TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / a565f54c4c0edf84ef598648e0fdb9a6d5f8f037 / . / tests / suites / test_suite_rsa.function
blob: 3f892f71ca591ae506b2dbc41b30f7aba672c031 [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/rsa.h"
Hanno Beckera565f542017-10-11 11:00:19 +0100[diff] [blame^]3#include "mbedtls/rsa_internal.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]4#include "mbedtls/md2.h"
5#include "mbedtls/md4.h"
6#include "mbedtls/md5.h"
7#include "mbedtls/sha1.h"
8#include "mbedtls/sha256.h"
9#include "mbedtls/sha512.h"
10#include "mbedtls/entropy.h"
11#include "mbedtls/ctr_drbg.h"
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]12/* END_HEADER */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]13
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]14/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]15 * depends_on:MBEDTLS_RSA_C:MBEDTLS_BIGNUM_C:MBEDTLS_GENPRIME
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]16 * END_DEPENDENCIES
17 */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]18
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]19/* BEGIN_CASE */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]20void mbedtls_rsa_pkcs1_sign( char *message_hex_string, int padding_mode, int digest,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]21 int mod, int radix_P, char *input_P, int radix_Q,
22 char *input_Q, int radix_N, char *input_N, int radix_E,
23 char *input_E, char *result_hex_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]24{
25 unsigned char message_str[1000];
26 unsigned char hash_result[1000];
27 unsigned char output[1000];
28 unsigned char output_str[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]29 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]30 mbedtls_mpi N, P, Q, E;
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]31 int msg_len;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]32 rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]33
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]34 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
35 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]36 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]37
38 memset( message_str, 0x00, 1000 );
39 memset( hash_result, 0x00, 1000 );
40 memset( output, 0x00, 1000 );
41 memset( output_str, 0x00, 1000 );
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]42 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]43
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]44 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
45 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
46 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
47 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]48
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]49 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
50 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]51 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]52 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]53
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]54 msg_len = unhexify( message_str, message_hex_string );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]55
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]56 if( mbedtls_md_info_from_type( digest ) != NULL )
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]57 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ),
58 message_str, msg_len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]59
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]60 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_pseudo_rand, &rnd_info,
61 MBEDTLS_RSA_PRIVATE, digest, 0,
62 hash_result, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]63 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]64 {
65 hexify( output_str, output, ctx.len );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]66
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]67 TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]68 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]69
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]70exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]71 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
72 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]73 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]74}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]75/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]76
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]77/* BEGIN_CASE */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]78void mbedtls_rsa_pkcs1_verify( char *message_hex_string, int padding_mode, int digest,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]79 int mod, int radix_N, char *input_N, int radix_E,
80 char *input_E, char *result_hex_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]81{
82 unsigned char message_str[1000];
83 unsigned char hash_result[1000];
84 unsigned char result_str[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]85 mbedtls_rsa_context ctx;
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]86 int msg_len;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]87
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]88 mbedtls_mpi N, E;
89
90 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]91 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]92 memset( message_str, 0x00, 1000 );
93 memset( hash_result, 0x00, 1000 );
94 memset( result_str, 0x00, 1000 );
95
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]96 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
97 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
98 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
99 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]100 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]101
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]102 msg_len = unhexify( message_str, message_hex_string );
103 unhexify( result_str, result_hex_str );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]104
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]105 if( mbedtls_md_info_from_type( digest ) != NULL )
106 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str, msg_len, hash_result ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]107
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]108 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]109
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]110exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]111 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]112 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]113}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]114/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]115
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]116
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]117/* BEGIN_CASE */
118void rsa_pkcs1_sign_raw( char *message_hex_string, char *hash_result_string,
119 int padding_mode, int mod, int radix_P, char *input_P,
120 int radix_Q, char *input_Q, int radix_N,
121 char *input_N, int radix_E, char *input_E,
122 char *result_hex_str )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]123{
124 unsigned char message_str[1000];
125 unsigned char hash_result[1000];
126 unsigned char output[1000];
127 unsigned char output_str[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]128 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]129 mbedtls_mpi N, P, Q, E;
Paul Bakkereaf90d92011-07-13 14:21:52 +0000[diff] [blame]130 int hash_len;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]131 rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]132
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]133 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]134 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
135 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]136
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]137 memset( message_str, 0x00, 1000 );
138 memset( hash_result, 0x00, 1000 );
139 memset( output, 0x00, 1000 );
140 memset( output_str, 0x00, 1000 );
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]141 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]142
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]143 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
144 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
145 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
146 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]147
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]148 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
149 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]150 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]151 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]152
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]153 unhexify( message_str, message_hex_string );
154 hash_len = unhexify( hash_result, hash_result_string );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]155
Hanno Becker8fd55482017-08-23 14:07:48 +0100[diff] [blame]156 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_pseudo_rand, &rnd_info,
157 MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_NONE,
158 hash_len, hash_result, output ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]159
160 hexify( output_str, output, ctx.len );
161
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]162 TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]163
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]164 /* For PKCS#1 v1.5, there is an alternative way to generate signatures */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]165 if( padding_mode == MBEDTLS_RSA_PKCS_V15 )
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]166 {
167 memset( output, 0x00, 1000 );
168 memset( output_str, 0x00, 1000 );
169
