Blame - tests/suites/test_suite_rsa.function - mirror/mbed-tls

blob: 9aba577f58dba818b246a0253eac304cf522266d [file] [log] [blame]

Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	1	BEGIN_HEADER
				2	#include <polarssl/rsa.h>
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	3	#include <polarssl/md2.h>
				4	#include <polarssl/md4.h>
				5	#include <polarssl/md5.h>
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	6	#include <polarssl/sha1.h>
				7	#include <polarssl/sha2.h>
				8	#include <polarssl/sha4.h>
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	9	#include <polarssl/havege.h>
Paul Bakker	545570e	2010-07-18 09:00:25 +0000	[diff] [blame]	10
Paul Bakker	a665685	2010-07-18 19:47:14 +0000	[diff] [blame]	11	static int badrand( void *rng_state )
				12	{
				13	if( rng_state != NULL )
				14	rng_state = NULL;
				15
				16	return( 0 );
				17	}
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	18	END_HEADER
				19
				20	BEGIN_CASE
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	21	rsa_pkcs1_sign:message_hex_string:padding_mode:digest:mod:radix_P:input_P:radix_Q:input_Q:radix_N:input_N:radix_E:input_E:result_hex_str:result
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	22	{
				23	unsigned char message_str[1000];
				24	unsigned char hash_result[1000];
				25	unsigned char output[1000];
				26	unsigned char output_str[1000];
				27	rsa_context ctx;
				28	mpi P1, Q1, H, G;
Paul Bakker	69998dd	2009-07-11 19:15:20 +0000	[diff] [blame]	29	int msg_len;
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	30
				31	mpi_init( &P1, &Q1, &H, &G, NULL );
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	32	rsa_init( &ctx, {padding_mode}, 0 );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	33
				34	memset( message_str, 0x00, 1000 );
				35	memset( hash_result, 0x00, 1000 );
				36	memset( output, 0x00, 1000 );
				37	memset( output_str, 0x00, 1000 );
				38
				39	ctx.len = {mod} / 8;
				40	TEST_ASSERT( mpi_read_string( &ctx.P, {radix_P}, {input_P} ) == 0 );
				41	TEST_ASSERT( mpi_read_string( &ctx.Q, {radix_Q}, {input_Q} ) == 0 );
				42	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				43	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				44
				45	TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
				46	TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
				47	TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
				48	TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H ) == 0 );
				49	TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
				50	TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
				51	TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
				52	TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
				53
				54	TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
				55
Paul Bakker	69998dd	2009-07-11 19:15:20 +0000	[diff] [blame]	56	msg_len = unhexify( message_str, {message_hex_string} );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	57
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	58	switch( {digest} )
				59	{
				60	#ifdef POLARSSL_MD2_C
				61	case SIG_RSA_MD2:
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	62	md2( message_str, msg_len, hash_result );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	63	break;
				64	#endif
				65	#ifdef POLARSSL_MD4_C
				66	case SIG_RSA_MD4:
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	67	md4( message_str, msg_len, hash_result );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	68	break;
				69	#endif
				70	#ifdef POLARSSL_MD5_C
				71	case SIG_RSA_MD5:
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	72	md5( message_str, msg_len, hash_result );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	73	break;
				74	#endif
				75	#ifdef POLARSSL_SHA1_C
				76	case SIG_RSA_SHA1:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	77	sha1( message_str, msg_len, hash_result );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	78	break;
				79	#endif
				80	#ifdef POLARSSL_SHA2_C
				81	case SIG_RSA_SHA224:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	82	sha2( message_str, msg_len, hash_result, 1 );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	83	break;
				84	case SIG_RSA_SHA256:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	85	sha2( message_str, msg_len, hash_result, 0 );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	86	break;
				87	#endif
				88	#ifdef POLARSSL_SHA4_C
				89	case SIG_RSA_SHA384:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	90	sha4( message_str, msg_len, hash_result, 1 );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	91	break;
				92	case SIG_RSA_SHA512:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	93	sha4( message_str, msg_len, hash_result, 0 );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	94	break;
				95	#endif
				96	}
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	97
