TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / f0963f714132b032aff595d8774920fff30d52db / . / tests / suites / test_suite_rsa.function
blob: 4c2a9eaf5ec6fb54e2820f70dbf0c6cc7dc5252c [file] [log] [blame]
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1/* BEGIN_HEADER */
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]2#include "mbedtls/rsa.h"
Hanno Beckera565f542017-10-11 11:00:19 +0100[diff] [blame]3#include "mbedtls/rsa_internal.h"
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]4#include "mbedtls/md2.h"
5#include "mbedtls/md4.h"
6#include "mbedtls/md5.h"
7#include "mbedtls/sha1.h"
8#include "mbedtls/sha256.h"
9#include "mbedtls/sha512.h"
10#include "mbedtls/entropy.h"
11#include "mbedtls/ctr_drbg.h"
Hanno Becker47deec42017-07-24 12:27:09 +0100[diff] [blame]12
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]13/* END_HEADER */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]14
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]15/* BEGIN_DEPENDENCIES
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]16 * depends_on:MBEDTLS_RSA_C:MBEDTLS_BIGNUM_C:MBEDTLS_GENPRIME
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]17 * END_DEPENDENCIES
18 */
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]19
Hanno Becker046d2022018-12-13 18:07:09 +0000[diff] [blame]20/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
21void rsa_invalid_param( )
22{
23 mbedtls_rsa_context ctx;
24 const int valid_padding = MBEDTLS_RSA_PKCS_V21;
25 const int invalid_padding = 42;
26 const int valid_mode = MBEDTLS_RSA_PRIVATE;
27 const int invalid_mode = 42;
28 unsigned char buf[42] = { 0 };
29 size_t olen;
30
Hanno Beckera7ee0022018-12-18 13:30:20 +0000[diff] [blame]31 TEST_INVALID_PARAM( mbedtls_rsa_init( NULL, valid_padding, 0 ) );
32 TEST_INVALID_PARAM( mbedtls_rsa_init( &ctx, invalid_padding, 0 ) );
Hanno Becker046d2022018-12-13 18:07:09 +0000[diff] [blame]33 TEST_VALID_PARAM( mbedtls_rsa_free( NULL ) );
34
35 /* No more variants because only the first argument must be non-NULL. */
36 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
37 mbedtls_rsa_import( NULL, NULL, NULL,
38 NULL, NULL, NULL ) );
39 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
40 mbedtls_rsa_import_raw( NULL,
41 NULL, 0,
42 NULL, 0,
43 NULL, 0,
44 NULL, 0,
45 NULL, 0 ) );
46
47 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
48 mbedtls_rsa_complete( NULL ) );
49
50 /* No more variants because only the first argument must be non-NULL. */
51 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
52 mbedtls_rsa_export( NULL, NULL, NULL,
53 NULL, NULL, NULL ) );
54 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Hanno Becker046d2022018-12-13 18:07:09 +0000[diff] [blame]55 mbedtls_rsa_export_raw( NULL,
56 NULL, 0,
57 NULL, 0,
58 NULL, 0,
59 NULL, 0,
60 NULL, 0 ) );
61 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
62 mbedtls_rsa_export_crt( NULL, NULL, NULL, NULL ) );
63
64 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( NULL,
65 valid_padding, 0 ) );
66 TEST_INVALID_PARAM( mbedtls_rsa_set_padding( &ctx,
67 invalid_padding, 0 ) );
68
69 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
Hanno Beckerf04d9232018-12-18 13:30:42 +0000[diff] [blame]70 mbedtls_rsa_gen_key( NULL, rnd_std_rand,
71 NULL, 0, 0 ) );
72 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
73 mbedtls_rsa_gen_key( &ctx, NULL,
74 NULL, 0, 0 ) );
Hanno Becker046d2022018-12-13 18:07:09 +0000[diff] [blame]75
76 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
77 mbedtls_rsa_check_pubkey( NULL ) );
78 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
79 mbedtls_rsa_check_privkey( NULL ) );
80
81 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
82 mbedtls_rsa_check_pub_priv( NULL, &ctx ) );
83 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
84 mbedtls_rsa_check_pub_priv( &ctx, NULL ) );
85
86 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
87 mbedtls_rsa_public( NULL, buf, buf ) );
88 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
89 mbedtls_rsa_public( &ctx, NULL, buf ) );
90 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
91 mbedtls_rsa_public( &ctx, buf, NULL ) );
92
93 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
94 mbedtls_rsa_private( NULL, NULL, NULL,
95 buf, buf ) );
96 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
97 mbedtls_rsa_private( &ctx, NULL, NULL,
98 NULL, buf ) );
99 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
100 mbedtls_rsa_private( &ctx, NULL, NULL,
101 buf, NULL ) );
102
103 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
104 mbedtls_rsa_pkcs1_encrypt( NULL, NULL, NULL,
105 valid_mode,
106 sizeof( buf ), buf,
107 buf ) );
108 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
109 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
110 invalid_mode,
111 sizeof( buf ), buf,
112 buf ) );
113 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
114 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
115 valid_mode,
116 sizeof( buf ), NULL,
117 buf ) );
118 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
119 mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
120 valid_mode,
121 sizeof( buf ), buf,
122 NULL ) );
123
124 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
125 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( NULL, NULL,
126 NULL,
127 valid_mode,
128 sizeof( buf ), buf,
129 buf ) );
130 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
131 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
132 NULL,
133 invalid_mode,
134 sizeof( buf ), buf,
135 buf ) );
136 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
137 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
138 NULL,
139 valid_mode,
140 sizeof( buf ), NULL,
141 buf ) );
142 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
143 mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
144 NULL,
145 valid_mode,
146 sizeof( buf ), buf,
147 NULL ) );
148
149 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
150 mbedtls_rsa_rsaes_oaep_encrypt( NULL, NULL, NULL,
151 valid_mode,
152 buf, sizeof( buf ),
153 sizeof( buf ), buf,
154 buf ) );
155 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
156 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
157 invalid_mode,
158 buf, sizeof( buf ),
159 sizeof( buf ), buf,
160 buf ) );
161 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
162 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
163 valid_mode,
164 NULL, sizeof( buf ),
165 sizeof( buf ), buf,
166 buf ) );
167 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
168 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
169 valid_mode,
170 buf, sizeof( buf ),
171 sizeof( buf ), NULL,
172 buf ) );
173 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
174 mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
175 valid_mode,
176 buf, sizeof( buf ),
177 sizeof( buf ), buf,
178 NULL ) );
179
180 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
181 mbedtls_rsa_pkcs1_decrypt( NULL, NULL, NULL,
182 valid_mode, &olen,
183 buf, buf, 42 ) );
184 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
185 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
186 invalid_mode, &olen,
187 buf, buf, 42 ) );
188 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
189 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
190 valid_mode, NULL,
191 buf, buf, 42 ) );
192 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
193 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
194 valid_mode, &olen,
195 NULL, buf, 42 ) );
196 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
197 mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
198 valid_mode, &olen,
199 buf, NULL, 42 ) );
200
201 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
202 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( NULL, NULL,
203 NULL,
204 valid_mode, &olen,
205 buf, buf, 42 ) );
206 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
207 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
208 NULL,
209 invalid_mode, &olen,
210 buf, buf, 42 ) );
211 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
212 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
213 NULL,
214 valid_mode, NULL,
215 buf, buf, 42 ) );
216 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
217 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
218 NULL,
219 valid_mode, &olen,
220 NULL, buf, 42 ) );
221 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
222 mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
223 NULL,
224 valid_mode, &olen,
225 buf, NULL, 42 ) );
226
227 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
228 mbedtls_rsa_rsaes_oaep_decrypt( NULL, NULL, NULL,
229 valid_mode,
230 buf, sizeof( buf ),
231 &olen,
232 buf, buf, 42 ) );
233 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
234 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
235 invalid_mode,
236 buf, sizeof( buf ),
237 &olen,
238 buf, buf, 42 ) );
239 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
240 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
241 valid_mode,
242 NULL, sizeof( buf ),
243 NULL,
244 buf, buf, 42 ) );
245 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
246 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
247 valid_mode,
248 buf, sizeof( buf ),
249 &olen,
250 NULL, buf, 42 ) );
251 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
252 mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
253 valid_mode,
254 buf, sizeof( buf ),
255 &olen,
256 buf, NULL, 42 ) );
257
258 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
259 mbedtls_rsa_pkcs1_sign( NULL, NULL, NULL,
260 valid_mode,
261 0, sizeof( buf ), buf,
262 buf ) );
263 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
264 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
265 invalid_mode,
266 0, sizeof( buf ), buf,
267 buf ) );
268 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
269 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
270 valid_mode,
271 0, sizeof( buf ), NULL,
272 buf ) );
273 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
274 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
275 valid_mode,
276 0, sizeof( buf ), buf,
277 NULL ) );
Hanno Becker05cf6da2018-12-18 13:33:37 +0000[diff] [blame]278 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
279 mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
280 valid_mode,
281 MBEDTLS_MD_SHA1,
282 0, NULL,
283 buf ) );
Hanno Becker046d2022018-12-13 18:07:09 +0000[diff] [blame]284
285 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
286 mbedtls_rsa_rsassa_pkcs1_v15_sign( NULL, NULL, NULL,
287 valid_mode,
288 0, sizeof( buf ), buf,
289 buf ) );
290 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
291 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
292 invalid_mode,
293 0, sizeof( buf ), buf,
294 buf ) );
295 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
296 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
297 valid_mode,
298 0, sizeof( buf ), NULL,
299 buf ) );