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]170 TEST_ASSERT( mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx,
171 &rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE,
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]172 hash_len, hash_result, output ) == 0 );
173
174 hexify( output_str, output, ctx.len );
175
176 TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
177 }
178
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]179exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]180 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
181 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
182
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]183 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]184}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]185/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]186
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]187/* BEGIN_CASE */
188void rsa_pkcs1_verify_raw( char *message_hex_string, char *hash_result_string,
189 int padding_mode, int mod, int radix_N,
190 char *input_N, int radix_E, char *input_E,
191 char *result_hex_str, int correct )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]192{
193 unsigned char message_str[1000];
194 unsigned char hash_result[1000];
195 unsigned char result_str[1000];
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]196 unsigned char output[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]197 mbedtls_rsa_context ctx;
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]198 size_t hash_len, olen;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]199
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]200 mbedtls_mpi N, E;
201 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
202
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]203 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]204 memset( message_str, 0x00, 1000 );
205 memset( hash_result, 0x00, 1000 );
206 memset( result_str, 0x00, 1000 );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]207 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]208
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]209 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
210 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]211
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]212 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
213 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]214 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]215
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]216 unhexify( message_str, message_hex_string );
217 hash_len = unhexify( hash_result, hash_result_string );
218 unhexify( result_str, result_hex_str );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]219
Hanno Becker8fd55482017-08-23 14:07:48 +0100[diff] [blame]220 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
221 MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE,
222 hash_len, hash_result,
223 result_str ) == correct );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]224
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]225 /* For PKCS#1 v1.5, there is an alternative way to verify signatures */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]226 if( padding_mode == MBEDTLS_RSA_PKCS_V15 )
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]227 {
228 int ok;
229
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]230 TEST_ASSERT( mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx,
231 NULL, NULL, MBEDTLS_RSA_PUBLIC,
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]232 &olen, result_str, output, sizeof( output ) ) == 0 );
233
234 ok = olen == hash_len && memcmp( output, hash_result, olen ) == 0;
235 if( correct == 0 )
236 TEST_ASSERT( ok == 1 );
237 else
238 TEST_ASSERT( ok == 0 );
239 }
240
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]241exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]242 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]243 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]244}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]245/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]246
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]247/* BEGIN_CASE */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]248void mbedtls_rsa_pkcs1_encrypt( char *message_hex_string, int padding_mode, int mod,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]249 int radix_N, char *input_N, int radix_E, char *input_E,
250 char *result_hex_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]251{
252 unsigned char message_str[1000];
253 unsigned char output[1000];
254 unsigned char output_str[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]255 mbedtls_rsa_context ctx;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]256 size_t msg_len;
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]257 rnd_pseudo_info rnd_info;
258
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]259 mbedtls_mpi N, E;
260 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
261
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]262 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]263
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]264 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]265 memset( message_str, 0x00, 1000 );
266 memset( output, 0x00, 1000 );
267 memset( output_str, 0x00, 1000 );
268
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]269 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
270 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]271
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]272 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
273 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]274 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]275
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]276 msg_len = unhexify( message_str, message_hex_string );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]277
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]278 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PUBLIC, msg_len, message_str, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]279 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]280 {
281 hexify( output_str, output, ctx.len );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]282
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]283 TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]284 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]285
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]286exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]287 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]288 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]289}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]290/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]291
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]292/* BEGIN_CASE */
293void rsa_pkcs1_encrypt_bad_rng( char *message_hex_string, int padding_mode,
294 int mod, int radix_N, char *input_N,
295 int radix_E, char *input_E,
296 char *result_hex_str, int result )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]297{
298 unsigned char message_str[1000];
299 unsigned char output[1000];
300 unsigned char output_str[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]301 mbedtls_rsa_context ctx;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]302 size_t msg_len;
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]303
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]304 mbedtls_mpi N, E;
305
306 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]307 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]308 memset( message_str, 0x00, 1000 );
309 memset( output, 0x00, 1000 );
310 memset( output_str, 0x00, 1000 );
311
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]312 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
313 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]314
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]315 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
316 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]317 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]318
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]319 msg_len = unhexify( message_str, message_hex_string );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]320
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]321 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &rnd_zero_rand, NULL, MBEDTLS_RSA_PUBLIC, msg_len, message_str, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]322 if( result == 0 )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]323 {
324 hexify( output_str, output, ctx.len );
325
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]326 TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]327 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]328
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]329exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]330 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]331 mbedtls_rsa_free( &ctx );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]332}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]333/* END_CASE */
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]334
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]335/* BEGIN_CASE */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]336void mbedtls_rsa_pkcs1_decrypt( char *message_hex_string, int padding_mode, int mod,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]337 int radix_P, char *input_P, int radix_Q, char *input_Q,
338 int radix_N, char *input_N, int radix_E, char *input_E,
339 int max_output, char *result_hex_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]340{
341 unsigned char message_str[1000];
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]342 unsigned char output[1000];
