2013-08-20 11:48:36 +02:00
|
|
|
/* BEGIN_HEADER */
|
2015-03-09 18:05:11 +01:00
|
|
|
#include "mbedtls/rsa.h"
|
2017-10-11 12:00:19 +02:00
|
|
|
#include "mbedtls/rsa_internal.h"
|
2015-03-09 18:05:11 +01:00
|
|
|
#include "mbedtls/md2.h"
|
|
|
|
#include "mbedtls/md4.h"
|
|
|
|
#include "mbedtls/md5.h"
|
|
|
|
#include "mbedtls/sha1.h"
|
|
|
|
#include "mbedtls/sha256.h"
|
|
|
|
#include "mbedtls/sha512.h"
|
|
|
|
#include "mbedtls/entropy.h"
|
|
|
|
#include "mbedtls/ctr_drbg.h"
|
2017-07-24 13:27:09 +02:00
|
|
|
|
2013-08-20 11:48:36 +02:00
|
|
|
/* END_HEADER */
|
|
|
|
|
|
|
|
/* BEGIN_DEPENDENCIES
|
2015-04-08 12:49:31 +02:00
|
|
|
* depends_on:MBEDTLS_RSA_C:MBEDTLS_BIGNUM_C:MBEDTLS_GENPRIME
|
2013-08-20 11:48:36 +02:00
|
|
|
* END_DEPENDENCIES
|
|
|
|
*/
|
|
|
|
|
2018-12-13 19:07:09 +01:00
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_CHECK_PARAMS:!MBEDTLS_PARAM_FAILED_ALT */
|
|
|
|
void rsa_invalid_param( )
|
|
|
|
{
|
|
|
|
mbedtls_rsa_context ctx;
|
|
|
|
const int valid_padding = MBEDTLS_RSA_PKCS_V21;
|
|
|
|
const int invalid_padding = 42;
|
|
|
|
const int valid_mode = MBEDTLS_RSA_PRIVATE;
|
|
|
|
const int invalid_mode = 42;
|
|
|
|
unsigned char buf[42] = { 0 };
|
|
|
|
size_t olen;
|
|
|
|
|
2018-12-18 14:30:20 +01:00
|
|
|
TEST_INVALID_PARAM( mbedtls_rsa_init( NULL, valid_padding, 0 ) );
|
|
|
|
TEST_INVALID_PARAM( mbedtls_rsa_init( &ctx, invalid_padding, 0 ) );
|
2018-12-13 19:07:09 +01:00
|
|
|
TEST_VALID_PARAM( mbedtls_rsa_free( NULL ) );
|
|
|
|
|
|
|
|
/* No more variants because only the first argument must be non-NULL. */
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_import( NULL, NULL, NULL,
|
|
|
|
NULL, NULL, NULL ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_import_raw( NULL,
|
|
|
|
NULL, 0,
|
|
|
|
NULL, 0,
|
|
|
|
NULL, 0,
|
|
|
|
NULL, 0,
|
|
|
|
NULL, 0 ) );
|
|
|
|
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_complete( NULL ) );
|
|
|
|
|
|
|
|
/* No more variants because only the first argument must be non-NULL. */
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_export( NULL, NULL, NULL,
|
|
|
|
NULL, NULL, NULL ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_export_raw( NULL,
|
|
|
|
NULL, 0,
|
|
|
|
NULL, 0,
|
|
|
|
NULL, 0,
|
|
|
|
NULL, 0,
|
|
|
|
NULL, 0 ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_export_crt( NULL, NULL, NULL, NULL ) );
|
|
|
|
|
|
|
|
TEST_INVALID_PARAM( mbedtls_rsa_set_padding( NULL,
|
|
|
|
valid_padding, 0 ) );
|
|
|
|
TEST_INVALID_PARAM( mbedtls_rsa_set_padding( &ctx,
|
|
|
|
invalid_padding, 0 ) );
|
|
|
|
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
2018-12-18 14:30:42 +01:00
|
|
|
mbedtls_rsa_gen_key( NULL, rnd_std_rand,
|
|
|
|
NULL, 0, 0 ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_gen_key( &ctx, NULL,
|
|
|
|
NULL, 0, 0 ) );
|
2018-12-13 19:07:09 +01:00
|
|
|
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_check_pubkey( NULL ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_check_privkey( NULL ) );
|
|
|
|
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_check_pub_priv( NULL, &ctx ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_check_pub_priv( &ctx, NULL ) );
|
|
|
|
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_public( NULL, buf, buf ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_public( &ctx, NULL, buf ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_public( &ctx, buf, NULL ) );
|
|
|
|
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_private( NULL, NULL, NULL,
|
|
|
|
buf, buf ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_private( &ctx, NULL, NULL,
|
|
|
|
NULL, buf ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_private( &ctx, NULL, NULL,
|
|
|
|
buf, NULL ) );
|
|
|
|
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_pkcs1_encrypt( NULL, NULL, NULL,
|
|
|
|
valid_mode,
|
|
|
|
sizeof( buf ), buf,
|
|
|
|
buf ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
|
|
|
|
invalid_mode,
|
|
|
|
sizeof( buf ), buf,
|
|
|
|
buf ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
|
|
|
|
valid_mode,
|
|
|
|
sizeof( buf ), NULL,
|
|
|
|
buf ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL,
|
|
|
|
valid_mode,
|
|
|
|
sizeof( buf ), buf,
|
|
|
|
NULL ) );
|
|
|
|
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsaes_pkcs1_v15_encrypt( NULL, NULL,
|
|
|
|
NULL,
|
|
|
|
valid_mode,
|
|
|
|
sizeof( buf ), buf,
|
|
|
|
buf ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
|
|
|
|
NULL,
|
|
|
|
invalid_mode,
|
|
|
|
sizeof( buf ), buf,
|
|
|
|
buf ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
|
|
|
|
NULL,
|
|
|
|
valid_mode,
|
|
|
|
sizeof( buf ), NULL,
|
|
|
|
buf ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL,
|
|
|
|
NULL,
|
|
|
|
valid_mode,
|
|
|
|
sizeof( buf ), buf,
|
|
|
|
NULL ) );
|
|
|
|
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsaes_oaep_encrypt( NULL, NULL, NULL,
|
|
|
|
valid_mode,
|
|
|
|
buf, sizeof( buf ),
|
|
|
|
sizeof( buf ), buf,
|
|
|
|
buf ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
|
|
|
|
invalid_mode,
|
|
|
|
buf, sizeof( buf ),
|
|
|
|
sizeof( buf ), buf,
|
|
|
|
buf ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
|
|
|
|
valid_mode,
|
|
|
|
NULL, sizeof( buf ),
|
|
|
|
sizeof( buf ), buf,
|
|
|
|
buf ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
|
|
|
|
valid_mode,
|
|
|
|
buf, sizeof( buf ),
|
|
|
|
sizeof( buf ), NULL,
|
|
|
|
buf ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL,
|
|
|
|
valid_mode,
|
|
|
|
buf, sizeof( buf ),
|
|
|
|
sizeof( buf ), buf,
|
|
|
|
NULL ) );
|
|
|
|
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_pkcs1_decrypt( NULL, NULL, NULL,
|
|
|
|
valid_mode, &olen,
|
|
|
|
buf, buf, 42 ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
|
|
|
|
invalid_mode, &olen,
|
|
|
|
buf, buf, 42 ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
|
|
|
|
valid_mode, NULL,
|
|
|
|
buf, buf, 42 ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
|
|
|
|
valid_mode, &olen,
|
|
|
|
NULL, buf, 42 ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL,
|
|
|
|
valid_mode, &olen,
|
|
|
|
buf, NULL, 42 ) );
|
|
|
|
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsaes_pkcs1_v15_decrypt( NULL, NULL,
|
|
|
|
NULL,
|
|
|
|
valid_mode, &olen,
|
|
|
|
buf, buf, 42 ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
|
|
|
|
NULL,
|
|
|
|
invalid_mode, &olen,
|
|
|
|
buf, buf, 42 ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
|
|
|
|
NULL,
|
|
|
|
valid_mode, NULL,
|
|
|
|
buf, buf, 42 ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
|
|
|
|
NULL,
|
|
|
|
valid_mode, &olen,
|
|
|
|
NULL, buf, 42 ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL,
|
|
|
|
NULL,
|
|
|
|
valid_mode, &olen,
|
|
|
|
buf, NULL, 42 ) );
|
|
|
|
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsaes_oaep_decrypt( NULL, NULL, NULL,
|
|
|
|
valid_mode,
|
|
|
|
buf, sizeof( buf ),
|
|
|
|
&olen,
|
|
|
|
buf, buf, 42 ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
|
|
|
|
invalid_mode,
|
|
|
|
buf, sizeof( buf ),
|
|
|
|
&olen,
|
|
|
|
buf, buf, 42 ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
|
|
|
|
valid_mode,
|
|
|
|
NULL, sizeof( buf ),
|
|
|
|
NULL,
|
|
|
|
buf, buf, 42 ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
|
|
|
|
valid_mode,
|
|
|
|
buf, sizeof( buf ),
|
|
|
|
&olen,
|
|
|
|
NULL, buf, 42 ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL,
|
|
|
|
valid_mode,
|
|
|
|
buf, sizeof( buf ),
|
|
|
|
&olen,
|
|
|
|
buf, NULL, 42 ) );
|
|
|
|
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_pkcs1_sign( NULL, NULL, NULL,
|
|
|
|
valid_mode,
|
|
|
|
0, sizeof( buf ), buf,
|
|
|
|
buf ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
|
|
|
|
invalid_mode,
|
|
|
|
0, sizeof( buf ), buf,
|
|
|
|
buf ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
|
|
|
|
valid_mode,
|
|
|
|
0, sizeof( buf ), NULL,
|
|
|
|
buf ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
|
|
|
|
valid_mode,
|
|
|
|
0, sizeof( buf ), buf,
|
|
|
|
NULL ) );
|
2018-12-18 14:33:37 +01:00
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL,
|
|
|
|
valid_mode,
|
|
|
|
MBEDTLS_MD_SHA1,
|
|
|
|
0, NULL,
|
|
|
|
buf ) );
|
2018-12-13 19:07:09 +01:00
|
|
|
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsassa_pkcs1_v15_sign( NULL, NULL, NULL,
|
|
|
|
valid_mode,
|
|
|
|
0, sizeof( buf ), buf,
|
|
|
|
buf ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
|
|
|
|
invalid_mode,
|
|
|
|
0, sizeof( buf ), buf,
|
|
|
|
buf ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
|
|
|
|
valid_mode,
|
|
|
|
0, sizeof( buf ), NULL,
|
|
|
|
buf ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
|
|
|
|
valid_mode,
|
|
|
|
0, sizeof( buf ), buf,
|
|
|
|
NULL ) );
|
2018-12-18 15:04:28 +01:00
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL,
|
|
|
|
valid_mode,
|
|
|
|
MBEDTLS_MD_SHA1,
|
|
|
|
0, NULL,
|
|
|
|
buf ) );
|
2018-12-13 19:07:09 +01:00
|
|
|
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsassa_pss_sign( NULL, NULL, NULL,
|
|
|
|
valid_mode,
|
|
|
|
0, sizeof( buf ), buf,
|
|
|
|
buf ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
|
|
|
|
invalid_mode,
|
|
|
|
0, sizeof( buf ), buf,
|
|
|
|
buf ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
|
|
|
|
valid_mode,
|
|
|
|
0, sizeof( buf ), NULL,
|
|
|
|
buf ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
|
|
|
|
valid_mode,
|
|
|
|
0, sizeof( buf ), buf,
|
|
|
|
NULL ) );
|
2018-12-18 15:04:28 +01:00
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL,
|
|
|
|
valid_mode,
|
|
|
|
MBEDTLS_MD_SHA1,
|
|
|
|
0, NULL,
|
|
|
|
buf ) );
|
2018-12-13 19:07:09 +01:00
|
|
|
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_pkcs1_verify( NULL, NULL, NULL,
|
|
|
|
valid_mode,
|
|
|
|
0, sizeof( buf ), buf,
|
|
|
|
buf ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
|
|
|
|
invalid_mode,
|
|
|
|
0, sizeof( buf ), buf,
|
|
|
|
buf ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
|
|
|
|
valid_mode,
|
|
|
|
0, sizeof( buf ), NULL,
|
|
|
|
buf ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
|
|
|
|
valid_mode,
|
|
|
|
0, sizeof( buf ), buf,
|
|
|
|
NULL ) );
|
2018-12-18 15:04:28 +01:00
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL,
|
|
|
|
valid_mode,
|
|
|
|
MBEDTLS_MD_SHA1, 0, NULL,
|
|
|
|
buf ) );
|
2018-12-13 19:07:09 +01:00
|
|
|
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsassa_pkcs1_v15_verify( NULL, NULL,
|
|
|
|
NULL,
|
|
|
|
valid_mode,
|
|
|
|
0, sizeof( buf ), buf,
|
|
|
|
buf ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
|
|
|
|
NULL,
|
|
|
|
invalid_mode,
|
|
|
|
0, sizeof( buf ), buf,
|
|
|
|
buf ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
|
|
|
|
NULL,
|
|
|
|
valid_mode,
|
|
|
|
0, sizeof( buf ),
|
|
|
|
NULL, buf ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
|
|
|
|
NULL,
|
|
|
|
valid_mode,
|
|
|
|
0, sizeof( buf ), buf,
|
|
|
|
NULL ) );
|
2018-12-18 15:04:28 +01:00
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL,
|
|
|
|
NULL,
|
|
|
|
valid_mode,
|
|
|
|
MBEDTLS_MD_SHA1,
|
|
|
|
0, NULL,
|
|
|
|
buf ) );
|
2018-12-13 19:07:09 +01:00
|
|
|
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsassa_pss_verify( NULL, NULL, NULL,
|
|
|
|
valid_mode,
|
|
|
|
0, sizeof( buf ),
|
|
|
|
buf, buf ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
|
|
|
|
invalid_mode,
|
|
|
|
0, sizeof( buf ),
|
|
|
|
buf, buf ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
|
|
|
|
valid_mode,
|
|
|
|
0, sizeof( buf ),
|
|
|
|
NULL, buf ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
|
|
|
|
valid_mode,
|
|
|
|
0, sizeof( buf ),
|
|
|
|
buf, NULL ) );
|
2018-12-18 15:04:28 +01:00
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL,
|
|
|
|
valid_mode,
|
|
|
|
MBEDTLS_MD_SHA1,
|
|
|
|
0, NULL,
|
|
|
|
buf ) );
|
2018-12-13 19:07:09 +01:00
|
|
|
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsassa_pss_verify_ext( NULL, NULL, NULL,
|
|
|
|
valid_mode,
|
|
|
|
0, sizeof( buf ),
|
|
|
|
buf,
|
|
|
|
0, 0,
|
|
|
|
buf ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
|
|
|
|
invalid_mode,
|
|
|
|
0, sizeof( buf ),
|
|
|
|
buf,
|
|
|
|
0, 0,
|
|
|
|
buf ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
|
|
|
|
valid_mode,
|
|
|
|
0, sizeof( buf ),
|
|
|
|
NULL, 0, 0,
|
|
|
|
buf ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
|
|
|
|
valid_mode,
|
|
|
|
0, sizeof( buf ),
|
|
|
|
buf, 0, 0,
|
|
|
|
NULL ) );
|
2018-12-18 15:04:28 +01:00
