1a8e1175bSopenharmony_ci/* BEGIN_HEADER */ 2a8e1175bSopenharmony_ci#include "mbedtls/rsa.h" 3a8e1175bSopenharmony_ci/* END_HEADER */ 4a8e1175bSopenharmony_ci 5a8e1175bSopenharmony_ci/* BEGIN_DEPENDENCIES 6a8e1175bSopenharmony_ci * depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_RSA_C 7a8e1175bSopenharmony_ci * END_DEPENDENCIES 8a8e1175bSopenharmony_ci */ 9a8e1175bSopenharmony_ci 10a8e1175bSopenharmony_ci/* BEGIN_CASE */ 11a8e1175bSopenharmony_civoid pkcs1_rsaes_oaep_encrypt(int mod, data_t *input_N, data_t *input_E, 12a8e1175bSopenharmony_ci int hash, data_t *message_str, data_t *rnd_buf, 13a8e1175bSopenharmony_ci data_t *result_str, int result) 14a8e1175bSopenharmony_ci{ 15a8e1175bSopenharmony_ci unsigned char output[256]; 16a8e1175bSopenharmony_ci mbedtls_rsa_context ctx; 17a8e1175bSopenharmony_ci mbedtls_test_rnd_buf_info info; 18a8e1175bSopenharmony_ci mbedtls_mpi N, E; 19a8e1175bSopenharmony_ci 20a8e1175bSopenharmony_ci MD_PSA_INIT(); 21a8e1175bSopenharmony_ci 22a8e1175bSopenharmony_ci info.fallback_f_rng = mbedtls_test_rnd_std_rand; 23a8e1175bSopenharmony_ci info.fallback_p_rng = NULL; 24a8e1175bSopenharmony_ci info.buf = rnd_buf->x; 25a8e1175bSopenharmony_ci info.length = rnd_buf->len; 26a8e1175bSopenharmony_ci 27a8e1175bSopenharmony_ci mbedtls_mpi_init(&N); mbedtls_mpi_init(&E); 28a8e1175bSopenharmony_ci mbedtls_rsa_init(&ctx); 29a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_rsa_set_padding(&ctx, 30a8e1175bSopenharmony_ci MBEDTLS_RSA_PKCS_V21, hash) == 0); 31a8e1175bSopenharmony_ci memset(output, 0x00, sizeof(output)); 32a8e1175bSopenharmony_ci 33a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V21); 34a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), hash); 35a8e1175bSopenharmony_ci 36a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_mpi_read_binary(&N, input_N->x, input_N->len) == 0); 37a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_mpi_read_binary(&E, input_E->x, input_E->len) == 0); 38a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0); 39a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) ((mod + 7) / 8)); 40a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0); 41a8e1175bSopenharmony_ci 42a8e1175bSopenharmony_ci if (message_str->len == 0) { 43a8e1175bSopenharmony_ci message_str->x = NULL; 44a8e1175bSopenharmony_ci } 45a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_rsa_pkcs1_encrypt(&ctx, 46a8e1175bSopenharmony_ci &mbedtls_test_rnd_buffer_rand, 47a8e1175bSopenharmony_ci &info, message_str->len, 48a8e1175bSopenharmony_ci message_str->x, 49a8e1175bSopenharmony_ci output) == result); 50a8e1175bSopenharmony_ci if (result == 0) { 51a8e1175bSopenharmony_ci TEST_MEMORY_COMPARE(output, ctx.len, result_str->x, result_str->len); 52a8e1175bSopenharmony_ci } 53a8e1175bSopenharmony_ci 54a8e1175bSopenharmony_ciexit: 55a8e1175bSopenharmony_ci mbedtls_mpi_free(&N); mbedtls_mpi_free(&E); 56a8e1175bSopenharmony_ci mbedtls_rsa_free(&ctx); 57a8e1175bSopenharmony_ci MD_PSA_DONE(); 58a8e1175bSopenharmony_ci} 59a8e1175bSopenharmony_ci/* END_CASE */ 60a8e1175bSopenharmony_ci 61a8e1175bSopenharmony_ci/* BEGIN_CASE */ 62a8e1175bSopenharmony_civoid pkcs1_rsaes_oaep_decrypt(int mod, data_t *input_P, data_t *input_Q, 63a8e1175bSopenharmony_ci data_t *input_N, data_t *input_E, int hash, 64a8e1175bSopenharmony_ci data_t *result_str, char *seed, data_t *message_str, 65a8e1175bSopenharmony_ci int result) 66a8e1175bSopenharmony_ci{ 67a8e1175bSopenharmony_ci unsigned char output[64]; 68a8e1175bSopenharmony_ci mbedtls_rsa_context ctx; 69a8e1175bSopenharmony_ci size_t output_len; 70a8e1175bSopenharmony_ci mbedtls_test_rnd_pseudo_info rnd_info; 71a8e1175bSopenharmony_ci mbedtls_mpi N, P, Q, E; 72a8e1175bSopenharmony_ci ((void) seed); 73a8e1175bSopenharmony_ci 