343 unsigned char output_str[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]344 mbedtls_rsa_context ctx;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]345 size_t output_len;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]346 rnd_pseudo_info rnd_info;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]347 mbedtls_mpi N, P, Q, E;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]348
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]349 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
350 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
351
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]352 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]353
354 memset( message_str, 0x00, 1000 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]355 memset( output, 0x00, 1000 );
356 memset( output_str, 0x00, 1000 );
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]357 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]358
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]359
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]360 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
361 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
362 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
363 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]364
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]365 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
366 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]367 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]368 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]369
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]370 unhexify( message_str, message_hex_string );
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]371 output_len = 0;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]372
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]373 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE, &output_len, message_str, output, max_output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]374 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]375 {
376 hexify( output_str, output, ctx.len );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]377
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]378 TEST_ASSERT( strncasecmp( (char *) output_str, result_hex_str, strlen( result_hex_str ) ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]379 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]380
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]381exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]382 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
383 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]384 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]385}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]386/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]387
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]388/* BEGIN_CASE */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]389void mbedtls_rsa_public( char *message_hex_string, int mod, int radix_N, char *input_N,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]390 int radix_E, char *input_E, char *result_hex_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]391{
392 unsigned char message_str[1000];
393 unsigned char output[1000];
394 unsigned char output_str[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]395 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]396
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]397 mbedtls_mpi N, E;
398
399 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]400 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
401 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]402 memset( message_str, 0x00, 1000 );
403 memset( output, 0x00, 1000 );
404 memset( output_str, 0x00, 1000 );
405
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]406 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
407 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]408
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]409 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
410 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]411 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]412
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]413 unhexify( message_str, message_hex_string );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]414
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]415 TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]416 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]417 {
418 hexify( output_str, output, ctx.len );
419
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]420 TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]421 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]422
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]423 /* And now with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]424 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]425 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]426 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]427
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]428 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]429
430 memset( output, 0x00, 1000 );
431 memset( output_str, 0x00, 1000 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]432 TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str, output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]433 if( result == 0 )
434 {
435 hexify( output_str, output, ctx2.len );
436
437 TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
438 }
439
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]440exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]441 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]442 mbedtls_rsa_free( &ctx );
443 mbedtls_rsa_free( &ctx2 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]444}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]445/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]446
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]447/* BEGIN_CASE */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]448void mbedtls_rsa_private( char *message_hex_string, int mod, int radix_P, char *input_P,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]449 int radix_Q, char *input_Q, int radix_N, char *input_N,
450 int radix_E, char *input_E, char *result_hex_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]451{
452 unsigned char message_str[1000];
453 unsigned char output[1000];
454 unsigned char output_str[1000];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]455 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]456 mbedtls_mpi N, P, Q, E;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]457 rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]458 int i;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]459
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]460 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
461 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]462 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
463 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]464
465 memset( message_str, 0x00, 1000 );
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]466 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]467
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]468 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
469 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
470 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
471 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]472
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]473 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
474 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]475 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]476 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]477
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]478 unhexify( message_str, message_hex_string );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]479
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]480 /* repeat three times to test updating of blinding values */
481 for( i = 0; i < 3; i++ )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]482 {
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]483 memset( output, 0x00, 1000 );
484 memset( output_str, 0x00, 1000 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]485 TEST_ASSERT( mbedtls_rsa_private( &ctx, rnd_pseudo_rand, &rnd_info,
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]486 message_str, output ) == result );
487 if( result == 0 )
488 {
489 hexify( output_str, output, ctx.len );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]490
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]491 TEST_ASSERT( strcasecmp( (char *) output_str,
492 result_hex_str ) == 0 );
493 }
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]494 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]495
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]496 /* And now one more time with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]497 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]498 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]499 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]500
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]501 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]502
503 memset( output, 0x00, 1000 );
504 memset( output_str, 0x00, 1000 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]505 TEST_ASSERT( mbedtls_rsa_private( &ctx2, rnd_pseudo_rand, &rnd_info,
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]506 message_str, output ) == result );
507 if( result == 0 )
508 {
509 hexify( output_str, output, ctx2.len );
510
511 TEST_ASSERT( strcasecmp( (char *) output_str,
512 result_hex_str ) == 0 );