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL,
|
|
|
|
valid_mode,
|
|
|
|
MBEDTLS_MD_SHA1,
|
|
|
|
0, NULL,
|
|
|
|
0, 0,
|
|
|
|
buf ) );
|
2018-12-13 19:07:09 +01:00
|
|
|
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_copy( NULL, &ctx ) );
|
|
|
|
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
|
|
|
|
mbedtls_rsa_copy( &ctx, NULL ) );
|
|
|
|
|
|
|
|
exit:
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
/* END_CASE */
|
|
|
|
|
2021-02-01 17:55:24 +01:00
|
|
|
/* BEGIN_CASE */
|
|
|
|
void rsa_init_free( int reinit )
|
|
|
|
{
|
|
|
|
mbedtls_rsa_context ctx;
|
|
|
|
|
|
|
|
/* Double free is not explicitly documented to work, but we rely on it
|
|
|
|
* even inside the library so that you can call mbedtls_rsa_free()
|
|
|
|
* unconditionally on an error path without checking whether it has
|
|
|
|
* already been called in the success path. */
|
|
|
|
|
|
|
|
mbedtls_rsa_init( &ctx, 0, 0 );
|
|
|
|
mbedtls_rsa_free( &ctx );
|
|
|
|
|
|
|
|
if( reinit )
|
|
|
|
mbedtls_rsa_init( &ctx, 0, 0 );
|
|
|
|
mbedtls_rsa_free( &ctx );
|
|
|
|
|
|
|
|
/* This test case always succeeds, functionally speaking. A plausible
|
|
|
|
* bug might trigger an invalid pointer dereference or a memory leak. */
|
|
|
|
goto exit;
|
|
|
|
}
|
|
|
|
/* END_CASE */
|
|
|
|
|
2013-08-20 11:48:36 +02:00
|
|
|
/* BEGIN_CASE */
|
2018-06-29 12:05:32 +02:00
|
|
|
void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
|
2017-06-09 05:32:58 +02:00
|
|
|
int digest, int mod, int radix_P, char * input_P,
|
|
|
|
int radix_Q, char * input_Q, int radix_N,
|
|
|
|
char * input_N, int radix_E, char * input_E,
|
2020-06-26 14:33:03 +02:00
|
|
|
data_t * result_str, int result )
|
2009-07-07 22:18:41 +02:00
|
|
|
{
|
2018-11-22 14:47:51 +01:00
|
|
|
unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
|
|
|
|
unsigned char output[256];
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_context ctx;
|
2017-08-23 09:33:08 +02:00
|
|
|
mbedtls_mpi N, P, Q, E;
|
2013-08-30 10:30:02 +02:00
|
|
|
rnd_pseudo_info rnd_info;
|
2009-07-07 22:18:41 +02:00
|
|
|
|
2017-08-23 09:33:08 +02:00
|
|
|
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
|
|
|
|
mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_init( &ctx, padding_mode, 0 );
|
2009-07-07 22:18:41 +02:00
|
|
|
|
2018-11-22 14:47:51 +01:00
|
|
|
memset( hash_result, 0x00, sizeof( hash_result ) );
|
|
|
|
memset( output, 0x00, sizeof( output ) );
|
2013-08-30 10:30:02 +02:00
|
|
|
memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
|
2009-07-07 22:18:41 +02:00
|
|
|
|
2017-08-23 09:33:08 +02:00
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
|
2015-04-08 12:49:31 +02:00
|
|
|
|
2017-08-23 09:33:08 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
|
2017-10-10 17:56:22 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
|
2009-07-07 22:18:41 +02:00
|
|
|
|
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
if( mbedtls_md_info_from_type( digest ) != NULL )
|
2017-06-09 05:32:58 +02:00
|
|
|
TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
|
2009-07-07 22:18:41 +02:00
|
|
|
|
2017-08-23 09:33:08 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_pseudo_rand, &rnd_info,
|
|
|
|
MBEDTLS_RSA_PRIVATE, digest, 0,
|
|
|
|
hash_result, output ) == result );
|
2013-08-20 11:48:36 +02:00
|
|
|
if( result == 0 )
|
2009-07-12 15:26:42 +02:00
|
|
|
{
|
2009-07-07 22:18:41 +02:00
|
|
|
|
2020-06-26 14:33:03 +02:00
|
|
|
TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
|
|
|
|
ctx.len, result_str->len ) == 0 );
|
2009-07-12 15:26:42 +02:00
|
|
|
}
|
2011-05-05 13:49:20 +02:00
|
|
|
|
2014-07-10 15:26:12 +02:00
|
|
|
exit:
|
2017-08-23 09:33:08 +02:00
|
|
|
mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
|
|
|
|
mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_free( &ctx );
|
2009-07-07 22:18:41 +02:00
|
|
|
}
|
2013-08-20 11:48:36 +02:00
|
|
|
/* END_CASE */
|
2009-07-07 22:18:41 +02:00
|
|
|
|
2013-08-20 11:48:36 +02:00
|
|
|
/* BEGIN_CASE */
|
2018-06-29 12:05:32 +02:00
|
|
|
void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode,
|
2017-06-09 05:32:58 +02:00
|
|
|
int digest, int mod, int radix_N,
|
|
|
|
char * input_N, int radix_E, char * input_E,
|
2018-06-29 12:05:32 +02:00
|
|
|
data_t * result_str, int result )
|
2009-07-07 22:18:41 +02:00
|
|
|
{
|
2018-11-22 14:47:51 +01:00
|
|
|
unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_context ctx;
|
2009-07-07 22:18:41 +02:00
|
|
|
|
2017-08-23 09:33:08 +02:00
|
|
|
mbedtls_mpi N, E;
|
|
|
|
|
|
|
|
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_init( &ctx, padding_mode, 0 );
|
2018-11-22 14:47:51 +01:00
|
|
|
memset( hash_result, 0x00, sizeof( hash_result ) );
|
2009-07-07 22:18:41 +02:00
|
|
|
|
2017-08-23 09:33:08 +02:00
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
|
2009-07-07 22:18:41 +02:00
|
|
|
|
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
if( mbedtls_md_info_from_type( digest ) != NULL )
|
2017-06-09 05:32:58 +02:00
|
|
|
TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
|
2009-07-07 22:18:41 +02:00
|
|
|
|
2017-06-09 05:32:58 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result );
|
2013-01-03 11:33:48 +01:00
|
|
|
|
2014-07-10 15:26:12 +02:00
|
|
|
exit:
|
2017-08-23 09:33:08 +02:00
|
|
|
mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_free( &ctx );
|
2009-07-07 22:18:41 +02:00
|
|
|
}
|
2013-08-20 11:48:36 +02:00
|
|
|
/* END_CASE */
|
2009-07-07 22:18:41 +02:00
|
|
|
|
2009-07-12 15:26:42 +02:00
|
|
|
|
2013-08-20 11:48:36 +02:00
|
|
|
/* BEGIN_CASE */
|
2018-06-29 12:05:32 +02:00
|
|
|
void rsa_pkcs1_sign_raw( data_t * hash_result,
|
2017-05-30 15:23:15 +02:00
|
|
|
int padding_mode, int mod, int radix_P,
|
|
|
|
char * input_P, int radix_Q, char * input_Q,
|
|
|
|
int radix_N, char * input_N, int radix_E,
|
2020-06-26 14:33:03 +02:00
|
|
|
char * input_E, data_t * result_str )
|
2009-07-07 22:18:41 +02:00
|
|
|
{
|
2018-11-22 14:47:51 +01:00
|
|
|
unsigned char output[256];
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_context ctx;
|
2017-08-23 09:33:08 +02:00
|
|
|
mbedtls_mpi N, P, Q, E;
|
2013-08-30 10:30:02 +02:00
|
|
|
rnd_pseudo_info rnd_info;
|
2009-07-12 15:26:42 +02:00
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_init( &ctx, padding_mode, 0 );
|
2017-08-23 09:33:08 +02:00
|
|
|
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
|
|
|
|
mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
|
2009-07-07 22:18:41 +02:00
|
|
|
|
2018-11-22 14:47:51 +01:00
|
|
|
memset( output, 0x00, sizeof( output ) );
|
2013-08-30 10:30:02 +02:00
|
|
|
memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
|
2009-07-07 22:18:41 +02:00
|
|
|
|
2017-08-23 09:33:08 +02:00
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
|
2015-04-08 12:49:31 +02:00
|
|
|
|
2017-08-23 09:33:08 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
|
2017-10-10 17:56:22 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
|
2009-07-07 22:18:41 +02:00
|
|
|
|
|
|
|
|
2017-08-23 15:07:48 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_pseudo_rand, &rnd_info,
|
|
|
|
MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_NONE,
|
2017-06-09 05:32:58 +02:00
|
|
|
hash_result->len, hash_result->x,
|
|
|
|
output ) == 0 );
|
2009-07-07 22:18:41 +02:00
|
|
|
|
|
|
|
|
2020-06-26 14:33:03 +02:00
|
|
|
TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
|
|
|
|
ctx.len, result_str->len ) == 0 );
|
2011-05-05 13:49:20 +02:00
|
|
|
|
2017-06-20 09:53:42 +02:00
|
|
|
#if defined(MBEDTLS_PKCS1_V15)
|
2014-02-03 11:58:55 +01:00
|
|
|
/* For PKCS#1 v1.5, there is an alternative way to generate signatures */
|
2015-04-08 12:49:31 +02:00
|
|
|
if( padding_mode == MBEDTLS_RSA_PKCS_V15 )
|
2014-02-03 11:58:55 +01:00
|
|
|
{
|
2018-03-13 13:27:14 +01:00
|
|
|
int res;
|
2018-11-22 14:47:51 +01:00
|
|
|
memset( output, 0x00, sizeof( output) );
|
2014-02-03 11:58:55 +01:00
|
|
|
|
2017-10-05 11:16:37 +02:00
|
|
|
res = mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx,
|
2015-04-08 12:49:31 +02:00
|
|
|
&rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE,
|
2017-06-09 05:32:58 +02:00
|
|
|
hash_result->len, hash_result->x, output );
|
2014-02-03 11:58:55 +01:00
|
|
|
|
2017-10-05 11:16:37 +02:00
|
|
|
#if !defined(MBEDTLS_RSA_ALT)
|
|
|
|
TEST_ASSERT( res == 0 );
|
|
|
|
#else
|
|
|
|
TEST_ASSERT( ( res == 0 ) ||
|
|
|
|
( res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION ) );
|
|
|
|
#endif
|
2014-02-03 11:58:55 +01:00
|
|
|
|
2017-10-05 11:16:37 +02:00
|
|
|
if( res == 0 )
|
|
|
|
{
|
2020-06-26 14:33:03 +02:00
|
|
|
TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
|
2020-06-10 11:42:32 +02:00
|
|
|
ctx.len,
|
2020-06-26 14:33:03 +02:00
|
|
|
result_str->len ) == 0 );
|
2017-10-05 11:16:37 +02:00
|
|
|
}
|
2014-02-03 11:58:55 +01:00
|
|
|
}
|
2017-06-20 09:53:42 +02:00
|
|
|
#endif /* MBEDTLS_PKCS1_V15 */
|
2014-02-03 11:58:55 +01:00
|
|
|
|
2014-07-10 15:26:12 +02:00
|
|
|
exit:
|
2017-08-23 09:33:08 +02:00
|
|
|
mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
|
|
|
|
mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
|
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_free( &ctx );
|
2009-07-07 22:18:41 +02:00
|
|
|
}
|
2013-08-20 11:48:36 +02:00
|
|
|
/* END_CASE */
|
2009-07-07 22:18:41 +02:00
|
|
|
|
2013-08-20 11:48:36 +02:00
|
|
|
/* BEGIN_CASE */
|
2018-06-29 12:05:32 +02:00
|
|
|
void rsa_pkcs1_verify_raw( data_t * hash_result,
|
2013-08-20 11:48:36 +02:00
|
|
|
int padding_mode, int mod, int radix_N,
|
2017-05-30 15:23:15 +02:00
|
|
|
char * input_N, int radix_E, char * input_E,
|
2018-06-29 12:05:32 +02:00
|
|
|
data_t * result_str, int correct )
|
2009-07-07 22:18:41 +02:00
|
|
|
{
|
2018-11-22 14:47:51 +01:00
|
|
|
unsigned char output[256];
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_context ctx;
|
2009-07-12 15:26:42 +02:00
|
|
|
|
2017-08-23 09:33:08 +02:00
|
|
|
mbedtls_mpi N, E;
|
|
|
|
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
|
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_init( &ctx, padding_mode, 0 );
|
2014-02-03 11:58:55 +01:00
|
|
|
memset( output, 0x00, sizeof( output ) );
|
2009-07-12 15:26:42 +02:00
|
|
|
|
2017-08-23 09:33:08 +02:00
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
|
2009-07-12 15:26:42 +02:00
|
|
|
|
2017-08-23 09:33:08 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
|
2009-07-12 15:26:42 +02:00
|
|
|
|
|
|
|
|
2017-06-09 05:32:58 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct );
|
2013-01-03 11:33:48 +01:00
|
|
|
|
2017-06-20 09:53:42 +02:00
|
|
|
#if defined(MBEDTLS_PKCS1_V15)
|
2014-02-03 11:58:55 +01:00
|
|
|
/* For PKCS#1 v1.5, there is an alternative way to verify signatures */
|
2015-04-08 12:49:31 +02:00
|
|
|
if( padding_mode == MBEDTLS_RSA_PKCS_V15 )
|
2014-02-03 11:58:55 +01:00
|
|
|
{
|
2018-03-13 13:27:14 +01:00
|
|
|
int res;
|
2014-02-03 11:58:55 +01:00
|
|
|
int ok;
|
2017-06-20 09:53:42 +02:00
|
|
|
size_t olen;
|
2014-02-03 11:58:55 +01:00
|
|
|
|
2017-10-05 11:16:37 +02:00
|
|
|
res = mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx,
|
2015-04-08 12:49:31 +02:00
|
|
|
NULL, NULL, MBEDTLS_RSA_PUBLIC,
|
2017-06-09 05:32:58 +02:00
|
|
|
&olen, result_str->x, output, sizeof( output ) );
|
2014-02-03 11:58:55 +01:00
|
|
|
|
2017-10-05 11:16:37 +02:00
|
|
|
#if !defined(MBEDTLS_RSA_ALT)
|
|
|
|
TEST_ASSERT( res == 0 );
|
|
|
|
#else
|
|
|
|
TEST_ASSERT( ( res == 0 ) ||
|
|
|
|
( res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION ) );
|
|
|
|
#endif
|
|
|
|
|
|
|
|
if( res == 0 )
|
|
|
|
{
|
2017-06-09 05:32:58 +02:00
|
|
|
ok = olen == hash_result->len && memcmp( output, hash_result->x, olen ) == 0;
|
2017-10-05 11:16:37 +02:00
|
|
|
if( correct == 0 )
|
|
|
|
TEST_ASSERT( ok == 1 );
|
|
|
|
else
|
|
|
|
TEST_ASSERT( ok == 0 );
|
|
|
|
}
|
2014-02-03 11:58:55 +01:00
|
|
|
}
|
2017-06-20 09:53:42 +02:00
|
|
|
#endif /* MBEDTLS_PKCS1_V15 */
|
2014-02-03 11:58:55 +01:00
|
|
|
|
2014-07-10 15:26:12 +02:00
|
|
|
exit:
|
2017-08-23 09:33:08 +02:00
|
|
|
mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_free( &ctx );
|
2009-07-12 15:26:42 +02:00
|
|
|
}
|
2013-08-20 11:48:36 +02:00
|
|
|
/* END_CASE */
|
2009-07-12 15:26:42 +02:00
|
|
|
|
2013-08-20 11:48:36 +02:00
|
|
|
/* BEGIN_CASE */
|
2018-06-29 12:05:32 +02:00
|
|
|
void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode,
|
2017-06-09 05:32:58 +02:00
|
|
|
int mod, int radix_N, char * input_N,
