Blame - tests/suites/test_suite_rsa.function - mirror/mbed-tls

blob: 9dfd664608c116ffda3591d93d64e7563ebf3a5d [file] [log] [blame]

Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	1	BEGIN_HEADER
				2	#include <polarssl/rsa.h>
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	3	#include <polarssl/md2.h>
				4	#include <polarssl/md4.h>
				5	#include <polarssl/md5.h>
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	6	#include <polarssl/sha1.h>
				7	#include <polarssl/sha2.h>
				8	#include <polarssl/sha4.h>
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	9	#include <polarssl/havege.h>
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	10	END_HEADER
				11
Paul Bakker	5690efc	2011-05-26 13:16:06 +0000	[diff] [blame]	12	BEGIN_DEPENDENCIES
Paul Bakker	d7d8dbe	2011-05-26 15:29:38 +0000	[diff] [blame^]	13	depends_on:POLARSSL_RSA_C:POLARSSL_BIGNUM_C:POLARSSL_GENPRIME
Paul Bakker	5690efc	2011-05-26 13:16:06 +0000	[diff] [blame]	14	END_DEPENDENCIES
				15
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	16	BEGIN_CASE
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	17	rsa_pkcs1_sign:message_hex_string:padding_mode:digest:mod:radix_P:input_P:radix_Q:input_Q:radix_N:input_N:radix_E:input_E:result_hex_str:result
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	18	{
				19	unsigned char message_str[1000];
				20	unsigned char hash_result[1000];
				21	unsigned char output[1000];
				22	unsigned char output_str[1000];
				23	rsa_context ctx;
				24	mpi P1, Q1, H, G;
Paul Bakker	69998dd	2009-07-11 19:15:20 +0000	[diff] [blame]	25	int msg_len;
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	26
Paul Bakker	6c591fa	2011-05-05 11:49:20 +0000	[diff] [blame]	27	mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	28	rsa_init( &ctx, {padding_mode}, 0 );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	29
				30	memset( message_str, 0x00, 1000 );
				31	memset( hash_result, 0x00, 1000 );
				32	memset( output, 0x00, 1000 );
				33	memset( output_str, 0x00, 1000 );
				34
				35	ctx.len = {mod} / 8;
				36	TEST_ASSERT( mpi_read_string( &ctx.P, {radix_P}, {input_P} ) == 0 );
				37	TEST_ASSERT( mpi_read_string( &ctx.Q, {radix_Q}, {input_Q} ) == 0 );
				38	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				39	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				40
				41	TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
				42	TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
				43	TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
				44	TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H ) == 0 );
				45	TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
				46	TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
				47	TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
				48	TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
				49
				50	TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
				51
Paul Bakker	69998dd	2009-07-11 19:15:20 +0000	[diff] [blame]	52	msg_len = unhexify( message_str, {message_hex_string} );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	53
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	54	switch( {digest} )
				55	{
				56	#ifdef POLARSSL_MD2_C
				57	case SIG_RSA_MD2:
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	58	md2( message_str, msg_len, hash_result );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	59	break;
				60	#endif
				61	#ifdef POLARSSL_MD4_C
				62	case SIG_RSA_MD4:
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	63	md4( message_str, msg_len, hash_result );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	64	break;
				65	#endif
				66	#ifdef POLARSSL_MD5_C
				67	case SIG_RSA_MD5:
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	68	md5( message_str, msg_len, hash_result );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	69	break;
				70	#endif
				71	#ifdef POLARSSL_SHA1_C
				72	case SIG_RSA_SHA1:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	73	sha1( message_str, msg_len, hash_result );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	74	break;
				75	#endif
				76	#ifdef POLARSSL_SHA2_C
				77	case SIG_RSA_SHA224:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	78	sha2( message_str, msg_len, hash_result, 1 );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	79	break;
				80	case SIG_RSA_SHA256:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	81	sha2( message_str, msg_len, hash_result, 0 );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	82	break;
				83	#endif
				84	#ifdef POLARSSL_SHA4_C
				85	case SIG_RSA_SHA384:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	86	sha4( message_str, msg_len, hash_result, 1 );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	87	break;
				88	case SIG_RSA_SHA512:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	89	sha4( message_str, msg_len, hash_result, 0 );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	90	break;
				91	#endif
				92	}
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	93
Paul Bakker	9dcc322	2011-03-08 14:16:06 +0000	[diff] [blame]	94	TEST_ASSERT( rsa_pkcs1_sign( &ctx, NULL, NULL, RSA_PRIVATE, {digest}, 0, hash_result, output ) == {result} );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	95	if( {result} == 0 )