513 }
514
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]515exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]516 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
517 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
518
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]519 mbedtls_rsa_free( &ctx ); mbedtls_rsa_free( &ctx2 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]520}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]521/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]522
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]523/* BEGIN_CASE */
524void rsa_check_privkey_null()
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]525{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]526 mbedtls_rsa_context ctx;
527 memset( &ctx, 0x00, sizeof( mbedtls_rsa_context ) );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]528
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]529 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]530}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]531/* END_CASE */
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]532
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]533/* BEGIN_CASE */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]534void mbedtls_rsa_check_pubkey( int radix_N, char *input_N, int radix_E, char *input_E,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]535 int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]536{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]537 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]538 mbedtls_mpi N, E;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]539
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]540 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]541 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]542
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]543 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]544 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]545 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]546 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]547 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]548 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]549 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]550 }
551
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]552 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]553 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]554
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]555exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]556 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]557 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]558}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]559/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]560
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]561/* BEGIN_CASE */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]562void mbedtls_rsa_check_privkey( int mod, int radix_P, char *input_P, int radix_Q,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]563 char *input_Q, int radix_N, char *input_N,
564 int radix_E, char *input_E, int radix_D, char *input_D,
565 int radix_DP, char *input_DP, int radix_DQ,
566 char *input_DQ, int radix_QP, char *input_QP,
567 int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]568{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]569 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]570
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]571 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]572
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]573 ctx.len = mod / 8;
574 if( strlen( input_P ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]575 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]576 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]577 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]578 if( strlen( input_Q ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]579 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]580 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]581 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]582 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]583 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]584 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]585 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]586 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]587 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]588 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]589 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]590 if( strlen( input_D ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]591 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]592 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.D, radix_D, input_D ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]593 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]594#if !defined(MBEDTLS_RSA_NO_CRT)
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]595 if( strlen( input_DP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]596 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]597 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DP, radix_DP, input_DP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]598 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]599 if( strlen( input_DQ ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]600 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]601 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]602 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]603 if( strlen( input_QP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]604 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]605 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.QP, radix_QP, input_QP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]606 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]607#else
608 ((void) radix_DP); ((void) input_DP);
609 ((void) radix_DQ); ((void) input_DQ);
610 ((void) radix_QP); ((void) input_QP);
611#endif
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]612
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]613 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]614
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]615exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]616 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]617}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]618/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]619
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]620/* BEGIN_CASE */
621void rsa_check_pubpriv( int mod, int radix_Npub, char *input_Npub,
622 int radix_Epub, char *input_Epub,
623 int radix_P, char *input_P, int radix_Q,
624 char *input_Q, int radix_N, char *input_N,
625 int radix_E, char *input_E, int radix_D, char *input_D,
626 int radix_DP, char *input_DP, int radix_DQ,
627 char *input_DQ, int radix_QP, char *input_QP,
628 int result )
629{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]630 mbedtls_rsa_context pub, prv;
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]631
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]632 mbedtls_rsa_init( &pub, MBEDTLS_RSA_PKCS_V15, 0 );
633 mbedtls_rsa_init( &prv, MBEDTLS_RSA_PKCS_V15, 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]634
635 pub.len = mod / 8;
636 prv.len = mod / 8;
637
638 if( strlen( input_Npub ) )
639 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]640 TEST_ASSERT( mbedtls_mpi_read_string( &pub.N, radix_Npub, input_Npub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]641 }
642 if( strlen( input_Epub ) )
643 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]644 TEST_ASSERT( mbedtls_mpi_read_string( &pub.E, radix_Epub, input_Epub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]645 }
646
647 if( strlen( input_P ) )
648 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]649 TEST_ASSERT( mbedtls_mpi_read_string( &prv.P, radix_P, input_P ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]650 }
651 if( strlen( input_Q ) )
652 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]653 TEST_ASSERT( mbedtls_mpi_read_string( &prv.Q, radix_Q, input_Q ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]654 }
655 if( strlen( input_N ) )
656 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]657 TEST_ASSERT( mbedtls_mpi_read_string( &prv.N, radix_N, input_N ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]658 }
659 if( strlen( input_E ) )
660 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]661 TEST_ASSERT( mbedtls_mpi_read_string( &prv.E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]662 }
663 if( strlen( input_D ) )
664 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]665 TEST_ASSERT( mbedtls_mpi_read_string( &prv.D, radix_D, input_D ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]666 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]667#if !defined(MBEDTLS_RSA_NO_CRT)
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]668 if( strlen( input_DP ) )
669 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]670 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DP, radix_DP, input_DP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]671 }
672 if( strlen( input_DQ ) )
673 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]674 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DQ, radix_DQ, input_DQ ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]675 }
676 if( strlen( input_QP ) )
677 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]678 TEST_ASSERT( mbedtls_mpi_read_string( &prv.QP, radix_QP, input_QP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]679 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]680#else
681 ((void) radix_DP); ((void) input_DP);
682 ((void) radix_DQ); ((void) input_DQ);
