:16 +0100[diff] [blame]1171void mbedtls_rsa_deduce_primes( int radix_N, char *input_N,
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1172 int radix_D, char *input_D,
1173 int radix_E, char *input_E,
1174 int radix_P, char *output_P,
1175 int radix_Q, char *output_Q,
1176 int corrupt, int result )
1177{
1178 mbedtls_mpi N, P, Pp, Q, Qp, D, E;
1179
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1180 mbedtls_mpi_init( &N );
1181 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1182 mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp );
1183 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1184
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1185 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1186 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1187 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1188 TEST_ASSERT( mbedtls_mpi_read_string( &Qp, radix_P, output_P ) == 0 );
1189 TEST_ASSERT( mbedtls_mpi_read_string( &Pp, radix_Q, output_Q ) == 0 );
1190
1191 if( corrupt )
1192 TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 );
1193
1194 /* Try to deduce P, Q from N, D, E only. */
Hanno Beckerf9e184b2017-10-10 16:49:26 +0100[diff] [blame]1195 TEST_ASSERT( mbedtls_rsa_deduce_primes( &N, &D, &E, &P, &Q ) == result );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1196
1197 if( !corrupt )
1198 {
1199 /* Check if (P,Q) = (Pp, Qp) or (P,Q) = (Qp, Pp) */
1200 TEST_ASSERT( ( mbedtls_mpi_cmp_mpi( &P, &Pp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Qp ) == 0 ) ||
1201 ( mbedtls_mpi_cmp_mpi( &P, &Qp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Pp ) == 0 ) );
1202 }
1203
1204exit:
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1205 mbedtls_mpi_free( &N );
1206 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1207 mbedtls_mpi_free( &Pp ); mbedtls_mpi_free( &Qp );
1208 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1209}
1210/* END_CASE */
1211
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1212/* BEGIN_CASE */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1213void mbedtls_rsa_deduce_private_exponent( int radix_P, char *input_P,
1214 int radix_Q, char *input_Q,
1215 int radix_E, char *input_E,
1216 int radix_D, char *output_D,
1217 int corrupt, int result )
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1218{
1219 mbedtls_mpi P, Q, D, Dp, E, R, Rp;
1220
1221 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1222 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &Dp );
1223 mbedtls_mpi_init( &E );
1224 mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp );
1225
1226 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1227 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1228 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1229 TEST_ASSERT( mbedtls_mpi_read_string( &Dp, radix_D, output_D ) == 0 );
1230
1231 if( corrupt )
1232 {
1233 /* Make E even */
1234 TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 0 ) == 0 );
1235 }
1236
1237 /* Try to deduce D from N, P, Q, E. */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1238 TEST_ASSERT( mbedtls_rsa_deduce_private_exponent( &P, &Q,
1239 &E, &D ) == result );
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1240
1241 if( !corrupt )
1242 {
1243 /*
1244 * Check that D and Dp agree modulo LCM(P-1, Q-1).
1245 */
1246
1247 /* Replace P,Q by P-1, Q-1 */
1248 TEST_ASSERT( mbedtls_mpi_sub_int( &P, &P, 1 ) == 0 );
1249 TEST_ASSERT( mbedtls_mpi_sub_int( &Q, &Q, 1 ) == 0 );
1250
1251 /* Check D == Dp modulo P-1 */
1252 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &P ) == 0 );
1253 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &P ) == 0 );
1254 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1255
1256 /* Check D == Dp modulo Q-1 */
1257 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &Q ) == 0 );
1258 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &Q ) == 0 );
1259 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1260 }
1261
1262exit:
1263
1264 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1265 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &Dp );
1266 mbedtls_mpi_free( &E );
1267 mbedtls_mpi_free( &R ); mbedtls_mpi_free( &Rp );
1268}
1269/* END_CASE */
1270
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1271/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1272void mbedtls_rsa_import( int radix_N, char *input_N,
1273 int radix_P, char *input_P,
1274 int radix_Q, char *input_Q,
1275 int radix_D, char *input_D,
1276 int radix_E, char *input_E,
1277 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1278 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1279 int res_check,
1280 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1281{
1282 mbedtls_mpi N, P, Q, D, E;
1283 mbedtls_rsa_context ctx;
1284
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1285 /* Buffers used for encryption-decryption test */
1286 unsigned char *buf_orig = NULL;
1287 unsigned char *buf_enc = NULL;
1288 unsigned char *buf_dec = NULL;
1289
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1290 mbedtls_entropy_context entropy;
1291 mbedtls_ctr_drbg_context ctr_drbg;
1292 const char *pers = "test_suite_rsa";
1293
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1294 const int have_N = ( strlen( input_N ) > 0 );
1295 const int have_P = ( strlen( input_P ) > 0 );
1296 const int have_Q = ( strlen( input_Q ) > 0 );
1297 const int have_D = ( strlen( input_D ) > 0 );
1298 const int have_E = ( strlen( input_E ) > 0 );
1299
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1300 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1301 mbedtls_entropy_init( &entropy );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1302 mbedtls_rsa_init( &ctx, 0, 0 );
1303
1304 mbedtls_mpi_init( &N );
1305 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1306 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1307
Hanno Beckerd4d60572018-01-10 07:12:01 +0000[diff] [blame]1308 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
1309 (const unsigned char *) pers, strlen( pers ) ) == 0 );
1310
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1311 if( have_N )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1312 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1313
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1314 if( have_P )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1315 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1316
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1317 if( have_Q )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1318 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1319
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1320 if( have_D )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1321 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1322
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1323 if( have_E )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1324 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1325
1326 if( !successive )
1327 {
1328 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1329 have_N ? &N : NULL,
1330 have_P ? &P : NULL,
1331 have_Q ? &Q : NULL,
1332 have_D ? &D : NULL,
1333 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1334 }
1335 else
1336 {
1337 /* Import N, P, Q, D, E separately.
