PolarSSL v1.3.2
test_suite_rsa.c
Go to the documentation of this file.
1 #include <polarssl/config.h>
2 
3 #ifdef POLARSSL_RSA_C
4 #ifdef POLARSSL_BIGNUM_C
5 #ifdef POLARSSL_GENPRIME
6 
7 #include <polarssl/rsa.h>
8 #include <polarssl/md2.h>
9 #include <polarssl/md4.h>
10 #include <polarssl/md5.h>
11 #include <polarssl/sha1.h>
12 #include <polarssl/sha256.h>
13 #include <polarssl/sha512.h>
14 #include <polarssl/entropy.h>
15 #include <polarssl/ctr_drbg.h>
16 #endif /* POLARSSL_RSA_C */
17 #endif /* POLARSSL_BIGNUM_C */
18 #endif /* POLARSSL_GENPRIME */
19 
20 
21 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
22 #include "polarssl/memory.h"
23 #endif
24 
25 #if defined(WANT_NOT_RND_MPI)
26 #if defined(POLARSSL_BIGNUM_C)
27 #include "polarssl/bignum.h"
28 #else
29 #error "not_rnd_mpi() need bignum.c"
30 #endif
31 #endif
32 
33 #ifdef _MSC_VER
34 #include <basetsd.h>
35 typedef UINT32 uint32_t;
36 #else
37 #include <inttypes.h>
38 #endif
39 
40 #include <assert.h>
41 #include <stdlib.h>
42 #include <string.h>
43 
44 /*
45  * 32-bit integer manipulation macros (big endian)
46  */
47 #ifndef GET_UINT32_BE
48 #define GET_UINT32_BE(n,b,i) \
49 { \
50  (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
51  | ( (uint32_t) (b)[(i) + 1] << 16 ) \
52  | ( (uint32_t) (b)[(i) + 2] << 8 ) \
53  | ( (uint32_t) (b)[(i) + 3] ); \
54 }
55 #endif
56 
57 #ifndef PUT_UINT32_BE
58 #define PUT_UINT32_BE(n,b,i) \
59 { \
60  (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
61  (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
62  (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
63  (b)[(i) + 3] = (unsigned char) ( (n) ); \
64 }
65 #endif
66 
67 static int unhexify(unsigned char *obuf, const char *ibuf)
68 {
69  unsigned char c, c2;
70  int len = strlen(ibuf) / 2;
71  assert(!(strlen(ibuf) %1)); // must be even number of bytes
72 
73  while (*ibuf != 0)
74  {
75  c = *ibuf++;
76  if( c >= '0' && c <= '9' )
77  c -= '0';
78  else if( c >= 'a' && c <= 'f' )
79  c -= 'a' - 10;
80  else if( c >= 'A' && c <= 'F' )
81  c -= 'A' - 10;
82  else
83  assert( 0 );
84 
85  c2 = *ibuf++;
86  if( c2 >= '0' && c2 <= '9' )
87  c2 -= '0';
88  else if( c2 >= 'a' && c2 <= 'f' )
89  c2 -= 'a' - 10;
90  else if( c2 >= 'A' && c2 <= 'F' )
91  c2 -= 'A' - 10;
92  else
93  assert( 0 );
94 
95  *obuf++ = ( c << 4 ) | c2;
96  }
97 
98  return len;
99 }
100 
101 static void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
102 {
103  unsigned char l, h;
104 
105  while (len != 0)
106  {
107  h = (*ibuf) / 16;
108  l = (*ibuf) % 16;
109 
110  if( h < 10 )
111  *obuf++ = '0' + h;
112  else
113  *obuf++ = 'a' + h - 10;
114 
115  if( l < 10 )
116  *obuf++ = '0' + l;
117  else
118  *obuf++ = 'a' + l - 10;
119 
120  ++ibuf;
121  len--;
122  }
123 }
124 
134 static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len )
135 {
136  size_t i;
137 
138  if( rng_state != NULL )
139  rng_state = NULL;
140 
141  for( i = 0; i < len; ++i )
142  output[i] = rand();
143 
144  return( 0 );
145 }
146 
152 static int rnd_zero_rand( void *rng_state, unsigned char *output, size_t len )
153 {
154  if( rng_state != NULL )
155  rng_state = NULL;
156 
157  memset( output, 0, len );
158 
159  return( 0 );
160 }
161 
162 typedef struct
163 {
164  unsigned char *buf;
165  size_t length;
166 } rnd_buf_info;
167 
179 static int rnd_buffer_rand( void *rng_state, unsigned char *output, size_t len )
180 {
181  rnd_buf_info *info = (rnd_buf_info *) rng_state;
182  size_t use_len;
183 
184  if( rng_state == NULL )
185  return( rnd_std_rand( NULL, output, len ) );
186 
187  use_len = len;
188  if( len > info->length )
189  use_len = info->length;
190 
191  if( use_len )
192  {
193  memcpy( output, info->buf, use_len );
194  info->buf += use_len;
195  info->length -= use_len;
196  }
197 
198  if( len - use_len > 0 )
199  return( rnd_std_rand( NULL, output + use_len, len - use_len ) );
200 
201  return( 0 );
202 }
203 
211 typedef struct
212 {
213  uint32_t key[16];
214  uint32_t v0, v1;
216 
225 static int rnd_pseudo_rand( void *rng_state, unsigned char *output, size_t len )
226 {
227  rnd_pseudo_info *info = (rnd_pseudo_info *) rng_state;
228  uint32_t i, *k, sum, delta=0x9E3779B9;
229  unsigned char result[4];
230 
231  if( rng_state == NULL )
232  return( rnd_std_rand( NULL, output, len ) );
233 
234  k = info->key;
235 
236  while( len > 0 )
237  {
238  size_t use_len = ( len > 4 ) ? 4 : len;
239  sum = 0;
240 
241  for( i = 0; i < 32; i++ )
242  {
243  info->v0 += (((info->v1 << 4) ^ (info->v1 >> 5)) + info->v1) ^ (sum + k[sum & 3]);
244  sum += delta;
245  info->v1 += (((info->v0 << 4) ^ (info->v0 >> 5)) + info->v0) ^ (sum + k[(sum>>11) & 3]);
246  }
247 
248  PUT_UINT32_BE( info->v0, result, 0 );
249  memcpy( output, result, use_len );
250  len -= use_len;
251  }
252 
253  return( 0 );
254 }
255 
256 #if defined(WANT_NOT_RND_MPI)
257 
265 #define ciL (sizeof(t_uint)) /* chars in limb */
266 #define CHARS_TO_LIMBS(i) (((i) + ciL - 1) / ciL)
267 static int not_rnd_mpi( void *in, unsigned char *out, size_t len )
268 {
269  char *str = (char *) in;
270  mpi X;
271 
272  /*
273  * The 'in' pointer we get is from an MPI prepared by mpi_fill_random(),
274  * just reconstruct the rest in order to be able to call mpi_read_string()
275  */
276  X.s = 1;
277  X.p = (t_uint *) out;
278  X.n = CHARS_TO_LIMBS( len );
279 
280  /*
281  * If str is too long, mpi_read_string() will try to allocate a new buffer
282  * for X.p, which we want to avoid at all costs.