				96	{
				97	hexify( output_str, output, ctx.len );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	98
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	99	TEST_ASSERT( strcasecmp( (char *) output_str, {result_hex_str} ) == 0 );
				100	}
Paul Bakker	6c591fa	2011-05-05 11:49:20 +0000	[diff] [blame]	101
				102	mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	103	}
				104	END_CASE
				105
				106	BEGIN_CASE
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	107	rsa_pkcs1_verify:message_hex_string:padding_mode:digest:mod:radix_N:input_N:radix_E:input_E:result_hex_str:result
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	108	{
				109	unsigned char message_str[1000];
				110	unsigned char hash_result[1000];
				111	unsigned char result_str[1000];
				112	rsa_context ctx;
Paul Bakker	69998dd	2009-07-11 19:15:20 +0000	[diff] [blame]	113	int msg_len;
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	114
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	115	rsa_init( &ctx, {padding_mode}, 0 );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	116	memset( message_str, 0x00, 1000 );
				117	memset( hash_result, 0x00, 1000 );
				118	memset( result_str, 0x00, 1000 );
				119
				120	ctx.len = {mod} / 8;
				121	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				122	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				123
				124	TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
				125
Paul Bakker	69998dd	2009-07-11 19:15:20 +0000	[diff] [blame]	126	msg_len = unhexify( message_str, {message_hex_string} );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	127	unhexify( result_str, {result_hex_str} );
				128
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	129	switch( {digest} )
				130	{
				131	#ifdef POLARSSL_MD2_C
				132	case SIG_RSA_MD2:
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	133	md2( message_str, msg_len, hash_result );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	134	break;
				135	#endif
				136	#ifdef POLARSSL_MD4_C
				137	case SIG_RSA_MD4:
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	138	md4( message_str, msg_len, hash_result );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	139	break;
				140	#endif
				141	#ifdef POLARSSL_MD5_C
				142	case SIG_RSA_MD5:
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	143	md5( message_str, msg_len, hash_result );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	144	break;
				145	#endif
				146	#ifdef POLARSSL_SHA1_C
				147	case SIG_RSA_SHA1:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	148	sha1( message_str, msg_len, hash_result );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	149	break;
				150	#endif
				151	#ifdef POLARSSL_SHA2_C
				152	case SIG_RSA_SHA224:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	153	sha2( message_str, msg_len, hash_result, 1 );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	154	break;
				155	case SIG_RSA_SHA256:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	156	sha2( message_str, msg_len, hash_result, 0 );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	157	break;
				158	#endif
				159	#ifdef POLARSSL_SHA4_C
				160	case SIG_RSA_SHA384:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	161	sha4( message_str, msg_len, hash_result, 1 );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	162	break;
				163	case SIG_RSA_SHA512:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	164	sha4( message_str, msg_len, hash_result, 0 );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	165	break;
				166	#endif
				167	}
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	168
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	169	TEST_ASSERT( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, {digest}, 0, hash_result, result_str ) == {result} );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	170	}
				171	END_CASE
				172
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	173
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	174	BEGIN_CASE
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	175	rsa_pkcs1_sign_raw:message_hex_string:hash_result_string:padding_mode:mod:radix_P:input_P:radix_Q:input_Q:radix_N:input_N:radix_E:input_E:result_hex_str
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	176	{
				177	unsigned char message_str[1000];
				178	unsigned char hash_result[1000];
				179	unsigned char output[1000];
				180	unsigned char output_str[1000];
				181	rsa_context ctx;
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	182	mpi P1, Q1, H, G;
				183	int msg_len, hash_len;
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	184
Paul Bakker	6c591fa	2011-05-05 11:49:20 +0000	[diff] [blame]	185	mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	186	rsa_init( &ctx, {padding_mode}, 0 );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	187
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	188	memset( message_str, 0x00, 1000 );
				189	memset( hash_result, 0x00, 1000 );
				190	memset( output, 0x00, 1000 );