683 ((void) radix_QP); ((void) input_QP);
684#endif
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]685
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]686 TEST_ASSERT( mbedtls_rsa_check_pub_priv( &pub, &prv ) == result );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]687
688exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]689 mbedtls_rsa_free( &pub );
690 mbedtls_rsa_free( &prv );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]691}
692/* END_CASE */
693
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]694/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
695void mbedtls_rsa_gen_key( int nrbits, int exponent, int result)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]696{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]697 mbedtls_rsa_context ctx;
698 mbedtls_entropy_context entropy;
699 mbedtls_ctr_drbg_context ctr_drbg;
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]700 const char *pers = "test_suite_rsa";
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]701
Manuel Pégourié-Gonnard8d128ef2015-04-28 22:38:08 +0200[diff] [blame]702 mbedtls_ctr_drbg_init( &ctr_drbg );
703
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]704 mbedtls_entropy_init( &entropy );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]705 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
706 &entropy, (const unsigned char *) pers,
707 strlen( pers ) ) == 0 );
Paul Bakkerc0a1a312011-12-04 17:12:15 +0000[diff] [blame]708
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]709 mbedtls_rsa_init( &ctx, 0, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]710
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]711 TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_ctr_drbg_random,
712 &ctr_drbg, nrbits, exponent ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]713 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]714 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]715 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Janos Follathef441782016-09-21 13:18:12 +0100[diff] [blame]716 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &ctx.Q ) > 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]717 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]718
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]719exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]720 mbedtls_rsa_free( &ctx );
721 mbedtls_ctr_drbg_free( &ctr_drbg );
722 mbedtls_entropy_free( &entropy );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]723}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]724/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]725
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]726/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Hanno Becker0f65e0c2017-10-03 14:39:16 +0100[diff] [blame]727void mbedtls_rsa_deduce_primes( int radix_N, char *input_N,
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]728 int radix_D, char *input_D,
729 int radix_E, char *input_E,
730 int radix_P, char *output_P,
731 int radix_Q, char *output_Q,
732 int corrupt, int result )
733{
734 mbedtls_mpi N, P, Pp, Q, Qp, D, E;
735
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]736 mbedtls_mpi_init( &N );
737 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
738 mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp );
739 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
740
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]741 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
742 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
743 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
744 TEST_ASSERT( mbedtls_mpi_read_string( &Qp, radix_P, output_P ) == 0 );
745 TEST_ASSERT( mbedtls_mpi_read_string( &Pp, radix_Q, output_Q ) == 0 );
746
747 if( corrupt )
748 TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 );
749
750 /* Try to deduce P, Q from N, D, E only. */
Hanno Beckerf9e184b2017-10-10 16:49:26 +0100[diff] [blame]751 TEST_ASSERT( mbedtls_rsa_deduce_primes( &N, &D, &E, &P, &Q ) == result );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]752
753 if( !corrupt )
754 {
755 /* Check if (P,Q) = (Pp, Qp) or (P,Q) = (Qp, Pp) */
756 TEST_ASSERT( ( mbedtls_mpi_cmp_mpi( &P, &Pp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Qp ) == 0 ) ||
757 ( mbedtls_mpi_cmp_mpi( &P, &Qp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Pp ) == 0 ) );
758 }
759
760exit:
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]761 mbedtls_mpi_free( &N );
762 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
763 mbedtls_mpi_free( &Pp ); mbedtls_mpi_free( &Qp );
764 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]765}
766/* END_CASE */
767
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]768/* BEGIN_CASE */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]769void mbedtls_rsa_deduce_private_exponent( int radix_P, char *input_P,
770 int radix_Q, char *input_Q,
771 int radix_E, char *input_E,
772 int radix_D, char *output_D,
773 int corrupt, int result )
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]774{
775 mbedtls_mpi P, Q, D, Dp, E, R, Rp;
776
777 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
778 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &Dp );
779 mbedtls_mpi_init( &E );
780 mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp );
781
782 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
783 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
784 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
785 TEST_ASSERT( mbedtls_mpi_read_string( &Dp, radix_D, output_D ) == 0 );
786
787 if( corrupt )
788 {
789 /* Make E even */
790 TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 0 ) == 0 );
791 }
792
793 /* Try to deduce D from N, P, Q, E. */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]794 TEST_ASSERT( mbedtls_rsa_deduce_private_exponent( &P, &Q,
795 &E, &D ) == result );
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]796
797 if( !corrupt )
798 {
799 /*
800 * Check that D and Dp agree modulo LCM(P-1, Q-1).
801 */
802
803 /* Replace P,Q by P-1, Q-1 */
804 TEST_ASSERT( mbedtls_mpi_sub_int( &P, &P, 1 ) == 0 );
805 TEST_ASSERT( mbedtls_mpi_sub_int( &Q, &Q, 1 ) == 0 );
806
807 /* Check D == Dp modulo P-1 */
808 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &P ) == 0 );
809 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &P ) == 0 );
810 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
811
812 /* Check D == Dp modulo Q-1 */
813 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &Q ) == 0 );
814 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &Q ) == 0 );
815 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
816 }
817
818exit:
819
820 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
821 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &Dp );
822 mbedtls_mpi_free( &E );
823 mbedtls_mpi_free( &R ); mbedtls_mpi_free( &Rp );
824}
825/* END_CASE */
826
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]827/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
828void mbedtls_rsa_import( int radix_N, char *input_N,
829 int radix_P, char *input_P,
830 int radix_Q, char *input_Q,
831 int radix_D, char *input_D,
832 int radix_E, char *input_E,
833 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]834 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]835 int res_check,
836 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]837{
838 mbedtls_mpi N, P, Q, D, E;
839 mbedtls_rsa_context ctx;
840
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]841 /* Buffers used for encryption-decryption test */
842 unsigned char *buf_orig = NULL;
843 unsigned char *buf_enc = NULL;
844 unsigned char *buf_dec = NULL;
845
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]846 mbedtls_entropy_context entropy;
847 mbedtls_ctr_drbg_context ctr_drbg;
848 const char *pers = "test_suite_rsa";
849
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]850 const int have_N = ( strlen( input_N ) > 0 );
851 const int have_P = ( strlen( input_P ) > 0 );
852 const int have_Q = ( strlen( input_Q ) > 0 );
853 const int have_D = ( strlen( input_D ) > 0 );
854 const int have_E = ( strlen( input_E ) > 0 );
855
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]856 mbedtls_ctr_drbg_init( &ctr_drbg );
857
858 mbedtls_entropy_init( &entropy );
859 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
860 (const unsigned char *) pers, strlen( pers ) ) == 0 );
861
862 mbedtls_rsa_init( &ctx, 0, 0 );
863
864 mbedtls_mpi_init( &N );
865 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
866 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
867
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]868 if( have_N )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]869 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
870
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]871 if( have_P )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]872 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
873
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]874 if( have_Q )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]875 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
876
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]877 if( have_D )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]878 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
879
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]880 if( have_E )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]881 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
882
883 if( !successive )
884 {
885 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]886 have_N ? &N : NULL,
887 have_P ? &P : NULL,
888 have_Q ? &Q : NULL,
889 have_D ? &D : NULL,
890 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]891 }
892 else
893 {
894 /* Import N, P, Q, D, E separately.