Paul Bakker	9dcc322	2011-03-08 14:16:06 +0000	[diff] [blame]	98	TEST_ASSERT( rsa_pkcs1_sign( &ctx, NULL, NULL, RSA_PRIVATE, {digest}, 0, hash_result, output ) == {result} );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	99	if( {result} == 0 )
				100	{
				101	hexify( output_str, output, ctx.len );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	102
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	103	TEST_ASSERT( strcasecmp( (char *) output_str, {result_hex_str} ) == 0 );
				104	}
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	105	}
				106	END_CASE
				107
				108	BEGIN_CASE
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	109	rsa_pkcs1_verify:message_hex_string:padding_mode:digest:mod:radix_N:input_N:radix_E:input_E:result_hex_str:result
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	110	{
				111	unsigned char message_str[1000];
				112	unsigned char hash_result[1000];
				113	unsigned char result_str[1000];
				114	rsa_context ctx;
Paul Bakker	69998dd	2009-07-11 19:15:20 +0000	[diff] [blame]	115	int msg_len;
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	116
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	117	rsa_init( &ctx, {padding_mode}, 0 );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	118	memset( message_str, 0x00, 1000 );
				119	memset( hash_result, 0x00, 1000 );
				120	memset( result_str, 0x00, 1000 );
				121
				122	ctx.len = {mod} / 8;
				123	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				124	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				125
				126	TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
				127
Paul Bakker	69998dd	2009-07-11 19:15:20 +0000	[diff] [blame]	128	msg_len = unhexify( message_str, {message_hex_string} );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	129	unhexify( result_str, {result_hex_str} );
				130
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	131	switch( {digest} )
				132	{
				133	#ifdef POLARSSL_MD2_C
				134	case SIG_RSA_MD2:
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	135	md2( message_str, msg_len, hash_result );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	136	break;
				137	#endif
				138	#ifdef POLARSSL_MD4_C
				139	case SIG_RSA_MD4:
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	140	md4( message_str, msg_len, hash_result );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	141	break;
				142	#endif
				143	#ifdef POLARSSL_MD5_C
				144	case SIG_RSA_MD5:
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	145	md5( message_str, msg_len, hash_result );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	146	break;
				147	#endif
				148	#ifdef POLARSSL_SHA1_C
				149	case SIG_RSA_SHA1:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	150	sha1( message_str, msg_len, hash_result );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	151	break;
				152	#endif
				153	#ifdef POLARSSL_SHA2_C
				154	case SIG_RSA_SHA224:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	155	sha2( message_str, msg_len, hash_result, 1 );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	156	break;
				157	case SIG_RSA_SHA256:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	158	sha2( message_str, msg_len, hash_result, 0 );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	159	break;
				160	#endif
				161	#ifdef POLARSSL_SHA4_C
				162	case SIG_RSA_SHA384:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	163	sha4( message_str, msg_len, hash_result, 1 );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	164	break;
				165	case SIG_RSA_SHA512:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	166	sha4( message_str, msg_len, hash_result, 0 );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	167	break;
				168	#endif
				169	}
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	170
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	171	TEST_ASSERT( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, {digest}, 0, hash_result, result_str ) == {result} );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	172	}
				173	END_CASE
				174
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	175
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	176	BEGIN_CASE
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	177	rsa_pkcs1_sign_raw:message_hex_string:hash_result_string:padding_mode:mod:radix_P:input_P:radix_Q:input_Q:radix_N:input_N:radix_E:input_E:result_hex_str
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	178	{
				179	unsigned char message_str[1000];
				180	unsigned char hash_result[1000];
				181	unsigned char output[1000];
				182	unsigned char output_str[1000];
				183	rsa_context ctx;
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	184	mpi P1, Q1, H, G;
				185	int msg_len, hash_len;
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	186
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	187	mpi_init( &P1, &Q1, &H, &G, NULL );
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	188	rsa_init( &ctx, {padding_mode}, 0 );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	189