300 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
301 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
302 valid_mode,
303 0, sizeof( buf ), buf,
304 NULL ) );
Hanno Beckerb06f1932018-12-18 14:04:28 +0000[diff] [blame]305 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
306 mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
307 valid_mode,
308 MBEDTLS_MD_SHA1,
309 0, NULL,
310 buf ) );
Hanno Becker046d2022018-12-13 18:07:09 +0000[diff] [blame]311
312 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
313 mbedtls_rsa_rsassa_pss_sign( NULL, NULL, NULL,
314 valid_mode,
315 0, sizeof( buf ), buf,
316 buf ) );
317 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
318 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
319 invalid_mode,
320 0, sizeof( buf ), buf,
321 buf ) );
322 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
323 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
324 valid_mode,
325 0, sizeof( buf ), NULL,
326 buf ) );
327 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
328 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
329 valid_mode,
330 0, sizeof( buf ), buf,
331 NULL ) );
Hanno Beckerb06f1932018-12-18 14:04:28 +0000[diff] [blame]332 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
333 mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
334 valid_mode,
335 MBEDTLS_MD_SHA1,
336 0, NULL,
337 buf ) );
Hanno Becker046d2022018-12-13 18:07:09 +0000[diff] [blame]338
339 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
340 mbedtls_rsa_pkcs1_verify( NULL, NULL, NULL,
341 valid_mode,
342 0, sizeof( buf ), buf,
343 buf ) );
344 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
345 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
346 invalid_mode,
347 0, sizeof( buf ), buf,
348 buf ) );
349 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
350 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
351 valid_mode,
352 0, sizeof( buf ), NULL,
353 buf ) );
354 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
355 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
356 valid_mode,
357 0, sizeof( buf ), buf,
358 NULL ) );
Hanno Beckerb06f1932018-12-18 14:04:28 +0000[diff] [blame]359 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
360 mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
361 valid_mode,
362 MBEDTLS_MD_SHA1, 0, NULL,
363 buf ) );
Hanno Becker046d2022018-12-13 18:07:09 +0000[diff] [blame]364
365 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
366 mbedtls_rsa_rsassa_pkcs1_v15_verify( NULL, NULL,
367 NULL,
368 valid_mode,
369 0, sizeof( buf ), buf,
370 buf ) );
371 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
372 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
373 NULL,
374 invalid_mode,
375 0, sizeof( buf ), buf,
376 buf ) );
377 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
378 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
379 NULL,
380 valid_mode,
381 0, sizeof( buf ),
382 NULL, buf ) );
383 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
384 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
385 NULL,
386 valid_mode,
387 0, sizeof( buf ), buf,
388 NULL ) );
Hanno Beckerb06f1932018-12-18 14:04:28 +0000[diff] [blame]389 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
390 mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
391 NULL,
392 valid_mode,
393 MBEDTLS_MD_SHA1,
394 0, NULL,
395 buf ) );
Hanno Becker046d2022018-12-13 18:07:09 +0000[diff] [blame]396
397 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
398 mbedtls_rsa_rsassa_pss_verify( NULL, NULL, NULL,
399 valid_mode,
400 0, sizeof( buf ),
401 buf, buf ) );
402 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
403 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
404 invalid_mode,
405 0, sizeof( buf ),
406 buf, buf ) );
407 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
408 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
409 valid_mode,
410 0, sizeof( buf ),
411 NULL, buf ) );
412 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
413 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
414 valid_mode,
415 0, sizeof( buf ),
416 buf, NULL ) );
Hanno Beckerb06f1932018-12-18 14:04:28 +0000[diff] [blame]417 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
418 mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
419 valid_mode,
420 MBEDTLS_MD_SHA1,
421 0, NULL,
422 buf ) );
Hanno Becker046d2022018-12-13 18:07:09 +0000[diff] [blame]423
424 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
425 mbedtls_rsa_rsassa_pss_verify_ext( NULL, NULL, NULL,
426 valid_mode,
427 0, sizeof( buf ),
428 buf,
429 0, 0,
430 buf ) );
431 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
432 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
433 invalid_mode,
434 0, sizeof( buf ),
435 buf,
436 0, 0,
437 buf ) );
438 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
439 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
440 valid_mode,
441 0, sizeof( buf ),
442 NULL, 0, 0,
443 buf ) );
444 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
445 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
446 valid_mode,
447 0, sizeof( buf ),
448 buf, 0, 0,
449 NULL ) );
Hanno Beckerb06f1932018-12-18 14:04:28 +0000[diff] [blame]450 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
451 mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
452 valid_mode,
453 MBEDTLS_MD_SHA1,
454 0, NULL,
455 0, 0,
456 buf ) );
Hanno Becker046d2022018-12-13 18:07:09 +0000[diff] [blame]457
458 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
459 mbedtls_rsa_copy( NULL, &ctx ) );
460 TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
461 mbedtls_rsa_copy( &ctx, NULL ) );
462
463exit:
464 return;
465}
466/* END_CASE */
467
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]468/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]469void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]470 int digest, int mod, int radix_P, char * input_P,
471 int radix_Q, char * input_Q, int radix_N,
472 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]473 data_t * result_hex_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]474{
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]475 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
476 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]477 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]478 mbedtls_mpi N, P, Q, E;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]479 rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]480
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]481 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
482 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]483 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]484
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]485 memset( hash_result, 0x00, sizeof( hash_result ) );
486 memset( output, 0x00, sizeof( output ) );
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]487 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]488
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]489 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
490 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
491 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
492 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]493
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]494 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
495 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]496 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]497 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]498
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]499
Hanno Beckera5cedbc2019-07-17 11:21:02 +0100[diff] [blame]500 if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE )
501 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]502 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Hanno Beckera5cedbc2019-07-17 11:21:02 +0100[diff] [blame]503 }
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]504
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]505 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_pseudo_rand, &rnd_info,
506 MBEDTLS_RSA_PRIVATE, digest, 0,
507 hash_result, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]508 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]509 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]510
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]511 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]512 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]513
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]514exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]515 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
516 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]517 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]518}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]519/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]520
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]521/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]522void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]523 int digest, int mod, int radix_N,
524 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]525 data_t * result_str, int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]526{
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]527 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]528 mbedtls_rsa_context ctx;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]529
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]530 mbedtls_mpi N, E;
531
532 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]533 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]534 memset( hash_result, 0x00, sizeof( hash_result ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]535
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]536 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
537 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
538 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
539 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]540 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]541
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]542
Hanno Beckera5cedbc2019-07-17 11:21:02 +0100[diff] [blame]543 if( mbedtls_md_info_from_type( digest ) != MBEDTLS_MD_INVALID_HANDLE )
544 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]545 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
Hanno Beckera5cedbc2019-07-17 11:21:02 +0100[diff] [blame]546 }
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]547
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]548 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]549
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]550exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]551 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]552 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]553}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]554/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]555
