TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / ecacc3c9d21b1e0dc264777aa69969fbefc6aa7f / . / tests / suites / test_suite_pkcs1_v15.function
blob: a7fb2a5ff8de87403a4c09f1a2f9e19ceace1da4 [file] [log] [blame]
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]1/* BEGIN_HEADER */
2#include "mbedtls/rsa.h"
3#include "mbedtls/md.h"
4/* END_HEADER */
5
6/* BEGIN_DEPENDENCIES
7 * depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
8 * END_DEPENDENCIES
9 */
10
11/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]12void pkcs1_rsaes_v15_encrypt( int mod, int radix_N, char * input_N,
13 int radix_E, char * input_E, int hash,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]14 data_t * message_str, data_t * rnd_buf,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]15 data_t * result_str, int result )
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]16{
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]17 unsigned char output[128];
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]18 mbedtls_rsa_context ctx;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]19 mbedtls_test_rnd_buf_info info;
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]20 mbedtls_mpi N, E;
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]21
Gilles Peskineecacc3c2021-03-24 00:48:57 +0100[diff] [blame^]22 info.fallback_f_rng = mbedtls_test_rnd_std_rand;
23 info.fallback_p_rng = NULL;
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]24 info.buf = rnd_buf->x;
25 info.length = rnd_buf->len;
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]26
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]27 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]28 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]29 memset( output, 0x00, sizeof( output ) );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]30
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]31 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
32 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
33 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
34 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]35 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
36
Gilles Peskine85a6dd42018-10-15 16:32:42 +0200[diff] [blame]37 if( message_str->len == 0 )
38 message_str->x = NULL;
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]39 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx,
40 &mbedtls_test_rnd_buffer_rand,
Thomas Daubney21772772021-05-13 17:30:32 +0100[diff] [blame]41 &info, message_str->len,
42 message_str->x,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]43 output ) == result );
44
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]45 if( result == 0 )
46 {
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]47 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
48 ctx.len, result_str->len ) == 0 );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]49 }
50
51exit:
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]52 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]53 mbedtls_rsa_free( &ctx );
54}
55/* END_CASE */
56
57/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]58void pkcs1_rsaes_v15_decrypt( int mod, int radix_P, char * input_P,
59 int radix_Q, char * input_Q, int radix_N,
60 char * input_N, int radix_E, char * input_E,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]61 int hash, data_t * result_str,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]62 char * seed, data_t * message_str,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]63 int result )
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]64{
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]65 unsigned char output[128];
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]66 mbedtls_rsa_context ctx;
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]67 size_t output_len;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]68 mbedtls_test_rnd_pseudo_info rnd_info;
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]69 mbedtls_mpi N, P, Q, E;
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]70 ((void) seed);
71
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]72 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
73 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]74 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
75
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]76 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]77 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]78
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]79 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
