mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-23 22:45:37 +01:00
1d26709dbd
Add a new function mbedtls_rsa_get_bitlen which returns the RSA key size, i.e. the bit size of the modulus. In the pk module, call mbedtls_rsa_get_bitlen instead of mbedtls_rsa_get_len, which gave the wrong result for key sizes that are not a multiple of 8. This commit adds one non-regression test in the pk suite. More tests are needed for RSA key sizes that are a multiple of 8. This commit does not address RSA alternative implementations, which only provide an interface that return the modulus size in bytes.
528 lines
17 KiB
Plaintext
528 lines
17 KiB
Plaintext
/* BEGIN_HEADER */
|
|
#include "mbedtls/pk.h"
|
|
|
|
/* For error codes */
|
|
#include "mbedtls/ecp.h"
|
|
#include "mbedtls/rsa.h"
|
|
|
|
#include <limits.h>
|
|
#include <stdint.h>
|
|
|
|
static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len );
|
|
|
|
#define RSA_KEY_SIZE 512
|
|
#define RSA_KEY_LEN 64
|
|
|
|
static int pk_genkey( mbedtls_pk_context *pk, int size )
|
|
{
|
|
((void) pk);
|
|
|
|
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME)
|
|
if( mbedtls_pk_get_type( pk ) == MBEDTLS_PK_RSA )
|
|
{
|
|
if( size == 0 )
|
|
size = RSA_KEY_SIZE;
|
|
return( mbedtls_rsa_gen_key( mbedtls_pk_rsa( *pk ),
|
|
rnd_std_rand, NULL, size, 3 ) );
|
|
}
|
|
#endif
|
|
#if defined(MBEDTLS_ECP_C)
|
|
if( mbedtls_pk_get_type( pk ) == MBEDTLS_PK_ECKEY ||
|
|
mbedtls_pk_get_type( pk ) == MBEDTLS_PK_ECKEY_DH ||
|
|
mbedtls_pk_get_type( pk ) == MBEDTLS_PK_ECDSA )
|
|
{
|
|
int ret;
|
|
mbedtls_ecp_group_id curve;
|
|
switch( size )
|
|
{
|
|
case 0:
|
|
case 192:
|
|
curve = MBEDTLS_ECP_DP_SECP192R1;
|
|
break;
|
|
case 224:
|
|
curve = MBEDTLS_ECP_DP_SECP224R1;
|
|
break;
|
|
case 256:
|
|
curve = MBEDTLS_ECP_DP_SECP256R1;
|
|
break;
|
|
case 384:
|
|
curve = MBEDTLS_ECP_DP_SECP384R1;
|
|
break;
|
|
case 521:
|
|
curve = MBEDTLS_ECP_DP_SECP521R1;
|
|
break;
|
|
default:
|
|
return( -1 );
|
|
}
|
|
if( ( ret = mbedtls_ecp_group_load( &mbedtls_pk_ec( *pk )->grp,
|
|
curve ) ) != 0 )
|
|
return( ret );
|
|
|
|
return mbedtls_ecp_gen_keypair( &mbedtls_pk_ec( *pk )->grp, &mbedtls_pk_ec( *pk )->d,
|
|
&mbedtls_pk_ec( *pk )->Q, rnd_std_rand, NULL );
|
|
}
|
|
#endif
|
|
return( -1 );
|
|
}
|
|
|
|
#if defined(MBEDTLS_RSA_C)
|
|
int mbedtls_rsa_decrypt_func( void *ctx, int mode, size_t *olen,
|
|
const unsigned char *input, unsigned char *output,
|
|
size_t output_max_len )
|
|
{
|
|
return( mbedtls_rsa_pkcs1_decrypt( (mbedtls_rsa_context *) ctx,
|
|
rnd_std_rand, NULL, mode, olen,
|
|
input, output, output_max_len ) );
|
|
}
|
|
int mbedtls_rsa_sign_func( void *ctx,
|
|
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
|
|
int mode, mbedtls_md_type_t md_alg, unsigned int hashlen,
|
|
const unsigned char *hash, unsigned char *sig )
|
|
{
|
|
((void) f_rng);
|
|
((void) p_rng);
|
|
return( mbedtls_rsa_pkcs1_sign( (mbedtls_rsa_context *) ctx, rnd_std_rand, NULL, mode,
|
|
md_alg, hashlen, hash, sig ) );
|
|
}
|
|
size_t mbedtls_rsa_key_len_func( void *ctx )
|
|
{
|
|
return( ((const mbedtls_rsa_context *) ctx)->len );
|
|
}
|
|
#endif /* MBEDTLS_RSA_C */
|
|
/* END_HEADER */
|
|
|
|
/* BEGIN_DEPENDENCIES
|
|
* depends_on:MBEDTLS_PK_C
|
|
* END_DEPENDENCIES
|
|
*/
|
|
|
|
/* BEGIN_CASE */
|
|
void pk_utils( int type, int size, int len, char * name )
|
|
{
|
|
mbedtls_pk_context pk;
|
|
|
|
mbedtls_pk_init( &pk );
|
|
|
|
TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 );
|
|
TEST_ASSERT( pk_genkey( &pk, size ) == 0 );
|
|
|
|
TEST_ASSERT( (int) mbedtls_pk_get_type( &pk ) == type );
|
|
TEST_ASSERT( mbedtls_pk_can_do( &pk, type ) );
|
|
TEST_ASSERT( mbedtls_pk_get_bitlen( &pk ) == (unsigned) size );
|
|
TEST_ASSERT( mbedtls_pk_get_len( &pk ) == (unsigned) len );
|
|
TEST_ASSERT( strcmp( mbedtls_pk_get_name( &pk), name ) == 0 );
|
|
|
|
exit:
|
|
mbedtls_pk_free( &pk );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_FS_IO */
|
|
void mbedtls_pk_check_pair( char * pub_file, char * prv_file, int ret )
|
|
{
|
|
mbedtls_pk_context pub, prv, alt;
|
|
|
|
mbedtls_pk_init( &pub );
|
|
mbedtls_pk_init( &prv );
|
|
mbedtls_pk_init( &alt );
|
|
|
|
TEST_ASSERT( mbedtls_pk_parse_public_keyfile( &pub, pub_file ) == 0 );
|
|
TEST_ASSERT( mbedtls_pk_parse_keyfile( &prv, prv_file, NULL ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_pk_check_pair( &pub, &prv ) == ret );
|
|
|
|
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
|
|
if( mbedtls_pk_get_type( &prv ) == MBEDTLS_PK_RSA )
|
|
{
|
|
TEST_ASSERT( mbedtls_pk_setup_rsa_alt( &alt, mbedtls_pk_rsa( prv ),
|
|
mbedtls_rsa_decrypt_func, mbedtls_rsa_sign_func,
|
|
mbedtls_rsa_key_len_func ) == 0 );
|
|
TEST_ASSERT( mbedtls_pk_check_pair( &pub, &alt ) == ret );
|
|
}
|
|
#endif
|
|
|
|
mbedtls_pk_free( &pub );
|
|
mbedtls_pk_free( &prv );
|
|
mbedtls_pk_free( &alt );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
|
|
void pk_rsa_verify_test_vec( data_t * message_str, int digest, int mod,
|
|
int radix_N, char * input_N, int radix_E,
|
|
char * input_E, data_t * result_str,
|
|
int result )
|
|
{
|
|
unsigned char hash_result[1000];
|
|
mbedtls_rsa_context *rsa;
|
|
mbedtls_pk_context pk;
|
|
|
|
mbedtls_pk_init( &pk );
|
|
|
|
memset( hash_result, 0x00, 1000 );
|
|
|
|
TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
|
|
rsa = mbedtls_pk_rsa( pk );
|
|
|
|
rsa->len = mod / 8;
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &rsa->N, radix_N, input_N ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &rsa->E, radix_E, input_E ) == 0 );
|
|
|
|
|
|
if( mbedtls_md_info_from_type( digest ) != NULL )
|
|
TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_pk_verify( &pk, digest, hash_result, 0,
|
|
result_str->x, mbedtls_pk_get_len( &pk ) ) == result );
|
|
|
|
exit:
|
|
mbedtls_pk_free( &pk );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
|
|
void pk_rsa_verify_ext_test_vec( data_t * message_str, int digest,
|
|
int mod, int radix_N, char * input_N,
|
|
int radix_E, char * input_E,
|
|
data_t * result_str, int pk_type,
|
|
int mgf1_hash_id, int salt_len, int result )
|
|
{
|
|
unsigned char hash_result[1000];
|
|
mbedtls_rsa_context *rsa;
|
|
mbedtls_pk_context pk;
|
|
mbedtls_pk_rsassa_pss_options pss_opts;
|
|
void *options;
|
|
size_t hash_len;
|
|
|
|
mbedtls_pk_init( &pk );
|
|
|
|
memset( hash_result, 0x00, 1000 );
|
|
|
|
TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
|
|
rsa = mbedtls_pk_rsa( pk );
|
|
|
|
rsa->len = mod / 8;
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &rsa->N, radix_N, input_N ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &rsa->E, radix_E, input_E ) == 0 );
|
|
|
|
|
|
if( digest != MBEDTLS_MD_NONE )
|
|
{
|
|
TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ),
|
|
message_str->x, message_str->len, hash_result ) == 0 );
|
|
hash_len = 0;
|
|
}
|
|
else
|
|
{
|
|