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]556
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]557/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]558void rsa_pkcs1_sign_raw( data_t * hash_result,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]559 int padding_mode, int mod, int radix_P,
560 char * input_P, int radix_Q, char * input_Q,
561 int radix_N, char * input_N, int radix_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]562 char * input_E, data_t * result_hex_str )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]563{
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]564 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]565 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]566 mbedtls_mpi N, P, Q, E;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]567 rnd_pseudo_info rnd_info;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]568
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]569 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]570 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
571 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]572
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]573 memset( output, 0x00, sizeof( output ) );
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]574 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]575
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]576 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
577 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
578 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
579 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]580
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]581 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
582 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]583 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]584 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]585
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]586
Hanno Becker8fd55482017-08-23 14:07:48 +0100[diff] [blame]587 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_pseudo_rand, &rnd_info,
588 MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_NONE,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]589 hash_result->len, hash_result->x,
590 output ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]591
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]592
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]593 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]594
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]595#if defined(MBEDTLS_PKCS1_V15)
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]596 /* For PKCS#1 v1.5, there is an alternative way to generate signatures */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]597 if( padding_mode == MBEDTLS_RSA_PKCS_V15 )
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]598 {
Manuel Pégourié-Gonnard1ba8a3f2018-03-13 13:27:14 +0100[diff] [blame]599 int res;
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]600 memset( output, 0x00, sizeof( output) );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]601
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]602 res = mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]603 &rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]604 hash_result->len, hash_result->x, output );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]605
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]606#if !defined(MBEDTLS_RSA_ALT)
607 TEST_ASSERT( res == 0 );
608#else
609 TEST_ASSERT( ( res == 0 ) ||
610 ( res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION ) );
611#endif
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]612
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]613 if( res == 0 )
614 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]615 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]616 }
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]617 }
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]618#endif /* MBEDTLS_PKCS1_V15 */
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]619
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]620exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]621 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
622 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
623
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]624 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]625}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]626/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]627
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]628/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]629void rsa_pkcs1_verify_raw( data_t * hash_result,
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]630 int padding_mode, int mod, int radix_N,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]631 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]632 data_t * result_str, int correct )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]633{
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]634 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]635 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]636
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]637 mbedtls_mpi N, E;
638 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
639
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]640 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]641 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]642
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]643 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
644 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]645
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]646 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
647 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]648 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]649
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]650
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]651 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]652
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]653#if defined(MBEDTLS_PKCS1_V15)
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]654 /* For PKCS#1 v1.5, there is an alternative way to verify signatures */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]655 if( padding_mode == MBEDTLS_RSA_PKCS_V15 )
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]656 {
Manuel Pégourié-Gonnard1ba8a3f2018-03-13 13:27:14 +0100[diff] [blame]657 int res;
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]658 int ok;
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]659 size_t olen;
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]660
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]661 res = mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]662 NULL, NULL, MBEDTLS_RSA_PUBLIC,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]663 &olen, result_str->x, output, sizeof( output ) );
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]664
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]665#if !defined(MBEDTLS_RSA_ALT)
666 TEST_ASSERT( res == 0 );
667#else
668 TEST_ASSERT( ( res == 0 ) ||
669 ( res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION ) );
670#endif
671
672 if( res == 0 )
673 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]674 ok = olen == hash_result->len && memcmp( output, hash_result->x, olen ) == 0;
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]675 if( correct == 0 )
676 TEST_ASSERT( ok == 1 );
677 else
678 TEST_ASSERT( ok == 0 );
679 }
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]680 }
Manuel Pégourié-Gonnard43be6cd2017-06-20 09:53:42 +0200[diff] [blame]681#endif /* MBEDTLS_PKCS1_V15 */
Manuel Pégourié-Gonnardfbf09152014-02-03 11:58:55 +0100[diff] [blame]682
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]683exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]684 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]685 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]686}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]687/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]688
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]689/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]690void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]691 int mod, int radix_N, char * input_N,
692 int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]693 data_t * result_hex_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]694{
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]695 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]696 mbedtls_rsa_context ctx;
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]697 rnd_pseudo_info rnd_info;
698
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]699 mbedtls_mpi N, E;
700 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
701
Paul Bakker997bbd12011-03-13 15:45:42 +0000[diff] [blame]702 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]703
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]704 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]705 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]706
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]707 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
708 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]709
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]710 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
711 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]712 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]713
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]714
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]715 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &rnd_pseudo_rand, &rnd_info,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]716 MBEDTLS_RSA_PUBLIC, message_str->len,
717 message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]718 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]719 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]720
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]721 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]722 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]723
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]724exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]725 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]726 mbedtls_rsa_free( &ctx );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]727}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]728/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]729
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]730/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]731void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]732 int mod, int radix_N, char * input_N,
733 int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]734 data_t * result_hex_str, int result )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]735{
