PolarSSL v1.3.1
test_suite_rsa.c
Go to the documentation of this file.
1 #include <polarssl/config.h>
2 
3 #ifdef POLARSSL_RSA_C
4 #ifdef POLARSSL_BIGNUM_C
5 #ifdef POLARSSL_GENPRIME
6 
7 #include <polarssl/rsa.h>
8 #include <polarssl/md2.h>
9 #include <polarssl/md4.h>
10 #include <polarssl/md5.h>
11 #include <polarssl/sha1.h>
12 #include <polarssl/sha256.h>
13 #include <polarssl/sha512.h>
14 #include <polarssl/entropy.h>
15 #include <polarssl/ctr_drbg.h>
16 #endif /* POLARSSL_RSA_C */
17 #endif /* POLARSSL_BIGNUM_C */
18 #endif /* POLARSSL_GENPRIME */
19 
20 
21 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
22 #include "polarssl/memory.h"
23 #endif
24 
25 #ifdef _MSC_VER
26 #include <basetsd.h>
27 typedef UINT32 uint32_t;
28 #else
29 #include <inttypes.h>
30 #endif
31 
32 #include <assert.h>
33 #include <stdlib.h>
34 #include <string.h>
35 
36 /*
37  * 32-bit integer manipulation macros (big endian)
38  */
39 #ifndef GET_UINT32_BE
40 #define GET_UINT32_BE(n,b,i) \
41 { \
42  (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
43  | ( (uint32_t) (b)[(i) + 1] << 16 ) \
44  | ( (uint32_t) (b)[(i) + 2] << 8 ) \
45  | ( (uint32_t) (b)[(i) + 3] ); \
46 }
47 #endif
48 
49 #ifndef PUT_UINT32_BE
50 #define PUT_UINT32_BE(n,b,i) \
51 { \
52  (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
53  (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
54  (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
55  (b)[(i) + 3] = (unsigned char) ( (n) ); \
56 }
57 #endif
58 
59 static int unhexify(unsigned char *obuf, const char *ibuf)
60 {
61  unsigned char c, c2;
62  int len = strlen(ibuf) / 2;
63  assert(!(strlen(ibuf) %1)); // must be even number of bytes
64 
65  while (*ibuf != 0)
66  {
67  c = *ibuf++;
68  if( c >= '0' && c <= '9' )
69  c -= '0';
70  else if( c >= 'a' && c <= 'f' )
71  c -= 'a' - 10;
72  else if( c >= 'A' && c <= 'F' )
73  c -= 'A' - 10;
74  else
75  assert( 0 );
76 
77  c2 = *ibuf++;
78  if( c2 >= '0' && c2 <= '9' )
79  c2 -= '0';
80  else if( c2 >= 'a' && c2 <= 'f' )
81  c2 -= 'a' - 10;
82  else if( c2 >= 'A' && c2 <= 'F' )
83  c2 -= 'A' - 10;
84  else
85  assert( 0 );
86 
87  *obuf++ = ( c << 4 ) | c2;
88  }
89 
90  return len;
91 }
92 
93 static void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
94 {
95  unsigned char l, h;
96 
97  while (len != 0)
98  {
99  h = (*ibuf) / 16;
100  l = (*ibuf) % 16;
101 
102  if( h < 10 )
103  *obuf++ = '0' + h;
104  else
105  *obuf++ = 'a' + h - 10;
106 
107  if( l < 10 )
108  *obuf++ = '0' + l;
109  else
110  *obuf++ = 'a' + l - 10;
111 
112  ++ibuf;
113  len--;
114  }
115 }
116 
126 static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len )
127 {
128  size_t i;
129 
130  if( rng_state != NULL )
131  rng_state = NULL;
132 
133  for( i = 0; i < len; ++i )
134  output[i] = rand();
135 
136  return( 0 );
137 }
138 
144 static int rnd_zero_rand( void *rng_state, unsigned char *output, size_t len )
