TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 480f683d15d63d4c9b870ae406da6166622d13da / . / tests / suites / test_suite_pkcs1_v15.function
blob: 9fc4faac833be10e96f7e46c215b9ba7defbe1d5 [file] [log] [blame]
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]1/* BEGIN_HEADER */
2#include "mbedtls/rsa.h"
3#include "mbedtls/md.h"
4/* END_HEADER */
5
6/* BEGIN_DEPENDENCIES
7 * depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
8 * END_DEPENDENCIES
9 */
10
11/* BEGIN_CASE */
Werner Lewis955a0bb2022-07-07 15:09:15 +0100[diff] [blame]12void pkcs1_rsaes_v15_encrypt( int mod, char * input_N,
13 char * input_E, int hash,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]14 data_t * message_str, data_t * rnd_buf,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]15 data_t * result_str, int result )
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]16{
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]17 unsigned char output[128];
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]18 mbedtls_rsa_context ctx;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]19 mbedtls_test_rnd_buf_info info;
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]20 mbedtls_mpi N, E;
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]21
Gilles Peskinebef30192021-03-24 00:48:57 +0100[diff] [blame]22 info.fallback_f_rng = mbedtls_test_rnd_std_rand;
23 info.fallback_p_rng = NULL;
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]24 info.buf = rnd_buf->x;
25 info.length = rnd_buf->len;
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]26
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]27 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]28 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]29 memset( output, 0x00, sizeof( output ) );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]30
Werner Lewis24b60782022-07-07 15:08:17 +0100[diff] [blame]31 TEST_ASSERT( mbedtls_test_read_mpi( &N, input_N ) == 0 );
32 TEST_ASSERT( mbedtls_test_read_mpi( &E, input_E ) == 0 );
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]33 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
34 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]35 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
36
Gilles Peskine85a6dd42018-10-15 16:32:42 +0200[diff] [blame]37 if( message_str->len == 0 )
38 message_str->x = NULL;
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]39 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx,
40 &mbedtls_test_rnd_buffer_rand,
41 &info, MBEDTLS_RSA_PUBLIC,
42 message_str->len, message_str->x,
43 output ) == result );
44
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]45 if( result == 0 )
46 {
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]47 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
48 ctx.len, result_str->len ) == 0 );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]49 }
50
51exit:
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]52 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]53 mbedtls_rsa_free( &ctx );
54}
55/* END_CASE */
56
57/* BEGIN_CASE */
Werner Lewis3d52e442022-07-06 13:03:36 +0100[diff] [blame]58void pkcs1_rsaes_v15_decrypt( int mod, char * input_P, char * input_Q,
59 char * input_N, char * input_E, int hash,
60 data_t * result_str, char * seed,
61 data_t * message_str, int result )
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]62{
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]63 unsigned char output[128];
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]64 mbedtls_rsa_context ctx;
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]65 size_t output_len;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]66 mbedtls_test_rnd_pseudo_info rnd_info;
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]67 mbedtls_mpi N, P, Q, E;
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]68 ((void) seed);
69
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]70 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
71 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]72 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
73
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]74 memset( output, 0x00, sizeof( output ) );
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]75 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]76
Werner Lewis24b60782022-07-07 15:08:17 +0100[diff] [blame]77 TEST_ASSERT( mbedtls_test_read_mpi( &P, input_P ) == 0 );
78 TEST_ASSERT( mbedtls_test_read_mpi( &Q, input_Q ) == 0 );
79 TEST_ASSERT( mbedtls_test_read_mpi( &N, input_N ) == 0 );
80 TEST_ASSERT( mbedtls_test_read_mpi( &E, input_E ) == 0 );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]81