80 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
81 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
82 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]83
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]84 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
85 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]86 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]87 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
88
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]89 if( result_str->len == 0 )
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]90 {
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]91 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx,
92 &mbedtls_test_rnd_pseudo_rand,
93 &rnd_info,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]94 &output_len, message_str->x,
95 NULL, 0 ) == result );
Gilles Peskine85a6dd42018-10-15 16:32:42 +0200[diff] [blame]96 }
97 else
98 {
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]99 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx,
100 &mbedtls_test_rnd_pseudo_rand,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]101 &rnd_info,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]102 &output_len, message_str->x,
103 output, 1000 ) == result );
Gilles Peskine85a6dd42018-10-15 16:32:42 +0200[diff] [blame]104 if( result == 0 )
105 {
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]106 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]107 output_len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]108 result_str->len) == 0 );
Gilles Peskine85a6dd42018-10-15 16:32:42 +0200[diff] [blame]109 }
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]110 }
111
112exit:
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]113 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
114 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]115 mbedtls_rsa_free( &ctx );
116}
117/* END_CASE */
118
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]119/* BEGIN_CASE */
Thomas Daubney99914142021-05-06 15:17:03 +0100[diff] [blame]120void pkcs1_v15_decode( data_t *input,
Gilles Peskine695a3462018-10-05 18:15:25 +0200[diff] [blame]121 int expected_plaintext_length_arg,
122 int output_size_arg,
123 int expected_result )
124{
125 size_t expected_plaintext_length = expected_plaintext_length_arg;
126 size_t output_size = output_size_arg;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]127 mbedtls_test_rnd_pseudo_info rnd_info;
Gilles Peskine695a3462018-10-05 18:15:25 +0200[diff] [blame]128 mbedtls_mpi Nmpi, Empi, Pmpi, Qmpi;
129 mbedtls_rsa_context ctx;
130 static unsigned char N[128] = {
131 0xc4, 0x79, 0x4c, 0x6d, 0xb2, 0xe9, 0xdf, 0xc5,
132 0xe5, 0xd7, 0x55, 0x4b, 0xfb, 0x6c, 0x2e, 0xec,
133 0x84, 0xd0, 0x88, 0x12, 0xaf, 0xbf, 0xb4, 0xf5,
134 0x47, 0x3c, 0x7e, 0x92, 0x4c, 0x58, 0xc8, 0x73,
135 0xfe, 0x8f, 0x2b, 0x8f, 0x8e, 0xc8, 0x5c, 0xf5,
136 0x05, 0xeb, 0xfb, 0x0d, 0x7b, 0x2a, 0x93, 0xde,
137 0x15, 0x0d, 0xc8, 0x13, 0xcf, 0xd2, 0x6f, 0x0d,
138 0x9d, 0xad, 0x30, 0xe5, 0x70, 0x20, 0x92, 0x9e,
139 0xb3, 0x6b, 0xba, 0x5c, 0x50, 0x0f, 0xc3, 0xb2,
140 0x7e, 0x64, 0x07, 0x94, 0x7e, 0xc9, 0x4e, 0xc1,
141 0x65, 0x04, 0xaf, 0xb3, 0x9f, 0xde, 0xa8, 0x46,
142 0xfa, 0x6c, 0xf3, 0x03, 0xaf, 0x1c, 0x1b, 0xec,
143 0x75, 0x44, 0x66, 0x77, 0xc9, 0xde, 0x51, 0x33,
144 0x64, 0x27, 0xb0, 0xd4, 0x8d, 0x31, 0x6a, 0x11,
145 0x27, 0x3c, 0x99, 0xd4, 0x22, 0xc0, 0x9d, 0x12,
146 0x01, 0xc7, 0x4a, 0x73, 0xac, 0xbf, 0xc2, 0xbb
147 };
148 static unsigned char E[1] = { 0x03 };
149 static unsigned char P[64] = {
150 0xe5, 0x53, 0x1f, 0x88, 0x51, 0xee, 0x59, 0xf8,
151 0xc1, 0xe4, 0xcc, 0x5b, 0xb3, 0x75, 0x8d, 0xc8,
152 0xe8, 0x95, 0x2f, 0xd0, 0xef, 0x37, 0xb4, 0xcd,
153 0xd3, 0x9e, 0x48, 0x8b, 0x81, 0x58, 0x60, 0xb9,
154 0x27, 0x1d, 0xb6, 0x28, 0x92, 0x64, 0xa3, 0xa5,
155 0x64, 0xbd, 0xcc, 0x53, 0x68, 0xdd, 0x3e, 0x55,
156 0xea, 0x9d, 0x5e, 0xcd, 0x1f, 0x96, 0x87, 0xf1,
157 0x29, 0x75, 0x92, 0x70, 0x8f, 0x28, 0xfb, 0x2b
158 };
159 static unsigned char Q[64] = {
160 0xdb, 0x53, 0xef, 0x74, 0x61, 0xb4, 0x20, 0x3b,
161 0x3b, 0x87, 0x76, 0x75, 0x81, 0x56, 0x11, 0x03,
162 0x59, 0x31, 0xe3, 0x38, 0x4b, 0x8c, 0x7a, 0x9c,
163 0x05, 0xd6, 0x7f, 0x1e, 0x5e, 0x60, 0xf0, 0x4e,
164 0x0b, 0xdc, 0x34, 0x54, 0x1c, 0x2e, 0x90, 0x83,
165 0x14, 0xef, 0xc0, 0x96, 0x5c, 0x30, 0x10, 0xcc,
166 0xc1, 0xba, 0xa0, 0x54, 0x3f, 0x96, 0x24, 0xca,
167 0xa3, 0xfb, 0x55, 0xbc, 0x71, 0x29, 0x4e, 0xb1
168 };
169 unsigned char original[128];
170 unsigned char intermediate[128];
171 static unsigned char default_content[128] = {
172 /* A randomly generated pattern. */