283  */
284  assert( strlen( str ) / 2 == len );
285 
286  return( mpi_read_string( &X, 16, str ) );
287 }
288 #endif /* WANT_NOT_RND_MPI */
289 
290 
291 #include <stdio.h>
292 #include <string.h>
293 
294 static int test_errors = 0;
295 
296 #ifdef POLARSSL_RSA_C
297 #ifdef POLARSSL_BIGNUM_C
298 #ifdef POLARSSL_GENPRIME
299 
300 #define TEST_SUITE_ACTIVE
301 
302 static int test_assert( int correct, char *test )
303 {
304  if( correct )
305  return( 0 );
306 
307  test_errors++;
308  if( test_errors == 1 )
309  printf( "FAILED\n" );
310  printf( " %s\n", test );
311 
312  return( 1 );
313 }
314 
315 #define TEST_ASSERT( TEST ) \
316  do { test_assert( (TEST) ? 1 : 0, #TEST ); \
317  if( test_errors) return; \
318  } while (0)
319 
320 int verify_string( char **str )
321 {
322  if( (*str)[0] != '"' ||
323  (*str)[strlen( *str ) - 1] != '"' )
324  {
325  printf( "Expected string (with \"\") for parameter and got: %s\n", *str );
326  return( -1 );
327  }
328 
329  (*str)++;
330  (*str)[strlen( *str ) - 1] = '\0';
331 
332  return( 0 );
333 }
334 
335 int verify_int( char *str, int *value )
336 {
337  size_t i;
338  int minus = 0;
339  int digits = 1;
340  int hex = 0;
341 
342  for( i = 0; i < strlen( str ); i++ )
343  {
344  if( i == 0 && str[i] == '-' )
345  {
346  minus = 1;
347  continue;
348  }
349 
350  if( ( ( minus && i == 2 ) || ( !minus && i == 1 ) ) &&
351  str[i - 1] == '0' && str[i] == 'x' )
352  {
353  hex = 1;
354  continue;
355  }
356 
357  if( str[i] < '0' || str[i] > '9' )
358  {
359  digits = 0;
360  break;
361  }
362  }
363 
364  if( digits )
365  {
366  if( hex )
367  *value = strtol( str, NULL, 16 );
368  else
369  *value = strtol( str, NULL, 10 );
370 
371  return( 0 );
372  }
373 
374  if( strcmp( str, "POLARSSL_MD_SHA256" ) == 0 )
375  {
376  *value = ( POLARSSL_MD_SHA256 );
377  return( 0 );
378  }
379  if( strcmp( str, "POLARSSL_MD_MD5" ) == 0 )
380  {
381  *value = ( POLARSSL_MD_MD5 );
382  return( 0 );
383  }
384  if( strcmp( str, "RSA_PKCS_V15" ) == 0 )
385  {
386  *value = ( RSA_PKCS_V15 );
387  return( 0 );
388  }
389  if( strcmp( str, "POLARSSL_ERR_RSA_BAD_INPUT_DATA" ) == 0 )
390  {
391  *value = ( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
392  return( 0 );
393  }
394  if( strcmp( str, "POLARSSL_ERR_RSA_VERIFY_FAILED" ) == 0 )
395  {
396  *value = ( POLARSSL_ERR_RSA_VERIFY_FAILED );
397  return( 0 );
398  }
399  if( strcmp( str, "POLARSSL_MD_MD2" ) == 0 )
400  {
401  *value = ( POLARSSL_MD_MD2 );
402  return( 0 );
403  }
404  if( strcmp( str, "POLARSSL_MD_SHA384" ) == 0 )
405  {
406  *value = ( POLARSSL_MD_SHA384 );
407  return( 0 );
408  }
409  if( strcmp( str, "POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE" ) == 0 )
410  {
412  return( 0 );
413  }
414  if( strcmp( str, "POLARSSL_MD_SHA1" ) == 0 )
415  {
416  *value = ( POLARSSL_MD_SHA1 );
417  return( 0 );
418  }
419  if( strcmp( str, "POLARSSL_MD_SHA224" ) == 0 )
420  {
421  *value = ( POLARSSL_MD_SHA224 );
422  return( 0 );
423  }
424  if( strcmp( str, "POLARSSL_ERR_RSA_INVALID_PADDING" ) == 0 )
425  {
427  return( 0 );
428  }
429  if( strcmp( str, "POLARSSL_ERR_RSA_KEY_CHECK_FAILED" ) == 0 )
430  {
432  return( 0 );
433  }
434  if( strcmp( str, "POLARSSL_MD_SHA512" ) == 0 )
435  {
436  *value = ( POLARSSL_MD_SHA512 );
437  return( 0 );
438  }
439  if( strcmp( str, "POLARSSL_MD_MD4" ) == 0 )
440  {
441  *value = ( POLARSSL_MD_MD4 );
442  return( 0 );
443  }
444  if( strcmp( str, "POLARSSL_ERR_RSA_RNG_FAILED" ) == 0 )
445  {
446  *value = ( POLARSSL_ERR_RSA_RNG_FAILED );
447  return( 0 );
448  }
449 
450 
451  printf( "Expected integer for parameter and got: %s\n", str );
452  return( -1 );
453 }
454 
455 void test_suite_rsa_pkcs1_sign( char *message_hex_string, int padding_mode, int digest,
456  int mod, int radix_P, char *input_P, int radix_Q,
457  char *input_Q, int radix_N, char *input_N, int radix_E,
458  char *input_E, char *result_hex_str, int result )
459 {
460  unsigned char message_str[1000];
461  unsigned char hash_result[1000];
462  unsigned char output[1000];
463  unsigned char output_str[1000];
464  rsa_context ctx;
465  mpi P1, Q1, H, G;
466  int msg_len;
467  rnd_pseudo_info rnd_info;
468 
469  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
470  rsa_init( &ctx, padding_mode, 0 );
471 
472  memset( message_str, 0x00, 1000 );
473  memset( hash_result, 0x00, 1000 );
474  memset( output, 0x00, 1000 );
475  memset( output_str, 0x00, 1000 );
476  memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
477 
478  ctx.len = mod / 8;
479  TEST_ASSERT( mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
480  TEST_ASSERT( mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
481  TEST_ASSERT( mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
482  TEST_ASSERT( mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
483 
484  TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
485  TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
486  TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
487  TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H ) == 0 );
488  TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
489  TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
490  TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
491  TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
492 
493  TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
494 
495  msg_len = unhexify( message_str, message_hex_string );
496 
497  if( md_info_from_type( digest ) != NULL )
498  TEST_ASSERT( md( md_info_from_type( digest ), message_str, msg_len, hash_result ) == 0 );
499 
500  TEST_ASSERT( rsa_pkcs1_sign( &ctx, &rnd_pseudo_rand, &rnd_info, RSA_PRIVATE, digest, 0, hash_result, output ) == result );
501  if( result == 0 )
502  {
503  hexify( output_str, output, ctx.len );
504 
505  TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
506  }
507 
508  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
509  rsa_free( &ctx );
510 }
511 
512 void test_suite_rsa_pkcs1_verify( char *message_hex_string, int padding_mode, int digest,
513  int mod, int radix_N, char *input_N, int radix_E,
514  char *input_E, char *result_hex_str, int result )
515 {
516  unsigned char message_str[1000];
517  unsigned char hash_result[1000];
518  unsigned char result_str[1000];
519  rsa_context ctx;
520  int msg_len;
521 
522  rsa_init( &ctx, padding_mode, 0 );
523  memset( message_str, 0x00, 1000 );
524  memset( hash_result, 0x00, 1000 );
525  memset( result_str, 0x00, 1000 );
526 
527  ctx.len = mod / 8;
528  TEST_ASSERT( mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
529  TEST_ASSERT( mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
530 
531  TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
532 
533  msg_len = unhexify( message_str, message_hex_string );
534  unhexify( result_str, result_hex_str );
535 
536  if( md_info_from_type( digest ) != NULL )
537  TEST_ASSERT( md( md_info_from_type( digest ), message_str, msg_len, hash_result ) == 0 );
538 
539  TEST_ASSERT( rsa_pkcs1_verify( &ctx, NULL, NULL, RSA_PUBLIC, digest, 0, hash_result, result_str ) == result );
540 
541  rsa_free( &ctx );
542 }
543 
544 void test_suite_rsa_pkcs1_sign_raw( char *message_hex_string, char *hash_result_string,
545  int padding_mode, int mod, int radix_P, char *input_P,
546  int radix_Q, char *input_Q, int radix_N,