|
|
|
|
int radix_E, char * input_E,
|
2020-06-26 14:33:03 +02:00
|
|
|
data_t * result_str, int result )
|
2009-07-12 15:26:42 +02:00
|
|
|
{
|
2018-11-22 14:47:51 +01:00
|
|
|
unsigned char output[256];
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_context ctx;
|
2011-03-13 16:45:42 +01:00
|
|
|
rnd_pseudo_info rnd_info;
|
|
|
|
|
2017-08-23 09:33:08 +02:00
|
|
|
mbedtls_mpi N, E;
|
|
|
|
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
|
|
|
|
|
2011-03-13 16:45:42 +01:00
|
|
|
memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
|
2009-07-12 15:26:42 +02:00
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_init( &ctx, padding_mode, 0 );
|
2018-11-22 14:47:51 +01:00
|
|
|
memset( output, 0x00, sizeof( output ) );
|
2009-07-12 15:26:42 +02:00
|
|
|
|
2017-08-23 09:33:08 +02:00
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
|
2009-07-12 15:26:42 +02:00
|
|
|
|
2017-08-23 09:33:08 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
|
2009-07-12 15:26:42 +02:00
|
|
|
|
|
|
|
|
2017-10-05 11:16:37 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &rnd_pseudo_rand, &rnd_info,
|
2017-06-09 05:32:58 +02:00
|
|
|
MBEDTLS_RSA_PUBLIC, message_str->len,
|
|
|
|
message_str->x, output ) == result );
|
2013-08-20 11:48:36 +02:00
|
|
|
if( result == 0 )
|
2009-07-12 15:26:42 +02:00
|
|
|
{
|
|
|
|
|
2020-06-26 14:33:03 +02:00
|
|
|
TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
|
|
|
|
ctx.len, result_str->len ) == 0 );
|
2009-07-12 15:26:42 +02:00
|
|
|
}
|
2013-01-03 11:33:48 +01:00
|
|
|
|
2014-07-10 15:26:12 +02:00
|
|
|
exit:
|
2017-08-23 09:33:08 +02:00
|
|
|
mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_free( &ctx );
|
2009-07-12 15:26:42 +02:00
|
|
|
}
|
2013-08-20 11:48:36 +02:00
|
|
|
/* END_CASE */
|
2009-07-12 15:26:42 +02:00
|
|
|
|
2013-08-20 11:48:36 +02:00
|
|
|
/* BEGIN_CASE */
|
2018-06-29 12:05:32 +02:00
|
|
|
void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode,
|
2017-06-09 05:32:58 +02:00
|
|
|
int mod, int radix_N, char * input_N,
|
|
|
|
int radix_E, char * input_E,
|
2020-06-26 14:33:03 +02:00
|
|
|
data_t * result_str, int result )
|
2010-07-18 21:47:14 +02:00
|
|
|
{
|
2018-11-22 14:47:51 +01:00
|
|
|
unsigned char output[256];
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_context ctx;
|
2010-07-18 21:47:14 +02:00
|
|
|
|
2017-08-23 09:33:08 +02:00
|
|
|
mbedtls_mpi N, E;
|
|
|
|
|
|
|
|
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_init( &ctx, padding_mode, 0 );
|
2018-11-22 14:47:51 +01:00
|
|
|
memset( output, 0x00, sizeof( output ) );
|
2010-07-18 21:47:14 +02:00
|
|
|
|
2017-08-23 09:33:08 +02:00
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
|
2010-07-18 21:47:14 +02:00
|
|
|
|
2017-08-23 09:33:08 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
|
2010-07-18 21:47:14 +02:00
|
|
|
|
|
|
|
|
2017-10-05 11:16:37 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &rnd_zero_rand, NULL,
|
2017-06-09 05:32:58 +02:00
|
|
|
MBEDTLS_RSA_PUBLIC, message_str->len,
|
|
|
|
message_str->x, output ) == result );
|
2013-08-20 11:48:36 +02:00
|
|
|
if( result == 0 )
|
2010-07-18 21:47:14 +02:00
|
|
|
{
|
|
|
|
|
2020-06-26 14:33:03 +02:00
|
|
|
TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
|
|
|
|
ctx.len, result_str->len ) == 0 );
|
2010-07-18 21:47:14 +02:00
|
|
|
}
|
2013-01-03 11:33:48 +01:00
|
|
|
|
2014-07-10 15:26:12 +02:00
|
|
|
exit:
|
2017-08-23 09:33:08 +02:00
|
|
|
mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_free( &ctx );
|
2010-07-18 21:47:14 +02:00
|
|
|
}
|
2013-08-20 11:48:36 +02:00
|
|
|
/* END_CASE */
|
2010-07-18 21:47:14 +02:00
|
|
|
|
2013-08-20 11:48:36 +02:00
|
|
|
/* BEGIN_CASE */
|
2018-06-29 12:05:32 +02:00
|
|
|
void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode,
|
2017-05-30 15:23:15 +02:00
|
|
|
int mod, int radix_P, char * input_P,
|
|
|
|
int radix_Q, char * input_Q, int radix_N,
|
|
|
|
char * input_N, int radix_E, char * input_E,
|
2020-06-26 14:33:03 +02:00
|
|
|
int max_output, data_t * result_str,
|
2017-06-09 05:32:58 +02:00
|
|
|
int result )
|
2009-07-12 15:26:42 +02:00
|
|
|
{
|
2018-11-22 14:47:51 +01:00
|
|
|
unsigned char output[32];
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_context ctx;
|
2011-04-24 17:53:29 +02:00
|
|
|
size_t output_len;
|
2013-08-30 10:30:02 +02:00
|
|
|
rnd_pseudo_info rnd_info;
|
2017-08-23 09:33:08 +02:00
|
|
|
mbedtls_mpi N, P, Q, E;
|
|
|
|
|
|
|
|
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
|
|
|
|
mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
|
2009-07-07 22:18:41 +02:00
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_init( &ctx, padding_mode, 0 );
|
2009-07-07 22:18:41 +02:00
|
|
|
|
2018-11-22 14:47:51 +01:00
|
|
|
memset( output, 0x00, sizeof( output ) );
|
2013-08-30 10:30:02 +02:00
|
|
|
memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
|
2009-07-07 22:18:41 +02:00
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
|
2017-08-23 09:33:08 +02:00
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
|
|
|
|
|
|
|
|
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
|
2017-10-10 17:56:22 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
|
2009-07-07 22:18:41 +02:00
|
|
|
|
2009-07-11 21:15:20 +02:00
|
|
|
output_len = 0;
|
2009-07-07 22:18:41 +02:00
|
|
|
|
2017-06-09 05:32:58 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE, &output_len, message_str->x, output, max_output ) == result );
|
2013-08-20 11:48:36 +02:00
|
|
|
if( result == 0 )
|
2009-07-12 15:26:42 +02:00
|
|
|
{
|
2009-07-07 22:18:41 +02:00
|
|
|
|
2020-06-26 14:33:03 +02:00
|
|
|
TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
|
2020-06-10 11:42:32 +02:00
|
|
|
output_len,
|
2020-06-26 14:33:03 +02:00
|
|
|
result_str->len ) == 0 );
|
2009-07-12 15:26:42 +02:00
|
|
|
}
|
2011-05-05 13:49:20 +02:00
|
|
|
|
2014-07-10 15:26:12 +02:00
|
|
|
exit:
|
2017-08-23 09:33:08 +02:00
|
|
|
mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
|
|
|
|
mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_free( &ctx );
|
2009-07-12 15:26:42 +02:00
|
|
|
}
|
2013-08-20 11:48:36 +02:00
|
|
|
/* END_CASE */
|
2009-07-12 15:26:42 +02:00
|
|
|
|
2013-08-20 11:48:36 +02:00
|
|
|
/* BEGIN_CASE */
|
2018-06-29 12:05:32 +02:00
|
|
|
void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N,
|
2017-06-09 05:32:58 +02:00
|
|
|
char * input_N, int radix_E, char * input_E,
|
2020-06-26 14:33:03 +02:00
|
|
|
data_t * result_str, int result )
|
2009-07-12 15:26:42 +02:00
|
|
|
{
|
2018-11-22 14:47:51 +01:00
|
|
|
unsigned char output[256];
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
|
2009-07-12 15:26:42 +02:00
|
|
|
|
2017-08-23 09:33:08 +02:00
|
|
|
mbedtls_mpi N, E;
|
|
|
|
|
|
|
|
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
|
|
|
|
mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
|
2018-11-22 14:47:51 +01:00
|
|
|
memset( output, 0x00, sizeof( output ) );
|
2009-07-07 22:18:41 +02:00
|
|
|
|
2017-08-23 09:33:08 +02:00
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
|
2009-07-12 15:26:42 +02:00
|
|
|
|
2017-08-23 09:33:08 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
|
2009-07-12 15:26:42 +02:00
|
|
|
|
|
|
|
|
2017-06-09 05:32:58 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str->x, output ) == result );
|
2013-08-20 11:48:36 +02:00
|
|
|
if( result == 0 )
|
2009-07-12 15:26:42 +02:00
|
|
|
{
|
|
|
|
|
2020-06-26 14:33:03 +02:00
|
|
|
TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
|
|
|
|
ctx.len, result_str->len ) == 0 );
|
2009-07-12 15:26:42 +02:00
|
|
|
}
|
2013-01-03 11:33:48 +01:00
|
|
|
|
2014-02-03 11:16:44 +01:00
|
|
|
/* And now with the copy */
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
|
2014-07-10 15:26:12 +02:00
|
|
|
/* clear the original to be sure */
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_free( &ctx );
|
2014-02-03 11:16:44 +01:00
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx2 ) == 0 );
|
2014-02-03 11:16:44 +01:00
|
|
|
|
2018-11-22 14:47:51 +01:00
|
|
|
memset( output, 0x00, sizeof( output ) );
|
2017-06-09 05:32:58 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_public( &ctx2, message_str->x, output ) == result );
|
2014-02-03 11:16:44 +01:00
|
|
|
if( result == 0 )
|
|
|
|
{
|
|
|
|
|
2020-06-26 14:33:03 +02:00
|
|
|
TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
|
|
|
|
ctx.len, result_str->len ) == 0 );
|
2014-02-03 11:16:44 +01:00
|
|
|
}
|
|
|
|
|
2014-07-10 15:26:12 +02:00
|
|
|
exit:
|
2017-08-23 09:33:08 +02:00
|
|
|
mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_free( &ctx );
|
|
|
|
mbedtls_rsa_free( &ctx2 );
|
2009-07-12 15:26:42 +02:00
|
|
|
}
|
2013-08-20 11:48:36 +02:00
|
|
|
/* END_CASE */
|
2009-07-12 15:26:42 +02:00
|
|
|
|
2013-08-20 11:48:36 +02:00
|
|
|
/* BEGIN_CASE */
|
2018-06-29 12:05:32 +02:00
|
|
|
void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P,
|
2017-06-09 05:32:58 +02:00
|
|
|
char * input_P, int radix_Q, char * input_Q,
|
|
|
|
int radix_N, char * input_N, int radix_E,
|
2020-06-26 14:33:03 +02:00
|
|
|
char * input_E, data_t * result_str,
|
2017-06-09 05:32:58 +02:00
|
|
|
int result )
|
2009-07-12 15:26:42 +02:00
|
|
|
{
|
2018-11-22 14:47:51 +01:00
|
|
|
unsigned char output[256];
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_context ctx, ctx2; /* Also test mbedtls_rsa_copy() while at it */
|
2017-08-23 09:33:08 +02:00
|
|
|
mbedtls_mpi N, P, Q, E;
|
2013-08-30 10:30:02 +02:00
|
|
|
rnd_pseudo_info rnd_info;
|
2013-09-13 12:57:23 +02:00
|
|
|
int i;
|
2009-07-12 15:26:42 +02:00
|
|
|
|
2017-08-23 09:33:08 +02:00
|
|
|
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
|
|
|
|
mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
|
|
|
|
mbedtls_rsa_init( &ctx2, MBEDTLS_RSA_PKCS_V15, 0 );
|
2009-07-12 15:26:42 +02:00
|
|
|
|
2013-08-30 10:30:02 +02:00
|
|
|
memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
|
2009-07-12 15:26:42 +02:00
|
|
|
|
2017-08-23 09:33:08 +02:00
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
|
2015-04-08 12:49:31 +02:00
|
|
|
|
2017-08-23 09:33:08 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
|
2017-10-10 17:56:22 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
|
2009-07-12 15:26:42 +02:00
|
|
|
|
|
|
|
|
2013-09-13 12:57:23 +02:00
|
|
|
/* repeat three times to test updating of blinding values */
|
|
|
|
for( i = 0; i < 3; i++ )
|
2009-07-12 15:26:42 +02:00
|
|
|
{
|
2018-11-22 14:47:51 +01:00
|
|
|
memset( output, 0x00, sizeof( output ) );
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_private( &ctx, rnd_pseudo_rand, &rnd_info,
|
2017-06-09 05:32:58 +02:00
|
|
|
message_str->x, output ) == result );
|
2013-09-13 12:57:23 +02:00
|
|
|
if( result == 0 )
|
|
|
|
{
|
|
|
|
|
2020-06-26 14:33:03 +02:00
|
|
|
TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
|
2020-06-10 11:42:32 +02:00
|
|
|
ctx.len,
|
2020-06-26 14:33:03 +02:00
|
|
|
result_str->len ) == 0 );
|
2013-09-13 12:57:23 +02:00
|
|
|
}
|
2009-07-12 15:26:42 +02:00
|
|
|
}
|
2011-05-05 13:49:20 +02:00
|
|
|
|
2014-02-03 11:16:44 +01:00
|
|
|
/* And now one more time with the copy */
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_copy( &ctx2, &ctx ) == 0 );
|
2014-07-10 15:26:12 +02:00
|
|
|
/* clear the original to be sure */
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_free( &ctx );
|
2014-02-03 11:16:44 +01:00
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx2 ) == 0 );
|
2014-02-03 11:16:44 +01:00
|
|
|
|
2018-11-22 14:47:51 +01:00
|
|
|
memset( output, 0x00, sizeof( output ) );
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_private( &ctx2, rnd_pseudo_rand, &rnd_info,
|
2017-06-09 05:32:58 +02:00
|
|
|
message_str->x, output ) == result );
|
2014-02-03 11:16:44 +01:00
|
|
|
if( result == 0 )
|
|
|
|
{
|
|
|
|
|
2020-06-26 14:33:03 +02:00
|
|
|
TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
|
2020-06-10 11:42:32 +02:00
|
|
|
ctx2.len,
|
2020-06-26 14:33:03 +02:00
|
|
|
result_str->len ) == 0 );
|
2014-02-03 11:16:44 +01:00
|
|
|
}
|
|
|
|
|
2014-07-10 15:26:12 +02:00
|
|
|
exit:
|
2017-08-23 09:33:08 +02:00
|
|
|
mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
|
|
|
|
mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
|
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_free( &ctx ); mbedtls_rsa_free( &ctx2 );
|
2009-07-07 22:18:41 +02:00
|
|
|
}
|
2013-08-20 11:48:36 +02:00
|
|
|
/* END_CASE */
|
2009-07-07 22:18:41 +02:00
|
|
|
|
2013-08-20 11:48:36 +02:00