173 0x4c, 0x27, 0x54, 0xa0, 0xce, 0x0d, 0x09, 0x4a,
174 0x1c, 0x38, 0x8e, 0x2d, 0xa3, 0xc4, 0xe0, 0x19,
175 0x4c, 0x99, 0xb2, 0xbf, 0xe6, 0x65, 0x7e, 0x58,
176 0xd7, 0xb6, 0x8a, 0x05, 0x2f, 0xa5, 0xec, 0xa4,
177 0x35, 0xad, 0x10, 0x36, 0xff, 0x0d, 0x08, 0x50,
178 0x74, 0x47, 0xc9, 0x9c, 0x4a, 0xe7, 0xfd, 0xfa,
179 0x83, 0x5f, 0x14, 0x5a, 0x1e, 0xe7, 0x35, 0x08,
180 0xad, 0xf7, 0x0d, 0x86, 0xdf, 0xb8, 0xd4, 0xcf,
181 0x32, 0xb9, 0x5c, 0xbe, 0xa3, 0xd2, 0x89, 0x70,
182 0x7b, 0xc6, 0x48, 0x7e, 0x58, 0x4d, 0xf3, 0xef,
183 0x34, 0xb7, 0x57, 0x54, 0x79, 0xc5, 0x8e, 0x0a,
184 0xa3, 0xbf, 0x6d, 0x42, 0x83, 0x25, 0x13, 0xa2,
185 0x95, 0xc0, 0x0d, 0x32, 0xec, 0x77, 0x91, 0x2b,
186 0x68, 0xb6, 0x8c, 0x79, 0x15, 0xfb, 0x94, 0xde,
187 0xb9, 0x2b, 0x94, 0xb3, 0x28, 0x23, 0x86, 0x3d,
188 0x37, 0x00, 0xe6, 0xf1, 0x1f, 0x4e, 0xd4, 0x42
189 };
190 unsigned char final[128];
191 size_t output_length = 0x7EA0;
192
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]193 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Gilles Peskine695a3462018-10-05 18:15:25 +0200[diff] [blame]194 mbedtls_mpi_init( &Nmpi ); mbedtls_mpi_init( &Empi );
195 mbedtls_mpi_init( &Pmpi ); mbedtls_mpi_init( &Qmpi );
196 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
197
198 TEST_ASSERT( mbedtls_mpi_read_binary( &Nmpi, N, sizeof( N ) ) == 0 );
199 TEST_ASSERT( mbedtls_mpi_read_binary( &Empi, E, sizeof( E ) ) == 0 );
200 TEST_ASSERT( mbedtls_mpi_read_binary( &Pmpi, P, sizeof( P ) ) == 0 );
201 TEST_ASSERT( mbedtls_mpi_read_binary( &Qmpi, Q, sizeof( Q ) ) == 0 );
202
203 TEST_ASSERT( mbedtls_rsa_import( &ctx, &Nmpi, &Pmpi, &Qmpi,
204 NULL, &Empi ) == 0 );
205 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
206
207 TEST_ASSERT( input->len <= sizeof( N ) );
208 memcpy( original, input->x, input->len );
209 memset( original + input->len, 'd', sizeof( original ) - input->len );
Thomas Daubney99914142021-05-06 15:17:03 +0100[diff] [blame]210 TEST_ASSERT( mbedtls_rsa_public( &ctx, original, intermediate ) == 0 );
Gilles Peskine695a3462018-10-05 18:15:25 +0200[diff] [blame]211
212 memcpy( final, default_content, sizeof( final ) );
213 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]214 &mbedtls_test_rnd_pseudo_rand,
Thomas Daubneyc7feaf32021-05-07 14:02:43 +0100[diff] [blame]215 &rnd_info, &output_length,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]216 intermediate, final,
Gilles Peskine695a3462018-10-05 18:15:25 +0200[diff] [blame]217 output_size ) == expected_result );
218 if( expected_result == 0 )
219 {
220 TEST_ASSERT( output_length == expected_plaintext_length );
221 TEST_ASSERT( memcmp( original + sizeof( N ) - output_length,
222 final,
223 output_length ) == 0 );
224 }
225 else if( expected_result == MBEDTLS_ERR_RSA_INVALID_PADDING ||
226 expected_result == MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE )
227 {
228 size_t max_payload_length =
229 output_size > sizeof( N ) - 11 ? sizeof( N ) - 11 : output_size;
230 size_t i;
231 size_t count = 0;
232
233#if !defined(MBEDTLS_RSA_ALT)
234 /* Check that the output in invalid cases is what the default
235 * implementation currently does. Alternative implementations
236 * may produce different output, so we only perform these precise
237 * checks when using the default implementation. */
238 TEST_ASSERT( output_length == max_payload_length );
239 for( i = 0; i < max_payload_length; i++ )
240 TEST_ASSERT( final[i] == 0 );
241#endif
242 /* Even in alternative implementations, the outputs must have
243 * changed, otherwise it indicates at least a timing vulnerability
244 * because no write to the outputs is performed in the bad case. */
245 TEST_ASSERT( output_length != 0x7EA0 );
246 for( i = 0; i < max_payload_length; i++ )
247 count += ( final[i] == default_content[i] );
248 /* If more than 16 bytes are unchanged in final, that's evidence
249 * that final wasn't overwritten. */
250 TEST_ASSERT( count < 16 );
251 }
252
253exit:
254 mbedtls_mpi_free( &Nmpi ); mbedtls_mpi_free( &Empi );
255 mbedtls_mpi_free( &Pmpi ); mbedtls_mpi_free( &Qmpi );
256 mbedtls_rsa_free( &ctx );
257}
258/* END_CASE */
259
260/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]261void pkcs1_rsassa_v15_sign( int mod, int radix_P, char * input_P, int radix_Q,
262 char * input_Q, int radix_N, char * input_N,
263 int radix_E, char * input_E, int digest, int hash,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]264 data_t * message_str, data_t * rnd_buf,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]265 data_t * result_str, int result )
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]266{