memcpy( hash_result, message_str->x, message_str->len );
|
|
hash_len = message_str->len;
|
|
}
|
|
|
|
if( mgf1_hash_id < 0 )
|
|
{
|
|
options = NULL;
|
|
}
|
|
else
|
|
{
|
|
options = &pss_opts;
|
|
|
|
pss_opts.mgf1_hash_id = mgf1_hash_id;
|
|
pss_opts.expected_salt_len = salt_len;
|
|
}
|
|
|
|
TEST_ASSERT( mbedtls_pk_verify_ext( pk_type, options, &pk,
|
|
digest, hash_result, hash_len,
|
|
result_str->x, mbedtls_pk_get_len( &pk ) ) == result );
|
|
|
|
exit:
|
|
mbedtls_pk_free( &pk );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_ECDSA_C */
|
|
void pk_ec_test_vec( int type, int id, data_t * key, data_t * hash,
|
|
data_t * sig, int ret )
|
|
{
|
|
mbedtls_pk_context pk;
|
|
mbedtls_ecp_keypair *eckey;
|
|
|
|
mbedtls_pk_init( &pk );
|
|
|
|
|
|
TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_ECDSA ) );
|
|
eckey = mbedtls_pk_ec( pk );
|
|
|
|
TEST_ASSERT( mbedtls_ecp_group_load( &eckey->grp, id ) == 0 );
|
|
TEST_ASSERT( mbedtls_ecp_point_read_binary( &eckey->grp, &eckey->Q,
|
|
key->x, key->len ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_NONE,
|
|
hash->x, hash->len, sig->x, sig->len ) == ret );
|
|
|
|
exit:
|
|
mbedtls_pk_free( &pk );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
|
|
void pk_sign_verify( int type, int sign_ret, int verify_ret )
|
|
{
|
|
mbedtls_pk_context pk;
|
|
unsigned char hash[50], sig[5000];
|
|
size_t sig_len;
|
|
|
|
mbedtls_pk_init( &pk );
|
|
|
|
memset( hash, 0x2a, sizeof hash );
|
|
memset( sig, 0, sizeof sig );
|
|
|
|
TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 );
|
|
TEST_ASSERT( pk_genkey( &pk, 0 ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, sizeof hash,
|
|
sig, &sig_len, rnd_std_rand, NULL ) == sign_ret );
|
|
|
|
TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256,
|
|
hash, sizeof hash, sig, sig_len ) == verify_ret );
|
|
|
|
exit:
|
|
mbedtls_pk_free( &pk );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
|
|
void pk_rsa_encrypt_test_vec( data_t * message, int mod, int radix_N,
|
|
char * input_N, int radix_E, char * input_E,
|
|
data_t * result, int ret )
|
|
{
|
|
unsigned char output[1000];
|
|
rnd_pseudo_info rnd_info;
|
|
mbedtls_rsa_context *rsa;
|
|
mbedtls_pk_context pk;
|
|
size_t olen;
|
|
|
|
memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
|
|
memset( output, 0, sizeof( output ) );
|
|
|
|
|
|
mbedtls_pk_init( &pk );
|
|
TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
|
|
rsa = mbedtls_pk_rsa( pk );
|
|
|
|
rsa->len = mod / 8;
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &rsa->N, radix_N, input_N ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &rsa->E, radix_E, input_E ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_pk_encrypt( &pk, message->x, message->len,
|
|
output, &olen, sizeof( output ),
|
|
rnd_pseudo_rand, &rnd_info ) == ret );
|
|
TEST_ASSERT( olen == result->len );
|
|
TEST_ASSERT( memcmp( output, result->x, olen ) == 0 );
|
|
|
|
exit:
|
|
mbedtls_pk_free( &pk );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
|
|
void pk_rsa_decrypt_test_vec( data_t * cipher, int mod, int radix_P,
|
|
char * input_P, int radix_Q, char * input_Q,
|
|
int radix_N, char * input_N, int radix_E,
|
|
char * input_E, data_t * clear, int ret )
|
|
{
|
|
unsigned char output[1000];
|
|
rnd_pseudo_info rnd_info;
|
|
mbedtls_mpi N, P, Q, E;
|
|
mbedtls_rsa_context *rsa;
|
|
mbedtls_pk_context pk;
|
|
size_t olen;
|
|
|
|
mbedtls_pk_init( &pk );
|
|