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]736 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]737 mbedtls_rsa_context ctx;
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]738
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]739 mbedtls_mpi N, E;
740
741 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]742 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]743 memset( output, 0x00, sizeof( output ) );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]744
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]745 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
746 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]747
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]748 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
749 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]750 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]751
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]752
Hanno Beckerf8b56d42017-10-05 10:16:37 +0100[diff] [blame]753 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &rnd_zero_rand, NULL,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]754 MBEDTLS_RSA_PUBLIC, message_str->len,
755 message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]756 if( result == 0 )
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]757 {
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]758
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]759 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]760 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]761
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]762exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]763 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]764 mbedtls_rsa_free( &ctx );
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]765}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]766/* END_CASE */
Paul Bakkera6656852010-07-18 19:47:14 +0000[diff] [blame]767
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]768/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]769void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode,
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]770 int mod, int radix_P, char * input_P,
771 int radix_Q, char * input_Q, int radix_N,
772 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]773 int max_output, data_t * result_hex_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]774 int result )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]775{
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]776 unsigned char output[32];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]777 mbedtls_rsa_context ctx;
Paul Bakkerf4a3f302011-04-24 15:53:29 +0000[diff] [blame]778 size_t output_len;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]779 rnd_pseudo_info rnd_info;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]780 mbedtls_mpi N, P, Q, E;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]781
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]782 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
783 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
784
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]785 mbedtls_rsa_init( &ctx, padding_mode, 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]786
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]787 memset( output, 0x00, sizeof( output ) );
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]788 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]789
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]790
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]791 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
792 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
793 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
794 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]795
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]796 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
797 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]798 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]799 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]800
Paul Bakker69998dd2009-07-11 19:15:20 +0000[diff] [blame]801 output_len = 0;
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]802
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]803 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE, &output_len, message_str->x, output, max_output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]804 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]805 {
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]806
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]807 TEST_ASSERT( hexcmp( output, result_hex_str->x, output_len, result_hex_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]808 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]809
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]810exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]811 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
812 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]813 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]814}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]815/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]816
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]817/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]818void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]819 char * input_N, int radix_E, char * input_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]820 data_t * result_hex_str, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]821{
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]822 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]823 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]824
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]825 mbedtls_mpi N, E;
826
827 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]828 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
829 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]830 memset( output, 0x00, sizeof( output ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]831
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]832 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
833 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]834
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]835 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
836 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]837 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]838
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]839
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]840 TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str->x, output ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]841 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]842 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]843
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]844 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]845 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]846
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]847 /* And now with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]848 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]849 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]850 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]851
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]852 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]853
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]854 memset( output, 0x00, sizeof( output ) );
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]855 TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str->x, output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]856 if( result == 0 )
857 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]858
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]859 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]860 }
861
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]862exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]863 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]864 mbedtls_rsa_free( &ctx );
865 mbedtls_rsa_free( &ctx2 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]866}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]867/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]868
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]869/* BEGIN_CASE */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]870void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]871 char * input_P, int radix_Q, char * input_Q,
872 int radix_N, char * input_N, int radix_E,
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]873 char * input_E, data_t * result_hex_str,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]874 int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]875{
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]876 unsigned char output[256];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]877 mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]878 mbedtls_mpi N, P, Q, E;
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]879 rnd_pseudo_info rnd_info;
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]880 int i;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]881
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]882 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
883 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]884 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
885 mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]886
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]887 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]888
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]889 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
890 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
891 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
892 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]893
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]894 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
895 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]896 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]897 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]898
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]899
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]900 /* repeat three times to test updating of blinding values */
901 for( i = 0; i < 3; i++ )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]902 {
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]903 memset( output, 0x00, sizeof( output ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]904 TEST_ASSERT( mbedtls_rsa_private( &ctx, rnd_pseudo_rand, &rnd_info,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]905 message_str->x, output ) == result );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]906 if( result == 0 )