|
|
|
/* BEGIN_CASE */
|
2017-05-30 15:23:15 +02:00
|
|
|
void rsa_check_privkey_null( )
|
2009-07-11 00:38:58 +02:00
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_context ctx;
|
|
|
|
memset( &ctx, 0x00, sizeof( mbedtls_rsa_context ) );
|
2009-07-11 00:38:58 +02:00
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
|
2009-07-11 00:38:58 +02:00
|
|
|
}
|
2013-08-20 11:48:36 +02:00
|
|
|
/* END_CASE */
|
2009-07-11 00:38:58 +02:00
|
|
|
|
2013-08-20 11:48:36 +02:00
|
|
|
/* BEGIN_CASE */
|
2017-05-30 15:23:15 +02:00
|
|
|
void mbedtls_rsa_check_pubkey( int radix_N, char * input_N, int radix_E,
|
|
|
|
char * input_E, int result )
|
2009-07-12 15:26:42 +02:00
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_context ctx;
|
2017-08-23 09:33:08 +02:00
|
|
|
mbedtls_mpi N, E;
|
2009-07-12 15:26:42 +02:00
|
|
|
|
2017-08-23 09:33:08 +02:00
|
|
|
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E );
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
|
2009-07-12 15:26:42 +02:00
|
|
|
|
2013-08-20 11:48:36 +02:00
|
|
|
if( strlen( input_N ) )
|
2009-07-12 15:26:42 +02:00
|
|
|
{
|
2017-08-23 09:33:08 +02:00
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
|
2009-07-12 15:26:42 +02:00
|
|
|
}
|
2013-08-20 11:48:36 +02:00
|
|
|
if( strlen( input_E ) )
|
2009-07-12 15:26:42 +02:00
|
|
|
{
|
2017-08-23 09:33:08 +02:00
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
|
2009-07-12 15:26:42 +02:00
|
|
|
}
|
|
|
|
|
2017-08-23 09:33:08 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == result );
|
2013-01-03 11:33:48 +01:00
|
|
|
|
2014-07-10 15:26:12 +02:00
|
|
|
exit:
|
2017-08-23 09:33:08 +02:00
|
|
|
mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_free( &ctx );
|
2009-07-12 15:26:42 +02:00
|
|
|
}
|
2013-08-20 11:48:36 +02:00
|
|
|
/* END_CASE */
|
|
|
|
|
|
|
|
/* BEGIN_CASE */
|
2017-05-30 15:23:15 +02:00
|
|
|
void mbedtls_rsa_check_privkey( int mod, int radix_P, char * input_P,
|
|
|
|
int radix_Q, char * input_Q, int radix_N,
|
|
|
|
char * input_N, int radix_E, char * input_E,
|
|
|
|
int radix_D, char * input_D, int radix_DP,
|
|
|
|
char * input_DP, int radix_DQ,
|
|
|
|
char * input_DQ, int radix_QP,
|
|
|
|
char * input_QP, int result )
|
2009-07-12 15:26:42 +02:00
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_context ctx;
|
2009-07-12 15:26:42 +02:00
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V15, 0 );
|
2009-07-12 15:26:42 +02:00
|
|
|
|
2013-08-20 11:48:36 +02:00
|
|
|
ctx.len = mod / 8;
|
|
|
|
if( strlen( input_P ) )
|
2009-07-12 15:26:42 +02:00
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
|
2009-07-12 15:26:42 +02:00
|
|
|
}
|
2013-08-20 11:48:36 +02:00
|
|
|
if( strlen( input_Q ) )
|
2009-07-12 15:26:42 +02:00
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
|
2009-07-12 15:26:42 +02:00
|
|
|
}
|
2013-08-20 11:48:36 +02:00
|
|
|
if( strlen( input_N ) )
|
2009-07-12 15:26:42 +02:00
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
|
2009-07-12 15:26:42 +02:00
|
|
|
}
|
2013-08-20 11:48:36 +02:00
|
|
|
if( strlen( input_E ) )
|
2009-07-12 15:26:42 +02:00
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
|
2009-07-12 15:26:42 +02:00
|
|
|
}
|
2013-08-20 11:48:36 +02:00
|
|
|
if( strlen( input_D ) )
|
2009-07-12 15:26:42 +02:00
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &ctx.D, radix_D, input_D ) == 0 );
|
2009-07-12 15:26:42 +02:00
|
|
|
}
|
2017-08-23 09:31:07 +02:00
|
|
|
#if !defined(MBEDTLS_RSA_NO_CRT)
|
2013-08-20 11:48:36 +02:00
|
|
|
if( strlen( input_DP ) )
|
2012-09-27 22:41:37 +02:00
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DP, radix_DP, input_DP ) == 0 );
|
2012-09-27 22:41:37 +02:00
|
|
|
}
|
2013-08-20 11:48:36 +02:00
|
|
|
if( strlen( input_DQ ) )
|
2012-09-27 22:41:37 +02:00
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
|
2012-09-27 22:41:37 +02:00
|
|
|
}
|
2013-08-20 11:48:36 +02:00
|
|
|
if( strlen( input_QP ) )
|
2012-09-27 22:41:37 +02:00
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &ctx.QP, radix_QP, input_QP ) == 0 );
|
2012-09-27 22:41:37 +02:00
|
|
|
}
|
2017-08-23 09:31:07 +02:00
|
|
|
#else
|
|
|
|
((void) radix_DP); ((void) input_DP);
|
|
|
|
((void) radix_DQ); ((void) input_DQ);
|
|
|
|
((void) radix_QP); ((void) input_QP);
|
|
|
|
#endif
|
2009-07-12 15:26:42 +02:00
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == result );
|
2013-01-03 11:33:48 +01:00
|
|
|
|
2014-07-10 15:26:12 +02:00
|
|
|
exit:
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_free( &ctx );
|
2009-07-12 15:26:42 +02:00
|
|
|
}
|
2013-08-20 11:48:36 +02:00
|
|
|
/* END_CASE */
|
2009-07-12 15:26:42 +02:00
|
|
|
|
2014-11-06 14:02:51 +01:00
|
|
|
/* BEGIN_CASE */
|
2017-05-30 15:23:15 +02:00
|
|
|
void rsa_check_pubpriv( int mod, int radix_Npub, char * input_Npub,
|
|
|
|
int radix_Epub, char * input_Epub, int radix_P,
|
|
|
|
char * input_P, int radix_Q, char * input_Q,
|
|
|
|
int radix_N, char * input_N, int radix_E,
|
|
|
|
char * input_E, int radix_D, char * input_D,
|
|
|
|
int radix_DP, char * input_DP, int radix_DQ,
|
|
|
|
char * input_DQ, int radix_QP, char * input_QP,
|
2014-11-06 14:02:51 +01:00
|
|
|
int result )
|
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_context pub, prv;
|
2014-11-06 14:02:51 +01:00
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_init( &pub, MBEDTLS_RSA_PKCS_V15, 0 );
|
|
|
|
mbedtls_rsa_init( &prv, MBEDTLS_RSA_PKCS_V15, 0 );
|
2014-11-06 14:02:51 +01:00
|
|
|
|
|
|
|
pub.len = mod / 8;
|
|
|
|
prv.len = mod / 8;
|
|
|
|
|
|
|
|
if( strlen( input_Npub ) )
|
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &pub.N, radix_Npub, input_Npub ) == 0 );
|
2014-11-06 14:02:51 +01:00
|
|
|
}
|
|
|
|
if( strlen( input_Epub ) )
|
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &pub.E, radix_Epub, input_Epub ) == 0 );
|
2014-11-06 14:02:51 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
if( strlen( input_P ) )
|
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &prv.P, radix_P, input_P ) == 0 );
|
2014-11-06 14:02:51 +01:00
|
|
|
}
|
|
|
|
if( strlen( input_Q ) )
|
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &prv.Q, radix_Q, input_Q ) == 0 );
|
2014-11-06 14:02:51 +01:00
|
|
|
}
|
|
|
|
if( strlen( input_N ) )
|
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &prv.N, radix_N, input_N ) == 0 );
|
2014-11-06 14:02:51 +01:00
|
|
|
}
|
|
|
|
if( strlen( input_E ) )
|
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &prv.E, radix_E, input_E ) == 0 );
|
2014-11-06 14:02:51 +01:00
|
|
|
}
|
|
|
|
if( strlen( input_D ) )
|
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &prv.D, radix_D, input_D ) == 0 );
|
2014-11-06 14:02:51 +01:00
|
|
|
}
|
2017-08-23 09:31:07 +02:00
|
|
|
#if !defined(MBEDTLS_RSA_NO_CRT)
|
2014-11-06 14:02:51 +01:00
|
|
|
if( strlen( input_DP ) )
|
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &prv.DP, radix_DP, input_DP ) == 0 );
|
2014-11-06 14:02:51 +01:00
|
|
|
}
|
|
|
|
if( strlen( input_DQ ) )
|
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &prv.DQ, radix_DQ, input_DQ ) == 0 );
|
2014-11-06 14:02:51 +01:00
|
|
|
}
|
|
|
|
if( strlen( input_QP ) )
|
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &prv.QP, radix_QP, input_QP ) == 0 );
|
2014-11-06 14:02:51 +01:00
|
|
|
}
|
2017-08-23 09:31:07 +02:00
|
|
|
#else
|
|
|
|
((void) radix_DP); ((void) input_DP);
|
|
|
|
((void) radix_DQ); ((void) input_DQ);
|
|
|
|
((void) radix_QP); ((void) input_QP);
|
|
|
|
#endif
|
2014-11-06 14:02:51 +01:00
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_check_pub_priv( &pub, &prv ) == result );
|
2014-11-06 14:02:51 +01:00
|
|
|
|
|
|
|
exit:
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_free( &pub );
|
|
|
|
mbedtls_rsa_free( &prv );
|
2014-11-06 14:02:51 +01:00
|
|
|
}
|
|
|
|
/* END_CASE */
|
|
|
|
|
2017-09-07 09:09:33 +02:00
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
|
2015-04-08 12:49:31 +02:00
|
|
|
void mbedtls_rsa_gen_key( int nrbits, int exponent, int result)
|
2009-07-12 15:26:42 +02:00
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_context ctx;
|
|
|
|
mbedtls_entropy_context entropy;
|
|
|
|
mbedtls_ctr_drbg_context ctr_drbg;
|
2013-06-24 13:01:08 +02:00
|
|
|
const char *pers = "test_suite_rsa";
|
2011-12-04 18:12:15 +01:00
|
|
|
|
2015-04-28 22:38:08 +02:00
|
|
|
mbedtls_ctr_drbg_init( &ctr_drbg );
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_entropy_init( &entropy );
|
2017-07-23 11:19:29 +02:00
|
|
|
mbedtls_rsa_init ( &ctx, 0, 0 );
|
2009-07-12 15:26:42 +02:00
|
|
|
|
2017-12-22 18:08:03 +01:00
|
|
|
TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
|
|
|
|
&entropy, (const unsigned char *) pers,
|
|
|
|
strlen( pers ) ) == 0 );
|
2009-07-12 15:26:42 +02:00
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_gen_key( &ctx, mbedtls_ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result );
|
2013-08-20 11:48:36 +02:00
|
|
|
if( result == 0 )
|
2009-07-12 15:26:42 +02:00
|
|
|
{
|
2015-04-08 12:49:31 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
|
2016-09-21 14:18:12 +02:00
|
|
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &ctx.P, &ctx.Q ) > 0 );
|
2009-07-12 15:26:42 +02:00
|
|
|
}
|
2013-01-03 11:33:48 +01:00
|
|
|
|
2014-07-10 15:26:12 +02:00
|
|
|
exit:
|
2015-04-08 12:49:31 +02:00
|
|
|
mbedtls_rsa_free( &ctx );
|
|
|
|
mbedtls_ctr_drbg_free( &ctr_drbg );
|
|
|
|
mbedtls_entropy_free( &entropy );
|
2009-07-12 15:26:42 +02:00
|
|
|
}
|
2013-08-20 11:48:36 +02:00
|
|
|
/* END_CASE */
|
2009-07-12 15:26:42 +02:00
|
|
|
|
2017-08-23 12:00:44 +02:00
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
|
2017-10-03 15:39:16 +02:00
|
|
|
void mbedtls_rsa_deduce_primes( int radix_N, char *input_N,
|
2017-08-23 12:00:44 +02:00
|
|
|
int radix_D, char *input_D,
|
|
|
|
int radix_E, char *input_E,
|
|
|
|
int radix_P, char *output_P,
|
|
|
|
int radix_Q, char *output_Q,
|
|
|
|
int corrupt, int result )
|
|
|
|
{
|
|
|
|
mbedtls_mpi N, P, Pp, Q, Qp, D, E;
|
|
|
|
|
|
|
|
mbedtls_mpi_init( &N );
|
|
|
|
mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
|
|
|
|
mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp );
|
|
|
|
mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
|
|
|
|
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &Qp, radix_P, output_P ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &Pp, radix_Q, output_Q ) == 0 );
|
|
|
|
|
|
|
|
if( corrupt )
|
|
|
|
TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 );
|
|
|
|
|
|
|
|
/* Try to deduce P, Q from N, D, E only. */
|
2017-10-10 17:49:26 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_deduce_primes( &N, &D, &E, &P, &Q ) == result );
|
2017-08-23 12:00:44 +02:00
|
|
|
|
|
|
|
if( !corrupt )
|
|
|
|
{
|
|
|
|
/* Check if (P,Q) = (Pp, Qp) or (P,Q) = (Qp, Pp) */
|
|
|
|
TEST_ASSERT( ( mbedtls_mpi_cmp_mpi( &P, &Pp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Qp ) == 0 ) ||
|
|
|
|
( mbedtls_mpi_cmp_mpi( &P, &Qp ) == 0 && mbedtls_mpi_cmp_mpi( &Q, &Pp ) == 0 ) );
|
|
|
|
}
|
|
|
|
|
|
|
|
exit:
|
|
|
|
mbedtls_mpi_free( &N );
|
|
|
|
mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
|
|
|
|
mbedtls_mpi_free( &Pp ); mbedtls_mpi_free( &Qp );
|
|
|
|
mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
|
|
|
|
}
|
|
|
|
/* END_CASE */
|
|
|
|
|
2017-08-23 12:00:21 +02:00
|
|
|
/* BEGIN_CASE */
|
2017-10-03 15:36:26 +02:00
|
|
|
void mbedtls_rsa_deduce_private_exponent( int radix_P, char *input_P,
|
|
|
|
int radix_Q, char *input_Q,
|
|
|
|
int radix_E, char *input_E,
|
|
|
|
int radix_D, char *output_D,
|
|
|
|
int corrupt, int result )
|
2017-08-23 12:00:21 +02:00
|
|
|
{
|
|
|
|
mbedtls_mpi P, Q, D, Dp, E, R, Rp;
|
|
|
|
|
|
|
|
mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
|
|
|
|
mbedtls_mpi_init( &D ); mbedtls_mpi_init( &Dp );
|
|
|
|
mbedtls_mpi_init( &E );
|
|
|
|
mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp );
|
|
|
|
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &Dp, radix_D, output_D ) == 0 );
|
|
|
|
|
|
|
|
if( corrupt )
|
|
|
|
{
|
|
|
|
/* Make E even */
|
|
|
|
TEST_ASSERT( mbedtls_mpi_set_bit( &E, 0, 0 ) == 0 );
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Try to deduce D from N, P, Q, E. */
|
2017-10-03 15:36:26 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_deduce_private_exponent( &P, &Q,
|
|
|
|
&E, &D ) == result );
|
2017-08-23 12:00:21 +02:00
|
|
|
|
|
|
|
if( !corrupt )
|
|
|
|
{
|
|
|
|
/*
|
|
|
|
* Check that D and Dp agree modulo LCM(P-1, Q-1).