1338 * This should make no functional difference. */
1339
1340 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1341 have_N ? &N : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1342 NULL, NULL, NULL, NULL ) == 0 );
1343
1344 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1345 NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1346 have_P ? &P : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1347 NULL, NULL, NULL ) == 0 );
1348
1349 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1350 NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1351 have_Q ? &Q : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1352 NULL, NULL ) == 0 );
1353
1354 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1355 NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1356 have_D ? &D : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1357 NULL ) == 0 );
1358
1359 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1360 NULL, NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1361 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1362 }
1363
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1364 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1365
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1366 /* On expected success, perform some public and private
1367 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1368 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1369 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1370 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1371 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1372 else
1373 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1374
1375 if( res_check != 0 )
1376 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1377
1378 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1379 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1380 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1381 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1382 goto exit;
1383
1384 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1385 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1386
1387 /* Make sure the number we're generating is smaller than the modulus */
1388 buf_orig[0] = 0x00;
1389
1390 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1391
1392 if( is_priv )
1393 {
1394 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1395 &ctr_drbg, buf_enc,
1396 buf_dec ) == 0 );
1397
1398 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1399 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1400 }
1401 }
1402
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1403exit:
1404
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1405 mbedtls_free( buf_orig );
1406 mbedtls_free( buf_enc );
1407 mbedtls_free( buf_dec );
1408
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1409 mbedtls_rsa_free( &ctx );
1410
1411 mbedtls_ctr_drbg_free( &ctr_drbg );
1412 mbedtls_entropy_free( &entropy );
1413
1414 mbedtls_mpi_free( &N );
1415 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1416 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1417}
1418/* END_CASE */
1419
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1420/* BEGIN_CASE */
1421void mbedtls_rsa_export( int radix_N, char *input_N,
1422 int radix_P, char *input_P,
1423 int radix_Q, char *input_Q,
1424 int radix_D, char *input_D,
1425 int radix_E, char *input_E,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1426 int is_priv,
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1427 int successive )
1428{
1429 /* Original MPI's with which we set up the RSA context */
1430 mbedtls_mpi N, P, Q, D, E;
1431
1432 /* Exported MPI's */
1433 mbedtls_mpi Ne, Pe, Qe, De, Ee;
1434
1435 const int have_N = ( strlen( input_N ) > 0 );
1436 const int have_P = ( strlen( input_P ) > 0 );
1437 const int have_Q = ( strlen( input_Q ) > 0 );
1438 const int have_D = ( strlen( input_D ) > 0 );
1439 const int have_E = ( strlen( input_E ) > 0 );
1440
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1441 mbedtls_rsa_context ctx;
1442
1443 mbedtls_rsa_init( &ctx, 0, 0 );
1444
1445 mbedtls_mpi_init( &N );
1446 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1447 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1448
1449 mbedtls_mpi_init( &Ne );
1450 mbedtls_mpi_init( &Pe ); mbedtls_mpi_init( &Qe );
1451 mbedtls_mpi_init( &De ); mbedtls_mpi_init( &Ee );
1452
1453 /* Setup RSA context */
1454
1455 if( have_N )
1456 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1457
1458 if( have_P )
1459 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1460
1461 if( have_Q )
1462 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1463
1464 if( have_D )
1465 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1466
1467 if( have_E )
1468 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1469
1470 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1471 strlen( input_N ) ? &N : NULL,
1472 strlen( input_P ) ? &P : NULL,
1473 strlen( input_Q ) ? &Q : NULL,
1474 strlen( input_D ) ? &D : NULL,
1475 strlen( input_E ) ? &E : NULL ) == 0 );
1476
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1477 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1478
1479 /*
1480 * Export parameters and compare to original ones.