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]82 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
83 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]84 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]85 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
86
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]87 if( result_str->len == 0 )
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]88 {
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]89 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx,
90 &mbedtls_test_rnd_pseudo_rand,
91 &rnd_info,
92 MBEDTLS_RSA_PRIVATE,
93 &output_len, message_str->x,
94 NULL, 0 ) == result );
Gilles Peskine85a6dd42018-10-15 16:32:42 +0200[diff] [blame]95 }
96 else
97 {
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]98 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx,
99 &mbedtls_test_rnd_pseudo_rand,
100 &rnd_info, MBEDTLS_RSA_PRIVATE,
101 &output_len, message_str->x,
102 output, 1000 ) == result );
Gilles Peskine85a6dd42018-10-15 16:32:42 +0200[diff] [blame]103 if( result == 0 )
104 {
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]105 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
Ronald Cron2dbba992020-06-10 11:42:32 +0200[diff] [blame]106 output_len,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]107 result_str->len) == 0 );
Gilles Peskine85a6dd42018-10-15 16:32:42 +0200[diff] [blame]108 }
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]109 }
110
111exit:
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]112 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
113 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Janos Follath8a49a012016-02-12 13:18:20 +0000[diff] [blame]114 mbedtls_rsa_free( &ctx );
115}
116/* END_CASE */
117
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]118/* BEGIN_CASE */
Gilles Peskine695a3462018-10-05 18:15:25 +0200[diff] [blame]119void pkcs1_v15_decode( int mode,
120 data_t *input,
121 int expected_plaintext_length_arg,
122 int output_size_arg,
123 int expected_result )
124{
125 size_t expected_plaintext_length = expected_plaintext_length_arg;
126 size_t output_size = output_size_arg;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]127 mbedtls_test_rnd_pseudo_info rnd_info;
Gilles Peskine695a3462018-10-05 18:15:25 +0200[diff] [blame]128 mbedtls_mpi Nmpi, Empi, Pmpi, Qmpi;
129 mbedtls_rsa_context ctx;
130 static unsigned char N[128] = {
131 0xc4, 0x79, 0x4c, 0x6d, 0xb2, 0xe9, 0xdf, 0xc5,
132 0xe5, 0xd7, 0x55, 0x4b, 0xfb, 0x6c, 0x2e, 0xec,
133 0x84, 0xd0, 0x88, 0x12, 0xaf, 0xbf, 0xb4, 0xf5,
134 0x47, 0x3c, 0x7e, 0x92, 0x4c, 0x58, 0xc8, 0x73,
135 0xfe, 0x8f, 0x2b, 0x8f, 0x8e, 0xc8, 0x5c, 0xf5,
136 0x05, 0xeb, 0xfb, 0x0d, 0x7b, 0x2a, 0x93, 0xde,
137 0x15, 0x0d, 0xc8, 0x13, 0xcf, 0xd2, 0x6f, 0x0d,
138 0x9d, 0xad, 0x30, 0xe5, 0x70, 0x20, 0x92, 0x9e,
139 0xb3, 0x6b, 0xba, 0x5c, 0x50, 0x0f, 0xc3, 0xb2,
140 0x7e, 0x64, 0x07, 0x94, 0x7e, 0xc9, 0x4e, 0xc1,
141 0x65, 0x04, 0xaf, 0xb3, 0x9f, 0xde, 0xa8, 0x46,
142 0xfa, 0x6c, 0xf3, 0x03, 0xaf, 0x1c, 0x1b, 0xec,
143 0x75, 0x44, 0x66, 0x77, 0xc9, 0xde, 0x51, 0x33,
144 0x64, 0x27, 0xb0, 0xd4, 0x8d, 0x31, 0x6a, 0x11,
145 0x27, 0x3c, 0x99, 0xd4, 0x22, 0xc0, 0x9d, 0x12,
146 0x01, 0xc7, 0x4a, 0x73, 0xac, 0xbf, 0xc2, 0xbb
147 };
148 static unsigned char E[1] = { 0x03 };
149 static unsigned char P[64] = {
150 0xe5, 0x53, 0x1f, 0x88, 0x51, 0xee, 0x59, 0xf8,
151 0xc1, 0xe4, 0xcc, 0x5b, 0xb3, 0x75, 0x8d, 0xc8,
152 0xe8, 0x95, 0x2f, 0xd0, 0xef, 0x37, 0xb4, 0xcd,
153 0xd3, 0x9e, 0x48, 0x8b, 0x81, 0x58, 0x60, 0xb9,
154 0x27, 0x1d, 0xb6, 0x28, 0x92, 0x64, 0xa3, 0xa5,
155 0x64, 0xbd, 0xcc, 0x53, 0x68, 0xdd, 0x3e, 0x55,
156 0xea, 0x9d, 0x5e, 0xcd, 0x1f, 0x96, 0x87, 0xf1,
157 0x29, 0x75, 0x92, 0x70, 0x8f, 0x28, 0xfb, 0x2b
158 };
159 static unsigned char Q[64] = {
160 0xdb, 0x53, 0xef, 0x74, 0x61, 0xb4, 0x20, 0x3b,
161 0x3b, 0x87, 0x76, 0x75, 0x81, 0x56, 0x11, 0x03,
162 0x59, 0x31, 0xe3, 0x38, 0x4b, 0x8c, 0x7a, 0x9c,
163 0x05, 0xd6, 0x7f, 0x1e, 0x5e, 0x60, 0xf0, 0x4e,
164 0x0b, 0xdc, 0x34, 0x54, 0x1c, 0x2e, 0x90, 0x83,
165 0x14, 0xef, 0xc0, 0x96, 0x5c, 0x30, 0x10, 0xcc,
166 0xc1, 0xba, 0xa0, 0x54, 0x3f, 0x96, 0x24, 0xca,
167 0xa3, 0xfb, 0x55, 0xbc, 0x71, 0x29, 0x4e, 0xb1
168 };
169 unsigned char original[128];
170 unsigned char intermediate[128];
171 static unsigned char default_content[128] = {
172 /* A randomly generated pattern. */
173 0x4c, 0x27, 0x54, 0xa0, 0xce, 0x0d, 0x09, 0x4a,
174 0x1c, 0x38, 0x8e, 0x2d, 0xa3, 0xc4, 0xe0, 0x19,
175 0x4c, 0x99, 0xb2, 0xbf, 0xe6, 0x65, 0x7e, 0x58,
176 0xd7, 0xb6, 0x8a, 0x05, 0x2f, 0xa5, 0xec, 0xa4,