547  char *input_N, int radix_E, char *input_E,
548  char *result_hex_str )
549 {
550  unsigned char message_str[1000];
551  unsigned char hash_result[1000];
552  unsigned char output[1000];
553  unsigned char output_str[1000];
554  rsa_context ctx;
555  mpi P1, Q1, H, G;
556  int hash_len;
557  rnd_pseudo_info rnd_info;
558 
559  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
560  rsa_init( &ctx, padding_mode, 0 );
561 
562  memset( message_str, 0x00, 1000 );
563  memset( hash_result, 0x00, 1000 );
564  memset( output, 0x00, 1000 );
565  memset( output_str, 0x00, 1000 );
566  memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
567 
568  ctx.len = mod / 8;
569  TEST_ASSERT( mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
570  TEST_ASSERT( mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
571  TEST_ASSERT( mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
572  TEST_ASSERT( mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
573 
574  TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
575  TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
576  TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
577  TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H ) == 0 );
578  TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
579  TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
580  TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
581  TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
582 
583  TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
584 
585  unhexify( message_str, message_hex_string );
586  hash_len = unhexify( hash_result, hash_result_string );
587 
588  TEST_ASSERT( rsa_pkcs1_sign( &ctx, &rnd_pseudo_rand, &rnd_info, RSA_PRIVATE, POLARSSL_MD_NONE, hash_len, hash_result, output ) == 0 );
589 
590  hexify( output_str, output, ctx.len );
591 
592  TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
593 
594  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
595  rsa_free( &ctx );
596 }
597 
598 void test_suite_rsa_pkcs1_verify_raw( char *message_hex_string, char *hash_result_string,
599  int padding_mode, int mod, int radix_N,
600  char *input_N, int radix_E, char *input_E,
601  char *result_hex_str, int correct )
602 {
603  unsigned char message_str[1000];
604  unsigned char hash_result[1000];
605  unsigned char result_str[1000];
606  rsa_context ctx;
607  size_t hash_len;
608 
609  rsa_init( &ctx, padding_mode, 0 );
610  memset( message_str, 0x00, 1000 );
611  memset( hash_result, 0x00, 1000 );
612  memset( result_str, 0x00, 1000 );
613 
614  ctx.len = mod / 8;
615  TEST_ASSERT( mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
616  TEST_ASSERT( mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
617 
618  TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
619 
620  unhexify( message_str, message_hex_string );
621  hash_len = unhexify( hash_result, hash_result_string );
622  unhexify( result_str, result_hex_str );
623 
624  TEST_ASSERT( rsa_pkcs1_verify( &ctx, NULL, NULL, RSA_PUBLIC, POLARSSL_MD_NONE, hash_len, hash_result, result_str ) == correct );
625 
626  rsa_free( &ctx );
627 }
628 
629 void test_suite_rsa_pkcs1_encrypt( char *message_hex_string, int padding_mode, int mod,
630  int radix_N, char *input_N, int radix_E, char *input_E,
631  char *result_hex_str, int result )
632 {
633  unsigned char message_str[1000];
634  unsigned char output[1000];
635  unsigned char output_str[1000];
636  rsa_context ctx;
637  size_t msg_len;
638  rnd_pseudo_info rnd_info;
639 
640  memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
641 
642  rsa_init( &ctx, padding_mode, 0 );
643  memset( message_str, 0x00, 1000 );
644  memset( output, 0x00, 1000 );
645  memset( output_str, 0x00, 1000 );
646 
647  ctx.len = mod / 8;
648  TEST_ASSERT( mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
649  TEST_ASSERT( mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
650 
651  TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
652 
653  msg_len = unhexify( message_str, message_hex_string );
654 
655  TEST_ASSERT( rsa_pkcs1_encrypt( &ctx, &rnd_pseudo_rand, &rnd_info, RSA_PUBLIC, msg_len, message_str, output ) == result );
656  if( result == 0 )
657  {
658  hexify( output_str, output, ctx.len );
659 
660  TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
661  }
662 
663  rsa_free( &ctx );
664 }
665 
666 void test_suite_rsa_pkcs1_encrypt_bad_rng( char *message_hex_string, int padding_mode,
667  int mod, int radix_N, char *input_N,
668  int radix_E, char *input_E,
669  char *result_hex_str, int result )
670 {
671  unsigned char message_str[1000];
672  unsigned char output[1000];
673  unsigned char output_str[1000];
674  rsa_context ctx;
675  size_t msg_len;
676 
677  rsa_init( &ctx, padding_mode, 0 );
678  memset( message_str, 0x00, 1000 );
679  memset( output, 0x00, 1000 );
680  memset( output_str, 0x00, 1000 );
681 
682  ctx.len = mod / 8;
683  TEST_ASSERT( mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
684  TEST_ASSERT( mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
685 
686  TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
687 
688  msg_len = unhexify( message_str, message_hex_string );
689 
690  TEST_ASSERT( rsa_pkcs1_encrypt( &ctx, &rnd_zero_rand, NULL, RSA_PUBLIC, msg_len, message_str, output ) == result );
691  if( result == 0 )
692  {
693  hexify( output_str, output, ctx.len );
694 
695  TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
696  }
697 
698  rsa_free( &ctx );
699 }
700 
701 void test_suite_rsa_pkcs1_decrypt( char *message_hex_string, int padding_mode, int mod,
702  int radix_P, char *input_P, int radix_Q, char *input_Q,
703  int radix_N, char *input_N, int radix_E, char *input_E,
704  int max_output, char *result_hex_str, int result )
705 {
706  unsigned char message_str[1000];
707  unsigned char output[1000];
708  unsigned char output_str[1000];
709  rsa_context ctx;
710  mpi P1, Q1, H, G;
711  size_t output_len;
712  rnd_pseudo_info rnd_info;
713 
714  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
715  rsa_init( &ctx, padding_mode, 0 );
716 
717  memset( message_str, 0x00, 1000 );
718  memset( output, 0x00, 1000 );
719  memset( output_str, 0x00, 1000 );
720  memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
721 
722  ctx.len = mod / 8;
723  TEST_ASSERT( mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
724  TEST_ASSERT( mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
725  TEST_ASSERT( mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
726  TEST_ASSERT( mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
727 
728  TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
729  TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
730  TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
731  TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H ) == 0 );
732  TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
733  TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
734  TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
735  TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
736 
737  TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
738 
739  unhexify( message_str, message_hex_string );
740  output_len = 0;
741 
742  TEST_ASSERT( rsa_pkcs1_decrypt( &ctx, rnd_pseudo_rand, &rnd_info, RSA_PRIVATE, &output_len, message_str, output, max_output ) == result );