				191	memset( output_str, 0x00, 1000 );
				192
				193	ctx.len = {mod} / 8;
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	194	TEST_ASSERT( mpi_read_string( &ctx.P, {radix_P}, {input_P} ) == 0 );
				195	TEST_ASSERT( mpi_read_string( &ctx.Q, {radix_Q}, {input_Q} ) == 0 );
				196	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				197	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				198
				199	TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
				200	TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
				201	TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
				202	TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H ) == 0 );
				203	TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
				204	TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
				205	TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
				206	TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
				207
				208	TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
				209
				210	msg_len = unhexify( message_str, {message_hex_string} );
				211	hash_len = unhexify( hash_result, {hash_result_string} );
				212
Paul Bakker	9dcc322	2011-03-08 14:16:06 +0000	[diff] [blame]	213	TEST_ASSERT( rsa_pkcs1_sign( &ctx, NULL, NULL, RSA_PRIVATE, SIG_RSA_RAW, hash_len, hash_result, output ) == 0 );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	214
				215	hexify( output_str, output, ctx.len );
				216
				217	TEST_ASSERT( strcasecmp( (char *) output_str, {result_hex_str} ) == 0 );
Paul Bakker	6c591fa	2011-05-05 11:49:20 +0000	[diff] [blame]	218
				219	mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	220	}
				221	END_CASE
				222
				223	BEGIN_CASE
				224	rsa_pkcs1_verify_raw:message_hex_string:hash_result_string:padding_mode:mod:radix_N:input_N:radix_E:input_E:result_hex_str:correct
				225	{
				226	unsigned char message_str[1000];
				227	unsigned char hash_result[1000];
				228	unsigned char result_str[1000];
				229	rsa_context ctx;
Paul Bakker	f4a3f30	2011-04-24 15:53:29 +0000	[diff] [blame]	230	size_t msg_len, hash_len;
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	231
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	232	rsa_init( &ctx, {padding_mode}, 0 );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	233	memset( message_str, 0x00, 1000 );
				234	memset( hash_result, 0x00, 1000 );
				235	memset( result_str, 0x00, 1000 );
				236
				237	ctx.len = {mod} / 8;
				238	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				239	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				240
				241	TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
				242
				243	msg_len = unhexify( message_str, {message_hex_string} );
				244	hash_len = unhexify( hash_result, {hash_result_string} );
				245	unhexify( result_str, {result_hex_str} );
				246
Paul Bakker	fc22c44	2009-07-19 20:36:27 +0000	[diff] [blame]	247	TEST_ASSERT( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_RAW, hash_len, hash_result, result_str ) == {correct} );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	248	}
				249	END_CASE
				250
				251	BEGIN_CASE
				252	rsa_pkcs1_encrypt:message_hex_string:padding_mode:mod:radix_N:input_N:radix_E:input_E:result_hex_str:result
				253	{
				254	unsigned char message_str[1000];
				255	unsigned char output[1000];
				256	unsigned char output_str[1000];
				257	rsa_context ctx;
Paul Bakker	f4a3f30	2011-04-24 15:53:29 +0000	[diff] [blame]	258	size_t msg_len;
Paul Bakker	997bbd1	2011-03-13 15:45:42 +0000	[diff] [blame]	259	rnd_pseudo_info rnd_info;
				260
				261	memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	262
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	263	rsa_init( &ctx, {padding_mode}, 0 );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	264	memset( message_str, 0x00, 1000 );
				265	memset( output, 0x00, 1000 );
				266	memset( output_str, 0x00, 1000 );
				267
				268	ctx.len = {mod} / 8;
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	269	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				270	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				271
				272	TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
				273
Paul Bakker	69998dd	2009-07-11 19:15:20 +0000	[diff] [blame]	274	msg_len = unhexify( message_str, {message_hex_string} );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	275
Paul Bakker	997bbd1	2011-03-13 15:45:42 +0000	[diff] [blame]	276	TEST_ASSERT( rsa_pkcs1_encrypt( &ctx, &rnd_pseudo_rand, &rnd_info, RSA_PUBLIC, msg_len, message_str, output ) == {result} );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	277	if( {result} == 0 )
				278	{
				279	hexify( output_str, output, ctx.len );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	280
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	281	TEST_ASSERT( strcasecmp( (char *) output_str, {result_hex_str} ) == 0 );
				282	}
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	283	}
				284	END_CASE
				285
				286	BEGIN_CASE
Paul Bakker	a665685	2010-07-18 19:47:14 +0000	[diff] [blame]	287	rsa_pkcs1_encrypt_bad_rng:message_hex_string:padding_mode:mod:radix_N:input_N:radix_E:input_E:result_hex_str:result