177 0x35, 0xad, 0x10, 0x36, 0xff, 0x0d, 0x08, 0x50,
178 0x74, 0x47, 0xc9, 0x9c, 0x4a, 0xe7, 0xfd, 0xfa,
179 0x83, 0x5f, 0x14, 0x5a, 0x1e, 0xe7, 0x35, 0x08,
180 0xad, 0xf7, 0x0d, 0x86, 0xdf, 0xb8, 0xd4, 0xcf,
181 0x32, 0xb9, 0x5c, 0xbe, 0xa3, 0xd2, 0x89, 0x70,
182 0x7b, 0xc6, 0x48, 0x7e, 0x58, 0x4d, 0xf3, 0xef,
183 0x34, 0xb7, 0x57, 0x54, 0x79, 0xc5, 0x8e, 0x0a,
184 0xa3, 0xbf, 0x6d, 0x42, 0x83, 0x25, 0x13, 0xa2,
185 0x95, 0xc0, 0x0d, 0x32, 0xec, 0x77, 0x91, 0x2b,
186 0x68, 0xb6, 0x8c, 0x79, 0x15, 0xfb, 0x94, 0xde,
187 0xb9, 0x2b, 0x94, 0xb3, 0x28, 0x23, 0x86, 0x3d,
188 0x37, 0x00, 0xe6, 0xf1, 0x1f, 0x4e, 0xd4, 0x42
189 };
190 unsigned char final[128];
191 size_t output_length = 0x7EA0;
192
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]193 memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
Gilles Peskine695a3462018-10-05 18:15:25 +0200[diff] [blame]194 mbedtls_mpi_init( &Nmpi ); mbedtls_mpi_init( &Empi );
195 mbedtls_mpi_init( &Pmpi ); mbedtls_mpi_init( &Qmpi );
196 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
197
198 TEST_ASSERT( mbedtls_mpi_read_binary( &Nmpi, N, sizeof( N ) ) == 0 );
199 TEST_ASSERT( mbedtls_mpi_read_binary( &Empi, E, sizeof( E ) ) == 0 );
200 TEST_ASSERT( mbedtls_mpi_read_binary( &Pmpi, P, sizeof( P ) ) == 0 );
201 TEST_ASSERT( mbedtls_mpi_read_binary( &Qmpi, Q, sizeof( Q ) ) == 0 );
202
203 TEST_ASSERT( mbedtls_rsa_import( &ctx, &Nmpi, &Pmpi, &Qmpi,
204 NULL, &Empi ) == 0 );
205 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
206
207 TEST_ASSERT( input->len <= sizeof( N ) );
208 memcpy( original, input->x, input->len );
209 memset( original + input->len, 'd', sizeof( original ) - input->len );
210 if( mode == MBEDTLS_RSA_PRIVATE )
211 TEST_ASSERT( mbedtls_rsa_public( &ctx, original, intermediate ) == 0 );
212 else
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]213 TEST_ASSERT( mbedtls_rsa_private( &ctx, &mbedtls_test_rnd_pseudo_rand,
214 &rnd_info, original,
215 intermediate ) == 0 );
Gilles Peskine695a3462018-10-05 18:15:25 +0200[diff] [blame]216
217 memcpy( final, default_content, sizeof( final ) );
218 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx,
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]219 &mbedtls_test_rnd_pseudo_rand,
220 &rnd_info, mode, &output_length,
221 intermediate, final,
Gilles Peskine695a3462018-10-05 18:15:25 +0200[diff] [blame]222 output_size ) == expected_result );
223 if( expected_result == 0 )
224 {
225 TEST_ASSERT( output_length == expected_plaintext_length );
226 TEST_ASSERT( memcmp( original + sizeof( N ) - output_length,
227 final,
228 output_length ) == 0 );
229 }
230 else if( expected_result == MBEDTLS_ERR_RSA_INVALID_PADDING ||
231 expected_result == MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE )
232 {
233 size_t max_payload_length =
234 output_size > sizeof( N ) - 11 ? sizeof( N ) - 11 : output_size;
235 size_t i;
236 size_t count = 0;
237
238#if !defined(MBEDTLS_RSA_ALT)
239 /* Check that the output in invalid cases is what the default
240 * implementation currently does. Alternative implementations
241 * may produce different output, so we only perform these precise
242 * checks when using the default implementation. */
243 TEST_ASSERT( output_length == max_payload_length );
244 for( i = 0; i < max_payload_length; i++ )
245 TEST_ASSERT( final[i] == 0 );
246#endif
247 /* Even in alternative implementations, the outputs must have
248 * changed, otherwise it indicates at least a timing vulnerability
249 * because no write to the outputs is performed in the bad case. */
250 TEST_ASSERT( output_length != 0x7EA0 );
251 for( i = 0; i < max_payload_length; i++ )
252 count += ( final[i] == default_content[i] );
253 /* If more than 16 bytes are unchanged in final, that's evidence
254 * that final wasn't overwritten. */
255 TEST_ASSERT( count < 16 );
256 }
257
258exit:
259 mbedtls_mpi_free( &Nmpi ); mbedtls_mpi_free( &Empi );
260 mbedtls_mpi_free( &Pmpi ); mbedtls_mpi_free( &Qmpi );
261 mbedtls_rsa_free( &ctx );
262}
263/* END_CASE */
264
265/* BEGIN_CASE */
Werner Lewis955a0bb2022-07-07 15:09:15 +0100[diff] [blame]266void pkcs1_rsassa_v15_sign( int mod, char * input_P,
267 char * input_Q, char * input_N,
268 char * input_E, int digest, int hash,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]269 data_t * message_str, data_t * rnd_buf,
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]270 data_t * result_str, int result )
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]271{
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]272 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
273 unsigned char output[128];