907 {
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]908
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]909 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx.len, result_hex_str->len ) == 0 );
Manuel Pégourié-Gonnard735b8fc2013-09-13 12:57:23 +0200[diff] [blame]910 }
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]911 }
Paul Bakker6c591fa2011-05-05 11:49:20 +0000[diff] [blame]912
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]913 /* And now one more time with the copy */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]914 TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]915 /* clear the original to be sure */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]916 mbedtls_rsa_free( &ctx );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]917
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]918 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]919
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]920 memset( output, 0x00, sizeof( output ) );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]921 TEST_ASSERT( mbedtls_rsa_private( &ctx2, rnd_pseudo_rand, &rnd_info,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]922 message_str->x, output ) == result );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]923 if( result == 0 )
924 {
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]925
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]926 TEST_ASSERT( hexcmp( output, result_hex_str->x, ctx2.len, result_hex_str->len ) == 0 );
Manuel Pégourié-Gonnardc4919bc2014-02-03 11:16:44 +0100[diff] [blame]927 }
928
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]929exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]930 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
931 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
932
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]933 mbedtls_rsa_free( &ctx ); mbedtls_rsa_free( &ctx2 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]934}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]935/* END_CASE */
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]936
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]937/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]938void rsa_check_privkey_null( )
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]939{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]940 mbedtls_rsa_context ctx;
941 memset( &ctx, 0x00, sizeof( mbedtls_rsa_context ) );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]942
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]943 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]944}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]945/* END_CASE */
Paul Bakker37940d9f2009-07-10 22:38:58 +0000[diff] [blame]946
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]947/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]948void mbedtls_rsa_check_pubkey( int radix_N, char * input_N, int radix_E,
949 char * input_E, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]950{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]951 mbedtls_rsa_context ctx;
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]952 mbedtls_mpi N, E;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]953
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]954 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]955 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]956
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]957 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]958 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]959 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]960 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]961 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]962 {
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]963 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]964 }
965
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]966 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]967 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]968
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]969exit:
Hanno Beckerceb7a9d2017-08-23 08:33:08 +0100[diff] [blame]970 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]971 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]972}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]973/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]974
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]975/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]976void mbedtls_rsa_check_privkey( int mod, int radix_P, char * input_P,
977 int radix_Q, char * input_Q, int radix_N,
978 char * input_N, int radix_E, char * input_E,
979 int radix_D, char * input_D, int radix_DP,
980 char * input_DP, int radix_DQ,
981 char * input_DQ, int radix_QP,
982 char * input_QP, int result )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]983{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]984 mbedtls_rsa_context ctx;
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]985
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]986 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]987
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]988 ctx.len = mod / 8;
989 if( strlen( input_P ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]990 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]991 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]992 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]993 if( strlen( input_Q ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]994 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]995 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]996 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]997 if( strlen( input_N ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]998 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]999 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1000 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1001 if( strlen( input_E ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1002 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1003 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1004 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1005 if( strlen( input_D ) )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1006 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1007 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.D, radix_D, input_D ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1008 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1009#if !defined(MBEDTLS_RSA_NO_CRT)
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1010 if( strlen( input_DP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1011 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1012 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DP, radix_DP, input_DP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1013 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1014 if( strlen( input_DQ ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1015 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1016 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1017 }
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1018 if( strlen( input_QP ) )
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1019 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1020 TEST_ASSERT( mbedtls_mpi_read_string( &ctx.QP, radix_QP, input_QP ) == 0 );
Paul Bakker31417a72012-09-27 20:41:37 +0000[diff] [blame]1021 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1022#else
1023 ((void) radix_DP); ((void) input_DP);
1024 ((void) radix_DQ); ((void) input_DQ);
1025 ((void) radix_QP); ((void) input_QP);
1026#endif
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1027
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1028 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == result );
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1029
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1030exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1031 mbedtls_rsa_free( &ctx );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1032}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1033/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1034
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1035/* BEGIN_CASE */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1036void rsa_check_pubpriv( int mod, int radix_Npub, char * input_Npub,
1037 int radix_Epub, char * input_Epub, int radix_P,
1038 char * input_P, int radix_Q, char * input_Q,
1039 int radix_N, char * input_N, int radix_E,
1040 char * input_E, int radix_D, char * input_D,
1041 int radix_DP, char * input_DP, int radix_DQ,
1042 char * input_DQ, int radix_QP, char * input_QP,
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1043 int result )
1044{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1045 mbedtls_rsa_context pub, prv;
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1046
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1047 mbedtls_rsa_init( &pub, MBEDTLS_RSA_PKCS_V15, 0 );
1048 mbedtls_rsa_init( &prv, MBEDTLS_RSA_PKCS_V15, 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1049
1050 pub.len = mod / 8;
1051 prv.len = mod / 8;
1052
1053 if( strlen( input_Npub ) )
1054 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1055 TEST_ASSERT( mbedtls_mpi_read_string( &pub.N, radix_Npub, input_Npub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1056 }
1057 if( strlen( input_Epub ) )
1058 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1059 TEST_ASSERT( mbedtls_mpi_read_string( &pub.E, radix_Epub, input_Epub ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1060 }
1061
1062 if( strlen( input_P ) )
1063 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1064 TEST_ASSERT( mbedtls_mpi_read_string( &prv.P, radix_P, input_P ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1065 }
1066 if( strlen( input_Q ) )
1067 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1068 TEST_ASSERT( mbedtls_mpi_read_string( &prv.Q, radix_Q, input_Q ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1069 }
1070 if( strlen( input_N ) )
1071 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1072 TEST_ASSERT( mbedtls_mpi_read_string( &prv.N, radix_N, input_N ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1073 }
1074 if( strlen( input_E ) )
1075 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1076 TEST_ASSERT( mbedtls_mpi_read_string( &prv.E, radix_E, input_E ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1077 }
1078 if( strlen( input_D ) )
1079 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1080 TEST_ASSERT( mbedtls_mpi_read_string( &prv.D, radix_D, input_D ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1081 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1082#if !defined(MBEDTLS_RSA_NO_CRT)
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1083 if( strlen( input_DP ) )