				288	{
				289	unsigned char message_str[1000];
				290	unsigned char output[1000];
				291	unsigned char output_str[1000];
				292	rsa_context ctx;
Paul Bakker	f4a3f30	2011-04-24 15:53:29 +0000	[diff] [blame]	293	size_t msg_len;
Paul Bakker	a665685	2010-07-18 19:47:14 +0000	[diff] [blame]	294
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	295	rsa_init( &ctx, {padding_mode}, 0 );
Paul Bakker	a665685	2010-07-18 19:47:14 +0000	[diff] [blame]	296	memset( message_str, 0x00, 1000 );
				297	memset( output, 0x00, 1000 );
				298	memset( output_str, 0x00, 1000 );
				299
				300	ctx.len = {mod} / 8;
				301	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				302	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				303
				304	TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
				305
				306	msg_len = unhexify( message_str, {message_hex_string} );
				307
Paul Bakker	997bbd1	2011-03-13 15:45:42 +0000	[diff] [blame]	308	TEST_ASSERT( rsa_pkcs1_encrypt( &ctx, &rnd_zero_rand, NULL, RSA_PUBLIC, msg_len, message_str, output ) == {result} );
Paul Bakker	a665685	2010-07-18 19:47:14 +0000	[diff] [blame]	309	if( {result} == 0 )
				310	{
				311	hexify( output_str, output, ctx.len );
				312
				313	TEST_ASSERT( strcasecmp( (char *) output_str, {result_hex_str} ) == 0 );
				314	}
				315	}
				316	END_CASE
				317
				318	BEGIN_CASE
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	319	rsa_pkcs1_decrypt:message_hex_string:padding_mode:mod:radix_P:input_P:radix_Q:input_Q:radix_N:input_N:radix_E:input_E:max_output:result_hex_str:result
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	320	{
				321	unsigned char message_str[1000];
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	322	unsigned char output[1000];
				323	unsigned char output_str[1000];
				324	rsa_context ctx;
				325	mpi P1, Q1, H, G;
Paul Bakker	f4a3f30	2011-04-24 15:53:29 +0000	[diff] [blame]	326	size_t output_len;
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	327
Paul Bakker	6c591fa	2011-05-05 11:49:20 +0000	[diff] [blame]	328	mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	329	rsa_init( &ctx, {padding_mode}, 0 );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	330
				331	memset( message_str, 0x00, 1000 );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	332	memset( output, 0x00, 1000 );
				333	memset( output_str, 0x00, 1000 );
				334
				335	ctx.len = {mod} / 8;
				336	TEST_ASSERT( mpi_read_string( &ctx.P, {radix_P}, {input_P} ) == 0 );
				337	TEST_ASSERT( mpi_read_string( &ctx.Q, {radix_Q}, {input_Q} ) == 0 );
				338	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				339	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				340
				341	TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
				342	TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
				343	TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
				344	TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H ) == 0 );
				345	TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
				346	TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
				347	TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
				348	TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
				349
				350	TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
				351
				352	unhexify( message_str, {message_hex_string} );
Paul Bakker	69998dd	2009-07-11 19:15:20 +0000	[diff] [blame]	353	output_len = 0;
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	354
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	355	TEST_ASSERT( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, {max_output} ) == {result} );
				356	if( {result} == 0 )
				357	{
				358	hexify( output_str, output, ctx.len );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	359
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	360	TEST_ASSERT( strncasecmp( (char *) output_str, {result_hex_str}, strlen( {result_hex_str} ) ) == 0 );
				361	}
Paul Bakker	6c591fa	2011-05-05 11:49:20 +0000	[diff] [blame]	362
				363	mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	364	}
				365	END_CASE
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	366
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	367	BEGIN_CASE
				368	rsa_public:message_hex_string:mod:radix_N:input_N:radix_E:input_E:result_hex_str:result
				369	{
				370	unsigned char message_str[1000];
				371	unsigned char output[1000];
				372	unsigned char output_str[1000];
				373	rsa_context ctx;
				374
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	375	rsa_init( &ctx, RSA_PKCS_V15, 0 );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	376	memset( message_str, 0x00, 1000 );
				377	memset( output, 0x00, 1000 );
				378	memset( output_str, 0x00, 1000 );
				379
				380	ctx.len = {mod} / 8;
				381	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				382	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				383
				384	TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
				385
				386	unhexify( message_str, {message_hex_string} );
				387
				388	TEST_ASSERT( rsa_public( &ctx, message_str, output ) == {result} );