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]274 mbedtls_rsa_context ctx;
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]275 mbedtls_mpi N, P, Q, E;
Ronald Cron351f0ee2020-06-10 12:12:18 +0200[diff] [blame]276 mbedtls_test_rnd_buf_info info;
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]277
Gilles Peskinebef30192021-03-24 00:48:57 +0100[diff] [blame]278 info.fallback_f_rng = mbedtls_test_rnd_std_rand;
279 info.fallback_p_rng = NULL;
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]280 info.buf = rnd_buf->x;
281 info.length = rnd_buf->len;
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]282
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]283 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
284 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]285 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
286
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]287 memset( hash_result, 0x00, sizeof( hash_result ) );
288 memset( output, 0x00, sizeof( output ) );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]289
Werner Lewis24b60782022-07-07 15:08:17 +0100[diff] [blame]290 TEST_ASSERT( mbedtls_test_read_mpi( &P, input_P ) == 0 );
291 TEST_ASSERT( mbedtls_test_read_mpi( &Q, input_Q ) == 0 );
292 TEST_ASSERT( mbedtls_test_read_mpi( &N, input_N ) == 0 );
293 TEST_ASSERT( mbedtls_test_read_mpi( &E, input_E ) == 0 );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]294
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]295 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
296 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]297 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]298 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
299
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]300
301 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]302 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]303
Ronald Cron6c5bd7f2020-06-10 14:08:26 +0200[diff] [blame]304 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_buffer_rand,
305 &info, MBEDTLS_RSA_PRIVATE, digest,
306 0, hash_result, output ) == result );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]307 if( result == 0 )
308 {
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]309
Ronald Cronac6ae352020-06-26 14:33:03 +0200[diff] [blame]310 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
311 ctx.len, result_str->len ) == 0 );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]312 }
313
314exit:
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]315 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
316 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]317 mbedtls_rsa_free( &ctx );
318}
319/* END_CASE */
320
321/* BEGIN_CASE */
Werner Lewis3d52e442022-07-06 13:03:36 +0100[diff] [blame]322void pkcs1_rsassa_v15_verify( int mod, char * input_N, char * input_E,
323 int digest, int hash, data_t * message_str,
324 char * salt, data_t * result_str, int result )
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]325{
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]326 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]327 mbedtls_rsa_context ctx;
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]328 mbedtls_mpi N, E;
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]329 ((void) salt);
330
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]331 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]332 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, hash );
Ron Eldor635888b2018-11-25 15:54:52 +0200[diff] [blame]333 memset( hash_result, 0x00, sizeof( hash_result ) );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]334
Werner Lewis24b60782022-07-07 15:08:17 +0100[diff] [blame]335 TEST_ASSERT( mbedtls_test_read_mpi( &N, input_N ) == 0 );
336 TEST_ASSERT( mbedtls_test_read_mpi( &E, input_E ) == 0 );
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]337 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
338 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]339 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
340
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]341
342 if( mbedtls_md_info_from_type( digest ) != NULL )
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]343 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]344
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]345 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]346
347exit:
Hanno Becker6d43f9e2017-08-23 06:35:17 +0100[diff] [blame]348 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Janos Follathe6aef9f2016-03-16 16:39:41 +0000[diff] [blame]349 mbedtls_rsa_free( &ctx );
350}
351/* END_CASE */