1084 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1085 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DP, radix_DP, input_DP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1086 }
1087 if( strlen( input_DQ ) )
1088 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1089 TEST_ASSERT( mbedtls_mpi_read_string( &prv.DQ, radix_DQ, input_DQ ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1090 }
1091 if( strlen( input_QP ) )
1092 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1093 TEST_ASSERT( mbedtls_mpi_read_string( &prv.QP, radix_QP, input_QP ) == 0 );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1094 }
Hanno Becker131134f2017-08-23 08:31:07 +0100[diff] [blame]1095#else
1096 ((void) radix_DP); ((void) input_DP);
1097 ((void) radix_DQ); ((void) input_DQ);
1098 ((void) radix_QP); ((void) input_QP);
1099#endif
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1100
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1101 TEST_ASSERT( mbedtls_rsa_check_pub_priv( &pub, &prv ) == result );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1102
1103exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1104 mbedtls_rsa_free( &pub );
1105 mbedtls_rsa_free( &prv );
Manuel Pégourié-Gonnard2f8d1f92014-11-06 14:02:51 +0100[diff] [blame]1106}
1107/* END_CASE */
1108
Hanno Beckerd4a872e2017-09-07 08:09:33 +0100[diff] [blame]1109/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1110void mbedtls_rsa_gen_key( int nrbits, int exponent, int result)
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1111{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1112 mbedtls_rsa_context ctx;
1113 mbedtls_entropy_context entropy;
1114 mbedtls_ctr_drbg_context ctr_drbg;
Paul Bakkeref3f8c72013-06-24 13:01:08 +0200[diff] [blame]1115 const char *pers = "test_suite_rsa";
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1116
Manuel Pégourié-Gonnard8d128ef2015-04-28 22:38:08 +0200[diff] [blame]1117 mbedtls_ctr_drbg_init( &ctr_drbg );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1118 mbedtls_entropy_init( &entropy );
Hanno Becker7e8e57c2017-07-23 10:19:29 +0100[diff] [blame]1119 mbedtls_rsa_init ( &ctx, 0, 0 );
Paul Bakkerc0a1a312011-12-04 17:12:15 +0000[diff] [blame]1120
Hanno Beckera47023e2017-12-22 17:08:03 +0000[diff] [blame]1121 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1122 &entropy, (const unsigned char *) pers,
1123 strlen( pers ) ) == 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1124
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1125 TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result );
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1126 if( result == 0 )
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1127 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1128 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
Janos Follathef441782016-09-21 13:18:12 +0100[diff] [blame]1129 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &ctx.Q ) > 0 );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1130 }
Paul Bakker58ef6ec2013-01-03 11:33:48 +0100[diff] [blame]1131
Paul Bakkerbd51b262014-07-10 15:26:12 +0200[diff] [blame]1132exit:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1133 mbedtls_rsa_free( &ctx );
1134 mbedtls_ctr_drbg_free( &ctr_drbg );
1135 mbedtls_entropy_free( &entropy );
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1136}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1137/* END_CASE */
Paul Bakker821fb082009-07-12 13:26:42 +0000[diff] [blame]1138
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1139/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Hanno Becker0f65e0c2017-10-03 14:39:16 +0100[diff] [blame]1140void mbedtls_rsa_deduce_primes( int radix_N, char *input_N,
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1141 int radix_D, char *input_D,
1142 int radix_E, char *input_E,
1143 int radix_P, char *output_P,
1144 int radix_Q, char *output_Q,
1145 int corrupt, int result )
1146{
1147 mbedtls_mpi N, P, Pp, Q, Qp, D, E;
1148
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1149 mbedtls_mpi_init( &N );
1150 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1151 mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp );
1152 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1153
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1154 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1155 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1156 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1157 TEST_ASSERT( mbedtls_mpi_read_string( &Qp, radix_P, output_P ) == 0 );
1158 TEST_ASSERT( mbedtls_mpi_read_string( &Pp, radix_Q, output_Q ) == 0 );
1159
1160 if( corrupt )
1161 TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 );
1162
1163 /* Try to deduce P, Q from N, D, E only. */
Hanno Beckerf9e184b2017-10-10 16:49:26 +0100[diff] [blame]1164 TEST_ASSERT( mbedtls_rsa_deduce_primes( &N, &D, &E, &P, &Q ) == result );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1165
1166 if( !corrupt )
1167 {
1168 /* Check if (P,Q) = (Pp, Qp) or (P,Q) = (Qp, Pp) */
1169 TEST_ASSERT( ( mbedtls_mpi_cmp_mpi( &P, &Pp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Qp ) == 0 ) ||
1170 ( mbedtls_mpi_cmp_mpi( &P, &Qp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Pp ) == 0 ) );
1171 }
1172
1173exit:
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1174 mbedtls_mpi_free( &N );
1175 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1176 mbedtls_mpi_free( &Pp ); mbedtls_mpi_free( &Qp );
1177 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
Hanno Beckere78fd8d2017-08-23 11:00:44 +0100[diff] [blame]1178}
1179/* END_CASE */
1180
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1181/* BEGIN_CASE */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1182void mbedtls_rsa_deduce_private_exponent( int radix_P, char *input_P,
1183 int radix_Q, char *input_Q,
1184 int radix_E, char *input_E,
1185 int radix_D, char *output_D,
1186 int corrupt, int result )
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1187{
1188 mbedtls_mpi P, Q, D, Dp, E, R, Rp;
1189
1190 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1191 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &Dp );
1192 mbedtls_mpi_init( &E );
1193 mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp );
1194
1195 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1196 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1197 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1198 TEST_ASSERT( mbedtls_mpi_read_string( &Dp, radix_D, output_D ) == 0 );
1199
1200 if( corrupt )
1201 {
1202 /* Make E even */
1203 TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 0 ) == 0 );
1204 }
1205
1206 /* Try to deduce D from N, P, Q, E. */
Hanno Becker8ba6ce42017-10-03 14:36:26 +0100[diff] [blame]1207 TEST_ASSERT( mbedtls_rsa_deduce_private_exponent( &P, &Q,
1208 &E, &D ) == result );
Hanno Becker6b4ce492017-08-23 11:00:21 +0100[diff] [blame]1209
1210 if( !corrupt )
1211 {
1212 /*
1213 * Check that D and Dp agree modulo LCM(P-1, Q-1).
1214 */
1215
1216 /* Replace P,Q by P-1, Q-1 */
1217 TEST_ASSERT( mbedtls_mpi_sub_int( &P, &P, 1 ) == 0 );
1218 TEST_ASSERT( mbedtls_mpi_sub_int( &Q, &Q, 1 ) == 0 );
1219
1220 /* Check D == Dp modulo P-1 */
1221 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &P ) == 0 );
1222 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &P ) == 0 );
1223 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1224
1225 /* Check D == Dp modulo Q-1 */
1226 TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &Q ) == 0 );
1227 TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &Q ) == 0 );
1228 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
1229 }
1230
1231exit:
1232
1233 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1234 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &Dp );
1235 mbedtls_mpi_free( &E );
1236 mbedtls_mpi_free( &R ); mbedtls_mpi_free( &Rp );
1237}
1238/* END_CASE */
1239
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1240/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1241void mbedtls_rsa_import( int radix_N, char *input_N,
1242 int radix_P, char *input_P,
1243 int radix_Q, char *input_Q,
1244 int radix_D, char *input_D,
1245 int radix_E, char *input_E,
1246 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1247 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1248 int res_check,
1249 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1250{
1251 mbedtls_mpi N, P, Q, D, E;
1252 mbedtls_rsa_context ctx;
1253
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1254 /* Buffers used for encryption-decryption test */
1255 unsigned char *buf_orig = NULL;
1256 unsigned char *buf_enc = NULL;
1257 unsigned char *buf_dec = NULL;
1258
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1259 mbedtls_entropy_context entropy;
1260 mbedtls_ctr_drbg_context ctr_drbg;
1261 const char *pers = "test_suite_rsa";
1262
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1263 const int have_N = ( strlen( input_N ) > 0 );
1264 const int have_P = ( strlen( input_P ) > 0 );
1265 const int have_Q = ( strlen( input_Q ) > 0 );
1266 const int have_D = ( strlen( input_D ) > 0 );
1267 const int have_E = ( strlen( input_E ) > 0 );
1268
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1269 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1270 mbedtls_entropy_init( &entropy );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1271 mbedtls_rsa_init( &ctx, 0, 0 );
1272
1273 mbedtls_mpi_init( &N );
1274 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1275 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1276
Hanno Beckerd4d60572018-01-10 07:12:01 +0000[diff] [blame]1277 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
1278 (const unsigned char *) pers, strlen( pers ) ) == 0 );
1279
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1280 if( have_N )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1281 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1282
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1283 if( have_P )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1284 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1285
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1286 if( have_Q )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1287 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1288
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1289 if( have_D )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1290 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1291
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1292 if( have_E )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1293 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1294
1295 if( !successive )
1296 {
1297 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1298 have_N ? &N : NULL,
1299 have_P ? &P : NULL,
1300 have_Q ? &Q : NULL,
1301 have_D ? &D : NULL,
1302 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1303 }
1304 else
1305 {
1306 /* Import N, P, Q, D, E separately.