895 * This should make no functional difference. */
896
897 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]898 have_N ? &N : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]899 NULL, NULL, NULL, NULL ) == 0 );
900
901 TEST_ASSERT( mbedtls_rsa_import( &ctx,
902 NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]903 have_P ? &P : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]904 NULL, NULL, NULL ) == 0 );
905
906 TEST_ASSERT( mbedtls_rsa_import( &ctx,
907 NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]908 have_Q ? &Q : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]909 NULL, NULL ) == 0 );
910
911 TEST_ASSERT( mbedtls_rsa_import( &ctx,
912 NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]913 have_D ? &D : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]914 NULL ) == 0 );
915
916 TEST_ASSERT( mbedtls_rsa_import( &ctx,
917 NULL, NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]918 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]919 }
920
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]921 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]922
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]923 /* On expected success, perform some public and private
924 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]925 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]926 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]927 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]928 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
929 else
930 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
931
932 if( res_check != 0 )
933 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]934
935 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
936 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
937 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
938 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
939 goto exit;
940
941 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
942 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
943
944 /* Make sure the number we're generating is smaller than the modulus */
945 buf_orig[0] = 0x00;
946
947 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
948
949 if( is_priv )
950 {
951 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
952 &ctr_drbg, buf_enc,
953 buf_dec ) == 0 );
954
955 TEST_ASSERT( memcmp( buf_orig, buf_dec,
956 mbedtls_rsa_get_len( &ctx ) ) == 0 );
957 }
958 }
959
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]960exit:
961
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]962 mbedtls_free( buf_orig );
963 mbedtls_free( buf_enc );
964 mbedtls_free( buf_dec );
965
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]966 mbedtls_rsa_free( &ctx );
967
968 mbedtls_ctr_drbg_free( &ctr_drbg );
969 mbedtls_entropy_free( &entropy );
970
971 mbedtls_mpi_free( &N );
972 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
973 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
974}
975/* END_CASE */
976
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]977/* BEGIN_CASE */
978void mbedtls_rsa_export( int radix_N, char *input_N,
979 int radix_P, char *input_P,
980 int radix_Q, char *input_Q,
981 int radix_D, char *input_D,
982 int radix_E, char *input_E,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]983 int is_priv,
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]984 int successive )
985{
986 /* Original MPI's with which we set up the RSA context */
987 mbedtls_mpi N, P, Q, D, E;
988
989 /* Exported MPI's */
990 mbedtls_mpi Ne, Pe, Qe, De, Ee;
991
992 const int have_N = ( strlen( input_N ) > 0 );
993 const int have_P = ( strlen( input_P ) > 0 );
994 const int have_Q = ( strlen( input_Q ) > 0 );
995 const int have_D = ( strlen( input_D ) > 0 );
996 const int have_E = ( strlen( input_E ) > 0 );
997
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]998 mbedtls_rsa_context ctx;
999
1000 mbedtls_rsa_init( &ctx, 0, 0 );
1001
1002 mbedtls_mpi_init( &N );
1003 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1004 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1005
1006 mbedtls_mpi_init( &Ne );
1007 mbedtls_mpi_init( &Pe ); mbedtls_mpi_init( &Qe );
1008 mbedtls_mpi_init( &De ); mbedtls_mpi_init( &Ee );
1009
1010 /* Setup RSA context */
1011
1012 if( have_N )
1013 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1014
1015 if( have_P )
1016 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1017
1018 if( have_Q )
1019 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1020
1021 if( have_D )
1022 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1023
1024 if( have_E )
1025 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1026
1027 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1028 strlen( input_N ) ? &N : NULL,
1029 strlen( input_P ) ? &P : NULL,
1030 strlen( input_Q ) ? &Q : NULL,
1031 strlen( input_D ) ? &D : NULL,
1032 strlen( input_E ) ? &E : NULL ) == 0 );
1033
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1034 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1035
1036 /*
1037 * Export parameters and compare to original ones.
1038 */
1039
1040 /* N and E must always be present. */
1041 if( !successive )
1042 {
1043 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, &Ee ) == 0 );
1044 }
1045 else
1046 {
1047 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, NULL ) == 0 );
1048 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL, NULL, &Ee ) == 0 );
1049 }
1050 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &Ne ) == 0 );
1051 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &E, &Ee ) == 0 );
1052
1053 /* If we were providing enough information to setup a complete private context,
1054 * we expect to be able to export all core parameters. */
1055
