1/* BEGIN_HEADER */ 2#include "mbedtls/rsa.h" 3#include "mbedtls/md.h" 4/* END_HEADER */ 5 6/* BEGIN_DEPENDENCIES 7 * depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_RSA_C:MBEDTLS_SHA1_C 8 * END_DEPENDENCIES 9 */ 10 11/* BEGIN_CASE */ 12void pkcs1_rsaes_oaep_encrypt( int mod, int radix_N, char * input_N, 13 int radix_E, char * input_E, int hash, 14 data_t * message_str, data_t * rnd_buf, 15 data_t * result_str, int result ) 16{ 17 unsigned char output[256]; 18 mbedtls_rsa_context ctx; 19 rnd_buf_info info; 20 mbedtls_mpi N, E; 21 22 info.buf = rnd_buf->x; 23 info.length = rnd_buf->len; 24 25 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); 26 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); 27 memset( output, 0x00, sizeof( output ) ); 28 29 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); 30 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); 31 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); 32 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) ); 33 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); 34 35 36 TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, MBEDTLS_RSA_PUBLIC, message_str->len, message_str->x, output ) == result ); 37 if( result == 0 ) 38 { 39 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x, 40 ctx.len, result_str->len ) == 0 ); 41 } 42 43exit: 44 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); 45 mbedtls_rsa_free( &ctx ); 46} 47/* END_CASE */ 48 49/* BEGIN_CASE */ 50void pkcs1_rsaes_oaep_decrypt( int mod, int radix_P, char * input_P, 51 int radix_Q, char * input_Q, int radix_N, 52 char * input_N, int radix_E, char * input_E, 53 int hash, data_t * result_str, 54 char * seed, data_t * message_str, 55 int result ) 56{ 57 unsigned char output[64]; 58 mbedtls_rsa_context ctx; 59 size_t output_len; 60 rnd_pseudo_info rnd_info; 61 mbedtls_mpi N, P, Q, E; 62 ((void) seed); 63 64 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); 65 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); 66 67 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); 68 69 memset( output, 0x00, sizeof( output ) ); 70 memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) ); 71 72 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 ); 73 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 ); 74 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); 75 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); 76 77 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 ); 78 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) ); 79 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); 80 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); 81 82 TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, &rnd_pseudo_rand, &rnd_info, 83 MBEDTLS_RSA_PRIVATE, &output_len, 84 message_str->x, output, 85 sizeof( output ) ) == result ); 86 if( result == 0 ) 87 { 88 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x, 89 output_len, 90 result_str->len ) == 0 ); 91 } 92 93exit: 94 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); 95 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E ); 96 mbedtls_rsa_free( &ctx ); 97} 98/* END_CASE */ 99 100/* BEGIN_CASE */ 101void pkcs1_rsassa_pss_sign( int mod, int radix_P, char * input_P, int radix_Q, 102 char * input_Q, int radix_N, char * input_N, 103 int radix_E, char * input_E, int digest, int hash, 104 data_t * message_str, data_t * rnd_buf, 105 data_t * result_str, int result ) 106{ 107 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; 108 unsigned char output[256]; 109 mbedtls_rsa_context ctx; 110 rnd_buf_info info; 111 mbedtls_mpi N, P, Q, E; 112 113 info.buf = rnd_buf->x; 114 info.length = rnd_buf->len; 115 116 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); 117 mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &E ); 118 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); 119 120 memset( hash_result, 0x00, sizeof( hash_result ) ); 121 memset( output, 0x00, sizeof( output ) ); 122 123 TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 ); 124 TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 ); 125 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); 126 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); 127 128 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 ); 129 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) ); 130 TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 ); 131 TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 ); 132 133 134 if( mbedtls_md_info_from_type( digest ) != NULL ) 135 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); 136 137 TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, MBEDTLS_RSA_PRIVATE, 138 digest, 0, hash_result, output ) == result ); 139 if( result == 0 ) 140 { 141 142 TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x, 143 ctx.len, result_str->len ) == 0 ); 144 } 145 146exit: 147 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); 148 mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E ); 149 mbedtls_rsa_free( &ctx ); 150} 151/* END_CASE */ 152 153/* BEGIN_CASE */ 154void pkcs1_rsassa_pss_verify( int mod, int radix_N, char * input_N, 155 int radix_E, char * input_E, int digest, 156 int hash, data_t * message_str, char * salt, 157 data_t * result_str, int result ) 158{ 159 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; 160 mbedtls_rsa_context ctx; 161 mbedtls_mpi N, E; 162 ((void) salt); 163 164 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); 165 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, hash ); 166 memset( hash_result, 0x00, sizeof( hash_result ) ); 167 168 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); 169 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); 170 171 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); 172 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) ); 173 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); 174 175 176 if( mbedtls_md_info_from_type( digest ) != NULL ) 177 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); 178 179 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result ); 180 181exit: 182 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); 183 mbedtls_rsa_free( &ctx ); 184} 185/* END_CASE */ 186 187/* BEGIN_CASE */ 188void pkcs1_rsassa_pss_verify_ext( int mod, int radix_N, char * input_N, 189 int radix_E, char * input_E, 190 int msg_digest_id, int ctx_hash, 191 int mgf_hash, int salt_len, 192 data_t * message_str, 193 data_t * result_str, int result_simple, 194 int result_full ) 195{ 196 unsigned char hash_result[MBEDTLS_MD_MAX_SIZE]; 197 mbedtls_rsa_context ctx; 198 size_t hash_len; 199 mbedtls_mpi N, E; 200 201 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &E ); 202 mbedtls_rsa_init( &ctx, MBEDTLS_RSA_PKCS_V21, ctx_hash ); 203 memset( hash_result, 0x00, sizeof( hash_result ) ); 204 205 TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 ); 206 TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 ); 207 208 TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 ); 209 TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) ); 210 TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); 211 212 213 if( msg_digest_id != MBEDTLS_MD_NONE ) 214 { 215 TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( msg_digest_id ), 216 message_str->x, message_str->len, hash_result ) == 0 ); 217 hash_len = 0; 218 } 219 else 220 { 221 memcpy( hash_result, message_str->x, message_str->len ); 222 hash_len = message_str->len; 223 } 224 225 TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, 226 msg_digest_id, hash_len, hash_result, 227 result_str->x ) == result_simple ); 228 229 TEST_ASSERT( mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, 230 msg_digest_id, hash_len, hash_result, 231 mgf_hash, salt_len, 232 result_str->x ) == result_full ); 233 234exit: 235 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); 236 mbedtls_rsa_free( &ctx ); 237} 238/* END_CASE */ 239