1307 * This should make no functional difference. */
1308
1309 TEST_ASSERT( mbedtls_rsa_import( &ctx,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1310 have_N ? &N : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1311 NULL, NULL, NULL, NULL ) == 0 );
1312
1313 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1314 NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1315 have_P ? &P : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1316 NULL, NULL, NULL ) == 0 );
1317
1318 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1319 NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1320 have_Q ? &Q : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1321 NULL, NULL ) == 0 );
1322
1323 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1324 NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1325 have_D ? &D : NULL,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1326 NULL ) == 0 );
1327
1328 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1329 NULL, NULL, NULL, NULL,
Hanno Becker4d6e8342017-09-29 11:50:18 +0100[diff] [blame]1330 have_E ? &E : NULL ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1331 }
1332
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1333 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1334
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1335 /* On expected success, perform some public and private
1336 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1337 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1338 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1339 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1340 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1341 else
1342 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1343
1344 if( res_check != 0 )
1345 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1346
1347 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1348 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1349 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1350 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1351 goto exit;
1352
1353 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1354 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1355
1356 /* Make sure the number we're generating is smaller than the modulus */
1357 buf_orig[0] = 0x00;
1358
1359 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1360
1361 if( is_priv )
1362 {
1363 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1364 &ctr_drbg, buf_enc,
1365 buf_dec ) == 0 );
1366
1367 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1368 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1369 }
1370 }
1371
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1372exit:
1373
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1374 mbedtls_free( buf_orig );
1375 mbedtls_free( buf_enc );
1376 mbedtls_free( buf_dec );
1377
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1378 mbedtls_rsa_free( &ctx );
1379
1380 mbedtls_ctr_drbg_free( &ctr_drbg );
1381 mbedtls_entropy_free( &entropy );
1382
1383 mbedtls_mpi_free( &N );
1384 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1385 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1386}
1387/* END_CASE */
1388
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1389/* BEGIN_CASE */
1390void mbedtls_rsa_export( int radix_N, char *input_N,
1391 int radix_P, char *input_P,
1392 int radix_Q, char *input_Q,
1393 int radix_D, char *input_D,
1394 int radix_E, char *input_E,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1395 int is_priv,
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1396 int successive )
1397{
1398 /* Original MPI's with which we set up the RSA context */
1399 mbedtls_mpi N, P, Q, D, E;
1400
1401 /* Exported MPI's */
1402 mbedtls_mpi Ne, Pe, Qe, De, Ee;
1403
1404 const int have_N = ( strlen( input_N ) > 0 );
1405 const int have_P = ( strlen( input_P ) > 0 );
1406 const int have_Q = ( strlen( input_Q ) > 0 );
1407 const int have_D = ( strlen( input_D ) > 0 );
1408 const int have_E = ( strlen( input_E ) > 0 );
1409
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1410 mbedtls_rsa_context ctx;
1411
1412 mbedtls_rsa_init( &ctx, 0, 0 );
1413
1414 mbedtls_mpi_init( &N );
1415 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1416 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1417
1418 mbedtls_mpi_init( &Ne );
1419 mbedtls_mpi_init( &Pe ); mbedtls_mpi_init( &Qe );
1420 mbedtls_mpi_init( &De ); mbedtls_mpi_init( &Ee );
1421
1422 /* Setup RSA context */
1423
1424 if( have_N )
1425 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1426
1427 if( have_P )
1428 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1429
1430 if( have_Q )
1431 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1432
1433 if( have_D )
1434 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1435
1436 if( have_E )
1437 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1438
1439 TEST_ASSERT( mbedtls_rsa_import( &ctx,
1440 strlen( input_N ) ? &N : NULL,
1441 strlen( input_P ) ? &P : NULL,
1442 strlen( input_Q ) ? &Q : NULL,
1443 strlen( input_D ) ? &D : NULL,
1444 strlen( input_E ) ? &E : NULL ) == 0 );
1445
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1446 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1447
1448 /*
1449 * Export parameters and compare to original ones.
1450 */
1451
1452 /* N and E must always be present. */
1453 if( !successive )
1454 {
1455 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, &Ee ) == 0 );
1456 }
1457 else
1458 {
1459 TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, NULL ) == 0 );
1460 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL, NULL, &Ee ) == 0 );
1461 }
1462 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &Ne ) == 0 );
1463 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &E, &Ee ) == 0 );
1464
1465 /* If we were providing enough information to setup a complete private context,
1466 * we expect to be able to export all core parameters. */
1467
1468 if( is_priv )
1469 {
1470 if( !successive )
1471 {
1472 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, &Qe,
1473 &De, NULL ) == 0 );
1474 }
1475 else
1476 {
1477 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, NULL,
1478 NULL, NULL ) == 0 );
1479 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, &Qe,
1480 NULL, NULL ) == 0 );
1481 TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL,
1482 &De, NULL ) == 0 );
1483 }
1484
1485 if( have_P )
1486 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P, &Pe ) == 0 );
1487
1488 if( have_Q )
1489 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &Qe ) == 0 );
1490
1491 if( have_D )
1492 TEST_ASSERT( mbedtls_mpi_cmp_mpi( &D, &De ) == 0 );
1493
1494 /* While at it, perform a sanity check */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1495 TEST_ASSERT( mbedtls_rsa_validate_params( &Ne, &Pe, &Qe, &De, &Ee,
1496 NULL, NULL ) == 0 );
Hanno Becker417f2d62017-08-23 11:44:51 +0100[diff] [blame]1497 }
1498
1499exit:
1500
1501 mbedtls_rsa_free( &ctx );
1502
1503 mbedtls_mpi_free( &N );
1504 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1505 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1506
1507 mbedtls_mpi_free( &Ne );
1508 mbedtls_mpi_free( &Pe ); mbedtls_mpi_free( &Qe );
1509 mbedtls_mpi_free( &De ); mbedtls_mpi_free( &Ee );
1510}
1511/* END_CASE */
1512
Hanno Beckerdf9633b2019-08-26 13:24:31 +0100[diff] [blame]1513/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1514void mbedtls_rsa_validate_params( int radix_N, char *input_N,
1515 int radix_P, char *input_P,
1516 int radix_Q, char *input_Q,
1517 int radix_D, char *input_D,
1518 int radix_E, char *input_E,
1519 int prng, int result )
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1520{
1521 /* Original MPI's with which we set up the RSA context */
1522 mbedtls_mpi N, P, Q, D, E;
1523
1524 const int have_N = ( strlen( input_N ) > 0 );
1525 const int have_P = ( strlen( input_P ) > 0 );
1526 const int have_Q = ( strlen( input_Q ) > 0 );
1527 const int have_D = ( strlen( input_D ) > 0 );
1528 const int have_E = ( strlen( input_E ) > 0 );
1529
1530 mbedtls_entropy_context entropy;
1531 mbedtls_ctr_drbg_context ctr_drbg;
1532 const char *pers = "test_suite_rsa";
1533
1534 mbedtls_mpi_init( &N );
1535 mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
1536 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
1537
1538 mbedtls_ctr_drbg_init( &ctr_drbg );
1539 mbedtls_entropy_init( &entropy );
1540 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1541 &entropy, (const unsigned char *) pers,
1542 strlen( pers ) ) == 0 );
1543
1544 if( have_N )
1545 TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
1546
1547 if( have_P )
1548 TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
1549
1550 if( have_Q )
1551 TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
1552
1553 if( have_D )
1554 TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
1555
1556 if( have_E )
1557 TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
1558
Hanno Becker750e8b42017-08-25 07:54:27 +0100[diff] [blame]1559 TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL,
1560 have_P ? &P : NULL,
1561 have_Q ? &Q : NULL,
1562 have_D ? &D : NULL,
1563 have_E ? &E : NULL,
1564 prng ? mbedtls_ctr_drbg_random : NULL,
1565 prng ? &ctr_drbg : NULL ) == result );
Hanno Beckerce002632017-08-23 13:22:36 +0100[diff] [blame]1566exit:
1567
1568 mbedtls_ctr_drbg_free( &ctr_drbg );
1569 mbedtls_entropy_free( &entropy );
1570
1571 mbedtls_mpi_free( &N );
1572 mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
1573 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
1574}
1575/* END_CASE */
1576
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1577/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1578void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P,
1579 data_t *input_Q, data_t *input_D,
1580 data_t *input_E, int is_priv,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1581 int successive )
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1582{
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1583 /* Exported buffers */
Ron Eldore4c5fa72018-11-22 15:47:51 +0200[diff] [blame]1584 unsigned char bufNe[256];
1585 unsigned char bufPe[128];
1586 unsigned char bufQe[128];
1587 unsigned char bufDe[256];
1588 unsigned char bufEe[1];
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1589
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1590 mbedtls_rsa_context ctx;
1591
1592 mbedtls_rsa_init( &ctx, 0, 0 );
1593
1594 /* Setup RSA context */
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1595 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1596 input_N->len ? input_N->x : NULL, input_N->len,
1597 input_P->len ? input_P->x : NULL, input_P->len,
1598 input_Q->len ? input_Q->x : NULL, input_Q->len,
1599 input_D->len ? input_D->x : NULL, input_D->len,
1600 input_E->len ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1601
Hanno Becker7f25f852017-10-10 16:56:22 +0100[diff] [blame]1602 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1603
1604 /*
1605 * Export parameters and compare to original ones.