145 {
146  if( rng_state != NULL )
147  rng_state = NULL;
148 
149  memset( output, 0, len );
150 
151  return( 0 );
152 }
153 
154 typedef struct
155 {
156  unsigned char *buf;
157  size_t length;
158 } rnd_buf_info;
159 
171 static int rnd_buffer_rand( void *rng_state, unsigned char *output, size_t len )
172 {
173  rnd_buf_info *info = (rnd_buf_info *) rng_state;
174  size_t use_len;
175 
176  if( rng_state == NULL )
177  return( rnd_std_rand( NULL, output, len ) );
178 
179  use_len = len;
180  if( len > info->length )
181  use_len = info->length;
182 
183  if( use_len )
184  {
185  memcpy( output, info->buf, use_len );
186  info->buf += use_len;
187  info->length -= use_len;
188  }
189 
190  if( len - use_len > 0 )
191  return( rnd_std_rand( NULL, output + use_len, len - use_len ) );
192 
193  return( 0 );
194 }
195 
203 typedef struct
204 {
205  uint32_t key[16];
206  uint32_t v0, v1;
208 
217 static int rnd_pseudo_rand( void *rng_state, unsigned char *output, size_t len )
218 {
219  rnd_pseudo_info *info = (rnd_pseudo_info *) rng_state;
220  uint32_t i, *k, sum, delta=0x9E3779B9;
221  unsigned char result[4];
222 
223  if( rng_state == NULL )
224  return( rnd_std_rand( NULL, output, len ) );
225 
226  k = info->key;
227 
228  while( len > 0 )
229  {
230  size_t use_len = ( len > 4 ) ? 4 : len;
231  sum = 0;
232 
233  for( i = 0; i < 32; i++ )
234  {
235  info->v0 += (((info->v1 << 4) ^ (info->v1 >> 5)) + info->v1) ^ (sum + k[sum & 3]);
236  sum += delta;
237  info->v1 += (((info->v0 << 4) ^ (info->v0 >> 5)) + info->v0) ^ (sum + k[(sum>>11) & 3]);
238  }
239 
240  PUT_UINT32_BE( info->v0, result, 0 );
241  memcpy( output, result, use_len );
242  len -= use_len;
243  }
244 
245  return( 0 );
246 }
247 
257 static int not_rnd( void *in, unsigned char *out, size_t len )
258 {
259  unsigned char *obuf;
260  const char *ibuf = in;
261  unsigned char c, c2;
262  assert( len == strlen(ibuf) / 2 );
263  assert(!(strlen(ibuf) %1)); // must be even number of bytes
264 
265  obuf = out + (len - 1); // sic
266  while (*ibuf != 0)
267  {
268  c = *ibuf++;
269  if( c >= '0' && c <= '9' )
270  c -= '0';
271  else if( c >= 'a' && c <= 'f' )
272  c -= 'a' - 10;
273  else if( c >= 'A' && c <= 'F' )
274  c -= 'A' - 10;
275  else
276  assert( 0 );
277 
278  c2 = *ibuf++;
279  if( c2 >= '0' && c2 <= '9' )
280  c2 -= '0';
281  else if( c2 >= 'a' && c2 <= 'f' )
282  c2 -= 'a' - 10;
283  else if( c2 >= 'A' && c2 <= 'F' )
284  c2 -= 'A' - 10;
285  else
286  assert( 0 );
287 
288  *obuf-- = ( c << 4 ) | c2; // sic
289  }
290 
291  return( 0 );
292 }
293 
294 
295 #include <stdio.h>
296 #include <string.h>
297 
298 static int test_errors = 0;
299 
300 #ifdef POLARSSL_RSA_C
301 #ifdef POLARSSL_BIGNUM_C
302 #ifdef POLARSSL_GENPRIME
303 
304 #define TEST_SUITE_ACTIVE
305 
306 static int test_assert( int correct, char *test )