|
|
|
|
*/
|
|
|
|
|
|
|
|
/* Replace P,Q by P-1, Q-1 */
|
|
|
|
TEST_ASSERT( mbedtls_mpi_sub_int( &P, &P, 1 ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_sub_int( &Q, &Q, 1 ) == 0 );
|
|
|
|
|
|
|
|
/* Check D == Dp modulo P-1 */
|
|
|
|
TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &P ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &P ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
|
|
|
|
|
|
|
|
/* Check D == Dp modulo Q-1 */
|
|
|
|
TEST_ASSERT( mbedtls_mpi_mod_mpi( &R, &D, &Q ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_mod_mpi( &Rp, &Dp, &Q ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &Rp ) == 0 );
|
|
|
|
}
|
|
|
|
|
|
|
|
exit:
|
|
|
|
|
|
|
|
mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
|
|
|
|
mbedtls_mpi_free( &D ); mbedtls_mpi_free( &Dp );
|
|
|
|
mbedtls_mpi_free( &E );
|
|
|
|
mbedtls_mpi_free( &R ); mbedtls_mpi_free( &Rp );
|
|
|
|
}
|
|
|
|
/* END_CASE */
|
|
|
|
|
2017-12-22 12:03:27 +01:00
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
|
Add tests for rsa_import, rsa_import_raw and rsa_complete
This commit adds numerous tests for the new library functions mbedtls_rsa_import
and mbedtls_rsa_import_raw in conjunction with mbedtls_rsa_complete for
importing and completing core sets of core RSA parameters (N,P,Q,D,E) into an
RSA context, with the importing accepting either MPI's or raw big endian
buffers.
Each test is determined by the following parameters:
1) Set of parameters provided
We're testing full sets (N,P,Q,D,E), partial sets (N,-,-,D,E) and (N,P,Q,-,E)
that are sufficient to generate missing parameters, and the partial and
insufficient set (N, -, Q, -, E).
2) Simultaenous or successive importing
The functions rsa_import and rsa_import_raw accept importing parameters at
once or one after another. We test both.
3) Sanity of parameters
2017-08-23 12:01:06 +02:00
|
|
|
void mbedtls_rsa_import( int radix_N, char *input_N,
|
|
|
|
int radix_P, char *input_P,
|
|
|
|
int radix_Q, char *input_Q,
|
|
|
|
int radix_D, char *input_D,
|
|
|
|
int radix_E, char *input_E,
|
|
|
|
int successive,
|
2017-09-29 12:51:05 +02:00
|
|
|
int is_priv,
|
2017-10-11 11:01:33 +02:00
|
|
|
int res_check,
|
|
|
|
int res_complete )
|
Add tests for rsa_import, rsa_import_raw and rsa_complete
This commit adds numerous tests for the new library functions mbedtls_rsa_import
and mbedtls_rsa_import_raw in conjunction with mbedtls_rsa_complete for
importing and completing core sets of core RSA parameters (N,P,Q,D,E) into an
RSA context, with the importing accepting either MPI's or raw big endian
buffers.
Each test is determined by the following parameters:
1) Set of parameters provided
We're testing full sets (N,P,Q,D,E), partial sets (N,-,-,D,E) and (N,P,Q,-,E)
that are sufficient to generate missing parameters, and the partial and
insufficient set (N, -, Q, -, E).
2) Simultaenous or successive importing
The functions rsa_import and rsa_import_raw accept importing parameters at
once or one after another. We test both.
3) Sanity of parameters
2017-08-23 12:01:06 +02:00
|
|
|
{
|
|
|
|
mbedtls_mpi N, P, Q, D, E;
|
|
|
|
mbedtls_rsa_context ctx;
|
|
|
|
|
2017-09-29 12:51:05 +02:00
|
|
|
/* Buffers used for encryption-decryption test */
|
|
|
|
unsigned char *buf_orig = NULL;
|
|
|
|
unsigned char *buf_enc = NULL;
|
|
|
|
unsigned char *buf_dec = NULL;
|
|
|
|
|
Add tests for rsa_import, rsa_import_raw and rsa_complete
This commit adds numerous tests for the new library functions mbedtls_rsa_import
and mbedtls_rsa_import_raw in conjunction with mbedtls_rsa_complete for
importing and completing core sets of core RSA parameters (N,P,Q,D,E) into an
RSA context, with the importing accepting either MPI's or raw big endian
buffers.
Each test is determined by the following parameters:
1) Set of parameters provided
We're testing full sets (N,P,Q,D,E), partial sets (N,-,-,D,E) and (N,P,Q,-,E)
that are sufficient to generate missing parameters, and the partial and
insufficient set (N, -, Q, -, E).
2) Simultaenous or successive importing
The functions rsa_import and rsa_import_raw accept importing parameters at
once or one after another. We test both.
3) Sanity of parameters
2017-08-23 12:01:06 +02:00
|
|
|
mbedtls_entropy_context entropy;
|
|
|
|
mbedtls_ctr_drbg_context ctr_drbg;
|
|
|
|
const char *pers = "test_suite_rsa";
|
|
|
|
|
2017-09-29 12:50:18 +02:00
|
|
|
const int have_N = ( strlen( input_N ) > 0 );
|
|
|
|
const int have_P = ( strlen( input_P ) > 0 );
|
|
|
|
const int have_Q = ( strlen( input_Q ) > 0 );
|
|
|
|
const int have_D = ( strlen( input_D ) > 0 );
|
|
|
|
const int have_E = ( strlen( input_E ) > 0 );
|
|
|
|
|
Add tests for rsa_import, rsa_import_raw and rsa_complete
This commit adds numerous tests for the new library functions mbedtls_rsa_import
and mbedtls_rsa_import_raw in conjunction with mbedtls_rsa_complete for
importing and completing core sets of core RSA parameters (N,P,Q,D,E) into an
RSA context, with the importing accepting either MPI's or raw big endian
buffers.
Each test is determined by the following parameters:
1) Set of parameters provided
We're testing full sets (N,P,Q,D,E), partial sets (N,-,-,D,E) and (N,P,Q,-,E)
that are sufficient to generate missing parameters, and the partial and
insufficient set (N, -, Q, -, E).
2) Simultaenous or successive importing
The functions rsa_import and rsa_import_raw accept importing parameters at
once or one after another. We test both.
3) Sanity of parameters
2017-08-23 12:01:06 +02:00
|
|
|
mbedtls_ctr_drbg_init( &ctr_drbg );
|
|
|
|
mbedtls_entropy_init( &entropy );
|
|
|
|
mbedtls_rsa_init( &ctx, 0, 0 );
|
|
|
|
|
|
|
|
mbedtls_mpi_init( &N );
|
|
|
|
mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
|
|
|
|
mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
|
|
|
|
|
2018-01-10 08:12:01 +01:00
|
|
|
TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
|
|
|
|
(const unsigned char *) pers, strlen( pers ) ) == 0 );
|
|
|
|
|
2017-09-29 12:50:18 +02:00
|
|
|
if( have_N )
|
Add tests for rsa_import, rsa_import_raw and rsa_complete
This commit adds numerous tests for the new library functions mbedtls_rsa_import
and mbedtls_rsa_import_raw in conjunction with mbedtls_rsa_complete for
importing and completing core sets of core RSA parameters (N,P,Q,D,E) into an
RSA context, with the importing accepting either MPI's or raw big endian
buffers.
Each test is determined by the following parameters:
1) Set of parameters provided
We're testing full sets (N,P,Q,D,E), partial sets (N,-,-,D,E) and (N,P,Q,-,E)
that are sufficient to generate missing parameters, and the partial and
insufficient set (N, -, Q, -, E).
2) Simultaenous or successive importing
The functions rsa_import and rsa_import_raw accept importing parameters at
once or one after another. We test both.
3) Sanity of parameters
2017-08-23 12:01:06 +02:00
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
|
|
|
|
|
2017-09-29 12:50:18 +02:00
|
|
|
if( have_P )
|
Add tests for rsa_import, rsa_import_raw and rsa_complete
This commit adds numerous tests for the new library functions mbedtls_rsa_import
and mbedtls_rsa_import_raw in conjunction with mbedtls_rsa_complete for
importing and completing core sets of core RSA parameters (N,P,Q,D,E) into an
RSA context, with the importing accepting either MPI's or raw big endian
buffers.
Each test is determined by the following parameters:
1) Set of parameters provided
We're testing full sets (N,P,Q,D,E), partial sets (N,-,-,D,E) and (N,P,Q,-,E)
that are sufficient to generate missing parameters, and the partial and
insufficient set (N, -, Q, -, E).
2) Simultaenous or successive importing
The functions rsa_import and rsa_import_raw accept importing parameters at
once or one after another. We test both.
3) Sanity of parameters
2017-08-23 12:01:06 +02:00
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
|
|
|
|
|
2017-09-29 12:50:18 +02:00
|
|
|
if( have_Q )
|
Add tests for rsa_import, rsa_import_raw and rsa_complete
This commit adds numerous tests for the new library functions mbedtls_rsa_import
and mbedtls_rsa_import_raw in conjunction with mbedtls_rsa_complete for
importing and completing core sets of core RSA parameters (N,P,Q,D,E) into an
RSA context, with the importing accepting either MPI's or raw big endian
buffers.
Each test is determined by the following parameters:
1) Set of parameters provided
We're testing full sets (N,P,Q,D,E), partial sets (N,-,-,D,E) and (N,P,Q,-,E)
that are sufficient to generate missing parameters, and the partial and
insufficient set (N, -, Q, -, E).
2) Simultaenous or successive importing
The functions rsa_import and rsa_import_raw accept importing parameters at
once or one after another. We test both.
3) Sanity of parameters
2017-08-23 12:01:06 +02:00
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
|
|
|
|
|
2017-09-29 12:50:18 +02:00
|
|
|
if( have_D )
|
Add tests for rsa_import, rsa_import_raw and rsa_complete
This commit adds numerous tests for the new library functions mbedtls_rsa_import
and mbedtls_rsa_import_raw in conjunction with mbedtls_rsa_complete for
importing and completing core sets of core RSA parameters (N,P,Q,D,E) into an
RSA context, with the importing accepting either MPI's or raw big endian
buffers.
Each test is determined by the following parameters:
1) Set of parameters provided
We're testing full sets (N,P,Q,D,E), partial sets (N,-,-,D,E) and (N,P,Q,-,E)
that are sufficient to generate missing parameters, and the partial and
insufficient set (N, -, Q, -, E).
2) Simultaenous or successive importing
The functions rsa_import and rsa_import_raw accept importing parameters at
once or one after another. We test both.
3) Sanity of parameters
2017-08-23 12:01:06 +02:00
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
|
|
|
|
|
2017-09-29 12:50:18 +02:00
|
|
|
if( have_E )
|
Add tests for rsa_import, rsa_import_raw and rsa_complete
This commit adds numerous tests for the new library functions mbedtls_rsa_import
and mbedtls_rsa_import_raw in conjunction with mbedtls_rsa_complete for
importing and completing core sets of core RSA parameters (N,P,Q,D,E) into an
RSA context, with the importing accepting either MPI's or raw big endian
buffers.