743  if( result == 0 )
744  {
745  hexify( output_str, output, ctx.len );
746 
747  TEST_ASSERT( strncasecmp( (char *) output_str, result_hex_str, strlen( result_hex_str ) ) == 0 );
748  }
749 
750  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
751  rsa_free( &ctx );
752 }
753 
754 void test_suite_rsa_public( char *message_hex_string, int mod, int radix_N, char *input_N,
755  int radix_E, char *input_E, char *result_hex_str, int result )
756 {
757  unsigned char message_str[1000];
758  unsigned char output[1000];
759  unsigned char output_str[1000];
760  rsa_context ctx;
761 
762  rsa_init( &ctx, RSA_PKCS_V15, 0 );
763  memset( message_str, 0x00, 1000 );
764  memset( output, 0x00, 1000 );
765  memset( output_str, 0x00, 1000 );
766 
767  ctx.len = mod / 8;
768  TEST_ASSERT( mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
769  TEST_ASSERT( mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
770 
771  TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
772 
773  unhexify( message_str, message_hex_string );
774 
775  TEST_ASSERT( rsa_public( &ctx, message_str, output ) == result );
776  if( result == 0 )
777  {
778  hexify( output_str, output, ctx.len );
779 
780  TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
781  }
782 
783  rsa_free( &ctx );
784 }
785 
786 void test_suite_rsa_private( char *message_hex_string, int mod, int radix_P, char *input_P,
787  int radix_Q, char *input_Q, int radix_N, char *input_N,
788  int radix_E, char *input_E, char *result_hex_str, int result )
789 {
790  unsigned char message_str[1000];
791  unsigned char output[1000];
792  unsigned char output_str[1000];
793  rsa_context ctx;
794  mpi P1, Q1, H, G;
795  rnd_pseudo_info rnd_info;
796  int i;
797 
798  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
799  rsa_init( &ctx, RSA_PKCS_V15, 0 );
800 
801  memset( message_str, 0x00, 1000 );
802  memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
803 
804  ctx.len = mod / 8;
805  TEST_ASSERT( mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
806  TEST_ASSERT( mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
807  TEST_ASSERT( mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
808  TEST_ASSERT( mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
809 
810  TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
811  TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
812  TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
813  TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H ) == 0 );
814  TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
815  TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
816  TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
817  TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
818 
819  TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
820 
821  unhexify( message_str, message_hex_string );
822 
823  /* repeat three times to test updating of blinding values */
824  for( i = 0; i < 3; i++ )
825  {
826  memset( output, 0x00, 1000 );
827  memset( output_str, 0x00, 1000 );
828  TEST_ASSERT( rsa_private( &ctx, rnd_pseudo_rand, &rnd_info,
829  message_str, output ) == result );
830  if( result == 0 )
831  {
832  hexify( output_str, output, ctx.len );
833 
834  TEST_ASSERT( strcasecmp( (char *) output_str,
835  result_hex_str ) == 0 );
836  }
837  }
838 
839  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
840  rsa_free( &ctx );
841 }
842 
843 void test_suite_rsa_check_privkey_null()
844 {
845  rsa_context ctx;
846  memset( &ctx, 0x00, sizeof( rsa_context ) );
847 
849 }
850 
851 void test_suite_rsa_check_pubkey( int radix_N, char *input_N, int radix_E, char *input_E,
852  int result )
853 {
854  rsa_context ctx;
855 
856  rsa_init( &ctx, RSA_PKCS_V15, 0 );
857 
858  if( strlen( input_N ) )
859  {
860  TEST_ASSERT( mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
861  }
862  if( strlen( input_E ) )
863  {
864  TEST_ASSERT( mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
865  }
866 
867  TEST_ASSERT( rsa_check_pubkey( &ctx ) == result );
868 
869  rsa_free( &ctx );
870 }
871 
872 void test_suite_rsa_check_privkey( int mod, int radix_P, char *input_P, int radix_Q,
873  char *input_Q, int radix_N, char *input_N,
874  int radix_E, char *input_E, int radix_D, char *input_D,
875  int radix_DP, char *input_DP, int radix_DQ,
876  char *input_DQ, int radix_QP, char *input_QP,
877  int result )
878 {
879  rsa_context ctx;
880 
881  rsa_init( &ctx, RSA_PKCS_V15, 0 );
882 
883  ctx.len = mod / 8;
884  if( strlen( input_P ) )
885  {
886  TEST_ASSERT( mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
887  }
888  if( strlen( input_Q ) )
889  {
890  TEST_ASSERT( mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
891  }
892  if( strlen( input_N ) )
893  {
894  TEST_ASSERT( mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
895  }
896  if( strlen( input_E ) )
897  {
898  TEST_ASSERT( mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
899  }
900  if( strlen( input_D ) )
901  {
902  TEST_ASSERT( mpi_read_string( &ctx.D, radix_D, input_D ) == 0 );
903  }
904  if( strlen( input_DP ) )
905  {
906  TEST_ASSERT( mpi_read_string( &ctx.DP, radix_DP, input_DP ) == 0 );
907  }
908  if( strlen( input_DQ ) )
909  {
910  TEST_ASSERT( mpi_read_string( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
911  }
912  if( strlen( input_QP ) )
913  {
914  TEST_ASSERT( mpi_read_string( &ctx.QP, radix_QP, input_QP ) == 0 );
915  }
916 
917  TEST_ASSERT( rsa_check_privkey( &ctx ) == result );
918 
919  rsa_free( &ctx );
920 }
921 
922 #ifdef POLARSSL_CTR_CRBG_C
923 #ifdef POLARSSL_ENTROPY_C
924 void test_suite_rsa_gen_key( int nrbits, int exponent, int result)
925 {
926  rsa_context ctx;
927  entropy_context entropy;
928  ctr_drbg_context ctr_drbg;
929  const char *pers = "test_suite_rsa";
930 
931  entropy_init( &entropy );
932  TEST_ASSERT( ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
933  (const unsigned char *) pers, strlen( pers ) ) == 0 );
934 
935  rsa_init( &ctx, 0, 0 );
936 
937  TEST_ASSERT( rsa_gen_key( &ctx, ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result );
938  if( result == 0 )
939  {
940  TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
941  }
942 
943  rsa_free( &ctx );
944  entropy_free( &entropy );
945 }
946 #endif /* POLARSSL_CTR_CRBG_C */
947 #endif /* POLARSSL_ENTROPY_C */
948 
949 #ifdef POLARSSL_SELF_TEST
950 void test_suite_rsa_selftest()
951 {
952  TEST_ASSERT( rsa_self_test( 0 ) == 0 );
953 }
954 #endif /* POLARSSL_SELF_TEST */
955 
956 
957 #endif /* POLARSSL_RSA_C */
958 #endif /* POLARSSL_BIGNUM_C */
959 #endif /* POLARSSL_GENPRIME */
960 
961 
962 int dep_check( char *str )
963 {
964  if( str == NULL )
965  return( 1 );
966 
967  if( strcmp( str, "POLARSSL_SHA512_C" ) == 0 )
968  {
969 #if defined(POLARSSL_SHA512_C)
970  return( 0 );
971 #else
972  return( 1 );
973 #endif
974  }
975  if( strcmp( str, "POLARSSL_SHA256_C" ) == 0 )
976  {
977 #if defined(POLARSSL_SHA256_C)
978  return( 0 );
979 #else
980  return( 1 );
981 #endif
982  }
983  if( strcmp( str, "POLARSSL_PKCS1_V15" ) == 0 )
984  {
985 #if defined(POLARSSL_PKCS1_V15)
986  return( 0 );
987 #else
988  return( 1 );
989 #endif
990  }
991  if( strcmp( str, "POLARSSL_ENTROPY_C" ) == 0 )
992  {
993 #if defined(POLARSSL_ENTROPY_C)
994  return( 0 );
995 #else
996  return( 1 );
997 #endif
998  }