1056 if( is_priv )
1057 {
1058 if( !successive )
1059 {
1060 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, &Qe,
1061 &De, NULL ) == 0 );
1062 }
1063 else
1064 {
1065 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, NULL,
1066 NULL, NULL ) == 0 );
1067 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, &Qe,
1068 NULL, NULL ) == 0 );
1069 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL,
1070 &De, NULL ) == 0 );
1071 }
1072
1073 if( have_P )
1074 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P, &Pe ) == 0 );
1075
1076 if( have_Q )
1077 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &Qe ) == 0 );
1078
1079 if( have_D )
1080 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &D, &De ) == 0 );
1081
1082 /* While at it, perform a sanity check */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1083 TEST_ASSERT( mbedtls_rsa_validate_params( &Ne, &Pe, &Qe, &De, &Ee,
1084 NULL, NULL ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1085 }
1086
1087exit:
1088
1089 mbedtls_rsa_free( &ctx );
1090
1091 mbedtls_mpi_free( &N );
1092 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1093 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1094
1095 mbedtls_mpi_free( &Ne );
1096 mbedtls_mpi_free( &Pe ); mbedtls_mpi_free( &Qe );
1097 mbedtls_mpi_free( &De ); mbedtls_mpi_free( &Ee );
1098}
1099/* END_CASE */
1100
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1101/* BEGIN_CASE */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1102void mbedtls_rsa_validate_params( int radix_N, char *input_N,
1103 int radix_P, char *input_P,
1104 int radix_Q, char *input_Q,
1105 int radix_D, char *input_D,
1106 int radix_E, char *input_E,
1107 int prng, int result )
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1108{
1109 /* Original MPI's with which we set up the RSA context */
1110 mbedtls_mpi N, P, Q, D, E;
1111
1112 const int have_N = ( strlen( input_N ) > 0 );
1113 const int have_P = ( strlen( input_P ) > 0 );
1114 const int have_Q = ( strlen( input_Q ) > 0 );
1115 const int have_D = ( strlen( input_D ) > 0 );
1116 const int have_E = ( strlen( input_E ) > 0 );
1117
1118 mbedtls_entropy_context entropy;
1119 mbedtls_ctr_drbg_context ctr_drbg;
1120 const char *pers = "test_suite_rsa";
1121
1122 mbedtls_mpi_init( &N );
1123 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1124 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1125
1126 mbedtls_ctr_drbg_init( &ctr_drbg );
1127 mbedtls_entropy_init( &entropy );
1128 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1129 &entropy, (const unsigned char *) pers,
1130 strlen( pers ) ) == 0 );
1131
1132 if( have_N )
1133 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1134
1135 if( have_P )
1136 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1137
1138 if( have_Q )
1139 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1140
1141 if( have_D )
1142 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1143
1144 if( have_E )
1145 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1146
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1147 TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL,
1148 have_P ? &P : NULL,
1149 have_Q ? &Q : NULL,
1150 have_D ? &D : NULL,
1151 have_E ? &E : NULL,
1152 prng ? mbedtls_ctr_drbg_random : NULL,
1153 prng ? &ctr_drbg : NULL ) == result );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1154exit:
1155
1156 mbedtls_ctr_drbg_free( &ctr_drbg );
1157 mbedtls_entropy_free( &entropy );
1158
1159 mbedtls_mpi_free( &N );
1160 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1161 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1162}
1163/* END_CASE */
1164
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1165/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1166void mbedtls_rsa_export_raw( char *input_N, char *input_P,
1167 char *input_Q, char *input_D,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1168 char *input_E, int is_priv,
1169 int successive )
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1170{
1171 /* Original raw buffers with which we set up the RSA context */
1172 unsigned char bufN[1000];
1173 unsigned char bufP[1000];
1174 unsigned char bufQ[1000];
1175 unsigned char bufD[1000];
1176 unsigned char bufE[1000];
1177
1178 size_t lenN = 0;
1179 size_t lenP = 0;
1180 size_t lenQ = 0;
1181 size_t lenD = 0;
1182 size_t lenE = 0;
1183
1184 /* Exported buffers */
1185 unsigned char bufNe[ sizeof( bufN ) ];
1186 unsigned char bufPe[ sizeof( bufP ) ];
1187 unsigned char bufQe[ sizeof( bufQ ) ];
1188 unsigned char bufDe[ sizeof( bufD ) ];
1189 unsigned char bufEe[ sizeof( bufE ) ];
1190
1191 const int have_N = ( strlen( input_N ) > 0 );
1192 const int have_P = ( strlen( input_P ) > 0 );
1193 const int have_Q = ( strlen( input_Q ) > 0 );
1194 const int have_D = ( strlen( input_D ) > 0 );
1195 const int have_E = ( strlen( input_E ) > 0 );
1196
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1197 mbedtls_rsa_context ctx;
1198
1199 mbedtls_rsa_init( &ctx, 0, 0 );
1200
1201 /* Setup RSA context */
1202
1203 if( have_N )
1204 lenN = unhexify( bufN, input_N );
1205
1206 if( have_P )
1207 lenP = unhexify( bufP, input_P );
1208
1209 if( have_Q )
1210 lenQ = unhexify( bufQ, input_Q );
1211
1212 if( have_D )
1213 lenD = unhexify( bufD, input_D );
1214
1215 if( have_E )
1216 lenE = unhexify( bufE, input_E );
1217
1218 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1219 have_N ? bufN : NULL, lenN,
1220 have_P ? bufP : NULL, lenP,
1221 have_Q ? bufQ : NULL, lenQ,
1222 have_D ? bufD : NULL, lenD,
1223 have_E ? bufE : NULL, lenE ) == 0 );
1224
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1225 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1226
1227 /*
1228 * Export parameters and compare to original ones.