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P );
|
|
mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E );
|
|
|
|
memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
|
|
|
|
|
|
/* init pk-rsa context */
|
|
TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
|
|
rsa = mbedtls_pk_rsa( pk );
|
|
|
|
/* load public key */
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
|
|
|
|
/* load private key */
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
|
|
TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
|
|
TEST_ASSERT( mbedtls_rsa_import( rsa, &N, &P, &Q, NULL, &E ) == 0 );
|
|
TEST_ASSERT( mbedtls_rsa_get_len( rsa ) == (size_t) ( mod / 8 ) );
|
|
TEST_ASSERT( mbedtls_rsa_complete( rsa ) == 0 );
|
|
|
|
/* decryption test */
|
|
memset( output, 0, sizeof( output ) );
|
|
olen = 0;
|
|
TEST_ASSERT( mbedtls_pk_decrypt( &pk, cipher->x, cipher->len,
|
|
output, &olen, sizeof( output ),
|
|
rnd_pseudo_rand, &rnd_info ) == ret );
|
|
if( ret == 0 )
|
|
{
|
|
TEST_ASSERT( olen == clear->len );
|
|
TEST_ASSERT( memcmp( output, clear->x, olen ) == 0 );
|
|
}
|
|
|
|
exit:
|
|
mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P );
|
|
mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E );
|
|
mbedtls_pk_free( &pk );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void pk_ec_nocrypt( int type )
|
|
{
|
|
mbedtls_pk_context pk;
|
|
unsigned char output[100];
|
|
unsigned char input[100];
|
|
rnd_pseudo_info rnd_info;
|
|
size_t olen = 0;
|
|
int ret = MBEDTLS_ERR_PK_TYPE_MISMATCH;
|
|
|
|
mbedtls_pk_init( &pk );
|
|
|
|
memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
|
|
memset( output, 0, sizeof( output ) );
|
|
memset( input, 0, sizeof( input ) );
|
|
|
|
TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 );
|
|
|
|
TEST_ASSERT( mbedtls_pk_encrypt( &pk, input, sizeof( input ),
|
|
output, &olen, sizeof( output ),
|
|
rnd_pseudo_rand, &rnd_info ) == ret );
|
|
|
|
TEST_ASSERT( mbedtls_pk_decrypt( &pk, input, sizeof( input ),
|
|
output, &olen, sizeof( output ),
|
|
rnd_pseudo_rand, &rnd_info ) == ret );
|
|
|
|
exit:
|
|
mbedtls_pk_free( &pk );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
|
|
void pk_rsa_overflow( )
|
|
{
|
|
mbedtls_pk_context pk;
|
|
size_t hash_len = SIZE_MAX, sig_len = SIZE_MAX;
|
|
unsigned char hash[50], sig[100];
|
|
|
|
if( SIZE_MAX <= UINT_MAX )
|
|
return;
|
|
|
|
memset( hash, 0x2a, sizeof hash );
|
|
memset( sig, 0, sizeof sig );
|
|
|
|
mbedtls_pk_init( &pk );
|
|
|
|
TEST_ASSERT( mbedtls_pk_setup( &pk,
|
|
mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
|
|
|
|
#if defined(MBEDTLS_PKCS1_V21)
|
|
TEST_ASSERT( mbedtls_pk_verify_ext( MBEDTLS_PK_RSASSA_PSS, NULL, &pk,
|
|
MBEDTLS_MD_NONE, hash, hash_len, sig, sig_len ) ==
|
|
MBEDTLS_ERR_PK_BAD_INPUT_DATA );
|
|
#endif /* MBEDTLS_PKCS1_V21 */
|
|
|
|
TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_NONE, hash, hash_len,
|
|
sig, sig_len ) == MBEDTLS_ERR_PK_BAD_INPUT_DATA );
|
|
|
|
TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_NONE, hash, hash_len, sig, &sig_len,
|
|
rnd_std_rand, NULL ) == MBEDTLS_ERR_PK_BAD_INPUT_DATA );
|
|
|
|
exit:
|
|
mbedtls_pk_free( &pk );
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_PK_RSA_ALT_SUPPORT */
|
|
void pk_rsa_alt( )
|
|
{
|
|
/*
|
|
* An rsa_alt context can only do private operations (decrypt, sign).
|
|
* Test it against the public operations (encrypt, verify) of a
|
|
* corresponding rsa context.