999  if( strcmp( str, "POLARSSL_CTR_DRBG_C" ) == 0 )
1000  {
1001 #if defined(POLARSSL_CTR_DRBG_C)
1002  return( 0 );
1003 #else
1004  return( 1 );
1005 #endif
1006  }
1007  if( strcmp( str, "POLARSSL_MD4_C" ) == 0 )
1008  {
1009 #if defined(POLARSSL_MD4_C)
1010  return( 0 );
1011 #else
1012  return( 1 );
1013 #endif
1014  }
1015  if( strcmp( str, "POLARSSL_SELF_TEST" ) == 0 )
1016  {
1017 #if defined(POLARSSL_SELF_TEST)
1018  return( 0 );
1019 #else
1020  return( 1 );
1021 #endif
1022  }
1023  if( strcmp( str, "POLARSSL_SHA1_C" ) == 0 )
1024  {
1025 #if defined(POLARSSL_SHA1_C)
1026  return( 0 );
1027 #else
1028  return( 1 );
1029 #endif
1030  }
1031  if( strcmp( str, "POLARSSL_MD2_C" ) == 0 )
1032  {
1033 #if defined(POLARSSL_MD2_C)
1034  return( 0 );
1035 #else
1036  return( 1 );
1037 #endif
1038  }
1039  if( strcmp( str, "POLARSSL_MD5_C" ) == 0 )
1040  {
1041 #if defined(POLARSSL_MD5_C)
1042  return( 0 );
1043 #else
1044  return( 1 );
1045 #endif
1046  }
1047 
1048 
1049  return( 1 );
1050 }
1051 
1052 int dispatch_test(int cnt, char *params[50])
1053 {
1054  int ret;
1055  ((void) cnt);
1056  ((void) params);
1057 
1058 #if defined(TEST_SUITE_ACTIVE)
1059  if( strcmp( params[0], "rsa_pkcs1_sign" ) == 0 )
1060  {
1061 
1062  char *param1 = params[1];
1063  int param2;
1064  int param3;
1065  int param4;
1066  int param5;
1067  char *param6 = params[6];
1068  int param7;
1069  char *param8 = params[8];
1070  int param9;
1071  char *param10 = params[10];
1072  int param11;
1073  char *param12 = params[12];
1074  char *param13 = params[13];
1075  int param14;
1076 
1077  if( cnt != 15 )
1078  {
1079  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 15 );
1080  return( 2 );
1081  }
1082 
1083  if( verify_string( &param1 ) != 0 ) return( 2 );
1084  if( verify_int( params[2], &param2 ) != 0 ) return( 2 );
1085  if( verify_int( params[3], &param3 ) != 0 ) return( 2 );
1086  if( verify_int( params[4], &param4 ) != 0 ) return( 2 );
1087  if( verify_int( params[5], &param5 ) != 0 ) return( 2 );
1088  if( verify_string( &param6 ) != 0 ) return( 2 );
1089  if( verify_int( params[7], &param7 ) != 0 ) return( 2 );
1090  if( verify_string( &param8 ) != 0 ) return( 2 );
1091  if( verify_int( params[9], &param9 ) != 0 ) return( 2 );
1092  if( verify_string( &param10 ) != 0 ) return( 2 );
1093  if( verify_int( params[11], &param11 ) != 0 ) return( 2 );
1094  if( verify_string( &param12 ) != 0 ) return( 2 );
1095  if( verify_string( &param13 ) != 0 ) return( 2 );
1096  if( verify_int( params[14], &param14 ) != 0 ) return( 2 );
1097 
1098  test_suite_rsa_pkcs1_sign( param1, param2, param3, param4, param5, param6, param7, param8, param9, param10, param11, param12, param13, param14 );
1099  return ( 0 );
1100 
1101  return ( 3 );
1102  }
1103  else
1104  if( strcmp( params[0], "rsa_pkcs1_verify" ) == 0 )
1105  {
1106 
1107  char *param1 = params[1];
1108  int param2;
1109  int param3;
1110  int param4;
1111  int param5;
1112  char *param6 = params[6];
1113  int param7;
1114  char *param8 = params[8];
1115  char *param9 = params[9];
1116  int param10;
1117 
1118  if( cnt != 11 )
1119  {
1120  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 11 );
1121  return( 2 );
1122  }
1123 
1124  if( verify_string( &param1 ) != 0 ) return( 2 );
1125  if( verify_int( params[2], &param2 ) != 0 ) return( 2 );
1126  if( verify_int( params[3], &param3 ) != 0 ) return( 2 );
1127  if( verify_int( params[4], &param4 ) != 0 ) return( 2 );
1128  if( verify_int( params[5], &param5 ) != 0 ) return( 2 );
1129  if( verify_string( &param6 ) != 0 ) return( 2 );
1130  if( verify_int( params[7], &param7 ) != 0 ) return( 2 );
1131  if( verify_string( &param8 ) != 0 ) return( 2 );
1132  if( verify_string( &param9 ) != 0 ) return( 2 );
1133  if( verify_int( params[10], &param10 ) != 0 ) return( 2 );
1134 
1135  test_suite_rsa_pkcs1_verify( param1, param2, param3, param4, param5, param6, param7, param8, param9, param10 );
1136  return ( 0 );
1137 
1138  return ( 3 );
1139  }
1140  else
1141  if( strcmp( params[0], "rsa_pkcs1_sign_raw" ) == 0 )
1142  {
1143 
1144  char *param1 = params[1];
1145  char *param2 = params[2];
1146  int param3;
1147  int param4;
1148  int param5;
1149  char *param6 = params[6];
1150  int param7;
1151  char *param8 = params[8];
1152  int param9;
1153  char *param10 = params[10];
1154  int param11;
1155  char *param12 = params[12];
1156  char *param13 = params[13];
1157 
1158  if( cnt != 14 )
1159  {
1160  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 14 );
1161  return( 2 );
1162  }
1163 
1164  if( verify_string( &param1 ) != 0 ) return( 2 );
1165  if( verify_string( &param2 ) != 0 ) return( 2 );
1166  if( verify_int( params[3], &param3 ) != 0 ) return( 2 );
1167  if( verify_int( params[4], &param4 ) != 0 ) return( 2 );
1168  if( verify_int( params[5], &param5 ) != 0 ) return( 2 );
1169  if( verify_string( &param6 ) != 0 ) return( 2 );
1170  if( verify_int( params[7], &param7 ) != 0 ) return( 2 );
1171  if( verify_string( &param8 ) != 0 ) return( 2 );
1172  if( verify_int( params[9], &param9 ) != 0 ) return( 2 );
1173  if( verify_string( &param10 ) != 0 ) return( 2 );
1174  if( verify_int( params[11], &param11 ) != 0 ) return( 2 );
1175  if( verify_string( &param12 ) != 0 ) return( 2 );
1176  if( verify_string( &param13 ) != 0 ) return( 2 );
1177 
1178  test_suite_rsa_pkcs1_sign_raw( param1, param2, param3, param4, param5, param6, param7, param8, param9, param10, param11, param12, param13 );
1179  return ( 0 );
1180 
1181  return ( 3 );
1182  }
1183  else
1184  if( strcmp( params[0], "rsa_pkcs1_verify_raw" ) == 0 )
1185  {
1186 
1187  char *param1 = params[1];
1188  char *param2 = params[2];
1189  int param3;
1190  int param4;
1191  int param5;
1192  char *param6 = params[6];
1193  int param7;
1194  char *param8 = params[8];
1195  char *param9 = params[9];
1196  int param10;
1197 
1198  if( cnt != 11 )
1199  {
1200  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 11 );
1201  return( 2 );
1202  }
1203 
1204  if( verify_string( &param1 ) != 0 ) return( 2 );
1205  if( verify_string( &param2 ) != 0 ) return( 2 );
1206  if( verify_int( params[3], &param3 ) != 0 ) return( 2 );
1207  if( verify_int( params[4], &param4 ) != 0 ) return( 2 );
1208  if( verify_int( params[5], &param5 ) != 0 ) return( 2 );
1209  if( verify_string( &param6 ) != 0 ) return( 2 );
1210  if( verify_int( params[7], &param7 ) != 0 ) return( 2 );
1211  if( verify_string( &param8 ) != 0 ) return( 2 );
1212  if( verify_string( &param9 ) != 0 ) return( 2 );
1213  if( verify_int( params[10], &param10 ) != 0 ) return( 2 );
1214 
1215  test_suite_rsa_pkcs1_verify_raw( param1, param2, param3, param4, param5, param6, param7, param8, param9, param10 );
1216  return ( 0 );
1217 
1218  return ( 3 );
1219  }
1220  else
1221  if( strcmp( params[0], "rsa_pkcs1_encrypt" ) == 0 )
1222  {
1223 
1224  char *param1 = params[1];
1225  int param2;
1226  int param3;
1227  int param4;
1228  char *param5 = params[5];
1229  int param6;
1230  char *param7 = params[7];
1231  char *param8 = params[8];
1232  int param9;
1233 
1234  if( cnt != 10 )
1235  {
1236  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 10 );
1237  return( 2 );
1238  }
1239 
1240  if( verify_string( &param1 ) != 0 ) return( 2 );
1241  if( verify_int( params[2], &param2 ) != 0 ) return( 2 );
1242  if( verify_int( params[3], &param3 ) != 0 ) return( 2 );