74a8e1175bSopenharmony_ci MD_PSA_INIT(); 75a8e1175bSopenharmony_ci 76a8e1175bSopenharmony_ci mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); 77a8e1175bSopenharmony_ci mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E); 78a8e1175bSopenharmony_ci 79a8e1175bSopenharmony_ci mbedtls_rsa_init(&ctx); 80a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_rsa_set_padding(&ctx, 81a8e1175bSopenharmony_ci MBEDTLS_RSA_PKCS_V21, hash) == 0); 82a8e1175bSopenharmony_ci 83a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V21); 84a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), hash); 85a8e1175bSopenharmony_ci 86a8e1175bSopenharmony_ci memset(output, 0x00, sizeof(output)); 87a8e1175bSopenharmony_ci memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info)); 88a8e1175bSopenharmony_ci 89a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_mpi_read_binary(&P, input_P->x, input_P->len) == 0); 90a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_mpi_read_binary(&Q, input_Q->x, input_Q->len) == 0); 91a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_mpi_read_binary(&N, input_N->x, input_N->len) == 0); 92a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_mpi_read_binary(&E, input_E->x, input_E->len) == 0); 93a8e1175bSopenharmony_ci 94a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, &P, &Q, NULL, &E) == 0); 95a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) ((mod + 7) / 8)); 96a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0); 97a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == 0); 98a8e1175bSopenharmony_ci 99a8e1175bSopenharmony_ci if (result_str->len == 0) { 100a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_rsa_pkcs1_decrypt(&ctx, 101a8e1175bSopenharmony_ci &mbedtls_test_rnd_pseudo_rand, 102a8e1175bSopenharmony_ci &rnd_info, 103a8e1175bSopenharmony_ci &output_len, message_str->x, 104a8e1175bSopenharmony_ci NULL, 0) == result); 105a8e1175bSopenharmony_ci } else { 106a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_rsa_pkcs1_decrypt(&ctx, 107a8e1175bSopenharmony_ci &mbedtls_test_rnd_pseudo_rand, 108a8e1175bSopenharmony_ci &rnd_info, 109a8e1175bSopenharmony_ci &output_len, message_str->x, 110a8e1175bSopenharmony_ci output, 111a8e1175bSopenharmony_ci sizeof(output)) == result); 112a8e1175bSopenharmony_ci if (result == 0) { 113a8e1175bSopenharmony_ci TEST_MEMORY_COMPARE(output, output_len, result_str->x, result_str->len); 114a8e1175bSopenharmony_ci } 115a8e1175bSopenharmony_ci } 116a8e1175bSopenharmony_ci 117a8e1175bSopenharmony_ciexit: 118a8e1175bSopenharmony_ci mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); 119a8e1175bSopenharmony_ci mbedtls_mpi_free(&Q); mbedtls_mpi_free(&E); 120a8e1175bSopenharmony_ci mbedtls_rsa_free(&ctx); 121a8e1175bSopenharmony_ci MD_PSA_DONE(); 122a8e1175bSopenharmony_ci} 123a8e1175bSopenharmony_ci/* END_CASE */ 124a8e1175bSopenharmony_ci 125a8e1175bSopenharmony_ci/* BEGIN_CASE */ 126a8e1175bSopenharmony_civoid pkcs1_rsassa_pss_sign(int mod, data_t *input_P, data_t *input_Q, 127a8e1175bSopenharmony_ci data_t *input_N, data_t *input_E, int digest, 128a8e1175bSopenharmony_ci int hash, data_t *hash_digest, data_t *rnd_buf, 129a8e1175bSopenharmony_ci data_t *result_str, int fixed_salt_length, 130a8e1175bSopenharmony_ci int result) 131a8e1175bSopenharmony_ci{ 132a8e1175bSopenharmony_ci unsigned char output[512]; 133a8e1175bSopenharmony_ci mbedtls_rsa_context ctx; 134a8e1175bSopenharmony_ci mbedtls_test_rnd_buf_info info; 135a8e1175bSopenharmony_ci mbedtls_mpi N, P, Q, E; 136a8e1175bSopenharmony_ci 137a8e1175bSopenharmony_ci MD_PSA_INIT(); 138a8e1175bSopenharmony_ci 139a8e1175bSopenharmony_ci info.fallback_f_rng = mbedtls_test_rnd_std_rand; 140a8e1175bSopenharmony_ci info.fallback_p_rng = NULL; 141a8e1175bSopenharmony_ci