1606 */
1607
1608 /* N and E must always be present. */
1609 if( !successive )
1610 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1611 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1612 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1613 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1614 }
1615 else
1616 {
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1617 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1618 NULL, 0, NULL, 0, NULL, 0,
1619 NULL, 0 ) == 0 );
1620 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
1621 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1622 bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1623 }
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1624 TEST_ASSERT( memcmp( input_N->x, bufNe, input_N->len ) == 0 );
1625 TEST_ASSERT( memcmp( input_E->x, bufEe, input_E->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1626
1627 /* If we were providing enough information to setup a complete private context,
1628 * we expect to be able to export all core parameters. */
1629
1630 if( is_priv )
1631 {
1632 if( !successive )
1633 {
1634 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1635 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
1636 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
1637 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1638 NULL, 0 ) == 0 );
1639 }
1640 else
1641 {
1642 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1643 bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1644 NULL, 0, NULL, 0,
1645 NULL, 0 ) == 0 );
1646
1647 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1648 bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1649 NULL, 0, NULL, 0 ) == 0 );
1650
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1651 TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0, NULL, 0,
1652 bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1653 NULL, 0 ) == 0 );
1654 }
1655
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1656 if( input_P->len )
1657 TEST_ASSERT( memcmp( input_P->x, bufPe, input_P->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1658
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1659 if( input_Q->len )
1660 TEST_ASSERT( memcmp( input_Q->x, bufQe, input_Q->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1661
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1662 if( input_D->len )
1663 TEST_ASSERT( memcmp( input_D->x, bufDe, input_D->len ) == 0 );
Hanno Beckerf1b9a2c2017-08-23 11:49:22 +0100[diff] [blame]1664
1665 }
1666
1667exit:
1668 mbedtls_rsa_free( &ctx );
1669}
1670/* END_CASE */
1671
Hanno Beckerf40cdf92017-12-22 11:03:27 +0000[diff] [blame]1672/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
Azim Khan5fcca462018-06-29 11:05:32 +0100[diff] [blame]1673void mbedtls_rsa_import_raw( data_t *input_N,
1674 data_t *input_P, data_t *input_Q,
1675 data_t *input_D, data_t *input_E,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1676 int successive,
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1677 int is_priv,
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1678 int res_check,
1679 int res_complete )
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1680{
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1681 /* Buffers used for encryption-decryption test */
1682 unsigned char *buf_orig = NULL;
1683 unsigned char *buf_enc = NULL;
1684 unsigned char *buf_dec = NULL;
1685
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1686 mbedtls_rsa_context ctx;
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1687 mbedtls_entropy_context entropy;
1688 mbedtls_ctr_drbg_context ctr_drbg;
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1689
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1690 const char *pers = "test_suite_rsa";
1691
1692 mbedtls_ctr_drbg_init( &ctr_drbg );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1693 mbedtls_entropy_init( &entropy );
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1694 mbedtls_rsa_init( &ctx, 0, 0 );
1695
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1696 TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
1697 &entropy, (const unsigned char *) pers,
1698 strlen( pers ) ) == 0 );
1699
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1700 if( !successive )
1701 {
1702 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1703 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
1704 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
1705 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
1706 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
1707 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1708 }
1709 else
1710 {
1711 /* Import N, P, Q, D, E separately.
1712 * This should make no functional difference. */
1713
1714 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1715 ( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1716 NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1717
1718 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1719 NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1720 ( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1721 NULL, 0, NULL, 0, NULL, 0 ) == 0 );
1722
1723 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1724 NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1725 ( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1726 NULL, 0, NULL, 0 ) == 0 );
1727
1728 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1729 NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1730 ( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1731 NULL, 0 ) == 0 );
1732
1733 TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
1734 NULL, 0, NULL, 0, NULL, 0, NULL, 0,
Azim Khand30ca132017-06-09 04:32:58 +0100[diff] [blame]1735 ( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1736 }
1737
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1738 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1739
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1740 /* On expected success, perform some public and private
1741 * key operations to check if the key is working properly. */
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1742 if( res_complete == 0 )
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1743 {
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1744 if( is_priv )
Hanno Becker04877a42017-10-11 10:01:33 +0100[diff] [blame]1745 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
1746 else
1747 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
1748
1749 if( res_check != 0 )
1750 goto exit;
Hanno Beckere1582a82017-09-29 11:51:05 +0100[diff] [blame]1751
1752 buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1753 buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1754 buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
1755 if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
1756 goto exit;
1757
1758 TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
1759 buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
1760
1761 /* Make sure the number we're generating is smaller than the modulus */
1762 buf_orig[0] = 0x00;
1763
1764 TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
1765
1766 if( is_priv )
1767 {
1768 TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
1769 &ctr_drbg, buf_enc,
1770 buf_dec ) == 0 );
1771
1772 TEST_ASSERT( memcmp( buf_orig, buf_dec,
1773 mbedtls_rsa_get_len( &ctx ) ) == 0 );
1774 }
1775 }
1776
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1777exit:
1778
Hanno Becker3f3ae852017-10-02 10:08:39 +0100[diff] [blame]1779 mbedtls_free( buf_orig );
1780 mbedtls_free( buf_enc );
1781 mbedtls_free( buf_dec );
1782
Hanno Beckerc77ab892017-08-23 11:01:06 +0100[diff] [blame]1783 mbedtls_rsa_free( &ctx );
1784
1785 mbedtls_ctr_drbg_free( &ctr_drbg );
1786 mbedtls_entropy_free( &entropy );
1787
1788}
1789/* END_CASE */
1790
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1791/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
Azim Khanf1aaec92017-05-30 14:23:15 +0100[diff] [blame]1792void rsa_selftest( )
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1793{
Andres AG93012e82016-09-09 09:10:28 +0100[diff] [blame]1794 TEST_ASSERT( mbedtls_rsa_self_test( 1 ) == 0 );
Paul Bakker42a29bf2009-07-07 20:18:41 +0000[diff] [blame]1795}
Paul Bakker33b43f12013-08-20 11:48:36 +0200[diff] [blame]1796/* END_CASE */