1243  if( verify_int( params[4], &param4 ) != 0 ) return( 2 );
1244  if( verify_string( &param5 ) != 0 ) return( 2 );
1245  if( verify_int( params[6], &param6 ) != 0 ) return( 2 );
1246  if( verify_string( &param7 ) != 0 ) return( 2 );
1247  if( verify_string( &param8 ) != 0 ) return( 2 );
1248  if( verify_int( params[9], &param9 ) != 0 ) return( 2 );
1249 
1250  test_suite_rsa_pkcs1_encrypt( param1, param2, param3, param4, param5, param6, param7, param8, param9 );
1251  return ( 0 );
1252 
1253  return ( 3 );
1254  }
1255  else
1256  if( strcmp( params[0], "rsa_pkcs1_encrypt_bad_rng" ) == 0 )
1257  {
1258 
1259  char *param1 = params[1];
1260  int param2;
1261  int param3;
1262  int param4;
1263  char *param5 = params[5];
1264  int param6;
1265  char *param7 = params[7];
1266  char *param8 = params[8];
1267  int param9;
1268 
1269  if( cnt != 10 )
1270  {
1271  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 10 );
1272  return( 2 );
1273  }
1274 
1275  if( verify_string( &param1 ) != 0 ) return( 2 );
1276  if( verify_int( params[2], &param2 ) != 0 ) return( 2 );
1277  if( verify_int( params[3], &param3 ) != 0 ) return( 2 );
1278  if( verify_int( params[4], &param4 ) != 0 ) return( 2 );
1279  if( verify_string( &param5 ) != 0 ) return( 2 );
1280  if( verify_int( params[6], &param6 ) != 0 ) return( 2 );
1281  if( verify_string( &param7 ) != 0 ) return( 2 );
1282  if( verify_string( &param8 ) != 0 ) return( 2 );
1283  if( verify_int( params[9], &param9 ) != 0 ) return( 2 );
1284 
1285  test_suite_rsa_pkcs1_encrypt_bad_rng( param1, param2, param3, param4, param5, param6, param7, param8, param9 );
1286  return ( 0 );
1287 
1288  return ( 3 );
1289  }
1290  else
1291  if( strcmp( params[0], "rsa_pkcs1_decrypt" ) == 0 )
1292  {
1293 
1294  char *param1 = params[1];
1295  int param2;
1296  int param3;
1297  int param4;
1298  char *param5 = params[5];
1299  int param6;
1300  char *param7 = params[7];
1301  int param8;
1302  char *param9 = params[9];
1303  int param10;
1304  char *param11 = params[11];
1305  int param12;
1306  char *param13 = params[13];
1307  int param14;
1308 
1309  if( cnt != 15 )
1310  {
1311  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 15 );
1312  return( 2 );
1313  }
1314 
1315  if( verify_string( &param1 ) != 0 ) return( 2 );
1316  if( verify_int( params[2], &param2 ) != 0 ) return( 2 );
1317  if( verify_int( params[3], &param3 ) != 0 ) return( 2 );
1318  if( verify_int( params[4], &param4 ) != 0 ) return( 2 );
1319  if( verify_string( &param5 ) != 0 ) return( 2 );
1320  if( verify_int( params[6], &param6 ) != 0 ) return( 2 );
1321  if( verify_string( &param7 ) != 0 ) return( 2 );
1322  if( verify_int( params[8], &param8 ) != 0 ) return( 2 );
1323  if( verify_string( &param9 ) != 0 ) return( 2 );
1324  if( verify_int( params[10], &param10 ) != 0 ) return( 2 );
1325  if( verify_string( &param11 ) != 0 ) return( 2 );
1326  if( verify_int( params[12], &param12 ) != 0 ) return( 2 );
1327  if( verify_string( &param13 ) != 0 ) return( 2 );
1328  if( verify_int( params[14], &param14 ) != 0 ) return( 2 );
1329 
1330  test_suite_rsa_pkcs1_decrypt( param1, param2, param3, param4, param5, param6, param7, param8, param9, param10, param11, param12, param13, param14 );
1331  return ( 0 );
1332 
1333  return ( 3 );
1334  }
1335  else
1336  if( strcmp( params[0], "rsa_public" ) == 0 )
1337  {
1338 
1339  char *param1 = params[1];
1340  int param2;
1341  int param3;
1342  char *param4 = params[4];
1343  int param5;
1344  char *param6 = params[6];
1345  char *param7 = params[7];
1346  int param8;
1347 
1348  if( cnt != 9 )
1349  {
1350  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 9 );
1351  return( 2 );
1352  }
1353 
1354  if( verify_string( &param1 ) != 0 ) return( 2 );
1355  if( verify_int( params[2], &param2 ) != 0 ) return( 2 );
1356  if( verify_int( params[3], &param3 ) != 0 ) return( 2 );
1357  if( verify_string( &param4 ) != 0 ) return( 2 );
1358  if( verify_int( params[5], &param5 ) != 0 ) return( 2 );
1359  if( verify_string( &param6 ) != 0 ) return( 2 );
1360  if( verify_string( &param7 ) != 0 ) return( 2 );
1361  if( verify_int( params[8], &param8 ) != 0 ) return( 2 );
1362 
1363  test_suite_rsa_public( param1, param2, param3, param4, param5, param6, param7, param8 );
1364  return ( 0 );
1365 
1366  return ( 3 );
1367  }
1368  else
1369  if( strcmp( params[0], "rsa_private" ) == 0 )
1370  {
1371 
1372  char *param1 = params[1];
1373  int param2;
1374  int param3;
1375  char *param4 = params[4];
1376  int param5;
1377  char *param6 = params[6];
1378  int param7;
1379  char *param8 = params[8];
1380  int param9;
1381  char *param10 = params[10];
1382  char *param11 = params[11];
1383  int param12;
1384 
1385  if( cnt != 13 )
1386  {
1387  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 13 );
1388  return( 2 );
1389  }
1390 
1391  if( verify_string( &param1 ) != 0 ) return( 2 );
1392  if( verify_int( params[2], &param2 ) != 0 ) return( 2 );
1393  if( verify_int( params[3], &param3 ) != 0 ) return( 2 );
1394  if( verify_string( &param4 ) != 0 ) return( 2 );
1395  if( verify_int( params[5], &param5 ) != 0 ) return( 2 );
1396  if( verify_string( &param6 ) != 0 ) return( 2 );
1397  if( verify_int( params[7], &param7 ) != 0 ) return( 2 );
1398  if( verify_string( &param8 ) != 0 ) return( 2 );
1399  if( verify_int( params[9], &param9 ) != 0 ) return( 2 );
1400  if( verify_string( &param10 ) != 0 ) return( 2 );
1401  if( verify_string( &param11 ) != 0 ) return( 2 );
1402  if( verify_int( params[12], &param12 ) != 0 ) return( 2 );
1403 
1404  test_suite_rsa_private( param1, param2, param3, param4, param5, param6, param7, param8, param9, param10, param11, param12 );
1405  return ( 0 );
1406 
1407  return ( 3 );
1408  }
1409  else
1410  if( strcmp( params[0], "rsa_check_privkey_null" ) == 0 )
1411  {
1412 
1413 
1414  if( cnt != 1 )
1415  {
1416  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 1 );
1417  return( 2 );
1418  }
1419 
1420 
1421  test_suite_rsa_check_privkey_null( );
1422  return ( 0 );
1423 
1424  return ( 3 );
1425  }
1426  else
1427  if( strcmp( params[0], "rsa_check_pubkey" ) == 0 )
1428  {
1429 
1430  int param1;
1431  char *param2 = params[2];
1432  int param3;
1433  char *param4 = params[4];
1434  int param5;
1435 
1436  if( cnt != 6 )
1437  {
1438  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 6 );
1439  return( 2 );
1440  }
1441 
1442  if( verify_int( params[1], &param1 ) != 0 ) return( 2 );
1443  if( verify_string( &param2 ) != 0 ) return( 2 );
1444  if( verify_int( params[3], &param3 ) != 0 ) return( 2 );
1445  if( verify_string( &param4 ) != 0 ) return( 2 );
1446  if( verify_int( params[5], &param5 ) != 0 ) return( 2 );
1447 
1448  test_suite_rsa_check_pubkey( param1, param2, param3, param4, param5 );
1449  return ( 0 );
1450 
1451  return ( 3 );
1452  }
1453  else
1454  if( strcmp( params[0], "rsa_check_privkey" ) == 0 )
1455  {
1456 
1457  int param1;
1458  int param2;
1459  char *param3 = params[3];
1460  int param4;
1461  char *param5 = params[5];
1462  int param6;
1463  char *param7 = params[7];
1464  int param8;
1465  char *param9 = params[9];
1466  int param10;
1467  char *param11 = params[11];
1468  int param12;
1469  char *param13 = params[13];
1470  int param14;
1471  char *param15 = params[15];
1472  int param16;
1473  char *param17 = params[17];