1229 */
1230
1231 /* N and E must always be present. */
1232 if( !successive )
1233 {
1234 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, lenN,
1235 NULL, 0, NULL, 0, NULL, 0,
1236 bufEe, lenE ) == 0 );
1237 }
1238 else
1239 {
1240 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, lenN,
1241 NULL, 0, NULL, 0, NULL, 0,
1242 NULL, 0 ) == 0 );
1243 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
1244 NULL, 0, NULL, 0, NULL, 0,
1245 bufEe, lenE ) == 0 );
1246 }
1247 TEST_ASSERT( memcmp( bufN, bufNe, lenN ) == 0 );
1248 TEST_ASSERT( memcmp( bufE, bufEe, lenE ) == 0 );
1249
1250 /* If we were providing enough information to setup a complete private context,
1251 * we expect to be able to export all core parameters. */
1252
1253 if( is_priv )
1254 {
1255 if( !successive )
1256 {
1257 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
1258 bufPe, lenP ? lenP : sizeof( bufPe ),
1259 bufQe, lenQ ? lenQ : sizeof( bufQe ),
1260 bufDe, lenD ? lenD : sizeof( bufDe ),
1261 NULL, 0 ) == 0 );
1262 }
1263 else
1264 {
1265 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
1266 bufPe, lenP ? lenP : sizeof( bufPe ),
1267 NULL, 0, NULL, 0,
1268 NULL, 0 ) == 0 );
1269
1270 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0,
1271 bufQe, lenQ ? lenQ : sizeof( bufQe ),
1272 NULL, 0, NULL, 0 ) == 0 );
1273
1274 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0,
1275 NULL, 0, bufDe, lenD ? lenD : sizeof( bufDe ),
1276 NULL, 0 ) == 0 );
1277 }
1278
1279 if( have_P )
1280 TEST_ASSERT( memcmp( bufP, bufPe, lenP ) == 0 );
1281
1282 if( have_Q )
1283 TEST_ASSERT( memcmp( bufQ, bufQe, lenQ ) == 0 );
1284
1285 if( have_D )
1286 TEST_ASSERT( memcmp( bufD, bufDe, lenD ) == 0 );
1287
1288 }
1289
1290exit:
1291 mbedtls_rsa_free( &ctx );
1292}
1293/* END_CASE */
1294
1295/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1296void mbedtls_rsa_import_raw( char *input_N,
1297 char *input_P, char *input_Q,
1298 char *input_D, char *input_E,
1299 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1300 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1301 int res_check,
1302 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1303{
1304 unsigned char bufN[1000];
1305 unsigned char bufP[1000];
1306 unsigned char bufQ[1000];
1307 unsigned char bufD[1000];
1308 unsigned char bufE[1000];
1309
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1310 /* Buffers used for encryption-decryption test */
1311 unsigned char *buf_orig = NULL;
1312 unsigned char *buf_enc = NULL;
1313 unsigned char *buf_dec = NULL;
1314
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1315 size_t lenN = 0;
1316 size_t lenP = 0;
1317 size_t lenQ = 0;
1318 size_t lenD = 0;
1319 size_t lenE = 0;
1320
1321 mbedtls_rsa_context ctx;
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1322 mbedtls_entropy_context entropy;
1323 mbedtls_ctr_drbg_context ctr_drbg;
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1324
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1325 const char *pers = "test_suite_rsa";
1326
1327 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1328 mbedtls_entropy_init( &entropy );
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1329 mbedtls_rsa_init( &ctx, 0, 0 );
1330
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1331 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1332 &entropy, (const unsigned char *) pers,
1333 strlen( pers ) ) == 0 );
1334
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1335 if( strlen( input_N ) )
1336 lenN = unhexify( bufN, input_N );
1337
1338 if( strlen( input_P ) )
1339 lenP = unhexify( bufP, input_P );
1340
1341 if( strlen( input_Q ) )
1342 lenQ = unhexify( bufQ, input_Q );
1343
1344 if( strlen( input_D ) )
1345 lenD = unhexify( bufD, input_D );
1346
1347 if( strlen( input_E ) )
1348 lenE = unhexify( bufE, input_E );
1349
1350 if( !successive )
1351 {
1352 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1353 ( lenN > 0 ) ? bufN : NULL, lenN,
1354 ( lenP > 0 ) ? bufP : NULL, lenP,
1355 ( lenQ > 0 ) ? bufQ : NULL, lenQ,
1356 ( lenD > 0 ) ? bufD : NULL, lenD,
1357 ( lenE > 0 ) ? bufE : NULL, lenE ) == 0 );
1358 }
1359 else
1360 {
1361 /* Import N, P, Q, D, E separately.
1362 * This should make no functional difference. */
1363
1364 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1365 ( lenN > 0 ) ? bufN : NULL, lenN,
1366 NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1367
1368 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1369 NULL, 0,
1370 ( lenP > 0 ) ? bufP : NULL, lenP,
1371 NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1372
1373 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1374 NULL, 0, NULL, 0,
1375 ( lenQ > 0 ) ? bufQ : NULL, lenQ,
1376 NULL, 0, NULL, 0 ) == 0 );
1377
1378 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1379 NULL, 0, NULL, 0, NULL, 0,
1380 ( lenD > 0 ) ? bufD : NULL, lenD,
1381 NULL, 0 ) == 0 );
1382
1383 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1384 NULL, 0, NULL, 0, NULL, 0, NULL, 0,
1385 ( lenE > 0 ) ? bufE : NULL, lenE ) == 0 );
1386 }
1387
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1388 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1389
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1390 /* On expected success, perform some public and private
1391 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1392 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1393 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1394 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1395 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1396 else
1397 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1398
1399 if( res_check != 0 )
1400 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1401
1402 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1403 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1404 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1405 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1406 goto exit;
1407
1408 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1409 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1410
1411 /* Make sure the number we're generating is smaller than the modulus */
1412 buf_orig[0] = 0x00;
1413
1414 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1415
1416 if( is_priv )
1417 {
1418 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1419 &ctr_drbg, buf_enc,
1420 buf_dec ) == 0 );
1421
1422 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1423 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1424 }
1425 }
1426
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1427exit:
1428
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1429 mbedtls_free( buf_orig );
1430 mbedtls_free( buf_enc );
1431 mbedtls_free( buf_dec );
1432
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1433 mbedtls_rsa_free( &ctx );
1434
1435 mbedtls_ctr_drbg_free( &ctr_drbg );
1436 mbedtls_entropy_free( &entropy );
1437
1438}
1439/* END_CASE */
1440
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1441/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1442void rsa_selftest()
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1443{
Andres AG93012e82016-09-09 09:10:28 +0100[diff] [blame]1444 TEST_ASSERT( mbedtls_rsa_self_test( 1 ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1445}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1446/* END_CASE */