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	190	memset( message_str, 0x00, 1000 );
				191	memset( hash_result, 0x00, 1000 );
				192	memset( output, 0x00, 1000 );
				193	memset( output_str, 0x00, 1000 );
				194
				195	ctx.len = {mod} / 8;
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	196	TEST_ASSERT( mpi_read_string( &ctx.P, {radix_P}, {input_P} ) == 0 );
				197	TEST_ASSERT( mpi_read_string( &ctx.Q, {radix_Q}, {input_Q} ) == 0 );
				198	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				199	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				200
				201	TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
				202	TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
				203	TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
				204	TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H ) == 0 );
				205	TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
				206	TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
				207	TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
				208	TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
				209
				210	TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
				211
				212	msg_len = unhexify( message_str, {message_hex_string} );
				213	hash_len = unhexify( hash_result, {hash_result_string} );
				214
Paul Bakker	9dcc322	2011-03-08 14:16:06 +0000	[diff] [blame]	215	TEST_ASSERT( rsa_pkcs1_sign( &ctx, NULL, NULL, RSA_PRIVATE, SIG_RSA_RAW, hash_len, hash_result, output ) == 0 );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	216
				217	hexify( output_str, output, ctx.len );
				218
				219	TEST_ASSERT( strcasecmp( (char *) output_str, {result_hex_str} ) == 0 );
				220	}
				221	END_CASE
				222
				223	BEGIN_CASE
				224	rsa_pkcs1_verify_raw:message_hex_string:hash_result_string:padding_mode:mod:radix_N:input_N:radix_E:input_E:result_hex_str:correct
				225	{
				226	unsigned char message_str[1000];
				227	unsigned char hash_result[1000];
				228	unsigned char result_str[1000];
				229	rsa_context ctx;
				230	int msg_len, hash_len;
				231
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	232	rsa_init( &ctx, {padding_mode}, 0 );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	233	memset( message_str, 0x00, 1000 );
				234	memset( hash_result, 0x00, 1000 );
				235	memset( result_str, 0x00, 1000 );
				236
				237	ctx.len = {mod} / 8;
				238	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				239	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				240
				241	TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
				242
				243	msg_len = unhexify( message_str, {message_hex_string} );
				244	hash_len = unhexify( hash_result, {hash_result_string} );
				245	unhexify( result_str, {result_hex_str} );
				246
Paul Bakker	fc22c44	2009-07-19 20:36:27 +0000	[diff] [blame]	247	TEST_ASSERT( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_RAW, hash_len, hash_result, result_str ) == {correct} );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	248	}
				249	END_CASE
				250
				251	BEGIN_CASE
				252	rsa_pkcs1_encrypt:message_hex_string:padding_mode:mod:radix_N:input_N:radix_E:input_E:result_hex_str:result
				253	{
				254	unsigned char message_str[1000];
				255	unsigned char output[1000];
				256	unsigned char output_str[1000];
				257	rsa_context ctx;
				258	int msg_len;
Paul Bakker	997bbd1	2011-03-13 15:45:42 +0000	[diff] [blame]	259	rnd_pseudo_info rnd_info;
				260
				261	memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	262
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	263	rsa_init( &ctx, {padding_mode}, 0 );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	264	memset( message_str, 0x00, 1000 );
				265	memset( output, 0x00, 1000 );
				266	memset( output_str, 0x00, 1000 );
				267
				268	ctx.len = {mod} / 8;
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	269	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				270	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				271
				272	TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
				273
Paul Bakker	69998dd	2009-07-11 19:15:20 +0000	[diff] [blame]	274	msg_len = unhexify( message_str, {message_hex_string} );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	275
Paul Bakker	997bbd1	2011-03-13 15:45:42 +0000	[diff] [blame]	276	TEST_ASSERT( rsa_pkcs1_encrypt( &ctx, &rnd_pseudo_rand, &rnd_info, RSA_PUBLIC, msg_len, message_str, output ) == {result} );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	277	if( {result} == 0 )
				278	{
				279	hexify( output_str, output, ctx.len );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	280
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	281	TEST_ASSERT( strcasecmp( (char *) output_str, {result_hex_str} ) == 0 );
				282	}
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	283	}
				284	END_CASE
				285
				286	BEGIN_CASE
Paul Bakker	a665685	2010-07-18 19:47:14 +0000	[diff] [blame]	287	rsa_pkcs1_encrypt_bad_rng:message_hex_string:padding_mode:mod:radix_N:input_N:radix_E:input_E:result_hex_str:result