1474  int param18;
1475 
1476  if( cnt != 19 )
1477  {
1478  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 19 );
1479  return( 2 );
1480  }
1481 
1482  if( verify_int( params[1], &param1 ) != 0 ) return( 2 );
1483  if( verify_int( params[2], &param2 ) != 0 ) return( 2 );
1484  if( verify_string( &param3 ) != 0 ) return( 2 );
1485  if( verify_int( params[4], &param4 ) != 0 ) return( 2 );
1486  if( verify_string( &param5 ) != 0 ) return( 2 );
1487  if( verify_int( params[6], &param6 ) != 0 ) return( 2 );
1488  if( verify_string( &param7 ) != 0 ) return( 2 );
1489  if( verify_int( params[8], &param8 ) != 0 ) return( 2 );
1490  if( verify_string( &param9 ) != 0 ) return( 2 );
1491  if( verify_int( params[10], &param10 ) != 0 ) return( 2 );
1492  if( verify_string( &param11 ) != 0 ) return( 2 );
1493  if( verify_int( params[12], &param12 ) != 0 ) return( 2 );
1494  if( verify_string( &param13 ) != 0 ) return( 2 );
1495  if( verify_int( params[14], &param14 ) != 0 ) return( 2 );
1496  if( verify_string( &param15 ) != 0 ) return( 2 );
1497  if( verify_int( params[16], &param16 ) != 0 ) return( 2 );
1498  if( verify_string( &param17 ) != 0 ) return( 2 );
1499  if( verify_int( params[18], &param18 ) != 0 ) return( 2 );
1500 
1501  test_suite_rsa_check_privkey( param1, param2, param3, param4, param5, param6, param7, param8, param9, param10, param11, param12, param13, param14, param15, param16, param17, param18 );
1502  return ( 0 );
1503 
1504  return ( 3 );
1505  }
1506  else
1507  if( strcmp( params[0], "rsa_gen_key" ) == 0 )
1508  {
1509  #ifdef POLARSSL_CTR_CRBG_C
1510  #ifdef POLARSSL_ENTROPY_C
1511 
1512  int param1;
1513  int param2;
1514  int param3;
1515 
1516  if( cnt != 4 )
1517  {
1518  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 4 );
1519  return( 2 );
1520  }
1521 
1522  if( verify_int( params[1], &param1 ) != 0 ) return( 2 );
1523  if( verify_int( params[2], &param2 ) != 0 ) return( 2 );
1524  if( verify_int( params[3], &param3 ) != 0 ) return( 2 );
1525 
1526  test_suite_rsa_gen_key( param1, param2, param3 );
1527  return ( 0 );
1528  #endif /* POLARSSL_CTR_CRBG_C */
1529  #endif /* POLARSSL_ENTROPY_C */
1530 
1531  return ( 3 );
1532  }
1533  else
1534  if( strcmp( params[0], "rsa_selftest" ) == 0 )
1535  {
1536  #ifdef POLARSSL_SELF_TEST
1537 
1538 
1539  if( cnt != 1 )
1540  {
1541  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 1 );
1542  return( 2 );
1543  }
1544 
1545 
1546  test_suite_rsa_selftest( );
1547  return ( 0 );
1548  #endif /* POLARSSL_SELF_TEST */
1549 
1550  return ( 3 );
1551  }
1552  else
1553 
1554  {
1555  fprintf( stdout, "FAILED\nSkipping unknown test function '%s'\n", params[0] );
1556  fflush( stdout );
1557  return( 1 );
1558  }
1559 #else
1560  return( 3 );
1561 #endif
1562  return( ret );
1563 }
1564 
1565 int get_line( FILE *f, char *buf, size_t len )
1566 {
1567  char *ret;
1568 
1569  ret = fgets( buf, len, f );
1570  if( ret == NULL )
1571  return( -1 );
1572 
1573  if( strlen( buf ) && buf[strlen(buf) - 1] == '\n' )
1574  buf[strlen(buf) - 1] = '\0';
1575  if( strlen( buf ) && buf[strlen(buf) - 1] == '\r' )
1576  buf[strlen(buf) - 1] = '\0';
1577 
1578  return( 0 );
1579 }
1580 
1581 int parse_arguments( char *buf, size_t len, char *params[50] )
1582 {
1583  int cnt = 0, i;
1584  char *cur = buf;
1585  char *p = buf, *q;
1586 
1587  params[cnt++] = cur;
1588 
1589  while( *p != '\0' && p < buf + len )
1590  {
1591  if( *p == '\\' )
1592  {
1593  *p++;
1594  *p++;
1595  continue;
1596  }
1597  if( *p == ':' )
1598  {
1599  if( p + 1 < buf + len )
1600  {
1601  cur = p + 1;
1602  params[cnt++] = cur;
1603  }
1604  *p = '\0';
1605  }
1606 
1607  *p++;
1608  }
1609 
1610  // Replace newlines, question marks and colons in strings
1611  for( i = 0; i < cnt; i++ )
1612  {
1613  p = params[i];
1614  q = params[i];
1615 
1616  while( *p != '\0' )
1617  {
1618  if( *p == '\\' && *(p + 1) == 'n' )
1619  {
1620  p += 2;
1621  *(q++) = '\n';
1622  }
1623  else if( *p == '\\' && *(p + 1) == ':' )
1624  {
1625  p += 2;
1626  *(q++) = ':';
1627  }
1628  else if( *p == '\\' && *(p + 1) == '?' )
1629  {
1630  p += 2;
1631  *(q++) = '?';
1632  }
1633  else
1634  *(q++) = *(p++);
1635  }
1636  *q = '\0';
1637  }
1638 
1639  return( cnt );
1640 }
1641 
1642 int main()
1643 {
1644  int ret, i, cnt, total_errors = 0, total_tests = 0, total_skipped = 0;
1645  const char *filename = "/tmp/B.6b9404fc-5e27-486e-9bbd-77463d7343ee/BUILD/polarssl-1.3.2/tests/suites/test_suite_rsa.data";
1646  FILE *file;
1647  char buf[5000];
1648  char *params[50];
1649 
1650 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
1651  unsigned char alloc_buf[1000000];
1652  memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) );
1653 #endif
1654 
1655  file = fopen( filename, "r" );
1656  if( file == NULL )
1657  {
1658  fprintf( stderr, "Failed to open\n" );
1659  return( 1 );
1660  }
1661 
1662  while( !feof( file ) )
1663  {
1664  int skip = 0;
1665 
1666  if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
1667  break;
1668  fprintf( stdout, "%s%.66s", test_errors ? "\n" : "", buf );
1669  fprintf( stdout, " " );
1670  for( i = strlen( buf ) + 1; i < 67; i++ )
1671  fprintf( stdout, "." );
1672  fprintf( stdout, " " );
1673  fflush( stdout );
1674 
1675  total_tests++;
1676 
1677  if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
1678  break;
1679  cnt = parse_arguments( buf, strlen(buf), params );
1680 
1681  if( strcmp( params[0], "depends_on" ) == 0 )
1682  {
1683  for( i = 1; i < cnt; i++ )
1684  if( dep_check( params[i] ) != 0 )
1685  skip = 1;
1686 
1687  if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
1688  break;
1689  cnt = parse_arguments( buf, strlen(buf), params );
1690  }
1691 
1692  if( skip == 0 )
1693  {
1694  test_errors = 0;
1695  ret = dispatch_test( cnt, params );
1696  }
1697 
1698  if( skip == 1 || ret == 3 )
1699  {
1700  total_skipped++;
1701  fprintf( stdout, "----\n" );
1702  fflush( stdout );
1703  }
1704  else if( ret == 0 && test_errors == 0 )
1705  {
1706  fprintf( stdout, "PASS\n" );
1707  fflush( stdout );
1708  }
1709  else if( ret == 2 )
1710  {
1711  fprintf( stderr, "FAILED: FATAL PARSE ERROR\n" );
1712  fclose(file);
1713  exit( 2 );
1714  }
1715  else
1716  total_errors++;
1717 
1718  if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
1719  break;
1720  if( strlen(buf) != 0 )
1721  {
1722  fprintf( stderr, "Should be empty %d\n", (int) strlen(buf) );
1723  return( 1 );
1724  }
1725  }
1726  fclose(file);
1727 
1728  fprintf( stdout, "\n----------------------------------------------------------------------------\n\n");
1729  if( total_errors == 0 )
1730  fprintf( stdout, "PASSED" );
1731  else
1732  fprintf( stdout, "FAILED" );
1733 
1734  fprintf( stdout, " (%d / %d tests (%d skipped))\n",
1735  total_tests - total_errors, total_tests, total_skipped );
1736 
1737 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
1738 #if defined(POLARSSL_MEMORY_DEBUG)
1739  memory_buffer_alloc_status();
1740 #endif
1741  memory_buffer_alloc_free();
1742 #endif
1743 
1744  return( total_errors != 0 );
1745 }
1746 
1747 
int md(const md_info_t *md_info, const unsigned char *input, size_t ilen, unsigned char *output)
Output = message_digest( input buffer )
#define POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE
The output buffer for decryption is not large enough.