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]267 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
268 unsigned char output[128];
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]269 mbedtls_rsa_context ctx;
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]270 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]271 mbedtls_test_rnd_buf_info info;
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]272
Gilles Peskineecacc3c2021-03-24 00:48:57 +0100[diff] [blame^]273 info.fallback_f_rng = mbedtls_test_rnd_std_rand;
274 info.fallback_p_rng = NULL;
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]275 info.buf = rnd_buf->x;
276 info.length = rnd_buf->len;
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]277
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]278 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
279 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]280 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
281
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]282 memset( hash_result, 0x00, sizeof( hash_result ) );
283 memset( output, 0x00, sizeof( output ) );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]284
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]285 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
286 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
287 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
288 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]289
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]290 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
291 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]292 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]293 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
294
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]295
296 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]297 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]298
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]299 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_buffer_rand,
Thomas Daubney140184d2021-05-18 16:04:07 +0100[diff] [blame]300 &info, digest, 0, hash_result,
301 output ) == result );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]302 if( result == 0 )
303 {
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]304
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]305 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
306 ctx.len, result_str->len ) == 0 );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]307 }
308
309exit:
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]310 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
311 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]312 mbedtls_rsa_free( &ctx );
313}
314/* END_CASE */
315
316/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]317void pkcs1_rsassa_v15_verify( int mod, int radix_N, char * input_N,
318 int radix_E, char * input_E, int digest,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]319 int hash, data_t * message_str, char * salt,
320 data_t * result_str, int result )
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]321{
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]322 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]323 mbedtls_rsa_context ctx;
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]324 mbedtls_mpi N, E;
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]325 ((void) salt);
326
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]327 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]328 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]329 memset( hash_result, 0x00, sizeof( hash_result ) );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]330
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]331 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
332 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
333 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
334 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]335 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
336
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]337
338 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]339 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]340
Thomas Daubney68d9cbc2021-05-18 18:45:09 +0100[diff] [blame]341 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, digest, 0, hash_result, result_str->x ) == result );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]342
343exit:
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]344 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]345 mbedtls_rsa_free( &ctx );
346}
347/* END_CASE */