|
|
*/
|
|
mbedtls_rsa_context raw;
|
|
mbedtls_pk_context rsa, alt;
|
|
mbedtls_pk_debug_item dbg_items[10];
|
|
unsigned char hash[50], sig[1000];
|
|
unsigned char msg[50], ciph[1000], test[1000];
|
|
size_t sig_len, ciph_len, test_len;
|
|
int ret = MBEDTLS_ERR_PK_TYPE_MISMATCH;
|
|
|
|
mbedtls_rsa_init( &raw, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE );
|
|
mbedtls_pk_init( &rsa ); mbedtls_pk_init( &alt );
|
|
|
|
memset( hash, 0x2a, sizeof hash );
|
|
memset( sig, 0, sizeof sig );
|
|
memset( msg, 0x2a, sizeof msg );
|
|
memset( ciph, 0, sizeof ciph );
|
|
memset( test, 0, sizeof test );
|
|
|
|
/* Initiliaze PK RSA context with random key */
|
|
TEST_ASSERT( mbedtls_pk_setup( &rsa,
|
|
mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
|
|
TEST_ASSERT( pk_genkey( &rsa, RSA_KEY_SIZE ) == 0 );
|
|
|
|
/* Extract key to the raw rsa context */
|
|
TEST_ASSERT( mbedtls_rsa_copy( &raw, mbedtls_pk_rsa( rsa ) ) == 0 );
|
|
|
|
/* Initialize PK RSA_ALT context */
|
|
TEST_ASSERT( mbedtls_pk_setup_rsa_alt( &alt, (void *) &raw,
|
|
mbedtls_rsa_decrypt_func, mbedtls_rsa_sign_func, mbedtls_rsa_key_len_func ) == 0 );
|
|
|
|
/* Test administrative functions */
|
|
TEST_ASSERT( mbedtls_pk_can_do( &alt, MBEDTLS_PK_RSA ) );
|
|
TEST_ASSERT( mbedtls_pk_get_bitlen( &alt ) == RSA_KEY_SIZE );
|
|
TEST_ASSERT( mbedtls_pk_get_len( &alt ) == RSA_KEY_LEN );
|
|
TEST_ASSERT( mbedtls_pk_get_type( &alt ) == MBEDTLS_PK_RSA_ALT );
|
|
TEST_ASSERT( strcmp( mbedtls_pk_get_name( &alt ), "RSA-alt" ) == 0 );
|
|
|
|
/* Test signature */
|
|
#if SIZE_MAX > UINT_MAX
|
|
TEST_ASSERT( mbedtls_pk_sign( &alt, MBEDTLS_MD_NONE, hash, SIZE_MAX,
|
|
sig, &sig_len, rnd_std_rand, NULL ) ==
|
|
MBEDTLS_ERR_PK_BAD_INPUT_DATA );
|
|
#endif /* SIZE_MAX > UINT_MAX */
|
|
TEST_ASSERT( mbedtls_pk_sign( &alt, MBEDTLS_MD_NONE, hash, sizeof hash,
|
|
sig, &sig_len, rnd_std_rand, NULL ) == 0 );
|
|
TEST_ASSERT( sig_len == RSA_KEY_LEN );
|
|
TEST_ASSERT( mbedtls_pk_verify( &rsa, MBEDTLS_MD_NONE,
|
|
hash, sizeof hash, sig, sig_len ) == 0 );
|
|
|
|
/* Test decrypt */
|
|
TEST_ASSERT( mbedtls_pk_encrypt( &rsa, msg, sizeof msg,
|
|
ciph, &ciph_len, sizeof ciph,
|
|
rnd_std_rand, NULL ) == 0 );
|
|
TEST_ASSERT( mbedtls_pk_decrypt( &alt, ciph, ciph_len,
|
|
test, &test_len, sizeof test,
|
|
rnd_std_rand, NULL ) == 0 );
|
|
TEST_ASSERT( test_len == sizeof msg );
|
|
TEST_ASSERT( memcmp( test, msg, test_len ) == 0 );
|
|
|
|
/* Test forbidden operations */
|
|
TEST_ASSERT( mbedtls_pk_encrypt( &alt, msg, sizeof msg,
|
|
ciph, &ciph_len, sizeof ciph,
|
|
rnd_std_rand, NULL ) == ret );
|
|
TEST_ASSERT( mbedtls_pk_verify( &alt, MBEDTLS_MD_NONE,
|
|
hash, sizeof hash, sig, sig_len ) == ret );
|
|
TEST_ASSERT( mbedtls_pk_debug( &alt, dbg_items ) == ret );
|
|
|
|
exit:
|
|
mbedtls_rsa_free( &raw );
|
|
mbedtls_pk_free( &rsa ); mbedtls_pk_free( &alt );
|
|
}
|
|
/* END_CASE */
|