Each test is determined by the following parameters:
1) Set of parameters provided
We're testing full sets (N,P,Q,D,E), partial sets (N,-,-,D,E) and (N,P,Q,-,E)
that are sufficient to generate missing parameters, and the partial and
insufficient set (N, -, Q, -, E).
2) Simultaenous or successive importing
The functions rsa_import and rsa_import_raw accept importing parameters at
once or one after another. We test both.
3) Sanity of parameters
2017-08-23 12:01:06 +02:00
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
|
|
|
|
|
|
|
|
if( !successive )
|
|
|
|
{
|
|
|
|
TEST_ASSERT( mbedtls_rsa_import( &ctx,
|
2017-09-29 12:50:18 +02:00
|
|
|
have_N ? &N : NULL,
|
|
|
|
have_P ? &P : NULL,
|
|
|
|
have_Q ? &Q : NULL,
|
|
|
|
have_D ? &D : NULL,
|
|
|
|
have_E ? &E : NULL ) == 0 );
|
Add tests for rsa_import, rsa_import_raw and rsa_complete
This commit adds numerous tests for the new library functions mbedtls_rsa_import
and mbedtls_rsa_import_raw in conjunction with mbedtls_rsa_complete for
importing and completing core sets of core RSA parameters (N,P,Q,D,E) into an
RSA context, with the importing accepting either MPI's or raw big endian
buffers.
Each test is determined by the following parameters:
1) Set of parameters provided
We're testing full sets (N,P,Q,D,E), partial sets (N,-,-,D,E) and (N,P,Q,-,E)
that are sufficient to generate missing parameters, and the partial and
insufficient set (N, -, Q, -, E).
2) Simultaenous or successive importing
The functions rsa_import and rsa_import_raw accept importing parameters at
once or one after another. We test both.
3) Sanity of parameters
2017-08-23 12:01:06 +02:00
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
/* Import N, P, Q, D, E separately.
|
|
|
|
* This should make no functional difference. */
|
|
|
|
|
|
|
|
TEST_ASSERT( mbedtls_rsa_import( &ctx,
|
2017-09-29 12:50:18 +02:00
|
|
|
have_N ? &N : NULL,
|
Add tests for rsa_import, rsa_import_raw and rsa_complete
This commit adds numerous tests for the new library functions mbedtls_rsa_import
and mbedtls_rsa_import_raw in conjunction with mbedtls_rsa_complete for
importing and completing core sets of core RSA parameters (N,P,Q,D,E) into an
RSA context, with the importing accepting either MPI's or raw big endian
buffers.
Each test is determined by the following parameters:
1) Set of parameters provided
We're testing full sets (N,P,Q,D,E), partial sets (N,-,-,D,E) and (N,P,Q,-,E)
that are sufficient to generate missing parameters, and the partial and
insufficient set (N, -, Q, -, E).
2) Simultaenous or successive importing
The functions rsa_import and rsa_import_raw accept importing parameters at
once or one after another. We test both.
3) Sanity of parameters
2017-08-23 12:01:06 +02:00
|
|
|
NULL, NULL, NULL, NULL ) == 0 );
|
|
|
|
|
|
|
|
TEST_ASSERT( mbedtls_rsa_import( &ctx,
|
|
|
|
NULL,
|
2017-09-29 12:50:18 +02:00
|
|
|
have_P ? &P : NULL,
|
Add tests for rsa_import, rsa_import_raw and rsa_complete
This commit adds numerous tests for the new library functions mbedtls_rsa_import
and mbedtls_rsa_import_raw in conjunction with mbedtls_rsa_complete for
importing and completing core sets of core RSA parameters (N,P,Q,D,E) into an
RSA context, with the importing accepting either MPI's or raw big endian
buffers.
Each test is determined by the following parameters:
1) Set of parameters provided
We're testing full sets (N,P,Q,D,E), partial sets (N,-,-,D,E) and (N,P,Q,-,E)
that are sufficient to generate missing parameters, and the partial and
insufficient set (N, -, Q, -, E).
2) Simultaenous or successive importing
The functions rsa_import and rsa_import_raw accept importing parameters at
once or one after another. We test both.
3) Sanity of parameters
2017-08-23 12:01:06 +02:00
|
|
|
NULL, NULL, NULL ) == 0 );
|
|
|
|
|
|
|
|
TEST_ASSERT( mbedtls_rsa_import( &ctx,
|
|
|
|
NULL, NULL,
|
2017-09-29 12:50:18 +02:00
|
|
|
have_Q ? &Q : NULL,
|
Add tests for rsa_import, rsa_import_raw and rsa_complete
This commit adds numerous tests for the new library functions mbedtls_rsa_import
and mbedtls_rsa_import_raw in conjunction with mbedtls_rsa_complete for
importing and completing core sets of core RSA parameters (N,P,Q,D,E) into an
RSA context, with the importing accepting either MPI's or raw big endian
buffers.
Each test is determined by the following parameters:
1) Set of parameters provided
We're testing full sets (N,P,Q,D,E), partial sets (N,-,-,D,E) and (N,P,Q,-,E)
that are sufficient to generate missing parameters, and the partial and
insufficient set (N, -, Q, -, E).
2) Simultaenous or successive importing
The functions rsa_import and rsa_import_raw accept importing parameters at
once or one after another. We test both.
3) Sanity of parameters
2017-08-23 12:01:06 +02:00
|
|
|
NULL, NULL ) == 0 );
|
|
|
|
|
|
|
|
TEST_ASSERT( mbedtls_rsa_import( &ctx,
|
|
|
|
NULL, NULL, NULL,
|
2017-09-29 12:50:18 +02:00
|
|
|
have_D ? &D : NULL,
|
Add tests for rsa_import, rsa_import_raw and rsa_complete
This commit adds numerous tests for the new library functions mbedtls_rsa_import
and mbedtls_rsa_import_raw in conjunction with mbedtls_rsa_complete for
importing and completing core sets of core RSA parameters (N,P,Q,D,E) into an
RSA context, with the importing accepting either MPI's or raw big endian
buffers.
Each test is determined by the following parameters:
1) Set of parameters provided
We're testing full sets (N,P,Q,D,E), partial sets (N,-,-,D,E) and (N,P,Q,-,E)
that are sufficient to generate missing parameters, and the partial and
insufficient set (N, -, Q, -, E).
2) Simultaenous or successive importing
The functions rsa_import and rsa_import_raw accept importing parameters at
once or one after another. We test both.
3) Sanity of parameters
2017-08-23 12:01:06 +02:00
|
|
|
NULL ) == 0 );
|
|
|
|
|
|
|
|
TEST_ASSERT( mbedtls_rsa_import( &ctx,
|
|
|
|
NULL, NULL, NULL, NULL,
|
2017-09-29 12:50:18 +02:00
|
|
|
have_E ? &E : NULL ) == 0 );
|
Add tests for rsa_import, rsa_import_raw and rsa_complete
This commit adds numerous tests for the new library functions mbedtls_rsa_import
and mbedtls_rsa_import_raw in conjunction with mbedtls_rsa_complete for
importing and completing core sets of core RSA parameters (N,P,Q,D,E) into an
RSA context, with the importing accepting either MPI's or raw big endian
buffers.
Each test is determined by the following parameters:
1) Set of parameters provided
We're testing full sets (N,P,Q,D,E), partial sets (N,-,-,D,E) and (N,P,Q,-,E)
that are sufficient to generate missing parameters, and the partial and
insufficient set (N, -, Q, -, E).
2) Simultaenous or successive importing
The functions rsa_import and rsa_import_raw accept importing parameters at
once or one after another. We test both.
3) Sanity of parameters
2017-08-23 12:01:06 +02:00
|
|
|
}
|
|
|
|
|
2017-10-11 11:01:33 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
|
Add tests for rsa_import, rsa_import_raw and rsa_complete
This commit adds numerous tests for the new library functions mbedtls_rsa_import
and mbedtls_rsa_import_raw in conjunction with mbedtls_rsa_complete for
importing and completing core sets of core RSA parameters (N,P,Q,D,E) into an
RSA context, with the importing accepting either MPI's or raw big endian
buffers.
Each test is determined by the following parameters:
1) Set of parameters provided
We're testing full sets (N,P,Q,D,E), partial sets (N,-,-,D,E) and (N,P,Q,-,E)
that are sufficient to generate missing parameters, and the partial and
insufficient set (N, -, Q, -, E).
2) Simultaenous or successive importing
The functions rsa_import and rsa_import_raw accept importing parameters at
once or one after another. We test both.
3) Sanity of parameters
2017-08-23 12:01:06 +02:00
|
|
|
|
2017-09-29 12:51:05 +02:00
|
|
|
/* On expected success, perform some public and private
|
|
|
|
* key operations to check if the key is working properly. */
|
2017-10-11 11:01:33 +02:00
|
|
|
if( res_complete == 0 )
|
2017-09-29 12:51:05 +02:00
|
|
|
{
|
|
|
|
if( is_priv )
|
2017-10-11 11:01:33 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
|
|
|
|
else
|
|
|
|
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
|
|
|
|
|
|
|
|
if( res_check != 0 )
|
|
|
|
goto exit;
|
2017-09-29 12:51:05 +02:00
|
|
|
|
|
|
|
buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
|
|
|
|
buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
|
|
|
|
buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
|
|
|
|
if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
|
|
|
|
goto exit;
|
|
|
|
|
|
|
|
TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
|
|
|
|
buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
|
|
|
|
|
|
|
|
/* Make sure the number we're generating is smaller than the modulus */
|
|
|
|
buf_orig[0] = 0x00;
|
|
|
|
|
|
|
|
TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
|
|
|
|
|
|
|
|
if( is_priv )
|
|
|
|
{
|
|
|
|
TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
|
|
|
|
&ctr_drbg, buf_enc,
|
|
|
|
buf_dec ) == 0 );
|
|
|
|
|
|
|
|
TEST_ASSERT( memcmp( buf_orig, buf_dec,
|
|
|
|
mbedtls_rsa_get_len( &ctx ) ) == 0 );
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
Add tests for rsa_import, rsa_import_raw and rsa_complete
This commit adds numerous tests for the new library functions mbedtls_rsa_import
and mbedtls_rsa_import_raw in conjunction with mbedtls_rsa_complete for
importing and completing core sets of core RSA parameters (N,P,Q,D,E) into an
RSA context, with the importing accepting either MPI's or raw big endian
buffers.
Each test is determined by the following parameters:
1) Set of parameters provided
We're testing full sets (N,P,Q,D,E), partial sets (N,-,-,D,E) and (N,P,Q,-,E)
that are sufficient to generate missing parameters, and the partial and
insufficient set (N, -, Q, -, E).
2) Simultaenous or successive importing
The functions rsa_import and rsa_import_raw accept importing parameters at
once or one after another. We test both.
3) Sanity of parameters
2017-08-23 12:01:06 +02:00
|
|
|
exit:
|
|
|
|
|
2017-09-29 12:51:05 +02:00
|
|
|
mbedtls_free( buf_orig );
|
|
|
|
mbedtls_free( buf_enc );
|
|
|
|
mbedtls_free( buf_dec );
|
|
|
|
|
Add tests for rsa_import, rsa_import_raw and rsa_complete
This commit adds numerous tests for the new library functions mbedtls_rsa_import
and mbedtls_rsa_import_raw in conjunction with mbedtls_rsa_complete for
importing and completing core sets of core RSA parameters (N,P,Q,D,E) into an
RSA context, with the importing accepting either MPI's or raw big endian
buffers.
Each test is determined by the following parameters:
1) Set of parameters provided
We're testing full sets (N,P,Q,D,E), partial sets (N,-,-,D,E) and (N,P,Q,-,E)
that are sufficient to generate missing parameters, and the partial and
insufficient set (N, -, Q, -, E).
2) Simultaenous or successive importing
The functions rsa_import and rsa_import_raw accept importing parameters at
once or one after another. We test both.
3) Sanity of parameters
2017-08-23 12:01:06 +02:00
|
|
|
mbedtls_rsa_free( &ctx );
|
|
|
|
|
|
|
|
mbedtls_ctr_drbg_free( &ctr_drbg );
|
|
|
|
mbedtls_entropy_free( &entropy );
|
|
|
|
|
|
|
|
mbedtls_mpi_free( &N );
|
|
|
|
mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
|
|
|
|
mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
|
|
|
|
}
|
|
|
|
/* END_CASE */
|
|
|
|
|
2017-08-23 12:44:51 +02:00
|
|
|
/* BEGIN_CASE */
|
|
|
|
void mbedtls_rsa_export( int radix_N, char *input_N,
|
|
|
|
int radix_P, char *input_P,
|
|
|
|
int radix_Q, char *input_Q,
|
|
|
|
int radix_D, char *input_D,
|
|
|
|
int radix_E, char *input_E,
|
2017-09-29 12:51:05 +02:00
|
|
|
int is_priv,
|
2017-08-23 12:44:51 +02:00
|
|
|
int successive )
|
|
|
|
{
|
|
|
|
/* Original MPI's with which we set up the RSA context */
|
|
|
|
mbedtls_mpi N, P, Q, D, E;
|
|
|
|
|
|
|
|
/* Exported MPI's */
|
|
|
|
mbedtls_mpi Ne, Pe, Qe, De, Ee;
|
|
|
|
|
|
|
|
const int have_N = ( strlen( input_N ) > 0 );
|
|
|
|
const int have_P = ( strlen( input_P ) > 0 );
|
|
|
|
const int have_Q = ( strlen( input_Q ) > 0 );
|
|
|
|
const int have_D = ( strlen( input_D ) > 0 );
|
|
|
|
const int have_E = ( strlen( input_E ) > 0 );
|
|
|
|
|
|
|
|
mbedtls_rsa_context ctx;
|
|
|
|
|
|
|
|
mbedtls_rsa_init( &ctx, 0, 0 );
|
|
|
|
|
|
|
|
mbedtls_mpi_init( &N );
|
|
|
|
mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
|
|
|
|
mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
|
|
|
|
|
|
|
|
mbedtls_mpi_init( &Ne );
|
|
|
|
mbedtls_mpi_init( &Pe ); mbedtls_mpi_init( &Qe );
|
|
|
|
mbedtls_mpi_init( &De ); mbedtls_mpi_init( &Ee );
|
|
|
|
|
|
|
|
/* Setup RSA context */
|
|
|
|
|
|
|
|
if( have_N )
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
|
|
|
|
|
|
|
|
if( have_P )
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
|
|
|
|
|
|
|
|
if( have_Q )
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
|
|
|
|
|
|
|
|
if( have_D )
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
|
|
|
|
|
|
|
|
if( have_E )
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
|
|
|
|
|
|
|
|
TEST_ASSERT( mbedtls_rsa_import( &ctx,
|
|
|
|
strlen( input_N ) ? &N : NULL,
|
|
|
|
strlen( input_P ) ? &P : NULL,
|
|
|
|
strlen( input_Q ) ? &Q : NULL,
|
|
|
|
strlen( input_D ) ? &D : NULL,
|
|
|
|
strlen( input_E ) ? &E : NULL ) == 0 );
|
|
|
|
|
2017-10-10 17:56:22 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
|
2017-08-23 12:44:51 +02:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Export parameters and compare to original ones.