				389	if( {result} == 0 )
				390	{
				391	hexify( output_str, output, ctx.len );
				392
				393	TEST_ASSERT( strcasecmp( (char *) output_str, {result_hex_str} ) == 0 );
				394	}
				395	}
				396	END_CASE
				397
				398	BEGIN_CASE
				399	rsa_private:message_hex_string:mod:radix_P:input_P:radix_Q:input_Q:radix_N:input_N:radix_E:input_E:result_hex_str:result
				400	{
				401	unsigned char message_str[1000];
				402	unsigned char output[1000];
				403	unsigned char output_str[1000];
				404	rsa_context ctx;
				405	mpi P1, Q1, H, G;
				406
Paul Bakker	6c591fa	2011-05-05 11:49:20 +0000	[diff] [blame]	407	mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	408	rsa_init( &ctx, RSA_PKCS_V15, 0 );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	409
				410	memset( message_str, 0x00, 1000 );
				411	memset( output, 0x00, 1000 );
				412	memset( output_str, 0x00, 1000 );
				413
				414	ctx.len = {mod} / 8;
				415	TEST_ASSERT( mpi_read_string( &ctx.P, {radix_P}, {input_P} ) == 0 );
				416	TEST_ASSERT( mpi_read_string( &ctx.Q, {radix_Q}, {input_Q} ) == 0 );
				417	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				418	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				419
				420	TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
				421	TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
				422	TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
				423	TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H ) == 0 );
				424	TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
				425	TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
				426	TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
				427	TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
				428
				429	TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
				430
				431	unhexify( message_str, {message_hex_string} );
				432
				433	TEST_ASSERT( rsa_private( &ctx, message_str, output ) == {result} );
				434	if( {result} == 0 )
				435	{
				436	hexify( output_str, output, ctx.len );
				437
				438	TEST_ASSERT( strcasecmp( (char *) output_str, {result_hex_str} ) == 0 );
				439	}
Paul Bakker	6c591fa	2011-05-05 11:49:20 +0000	[diff] [blame]	440
				441	mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	442	}
				443	END_CASE
				444
				445	BEGIN_CASE
Paul Bakker	37940d9f	2009-07-10 22:38:58 +0000	[diff] [blame]	446	rsa_check_privkey_null:
				447	{
				448	rsa_context ctx;
				449	memset( &ctx, 0x00, sizeof( rsa_context ) );
				450
				451	TEST_ASSERT( rsa_check_privkey( &ctx ) == POLARSSL_ERR_RSA_KEY_CHECK_FAILED );
				452	}
				453	END_CASE
				454
				455	BEGIN_CASE
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	456	rsa_check_pubkey:radix_N:input_N:radix_E:input_E:result
				457	{
				458	rsa_context ctx;
				459
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	460	rsa_init( &ctx, RSA_PKCS_V15, 0 );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	461
				462	if( strlen( {input_N} ) )
				463	{
				464	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				465	}
				466	if( strlen( {input_E} ) )
				467	{
				468	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				469	}
				470
				471	TEST_ASSERT( rsa_check_pubkey( &ctx ) == {result} );
				472	}
				473	END_CASE
				474
				475	BEGIN_CASE
				476	rsa_check_privkey:mod:radix_P:input_P:radix_Q:input_Q:radix_N:input_N:radix_E:input_E:radix_D:input_D:result
				477	{
				478	rsa_context ctx;
				479
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	480	rsa_init( &ctx, RSA_PKCS_V15, 0 );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	481
				482	ctx.len = {mod} / 8;
				483	if( strlen( {input_P} ) )
				484	{
				485	TEST_ASSERT( mpi_read_string( &ctx.P, {radix_P}, {input_P} ) == 0 );
				486	}
				487	if( strlen( {input_Q} ) )
				488	{
				489	TEST_ASSERT( mpi_read_string( &ctx.Q, {radix_Q}, {input_Q} ) == 0 );
				490	}
				491	if( strlen( {input_N} ) )
				492	{
				493	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				494	}
				495	if( strlen( {input_E} ) )
				496	{
				497	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				498	}
				499	if( strlen( {input_D} ) )
				500	{
				501	TEST_ASSERT( mpi_read_string( &ctx.D, {radix_D}, {input_D} ) == 0 );
				502	}
				503
				504	TEST_ASSERT( rsa_check_privkey( &ctx ) == {result} );
				505	}
				506	END_CASE
				507
				508	BEGIN_CASE
				509	rsa_gen_key:nrbits:exponent:result
				510	{
				511	rsa_context ctx;
				512	havege_state hs;
				513
				514	havege_init( &hs );
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	515	rsa_init( &ctx, 0, 0 );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	516
Paul Bakker	a802e1a	2010-08-16 11:56:45 +0000	[diff] [blame]	517	TEST_ASSERT( rsa_gen_key( &ctx, havege_rand, &hs, {nrbits}, {exponent} ) == {result} );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	518	if( {result} == 0 )
				519	{
				520	TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
				521	}
				522	}
				523	END_CASE
				524
				525	BEGIN_CASE
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	526	rsa_selftest:
				527	{
				528	TEST_ASSERT( rsa_self_test( 0 ) == 0 );
				529	}
				530	END_CASE