1481 */
1482
1483 /* N and E must always be present. */
1484 if( !successive )
1485 {
1486 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, &Ee ) == 0 );
1487 }
1488 else
1489 {
1490 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, NULL ) == 0 );
1491 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL, NULL, &Ee ) == 0 );
1492 }
1493 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &Ne ) == 0 );
1494 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &E, &Ee ) == 0 );
1495
1496 /* If we were providing enough information to setup a complete private context,
1497 * we expect to be able to export all core parameters. */
1498
1499 if( is_priv )
1500 {
1501 if( !successive )
1502 {
1503 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, &Qe,
1504 &De, NULL ) == 0 );
1505 }
1506 else
1507 {
1508 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, NULL,
1509 NULL, NULL ) == 0 );
1510 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, &Qe,
1511 NULL, NULL ) == 0 );
1512 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL,
1513 &De, NULL ) == 0 );
1514 }
1515
1516 if( have_P )
1517 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P, &Pe ) == 0 );
1518
1519 if( have_Q )
1520 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &Qe ) == 0 );
1521
1522 if( have_D )
1523 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &D, &De ) == 0 );
1524
1525 /* While at it, perform a sanity check */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1526 TEST_ASSERT( mbedtls_rsa_validate_params( &Ne, &Pe, &Qe, &De, &Ee,
1527 NULL, NULL ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1528 }
1529
1530exit:
1531
1532 mbedtls_rsa_free( &ctx );
1533
1534 mbedtls_mpi_free( &N );
1535 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1536 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1537
1538 mbedtls_mpi_free( &Ne );
1539 mbedtls_mpi_free( &Pe ); mbedtls_mpi_free( &Qe );
1540 mbedtls_mpi_free( &De ); mbedtls_mpi_free( &Ee );
1541}
1542/* END_CASE */
1543
Manuel Pégourié-Gonnardd12402f2020-05-20 10:34:25 +0200[diff] [blame]1544/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1545void mbedtls_rsa_validate_params( int radix_N, char *input_N,
1546 int radix_P, char *input_P,
1547 int radix_Q, char *input_Q,
1548 int radix_D, char *input_D,
1549 int radix_E, char *input_E,
1550 int prng, int result )
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1551{
1552 /* Original MPI's with which we set up the RSA context */
1553 mbedtls_mpi N, P, Q, D, E;
1554
1555 const int have_N = ( strlen( input_N ) > 0 );
1556 const int have_P = ( strlen( input_P ) > 0 );
1557 const int have_Q = ( strlen( input_Q ) > 0 );
1558 const int have_D = ( strlen( input_D ) > 0 );
1559 const int have_E = ( strlen( input_E ) > 0 );
1560
1561 mbedtls_entropy_context entropy;
1562 mbedtls_ctr_drbg_context ctr_drbg;
1563 const char *pers = "test_suite_rsa";
1564
1565 mbedtls_mpi_init( &N );
1566 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1567 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1568
1569 mbedtls_ctr_drbg_init( &ctr_drbg );
1570 mbedtls_entropy_init( &entropy );
1571 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1572 &entropy, (const unsigned char *) pers,
1573 strlen( pers ) ) == 0 );
1574
1575 if( have_N )
1576 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1577
1578 if( have_P )
1579 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1580
1581 if( have_Q )
1582 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1583
1584 if( have_D )
1585 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1586
1587 if( have_E )
1588 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1589
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1590 TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL,
1591 have_P ? &P : NULL,
1592 have_Q ? &Q : NULL,
1593 have_D ? &D : NULL,
1594 have_E ? &E : NULL,
1595 prng ? mbedtls_ctr_drbg_random : NULL,
1596 prng ? &ctr_drbg : NULL ) == result );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1597exit:
1598
1599 mbedtls_ctr_drbg_free( &ctr_drbg );
1600 mbedtls_entropy_free( &entropy );
1601
1602 mbedtls_mpi_free( &N );
1603 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1604 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1605}
1606/* END_CASE */
1607
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1608/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1609void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P,
1610 data_t *input_Q, data_t *input_D,
1611 data_t *input_E, int is_priv,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1612 int successive )
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1613{
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1614 /* Exported buffers */
Ron Eldorfdc15bd2018-11-22 15:47:51 +0200[diff] [blame]1615 unsigned char bufNe[256];
1616 unsigned char bufPe[128];
1617 unsigned char bufQe[128];
1618 unsigned char bufDe[256];
1619 unsigned char bufEe[1];
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1620
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1621 mbedtls_rsa_context ctx;
1622
1623 mbedtls_rsa_init( &ctx, 0, 0 );
1624
1625 /* Setup RSA context */
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1626 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1627 input_N->len ? input_N->x : NULL, input_N->len,
1628 input_P->len ? input_P->x : NULL, input_P->len,
1629 input_Q->len ? input_Q->x : NULL, input_Q->len,
1630 input_D->len ? input_D->x : NULL, input_D->len,
1631 input_E->len ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1632
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1633 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1634
1635 /*
1636 * Export parameters and compare to original ones.