info.buf = rnd_buf->x; 142a8e1175bSopenharmony_ci info.length = rnd_buf->len; 143a8e1175bSopenharmony_ci 144a8e1175bSopenharmony_ci mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); 145a8e1175bSopenharmony_ci mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E); 146a8e1175bSopenharmony_ci mbedtls_rsa_init(&ctx); 147a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_rsa_set_padding(&ctx, 148a8e1175bSopenharmony_ci MBEDTLS_RSA_PKCS_V21, hash) == 0); 149a8e1175bSopenharmony_ci 150a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V21); 151a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), hash); 152a8e1175bSopenharmony_ci 153a8e1175bSopenharmony_ci memset(output, 0x00, sizeof(output)); 154a8e1175bSopenharmony_ci 155a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_mpi_read_binary(&P, input_P->x, input_P->len) == 0); 156a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_mpi_read_binary(&Q, input_Q->x, input_Q->len) == 0); 157a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_mpi_read_binary(&N, input_N->x, input_N->len) == 0); 158a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_mpi_read_binary(&E, input_E->x, input_E->len) == 0); 159a8e1175bSopenharmony_ci 160a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, &P, &Q, NULL, &E) == 0); 161a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) ((mod + 7) / 8)); 162a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_rsa_complete(&ctx) == 0); 163a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_rsa_check_privkey(&ctx) == 0); 164a8e1175bSopenharmony_ci 165a8e1175bSopenharmony_ci if (fixed_salt_length == MBEDTLS_RSA_SALT_LEN_ANY) { 166a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_rsa_pkcs1_sign( 167a8e1175bSopenharmony_ci &ctx, &mbedtls_test_rnd_buffer_rand, &info, 168a8e1175bSopenharmony_ci digest, hash_digest->len, hash_digest->x, output) == result); 169a8e1175bSopenharmony_ci if (result == 0) { 170a8e1175bSopenharmony_ci TEST_MEMORY_COMPARE(output, ctx.len, result_str->x, result_str->len); 171a8e1175bSopenharmony_ci } 172a8e1175bSopenharmony_ci 173a8e1175bSopenharmony_ci info.buf = rnd_buf->x; 174a8e1175bSopenharmony_ci info.length = rnd_buf->len; 175a8e1175bSopenharmony_ci } 176a8e1175bSopenharmony_ci 177a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_rsa_rsassa_pss_sign_ext( 178a8e1175bSopenharmony_ci &ctx, &mbedtls_test_rnd_buffer_rand, &info, 179a8e1175bSopenharmony_ci digest, hash_digest->len, hash_digest->x, 180a8e1175bSopenharmony_ci fixed_salt_length, output) == result); 181a8e1175bSopenharmony_ci if (result == 0) { 182a8e1175bSopenharmony_ci TEST_MEMORY_COMPARE(output, ctx.len, result_str->x, result_str->len); 183a8e1175bSopenharmony_ci } 184a8e1175bSopenharmony_ci 185a8e1175bSopenharmony_ciexit: 186a8e1175bSopenharmony_ci mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); 187a8e1175bSopenharmony_ci mbedtls_mpi_free(&Q); mbedtls_mpi_free(&E); 188a8e1175bSopenharmony_ci mbedtls_rsa_free(&ctx); 189a8e1175bSopenharmony_ci MD_PSA_DONE(); 190a8e1175bSopenharmony_ci} 191a8e1175bSopenharmony_ci/* END_CASE */ 192a8e1175bSopenharmony_ci 193a8e1175bSopenharmony_ci/* BEGIN_CASE */ 194a8e1175bSopenharmony_civoid pkcs1_rsassa_pss_verify(int mod, data_t *input_N, data_t *input_E, 195a8e1175bSopenharmony_ci int digest, int hash, data_t *hash_digest, 196a8e1175bSopenharmony_ci char *salt, data_t *result_str, int result) 197a8e1175bSopenharmony_ci{ 198a8e1175bSopenharmony_ci mbedtls_rsa_context ctx; 199a8e1175bSopenharmony_ci mbedtls_mpi N, E; 200a8e1175bSopenharmony_ci ((void) salt); 201a8e1175bSopenharmony_ci 202a8e1175bSopenharmony_ci MD_PSA_INIT(); 203a8e1175bSopenharmony_ci 204a8e1175bSopenharmony_ci mbedtls_mpi_init(&N); mbedtls_mpi_init(&E); 205a8e1175bSopenharmony_ci mbedtls_rsa_init(&ctx); 