|
|
|
|
*/
|
|
|
|
|
|
|
|
/* N and E must always be present. */
|
|
|
|
if( !successive )
|
|
|
|
{
|
|
|
|
TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, &Ee ) == 0 );
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
TEST_ASSERT( mbedtls_rsa_export( &ctx, &Ne, NULL, NULL, NULL, NULL ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL, NULL, &Ee ) == 0 );
|
|
|
|
}
|
|
|
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &N, &Ne ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &E, &Ee ) == 0 );
|
|
|
|
|
|
|
|
/* If we were providing enough information to setup a complete private context,
|
|
|
|
* we expect to be able to export all core parameters. */
|
|
|
|
|
|
|
|
if( is_priv )
|
|
|
|
{
|
|
|
|
if( !successive )
|
|
|
|
{
|
|
|
|
TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, &Qe,
|
|
|
|
&De, NULL ) == 0 );
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, &Pe, NULL,
|
|
|
|
NULL, NULL ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, &Qe,
|
|
|
|
NULL, NULL ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_rsa_export( &ctx, NULL, NULL, NULL,
|
|
|
|
&De, NULL ) == 0 );
|
|
|
|
}
|
|
|
|
|
|
|
|
if( have_P )
|
|
|
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &P, &Pe ) == 0 );
|
|
|
|
|
|
|
|
if( have_Q )
|
|
|
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &Qe ) == 0 );
|
|
|
|
|
|
|
|
if( have_D )
|
|
|
|
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &D, &De ) == 0 );
|
|
|
|
|
|
|
|
/* While at it, perform a sanity check */
|
2017-08-25 08:54:27 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_validate_params( &Ne, &Pe, &Qe, &De, &Ee,
|
|
|
|
NULL, NULL ) == 0 );
|
2017-08-23 12:44:51 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
exit:
|
|
|
|
|
|
|
|
mbedtls_rsa_free( &ctx );
|
|
|
|
|
|
|
|
mbedtls_mpi_free( &N );
|
|
|
|
mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
|
|
|
|
mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
|
|
|
|
|
|
|
|
mbedtls_mpi_free( &Ne );
|
|
|
|
mbedtls_mpi_free( &Pe ); mbedtls_mpi_free( &Qe );
|
|
|
|
mbedtls_mpi_free( &De ); mbedtls_mpi_free( &Ee );
|
|
|
|
}
|
|
|
|
/* END_CASE */
|
|
|
|
|
2020-05-20 10:34:25 +02:00
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */
|
2017-08-25 08:54:27 +02:00
|
|
|
void mbedtls_rsa_validate_params( int radix_N, char *input_N,
|
|
|
|
int radix_P, char *input_P,
|
|
|
|
int radix_Q, char *input_Q,
|
|
|
|
int radix_D, char *input_D,
|
|
|
|
int radix_E, char *input_E,
|
|
|
|
int prng, int result )
|
2017-08-23 14:22:36 +02:00
|
|
|
{
|
|
|
|
/* Original MPI's with which we set up the RSA context */
|
|
|
|
mbedtls_mpi N, P, Q, D, E;
|
|
|
|
|
|
|
|
const int have_N = ( strlen( input_N ) > 0 );
|
|
|
|
const int have_P = ( strlen( input_P ) > 0 );
|
|
|
|
const int have_Q = ( strlen( input_Q ) > 0 );
|
|
|
|
const int have_D = ( strlen( input_D ) > 0 );
|
|
|
|
const int have_E = ( strlen( input_E ) > 0 );
|
|
|
|
|
|
|
|
mbedtls_entropy_context entropy;
|
|
|
|
mbedtls_ctr_drbg_context ctr_drbg;
|
|
|
|
const char *pers = "test_suite_rsa";
|
|
|
|
|
|
|
|
mbedtls_mpi_init( &N );
|
|
|
|
mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
|
|
|
|
mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
|
|
|
|
|
|
|
|
mbedtls_ctr_drbg_init( &ctr_drbg );
|
|
|
|
mbedtls_entropy_init( &entropy );
|
|
|
|
TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
|
|
|
|
&entropy, (const unsigned char *) pers,
|
|
|
|
strlen( pers ) ) == 0 );
|
|
|
|
|
|
|
|
if( have_N )
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
|
|
|
|
|
|
|
|
if( have_P )
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
|
|
|
|
|
|
|
|
if( have_Q )
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
|
|
|
|
|
|
|
|
if( have_D )
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
|
|
|
|
|
|
|
|
if( have_E )
|
|
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
|
|
|
|
|
2017-08-25 08:54:27 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL,
|
|
|
|
have_P ? &P : NULL,
|
|
|
|
have_Q ? &Q : NULL,
|
|
|
|
have_D ? &D : NULL,
|
|
|
|
have_E ? &E : NULL,
|
|
|
|
prng ? mbedtls_ctr_drbg_random : NULL,
|
|
|
|
prng ? &ctr_drbg : NULL ) == result );
|
2017-08-23 14:22:36 +02:00
|
|
|
exit:
|
|
|
|
|
|
|
|
mbedtls_ctr_drbg_free( &ctr_drbg );
|
|
|
|
mbedtls_entropy_free( &entropy );
|
|
|
|
|
|
|
|
mbedtls_mpi_free( &N );
|
|
|
|
mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
|
|
|
|
mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E );
|
|
|
|
}
|
|
|
|
/* END_CASE */
|
|
|
|
|
2017-08-23 12:49:22 +02:00
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
|
2018-06-29 12:05:32 +02:00
|
|
|
void mbedtls_rsa_export_raw( data_t *input_N, data_t *input_P,
|
|
|
|
data_t *input_Q, data_t *input_D,
|
|
|
|
data_t *input_E, int is_priv,
|
2017-09-29 12:51:05 +02:00
|
|
|
int successive )
|
2017-08-23 12:49:22 +02:00
|
|
|
{
|
|
|
|
/* Exported buffers */
|
2018-11-22 14:47:51 +01:00
|
|
|
unsigned char bufNe[256];
|
|
|
|
unsigned char bufPe[128];
|
|
|
|
unsigned char bufQe[128];
|
|
|
|
unsigned char bufDe[256];
|
|
|
|
unsigned char bufEe[1];
|
2017-08-23 12:49:22 +02:00
|
|
|
|
|
|
|
mbedtls_rsa_context ctx;
|
|
|
|
|
|
|
|
mbedtls_rsa_init( &ctx, 0, 0 );
|
|
|
|
|
|
|
|
/* Setup RSA context */
|
|
|
|
TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
|
2017-06-09 05:32:58 +02:00
|
|
|
input_N->len ? input_N->x : NULL, input_N->len,
|
|
|
|
input_P->len ? input_P->x : NULL, input_P->len,
|
|
|
|
input_Q->len ? input_Q->x : NULL, input_Q->len,
|
|
|
|
input_D->len ? input_D->x : NULL, input_D->len,
|
|
|
|
input_E->len ? input_E->x : NULL, input_E->len ) == 0 );
|
2017-08-23 12:49:22 +02:00
|
|
|
|
2017-10-10 17:56:22 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
|
2017-08-23 12:49:22 +02:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Export parameters and compare to original ones.
|
|
|
|
*/
|
|
|
|
|
|
|
|
/* N and E must always be present. */
|
|
|
|
if( !successive )
|
|
|
|
{
|
2017-06-09 05:32:58 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
|
2017-08-23 12:49:22 +02:00
|
|
|
NULL, 0, NULL, 0, NULL, 0,
|
2017-06-09 05:32:58 +02:00
|
|
|
bufEe, input_E->len ) == 0 );
|
2017-08-23 12:49:22 +02:00
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
2017-06-09 05:32:58 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, bufNe, input_N->len,
|
2017-08-23 12:49:22 +02:00
|
|
|
NULL, 0, NULL, 0, NULL, 0,
|
|
|
|
NULL, 0 ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
|
|
|
|
NULL, 0, NULL, 0, NULL, 0,
|
2017-06-09 05:32:58 +02:00
|
|
|
bufEe, input_E->len ) == 0 );
|
2017-08-23 12:49:22 +02:00
|
|
|
}
|
2017-06-09 05:32:58 +02:00
|
|
|
TEST_ASSERT( memcmp( input_N->x, bufNe, input_N->len ) == 0 );
|
|
|
|
TEST_ASSERT( memcmp( input_E->x, bufEe, input_E->len ) == 0 );
|
2017-08-23 12:49:22 +02:00
|
|
|
|
|
|
|
/* If we were providing enough information to setup a complete private context,
|
|
|
|
* we expect to be able to export all core parameters. */
|
|
|
|
|
|
|
|
if( is_priv )
|
|
|
|
{
|
|
|
|
if( !successive )
|
|
|
|
{
|
|
|
|
TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
|
2017-06-09 05:32:58 +02:00
|
|
|
bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
|
|
|
|
bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
|
|
|
|
bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
|
2017-08-23 12:49:22 +02:00
|
|
|
NULL, 0 ) == 0 );
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0,
|
2017-06-09 05:32:58 +02:00
|
|
|
bufPe, input_P->len ? input_P->len : sizeof( bufPe ),
|
2017-08-23 12:49:22 +02:00
|
|
|
NULL, 0, NULL, 0,
|
|
|
|
NULL, 0 ) == 0 );
|
|
|
|
|
|
|
|
TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0,
|
2017-06-09 05:32:58 +02:00
|
|
|
bufQe, input_Q->len ? input_Q->len : sizeof( bufQe ),
|
2017-08-23 12:49:22 +02:00
|
|
|
NULL, 0, NULL, 0 ) == 0 );
|
|
|
|
|
2017-06-09 05:32:58 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_export_raw( &ctx, NULL, 0, NULL, 0, NULL, 0,
|
|
|
|
bufDe, input_D->len ? input_D->len : sizeof( bufDe ),
|
2017-08-23 12:49:22 +02:00
|
|
|
NULL, 0 ) == 0 );
|
|
|
|
}
|
|
|
|
|
2017-06-09 05:32:58 +02:00
|
|
|
if( input_P->len )
|
|
|
|
TEST_ASSERT( memcmp( input_P->x, bufPe, input_P->len ) == 0 );
|
2017-08-23 12:49:22 +02:00
|
|
|
|
2017-06-09 05:32:58 +02:00
|
|
|
if( input_Q->len )
|
|
|
|
TEST_ASSERT( memcmp( input_Q->x, bufQe, input_Q->len ) == 0 );
|
2017-08-23 12:49:22 +02:00
|
|
|
|
2017-06-09 05:32:58 +02:00
|
|
|
if( input_D->len )
|
|
|
|
TEST_ASSERT( memcmp( input_D->x, bufDe, input_D->len ) == 0 );
|
2017-08-23 12:49:22 +02:00
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
exit:
|
|
|
|
mbedtls_rsa_free( &ctx );
|
|
|
|
}
|
|
|
|
/* END_CASE */
|
|
|
|
|
2017-12-22 12:03:27 +01:00
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C:ENTROPY_HAVE_STRONG */
|
2018-06-29 12:05:32 +02:00
|
|
|
void mbedtls_rsa_import_raw( data_t *input_N,
|
|
|
|
data_t *input_P, data_t *input_Q,
|
|
|
|
data_t *input_D, data_t *input_E,
|
Add tests for rsa_import, rsa_import_raw and rsa_complete
This commit adds numerous tests for the new library functions mbedtls_rsa_import
and mbedtls_rsa_import_raw in conjunction with mbedtls_rsa_complete for
importing and completing core sets of core RSA parameters (N,P,Q,D,E) into an
RSA context, with the importing accepting either MPI's or raw big endian
buffers.
Each test is determined by the following parameters:
1) Set of parameters provided
We're testing full sets (N,P,Q,D,E), partial sets (N,-,-,D,E) and (N,P,Q,-,E)
that are sufficient to generate missing parameters, and the partial and
insufficient set (N, -, Q, -, E).
2) Simultaenous or successive importing
The functions rsa_import and rsa_import_raw accept importing parameters at
once or one after another. We test both.
3) Sanity of parameters
2017-08-23 12:01:06 +02:00
|
|
|
int successive,
|
2017-09-29 12:51:05 +02:00
|
|
|
int is_priv,
|
2017-10-11 11:01:33 +02:00
|
|
|
int res_check,
|
|
|
|
int res_complete )
|
Add tests for rsa_import, rsa_import_raw and rsa_complete
This commit adds numerous tests for the new library functions mbedtls_rsa_import
and mbedtls_rsa_import_raw in conjunction with mbedtls_rsa_complete for
importing and completing core sets of core RSA parameters (N,P,Q,D,E) into an
RSA context, with the importing accepting either MPI's or raw big endian
buffers.
Each test is determined by the following parameters:
1) Set of parameters provided
We're testing full sets (N,P,Q,D,E), partial sets (N,-,-,D,E) and (N,P,Q,-,E)
that are sufficient to generate missing parameters, and the partial and
insufficient set (N, -, Q, -, E).
2) Simultaenous or successive importing
The functions rsa_import and rsa_import_raw accept importing parameters at
once or one after another. We test both.
3) Sanity of parameters
2017-08-23 12:01:06 +02:00
|
|
|
{
|
2017-09-29 12:51:05 +02:00
|
|
|
/* Buffers used for encryption-decryption test */
|
|
|
|
unsigned char *buf_orig = NULL;
|
|
|
|
unsigned char *buf_enc = NULL;
|
|
|
|
unsigned char *buf_dec = NULL;
|
|
|
|
|
Add tests for rsa_import, rsa_import_raw and rsa_complete
This commit adds numerous tests for the new library functions mbedtls_rsa_import
and mbedtls_rsa_import_raw in conjunction with mbedtls_rsa_complete for
importing and completing core sets of core RSA parameters (N,P,Q,D,E) into an
RSA context, with the importing accepting either MPI's or raw big endian
buffers.
Each test is determined by the following parameters:
1) Set of parameters provided
We're testing full sets (N,P,Q,D,E), partial sets (N,-,-,D,E) and (N,P,Q,-,E)
that are sufficient to generate missing parameters, and the partial and
insufficient set (N, -, Q, -, E).
2) Simultaenous or successive importing
The functions rsa_import and rsa_import_raw accept importing parameters at
once or one after another. We test both.