Definition: rsa.h:49
static int unhexify(unsigned char *obuf, const char *ibuf)
static int rnd_pseudo_rand(void *rng_state, unsigned char *output, size_t len)
This function returns random based on a pseudo random function.
int ctr_drbg_random(void *p_rng, unsigned char *output, size_t output_len)
CTR_DRBG generate random.
static int test_errors
int rsa_self_test(int verbose)
Checkup routine.
Memory allocation layer.
uint32_t t_uint
Definition: bignum.h:149
int rsa_check_privkey(const rsa_context *ctx)
Check a private RSA key.
int mpi_gcd(mpi *G, const mpi *A, const mpi *B)
Greatest common divisor: G = gcd(A, B)
Info structure for the pseudo random function.
int s
Definition: bignum.h:173
#define RSA_PUBLIC
Definition: rsa.h:55
mpi DQ
Definition: rsa.h:89
Configuration options (set of defines)
int rsa_check_pubkey(const rsa_context *ctx)
Check a public RSA key.
Entropy context structure.
Definition: entropy.h:101
int rsa_pkcs1_decrypt(rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
Generic wrapper to perform a PKCS#1 decryption using the mode from the context.
#define POLARSSL_ERR_RSA_RNG_FAILED
The random generator failed to generate non-zeros.
Definition: rsa.h:50
MPI structure.
Definition: bignum.h:171
Entropy accumulator implementation.
static int test_assert(int correct, char *test)
void mpi_init(mpi *X)
Initialize one MPI.
int main(int argc, char *argv[])
Multi-precision integer library.
size_t len
Definition: rsa.h:80
int dep_check(char *str)
mpi P
Definition: rsa.h:86
#define TEST_ASSERT(TEST)
mpi Q
Definition: rsa.h:87
const md_info_t * md_info_from_type(md_type_t md_type)
Returns the message digest information associated with the given digest type.
void rsa_free(rsa_context *ctx)
Free the components of an RSA key.
int rsa_private(rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, const unsigned char *input, unsigned char *output)
Do an RSA private key operation.
RSA context structure.
Definition: rsa.h:77
mpi D
Definition: rsa.h:85
int rsa_pkcs1_encrypt(rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t ilen, const unsigned char *input, unsigned char *output)
Generic wrapper to perform a PKCS#1 encryption using the mode from the context.
#define POLARSSL_ERR_RSA_INVALID_PADDING
Input data contains invalid padding and is rejected.
Definition: rsa.h:43
mpi QP
Definition: rsa.h:90
#define RSA_PKCS_V15
Definition: rsa.h:58
#define RSA_PRIVATE
Definition: rsa.h:56
mpi N
Definition: rsa.h:82
#define PUT_UINT32_BE(n, b, i)
int mpi_inv_mod(mpi *X, const mpi *A, const mpi *N)
Modular inverse: X = A^-1 mod N.
void mpi_free(mpi *X)
Unallocate one MPI.
mpi E
Definition: rsa.h:83
int parse_arguments(char *buf, size_t len, char *params[50])
int rsa_pkcs1_verify(rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig)
Generic wrapper to perform a PKCS#1 verification using the mode from the context. ...
mpi DP
Definition: rsa.h:88
static int rnd_buffer_rand(void *rng_state, unsigned char *output, size_t len)
This function returns random based on a buffer it receives.
static void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
#define POLARSSL_ERR_RSA_VERIFY_FAILED
The PKCS#1 verification failed.
Definition: rsa.h:48
static int rnd_std_rand(void *rng_state, unsigned char *output, size_t len)
This function just returns data from rand().
int rsa_pkcs1_sign(rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
Generic wrapper to perform a PKCS#1 signature using the mode from the context.
CTR_DRBG context structure.
Definition: ctr_drbg.h:67
int mpi_read_string(mpi *X, int radix, const char *s)
Import from an ASCII string.
t_uint * p
Definition: bignum.h:175
The RSA public-key cryptosystem.
int verify_string(char **str)
#define POLARSSL_ERR_RSA_BAD_INPUT_DATA
Bad input parameters to function.
Definition: rsa.h:42
SHA-1 cryptographic hash function.
#define POLARSSL_ERR_RSA_KEY_CHECK_FAILED
Key failed to pass the libraries validity check.
Definition: rsa.h:45
int dispatch_test(int cnt, char *params[50])
int rsa_gen_key(rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, unsigned int nbits, int exponent)
Generate an RSA keypair.
void rsa_init(rsa_context *ctx, int padding, int hash_id)
Initialize an RSA context.
size_t n
Definition: bignum.h:174
int mpi_mod_mpi(mpi *R, const mpi *A, const mpi *B)
Modulo: R = A mod B.
unsigned char * buf
SHA-384 and SHA-512 cryptographic hash function.
int ctr_drbg_init(ctr_drbg_context *ctx, int(*f_entropy)(void *, unsigned char *, size_t), void *p_entropy, const unsigned char *custom, size_t len)
CTR_DRBG initialization.
int mpi_mul_mpi(mpi *X, const mpi *A, const mpi *B)
Baseline multiplication: X = A * B.
int verify_int(char *str, int *value)
MD4 message digest algorithm (hash function)
void entropy_init(entropy_context *ctx)
Initialize the context.
MD5 message digest algorithm (hash function)
SHA-224 and SHA-256 cryptographic hash function.
int mpi_sub_int(mpi *X, const mpi *A, t_sint b)
Signed subtraction: X = A - b.
MD2 message digest algorithm (hash function)
int entropy_func(void *data, unsigned char *output, size_t len)
Retrieve entropy from the accumulator (Max ENTROPY_BLOCK_SIZE) (Thread-safe if POLARSSL_THREADING_C i...
static int rnd_zero_rand(void *rng_state, unsigned char *output, size_t len)
This function only returns zeros.
void entropy_free(entropy_context *ctx)
Free the data in the context.
int get_line(FILE *f, char *buf, size_t len)
CTR_DRBG based on AES-256 (NIST SP 800-90)
int rsa_public(rsa_context *ctx, const unsigned char *input, unsigned char *output)
Do an RSA public key operation.