206a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_rsa_set_padding(&ctx, 207a8e1175bSopenharmony_ci MBEDTLS_RSA_PKCS_V21, hash) == 0); 208a8e1175bSopenharmony_ci 209a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V21); 210a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), hash); 211a8e1175bSopenharmony_ci 212a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_mpi_read_binary(&N, input_N->x, input_N->len) == 0); 213a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_mpi_read_binary(&E, input_E->x, input_E->len) == 0); 214a8e1175bSopenharmony_ci 215a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0); 216a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) ((mod + 7) / 8)); 217a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0); 218a8e1175bSopenharmony_ci 219a8e1175bSopenharmony_ci 220a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_rsa_pkcs1_verify(&ctx, digest, hash_digest->len, hash_digest->x, 221a8e1175bSopenharmony_ci result_str->x) == result); 222a8e1175bSopenharmony_ci 223a8e1175bSopenharmony_ciexit: 224a8e1175bSopenharmony_ci mbedtls_mpi_free(&N); mbedtls_mpi_free(&E); 225a8e1175bSopenharmony_ci mbedtls_rsa_free(&ctx); 226a8e1175bSopenharmony_ci MD_PSA_DONE(); 227a8e1175bSopenharmony_ci} 228a8e1175bSopenharmony_ci/* END_CASE */ 229a8e1175bSopenharmony_ci 230a8e1175bSopenharmony_ci/* BEGIN_CASE */ 231a8e1175bSopenharmony_civoid pkcs1_rsassa_pss_verify_ext(int mod, data_t *input_N, data_t *input_E, 232a8e1175bSopenharmony_ci int msg_digest_id, int ctx_hash, 233a8e1175bSopenharmony_ci int mgf_hash, int salt_len, 234a8e1175bSopenharmony_ci data_t *hash_digest, 235a8e1175bSopenharmony_ci data_t *result_str, int result_simple, 236a8e1175bSopenharmony_ci int result_full) 237a8e1175bSopenharmony_ci{ 238a8e1175bSopenharmony_ci mbedtls_rsa_context ctx; 239a8e1175bSopenharmony_ci mbedtls_mpi N, E; 240a8e1175bSopenharmony_ci 241a8e1175bSopenharmony_ci MD_PSA_INIT(); 242a8e1175bSopenharmony_ci 243a8e1175bSopenharmony_ci mbedtls_mpi_init(&N); mbedtls_mpi_init(&E); 244a8e1175bSopenharmony_ci mbedtls_rsa_init(&ctx); 245a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_rsa_set_padding(&ctx, 246a8e1175bSopenharmony_ci MBEDTLS_RSA_PKCS_V21, ctx_hash) == 0); 247a8e1175bSopenharmony_ci 248a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V21); 249a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), ctx_hash); 250a8e1175bSopenharmony_ci 251a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_mpi_read_binary(&N, input_N->x, input_N->len) == 0); 252a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_mpi_read_binary(&E, input_E->x, input_E->len) == 0); 253a8e1175bSopenharmony_ci 254a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0); 255a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_rsa_get_len(&ctx) == (size_t) ((mod + 7) / 8)); 256a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_rsa_check_pubkey(&ctx) == 0); 257a8e1175bSopenharmony_ci 258a8e1175bSopenharmony_ci 259a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_rsa_pkcs1_verify(&ctx, msg_digest_id, 260a8e1175bSopenharmony_ci hash_digest->len, hash_digest->x, 261a8e1175bSopenharmony_ci result_str->x) == result_simple); 262a8e1175bSopenharmony_ci 263a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_rsa_rsassa_pss_verify_ext(&ctx, msg_digest_id, hash_digest->len, 264a8e1175bSopenharmony_ci hash_digest->x, mgf_hash, salt_len, 265a8e1175bSopenharmony_ci result_str->x) == result_full); 266a8e1175bSopenharmony_ci 267a8e1175bSopenharmony_ciexit: 268a8e1175bSopenharmony_ci mbedtls_mpi_free(&N); mbedtls_mpi_free(&E); 269a8e1175bSopenharmony_ci mbedtls_rsa_free(&ctx); 270a8e1175bSopenharmony_ci MD_PSA_DONE(); 271a8e1175bSopenharmony_ci} 272a8e1175bSopenharmony_ci/* END_CASE */ 273