3) Sanity of parameters
2017-08-23 12:01:06 +02:00
|
|
|
mbedtls_rsa_context ctx;
|
|
|
|
mbedtls_entropy_context entropy;
|
|
|
|
mbedtls_ctr_drbg_context ctr_drbg;
|
2017-10-02 11:08:39 +02:00
|
|
|
|
Add tests for rsa_import, rsa_import_raw and rsa_complete
This commit adds numerous tests for the new library functions mbedtls_rsa_import
and mbedtls_rsa_import_raw in conjunction with mbedtls_rsa_complete for
importing and completing core sets of core RSA parameters (N,P,Q,D,E) into an
RSA context, with the importing accepting either MPI's or raw big endian
buffers.
Each test is determined by the following parameters:
1) Set of parameters provided
We're testing full sets (N,P,Q,D,E), partial sets (N,-,-,D,E) and (N,P,Q,-,E)
that are sufficient to generate missing parameters, and the partial and
insufficient set (N, -, Q, -, E).
2) Simultaenous or successive importing
The functions rsa_import and rsa_import_raw accept importing parameters at
once or one after another. We test both.
3) Sanity of parameters
2017-08-23 12:01:06 +02:00
|
|
|
const char *pers = "test_suite_rsa";
|
|
|
|
|
|
|
|
mbedtls_ctr_drbg_init( &ctr_drbg );
|
|
|
|
mbedtls_entropy_init( &entropy );
|
2017-10-02 11:08:39 +02:00
|
|
|
mbedtls_rsa_init( &ctx, 0, 0 );
|
|
|
|
|
Add tests for rsa_import, rsa_import_raw and rsa_complete
This commit adds numerous tests for the new library functions mbedtls_rsa_import
and mbedtls_rsa_import_raw in conjunction with mbedtls_rsa_complete for
importing and completing core sets of core RSA parameters (N,P,Q,D,E) into an
RSA context, with the importing accepting either MPI's or raw big endian
buffers.
Each test is determined by the following parameters:
1) Set of parameters provided
We're testing full sets (N,P,Q,D,E), partial sets (N,-,-,D,E) and (N,P,Q,-,E)
that are sufficient to generate missing parameters, and the partial and
insufficient set (N, -, Q, -, E).
2) Simultaenous or successive importing
The functions rsa_import and rsa_import_raw accept importing parameters at
once or one after another. We test both.
3) Sanity of parameters
2017-08-23 12:01:06 +02:00
|
|
|
TEST_ASSERT( mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func,
|
|
|
|
&entropy, (const unsigned char *) pers,
|
|
|
|
strlen( pers ) ) == 0 );
|
|
|
|
|
|
|
|
if( !successive )
|
|
|
|
{
|
|
|
|
TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
|
2017-06-09 05:32:58 +02:00
|
|
|
( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
|
|
|
|
( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
|
|
|
|
( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
|
|
|
|
( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
|
|
|
|
( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
|
Add tests for rsa_import, rsa_import_raw and rsa_complete
This commit adds numerous tests for the new library functions mbedtls_rsa_import
and mbedtls_rsa_import_raw in conjunction with mbedtls_rsa_complete for
importing and completing core sets of core RSA parameters (N,P,Q,D,E) into an
RSA context, with the importing accepting either MPI's or raw big endian
buffers.
Each test is determined by the following parameters:
1) Set of parameters provided
We're testing full sets (N,P,Q,D,E), partial sets (N,-,-,D,E) and (N,P,Q,-,E)
that are sufficient to generate missing parameters, and the partial and
insufficient set (N, -, Q, -, E).
2) Simultaenous or successive importing
The functions rsa_import and rsa_import_raw accept importing parameters at
once or one after another. We test both.
3) Sanity of parameters
2017-08-23 12:01:06 +02:00
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
/* Import N, P, Q, D, E separately.
|
|
|
|
* This should make no functional difference. */
|
|
|
|
|
|
|
|
TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
|
2017-06-09 05:32:58 +02:00
|
|
|
( input_N->len > 0 ) ? input_N->x : NULL, input_N->len,
|
Add tests for rsa_import, rsa_import_raw and rsa_complete
This commit adds numerous tests for the new library functions mbedtls_rsa_import
and mbedtls_rsa_import_raw in conjunction with mbedtls_rsa_complete for
importing and completing core sets of core RSA parameters (N,P,Q,D,E) into an
RSA context, with the importing accepting either MPI's or raw big endian
buffers.
Each test is determined by the following parameters:
1) Set of parameters provided
We're testing full sets (N,P,Q,D,E), partial sets (N,-,-,D,E) and (N,P,Q,-,E)
that are sufficient to generate missing parameters, and the partial and
insufficient set (N, -, Q, -, E).
2) Simultaenous or successive importing
The functions rsa_import and rsa_import_raw accept importing parameters at
once or one after another. We test both.
3) Sanity of parameters
2017-08-23 12:01:06 +02:00
|
|
|
NULL, 0, NULL, 0, NULL, 0, NULL, 0 ) == 0 );
|
|
|
|
|
|
|
|
TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
|
|
|
|
NULL, 0,
|
2017-06-09 05:32:58 +02:00
|
|
|
( input_P->len > 0 ) ? input_P->x : NULL, input_P->len,
|
Add tests for rsa_import, rsa_import_raw and rsa_complete
This commit adds numerous tests for the new library functions mbedtls_rsa_import
and mbedtls_rsa_import_raw in conjunction with mbedtls_rsa_complete for
importing and completing core sets of core RSA parameters (N,P,Q,D,E) into an
RSA context, with the importing accepting either MPI's or raw big endian
buffers.
Each test is determined by the following parameters:
1) Set of parameters provided
We're testing full sets (N,P,Q,D,E), partial sets (N,-,-,D,E) and (N,P,Q,-,E)
that are sufficient to generate missing parameters, and the partial and
insufficient set (N, -, Q, -, E).
2) Simultaenous or successive importing
The functions rsa_import and rsa_import_raw accept importing parameters at
once or one after another. We test both.
3) Sanity of parameters
2017-08-23 12:01:06 +02:00
|
|
|
NULL, 0, NULL, 0, NULL, 0 ) == 0 );
|
|
|
|
|
|
|
|
TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
|
|
|
|
NULL, 0, NULL, 0,
|
2017-06-09 05:32:58 +02:00
|
|
|
( input_Q->len > 0 ) ? input_Q->x : NULL, input_Q->len,
|
Add tests for rsa_import, rsa_import_raw and rsa_complete
This commit adds numerous tests for the new library functions mbedtls_rsa_import
and mbedtls_rsa_import_raw in conjunction with mbedtls_rsa_complete for
importing and completing core sets of core RSA parameters (N,P,Q,D,E) into an
RSA context, with the importing accepting either MPI's or raw big endian
buffers.
Each test is determined by the following parameters:
1) Set of parameters provided
We're testing full sets (N,P,Q,D,E), partial sets (N,-,-,D,E) and (N,P,Q,-,E)
that are sufficient to generate missing parameters, and the partial and
insufficient set (N, -, Q, -, E).
2) Simultaenous or successive importing
The functions rsa_import and rsa_import_raw accept importing parameters at
once or one after another. We test both.
3) Sanity of parameters
2017-08-23 12:01:06 +02:00
|
|
|
NULL, 0, NULL, 0 ) == 0 );
|
|
|
|
|
|
|
|
TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
|
|
|
|
NULL, 0, NULL, 0, NULL, 0,
|
2017-06-09 05:32:58 +02:00
|
|
|
( input_D->len > 0 ) ? input_D->x : NULL, input_D->len,
|
Add tests for rsa_import, rsa_import_raw and rsa_complete
This commit adds numerous tests for the new library functions mbedtls_rsa_import
and mbedtls_rsa_import_raw in conjunction with mbedtls_rsa_complete for
importing and completing core sets of core RSA parameters (N,P,Q,D,E) into an
RSA context, with the importing accepting either MPI's or raw big endian
buffers.
Each test is determined by the following parameters:
1) Set of parameters provided
We're testing full sets (N,P,Q,D,E), partial sets (N,-,-,D,E) and (N,P,Q,-,E)
that are sufficient to generate missing parameters, and the partial and
insufficient set (N, -, Q, -, E).
2) Simultaenous or successive importing
The functions rsa_import and rsa_import_raw accept importing parameters at
once or one after another. We test both.
3) Sanity of parameters
2017-08-23 12:01:06 +02:00
|
|
|
NULL, 0 ) == 0 );
|
|
|
|
|
|
|
|
TEST_ASSERT( mbedtls_rsa_import_raw( &ctx,
|
|
|
|
NULL, 0, NULL, 0, NULL, 0, NULL, 0,
|
2017-06-09 05:32:58 +02:00
|
|
|
( input_E->len > 0 ) ? input_E->x : NULL, input_E->len ) == 0 );
|
Add tests for rsa_import, rsa_import_raw and rsa_complete
This commit adds numerous tests for the new library functions mbedtls_rsa_import
and mbedtls_rsa_import_raw in conjunction with mbedtls_rsa_complete for
importing and completing core sets of core RSA parameters (N,P,Q,D,E) into an
RSA context, with the importing accepting either MPI's or raw big endian
buffers.
Each test is determined by the following parameters:
1) Set of parameters provided
We're testing full sets (N,P,Q,D,E), partial sets (N,-,-,D,E) and (N,P,Q,-,E)
that are sufficient to generate missing parameters, and the partial and
insufficient set (N, -, Q, -, E).
2) Simultaenous or successive importing
The functions rsa_import and rsa_import_raw accept importing parameters at
once or one after another. We test both.
3) Sanity of parameters
2017-08-23 12:01:06 +02:00
|
|
|
}
|
|
|
|
|
2017-10-11 11:01:33 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == res_complete );
|
Add tests for rsa_import, rsa_import_raw and rsa_complete
This commit adds numerous tests for the new library functions mbedtls_rsa_import
and mbedtls_rsa_import_raw in conjunction with mbedtls_rsa_complete for
importing and completing core sets of core RSA parameters (N,P,Q,D,E) into an
RSA context, with the importing accepting either MPI's or raw big endian
buffers.
Each test is determined by the following parameters:
1) Set of parameters provided
We're testing full sets (N,P,Q,D,E), partial sets (N,-,-,D,E) and (N,P,Q,-,E)
that are sufficient to generate missing parameters, and the partial and
insufficient set (N, -, Q, -, E).
2) Simultaenous or successive importing
The functions rsa_import and rsa_import_raw accept importing parameters at
once or one after another. We test both.
3) Sanity of parameters
2017-08-23 12:01:06 +02:00
|
|
|
|
2017-09-29 12:51:05 +02:00
|
|
|
/* On expected success, perform some public and private
|
|
|
|
* key operations to check if the key is working properly. */
|
2017-10-11 11:01:33 +02:00
|
|
|
if( res_complete == 0 )
|
2017-09-29 12:51:05 +02:00
|
|
|
{
|
|
|
|
if( is_priv )
|
2017-10-11 11:01:33 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == res_check );
|
|
|
|
else
|
|
|
|
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == res_check );
|
|
|
|
|
|
|
|
if( res_check != 0 )
|
|
|
|
goto exit;
|
2017-09-29 12:51:05 +02:00
|
|
|
|
|
|
|
buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
|
|
|
|
buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
|
|
|
|
buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
|
|
|
|
if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
|
|
|
|
goto exit;
|
|
|
|
|
|
|
|
TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
|
|
|
|
buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
|
|
|
|
|
|
|
|
/* Make sure the number we're generating is smaller than the modulus */
|
|
|
|
buf_orig[0] = 0x00;
|
|
|
|
|
|
|
|
TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
|
|
|
|
|
|
|
|
if( is_priv )
|
|
|
|
{
|
|
|
|
TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
|
|
|
|
&ctr_drbg, buf_enc,
|
|
|
|
buf_dec ) == 0 );
|
|
|
|
|
|
|
|
TEST_ASSERT( memcmp( buf_orig, buf_dec,
|
|
|
|
mbedtls_rsa_get_len( &ctx ) ) == 0 );
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
Add tests for rsa_import, rsa_import_raw and rsa_complete
This commit adds numerous tests for the new library functions mbedtls_rsa_import
and mbedtls_rsa_import_raw in conjunction with mbedtls_rsa_complete for
importing and completing core sets of core RSA parameters (N,P,Q,D,E) into an
RSA context, with the importing accepting either MPI's or raw big endian
buffers.
Each test is determined by the following parameters:
1) Set of parameters provided
We're testing full sets (N,P,Q,D,E), partial sets (N,-,-,D,E) and (N,P,Q,-,E)
that are sufficient to generate missing parameters, and the partial and
insufficient set (N, -, Q, -, E).
2) Simultaenous or successive importing
The functions rsa_import and rsa_import_raw accept importing parameters at
once or one after another. We test both.
3) Sanity of parameters
2017-08-23 12:01:06 +02:00
|
|
|
exit:
|
|
|
|
|
2017-10-02 11:08:39 +02:00
|
|
|
mbedtls_free( buf_orig );
|
|
|
|
mbedtls_free( buf_enc );
|
|
|
|
mbedtls_free( buf_dec );
|
|
|
|
|
Add tests for rsa_import, rsa_import_raw and rsa_complete
This commit adds numerous tests for the new library functions mbedtls_rsa_import
and mbedtls_rsa_import_raw in conjunction with mbedtls_rsa_complete for
importing and completing core sets of core RSA parameters (N,P,Q,D,E) into an
RSA context, with the importing accepting either MPI's or raw big endian
buffers.
Each test is determined by the following parameters:
1) Set of parameters provided
We're testing full sets (N,P,Q,D,E), partial sets (N,-,-,D,E) and (N,P,Q,-,E)
that are sufficient to generate missing parameters, and the partial and
insufficient set (N, -, Q, -, E).
2) Simultaenous or successive importing
The functions rsa_import and rsa_import_raw accept importing parameters at
once or one after another. We test both.
3) Sanity of parameters
2017-08-23 12:01:06 +02:00
|
|
|
mbedtls_rsa_free( &ctx );
|
|
|
|
|
|
|
|
mbedtls_ctr_drbg_free( &ctr_drbg );
|
|
|
|
mbedtls_entropy_free( &entropy );
|
|
|
|
|
|
|
|
}
|
|
|
|
/* END_CASE */
|
|
|
|
|
2015-04-08 12:49:31 +02:00
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
|
2017-05-30 15:23:15 +02:00
|
|
|
void rsa_selftest( )
|
2009-07-07 22:18:41 +02:00
|
|
|
{
|
2016-09-09 10:10:28 +02:00
|
|
|
TEST_ASSERT( mbedtls_rsa_self_test( 1 ) == 0 );
|
2009-07-07 22:18:41 +02:00
|
|
|
}
|
2013-08-20 11:48:36 +02:00
|
|
|
/* END_CASE */
|