1637 */
1638
1639 /* N and E must always be present. */
1640 if( !successive )
1641 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1642 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1643 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1644 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1645 }
1646 else
1647 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1648 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1649 NULL, 0, NULL, 0, NULL, 0,
1650 NULL, 0 ) == 0 );
1651 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
1652 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1653 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1654 }
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1655 TEST_ASSERT( memcmp( input_N->x, bufNe, input_N->len ) == 0 );
1656 TEST_ASSERT( memcmp( input_E->x, bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1657
1658 /* If we were providing enough information to setup a complete private context,
1659 * we expect to be able to export all core parameters. */
1660
1661 if( is_priv )
1662 {
1663 if( !successive )
1664 {
1665 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1666 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
1667 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
1668 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1669 NULL, 0 ) == 0 );
1670 }
1671 else
1672 {
1673 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1674 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1675 NULL, 0, NULL, 0,
1676 NULL, 0 ) == 0 );
1677
1678 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1679 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1680 NULL, 0, NULL, 0 ) == 0 );
1681
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1682 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0, NULL, 0,
1683 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1684 NULL, 0 ) == 0 );
1685 }
1686
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1687 if( input_P->len )
1688 TEST_ASSERT( memcmp( input_P->x, bufPe, input_P->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1689
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1690 if( input_Q->len )
1691 TEST_ASSERT( memcmp( input_Q->x, bufQe, input_Q->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1692
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1693 if( input_D->len )
1694 TEST_ASSERT( memcmp( input_D->x, bufDe, input_D->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1695
1696 }
1697
1698exit:
1699 mbedtls_rsa_free( &ctx );
1700}
1701/* END_CASE */
1702
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1703/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1704void mbedtls_rsa_import_raw( data_t *input_N,
1705 data_t *input_P, data_t *input_Q,
1706 data_t *input_D, data_t *input_E,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1707 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1708 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1709 int res_check,
1710 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1711{
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1712 /* Buffers used for encryption-decryption test */
1713 unsigned char *buf_orig = NULL;
1714 unsigned char *buf_enc = NULL;
1715 unsigned char *buf_dec = NULL;
1716
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1717 mbedtls_rsa_context ctx;
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1718 mbedtls_entropy_context entropy;
1719 mbedtls_ctr_drbg_context ctr_drbg;
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1720
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1721 const char *pers = "test_suite_rsa";
1722
1723 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1724 mbedtls_entropy_init( &entropy );
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1725 mbedtls_rsa_init( &ctx, 0, 0 );
1726
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1727 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1728 &entropy, (const unsigned char *) pers,
1729 strlen( pers ) ) == 0 );
1730
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1731 if( !successive )
1732 {
1733 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1734 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
1735 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
1736 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
1737 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
1738 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1739 }
1740 else
1741 {
1742 /* Import N, P, Q, D, E separately.
1743 * This should make no functional difference. */
1744
1745 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1746 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1747 NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1748
1749 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1750 NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1751 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1752 NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1753
1754 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1755 NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1756 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1757 NULL, 0, NULL, 0 ) == 0 );
1758
1759 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1760 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1761 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1762 NULL, 0 ) == 0 );
1763
1764 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1765 NULL, 0, NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1766 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1767 }
1768
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1769 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1770
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1771 /* On expected success, perform some public and private
1772 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1773 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1774 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1775 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1776 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1777 else
1778 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1779
1780 if( res_check != 0 )
1781 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1782
1783 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1784 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1785 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1786 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1787 goto exit;
1788
1789 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1790 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1791
1792 /* Make sure the number we're generating is smaller than the modulus */
1793 buf_orig[0] = 0x00;
1794
1795 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1796
1797 if( is_priv )
1798 {
1799 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1800 &ctr_drbg, buf_enc,
1801 buf_dec ) == 0 );
1802
1803 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1804 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1805 }
1806 }
1807
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1808exit:
1809
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1810 mbedtls_free( buf_orig );
1811 mbedtls_free( buf_enc );
1812 mbedtls_free( buf_dec );
1813
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1814 mbedtls_rsa_free( &ctx );
1815
1816 mbedtls_ctr_drbg_free( &ctr_drbg );
1817 mbedtls_entropy_free( &entropy );
1818
1819}
1820/* END_CASE */
1821
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1822/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1823void rsa_selftest( )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1824{
Andres AG93012e82016-09-09 09:10:28 +0100[diff] [blame]1825 TEST_ASSERT( mbedtls_rsa_self_test( 1 ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1826}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1827/* END_CASE */