				288	{
				289	unsigned char message_str[1000];
				290	unsigned char output[1000];
				291	unsigned char output_str[1000];
				292	rsa_context ctx;
				293	int msg_len;
Paul Bakker	a665685	2010-07-18 19:47:14 +0000	[diff] [blame]	294
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	295	rsa_init( &ctx, {padding_mode}, 0 );
Paul Bakker	a665685	2010-07-18 19:47:14 +0000	[diff] [blame]	296	memset( message_str, 0x00, 1000 );
				297	memset( output, 0x00, 1000 );
				298	memset( output_str, 0x00, 1000 );
				299
				300	ctx.len = {mod} / 8;
				301	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				302	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				303
				304	TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
				305
				306	msg_len = unhexify( message_str, {message_hex_string} );
				307
Paul Bakker	997bbd1	2011-03-13 15:45:42 +0000	[diff] [blame]	308	TEST_ASSERT( rsa_pkcs1_encrypt( &ctx, &rnd_zero_rand, NULL, RSA_PUBLIC, msg_len, message_str, output ) == {result} );
Paul Bakker	a665685	2010-07-18 19:47:14 +0000	[diff] [blame]	309	if( {result} == 0 )
				310	{
				311	hexify( output_str, output, ctx.len );
				312
				313	TEST_ASSERT( strcasecmp( (char *) output_str, {result_hex_str} ) == 0 );
				314	}
				315	}
				316	END_CASE
				317
				318	BEGIN_CASE
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	319	rsa_pkcs1_decrypt:message_hex_string:padding_mode:mod:radix_P:input_P:radix_Q:input_Q:radix_N:input_N:radix_E:input_E:max_output:result_hex_str:result
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	320	{
				321	unsigned char message_str[1000];
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	322	unsigned char output[1000];
				323	unsigned char output_str[1000];
				324	rsa_context ctx;
				325	mpi P1, Q1, H, G;
Paul Bakker	69998dd	2009-07-11 19:15:20 +0000	[diff] [blame]	326	int output_len;
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	327
				328	mpi_init( &P1, &Q1, &H, &G, NULL );
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	329	rsa_init( &ctx, {padding_mode}, 0 );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	330
				331	memset( message_str, 0x00, 1000 );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	332	memset( output, 0x00, 1000 );
				333	memset( output_str, 0x00, 1000 );
				334
				335	ctx.len = {mod} / 8;
				336	TEST_ASSERT( mpi_read_string( &ctx.P, {radix_P}, {input_P} ) == 0 );
				337	TEST_ASSERT( mpi_read_string( &ctx.Q, {radix_Q}, {input_Q} ) == 0 );
				338	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				339	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				340
				341	TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
				342	TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
				343	TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
				344	TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H ) == 0 );
				345	TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
				346	TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
				347	TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
				348	TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
				349
				350	TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
				351
				352	unhexify( message_str, {message_hex_string} );
Paul Bakker	69998dd	2009-07-11 19:15:20 +0000	[diff] [blame]	353	output_len = 0;
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	354
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	355	TEST_ASSERT( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, {max_output} ) == {result} );
				356	if( {result} == 0 )
				357	{
				358	hexify( output_str, output, ctx.len );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	359
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	360	TEST_ASSERT( strncasecmp( (char *) output_str, {result_hex_str}, strlen( {result_hex_str} ) ) == 0 );
				361	}
				362	}
				363	END_CASE
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	364
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	365	BEGIN_CASE
				366	rsa_public:message_hex_string:mod:radix_N:input_N:radix_E:input_E:result_hex_str:result
				367	{
				368	unsigned char message_str[1000];
				369	unsigned char output[1000];
				370	unsigned char output_str[1000];
				371	rsa_context ctx;
				372
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	373	rsa_init( &ctx, RSA_PKCS_V15, 0 );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	374	memset( message_str, 0x00, 1000 );
				375	memset( output, 0x00, 1000 );
				376	memset( output_str, 0x00, 1000 );
				377
				378	ctx.len = {mod} / 8;
				379	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				380	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				381
				382	TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
				383
				384	unhexify( message_str, {message_hex_string} );
				385
				386	TEST_ASSERT( rsa_public( &ctx, message_str, output ) == {result} );
				387	if( {result} == 0 )
				388	{
				389	hexify( output_str, output, ctx.len );
				390
				391	TEST_ASSERT( strcasecmp( (char *) output_str, {result_hex_str} ) == 0 );
				392	}
				393	}
				394	END_CASE
				395
				396	BEGIN_CASE
				397	rsa_private:message_hex_string:mod:radix_P:input_P:radix_Q:input_Q:radix_N:input_N:radix_E:input_E:result_hex_str:result
				398	{
				399	unsigned char message_str[1000];
				400	unsigned char output[1000];
				401	unsigned char output_str[1000];
				402	rsa_context ctx;
				403	mpi P1, Q1, H, G;
				404
				405	mpi_init( &P1, &Q1, &H, &G, NULL );
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	406	rsa_init( &ctx, RSA_PKCS_V15, 0 );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	407
				408	memset( message_str, 0x00, 1000 );
				409	memset( output, 0x00, 1000 );
				410	memset( output_str, 0x00, 1000 );
				411
				412	ctx.len = {mod} / 8;
				413	TEST_ASSERT( mpi_read_string( &ctx.P, {radix_P}, {input_P} ) == 0 );
				414	TEST_ASSERT( mpi_read_string( &ctx.Q, {radix_Q}, {input_Q} ) == 0 );
				415	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				416	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				417
				418	TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
				419	TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
				420	TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
				421	TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H ) == 0 );
				422	TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
				423	TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
				424	TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
				425	TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
				426
				427	TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
				428
				429	unhexify( message_str, {message_hex_string} );
				430
				431	TEST_ASSERT( rsa_private( &ctx, message_str, output ) == {result} );
				432	if( {result} == 0 )
				433	{
				434	hexify( output_str, output, ctx.len );
				435
				436	TEST_ASSERT( strcasecmp( (char *) output_str, {result_hex_str} ) == 0 );
				437	}
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	438	}
				439	END_CASE
				440
				441	BEGIN_CASE
Paul Bakker	37940d9f	2009-07-10 22:38:58 +0000	[diff] [blame]	442	rsa_check_privkey_null:
				443	{
				444	rsa_context ctx;
				445	memset( &ctx, 0x00, sizeof( rsa_context ) );
				446
				447	TEST_ASSERT( rsa_check_privkey( &ctx ) == POLARSSL_ERR_RSA_KEY_CHECK_FAILED );
				448	}
				449	END_CASE
				450
				451	BEGIN_CASE
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	452	rsa_check_pubkey:radix_N:input_N:radix_E:input_E:result
				453	{
				454	rsa_context ctx;
				455
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	456	rsa_init( &ctx, RSA_PKCS_V15, 0 );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	457
				458	if( strlen( {input_N} ) )
				459	{
				460	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				461	}
				462	if( strlen( {input_E} ) )
				463	{
				464	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				465	}
				466
				467	TEST_ASSERT( rsa_check_pubkey( &ctx ) == {result} );
				468	}
				469	END_CASE
				470
				471	BEGIN_CASE
				472	rsa_check_privkey:mod:radix_P:input_P:radix_Q:input_Q:radix_N:input_N:radix_E:input_E:radix_D:input_D:result
				473	{
				474	rsa_context ctx;
				475
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	476	rsa_init( &ctx, RSA_PKCS_V15, 0 );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	477
				478	ctx.len = {mod} / 8;
				479	if( strlen( {input_P} ) )
				480	{
				481	TEST_ASSERT( mpi_read_string( &ctx.P, {radix_P}, {input_P} ) == 0 );
				482	}
				483	if( strlen( {input_Q} ) )
				484	{
				485	TEST_ASSERT( mpi_read_string( &ctx.Q, {radix_Q}, {input_Q} ) == 0 );
				486	}
				487	if( strlen( {input_N} ) )
				488	{
				489	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				490	}
				491	if( strlen( {input_E} ) )
				492	{
				493	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				494	}
				495	if( strlen( {input_D} ) )
				496	{
				497	TEST_ASSERT( mpi_read_string( &ctx.D, {radix_D}, {input_D} ) == 0 );
				498	}
				499
				500	TEST_ASSERT( rsa_check_privkey( &ctx ) == {result} );
				501	}
				502	END_CASE
				503
				504	BEGIN_CASE
				505	rsa_gen_key:nrbits:exponent:result
				506	{
				507	rsa_context ctx;
				508	havege_state hs;
				509
				510	havege_init( &hs );
Paul Bakker	ebcef6d	2010-08-16 11:10:49 +0000	[diff] [blame]	511	rsa_init( &ctx, 0, 0 );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	512
Paul Bakker	a802e1a	2010-08-16 11:56:45 +0000	[diff] [blame]	513	TEST_ASSERT( rsa_gen_key( &ctx, havege_rand, &hs, {nrbits}, {exponent} ) == {result} );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	514	if( {result} == 0 )
				515	{
				516	TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
				517	}
				518	}
				519	END_CASE
				520
				521	BEGIN_CASE
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	522	rsa_selftest:
				523	{
				524	TEST_ASSERT( rsa_self_test( 0 ) == 0 );
				525	}
				526	END_CASE