307 {
308  if( correct )
309  return( 0 );
310 
311  test_errors++;
312  if( test_errors == 1 )
313  printf( "FAILED\n" );
314  printf( " %s\n", test );
315 
316  return( 1 );
317 }
318 
319 #define TEST_ASSERT( TEST ) \
320  do { test_assert( (TEST) ? 1 : 0, #TEST ); \
321  if( test_errors) return; \
322  } while (0)
323 
324 int verify_string( char **str )
325 {
326  if( (*str)[0] != '"' ||
327  (*str)[strlen( *str ) - 1] != '"' )
328  {
329  printf( "Expected string (with \"\") for parameter and got: %s\n", *str );
330  return( -1 );
331  }
332 
333  (*str)++;
334  (*str)[strlen( *str ) - 1] = '\0';
335 
336  return( 0 );
337 }
338 
339 int verify_int( char *str, int *value )
340 {
341  size_t i;
342  int minus = 0;
343  int digits = 1;
344  int hex = 0;
345 
346  for( i = 0; i < strlen( str ); i++ )
347  {
348  if( i == 0 && str[i] == '-' )
349  {
350  minus = 1;
351  continue;
352  }
353 
354  if( ( ( minus && i == 2 ) || ( !minus && i == 1 ) ) &&
355  str[i - 1] == '0' && str[i] == 'x' )
356  {
357  hex = 1;
358  continue;
359  }
360 
361  if( str[i] < '0' || str[i] > '9' )
362  {
363  digits = 0;
364  break;
365  }
366  }
367 
368  if( digits )
369  {
370  if( hex )
371  *value = strtol( str, NULL, 16 );
372  else
373  *value = strtol( str, NULL, 10 );
374 
375  return( 0 );
376  }
377 
378  if( strcmp( str, "POLARSSL_ERR_RSA_RNG_FAILED" ) == 0 )
379  {
380  *value = ( POLARSSL_ERR_RSA_RNG_FAILED );
381  return( 0 );
382  }
383  if( strcmp( str, "POLARSSL_ERR_RSA_KEY_CHECK_FAILED" ) == 0 )
384  {
386  return( 0 );
387  }
388  if( strcmp( str, "POLARSSL_MD_MD4" ) == 0 )
389  {
390  *value = ( POLARSSL_MD_MD4 );
391  return( 0 );
392  }
393  if( strcmp( str, "POLARSSL_MD_SHA256" ) == 0 )
394  {
395  *value = ( POLARSSL_MD_SHA256 );
396  return( 0 );
397  }
398  if( strcmp( str, "RSA_PKCS_V15" ) == 0 )
399  {
400  *value = ( RSA_PKCS_V15 );
401  return( 0 );
402  }
403  if( strcmp( str, "POLARSSL_MD_MD5" ) == 0 )
404  {
405  *value = ( POLARSSL_MD_MD5 );
406  return( 0 );
407  }
408  if( strcmp( str, "POLARSSL_MD_MD2" ) == 0 )
409  {
410  *value = ( POLARSSL_MD_MD2 );
411  return( 0 );
412  }
413  if( strcmp( str, "POLARSSL_MD_SHA224" ) == 0 )
414  {
415  *value = ( POLARSSL_MD_SHA224 );
416  return( 0 );
417  }
418  if( strcmp( str, "POLARSSL_MD_SHA1" ) == 0 )
419  {
420  *value = ( POLARSSL_MD_SHA1 );
421  return( 0 );
422  }
423  if( strcmp( str, "POLARSSL_ERR_RSA_BAD_INPUT_DATA" ) == 0 )
424  {
425  *value = ( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
426  return( 0 );
427  }
428  if( strcmp( str, "POLARSSL_MD_SHA384" ) == 0 )
429  {
430  *value = ( POLARSSL_MD_SHA384 );
431  return( 0 );
432  }
433  if( strcmp( str, "POLARSSL_MD_SHA512" ) == 0 )
434  {
435  *value = ( POLARSSL_MD_SHA512 );
436  return( 0 );
437  }
438  if( strcmp( str, "POLARSSL_ERR_RSA_VERIFY_FAILED" ) == 0 )
439  {
440  *value = ( POLARSSL_ERR_RSA_VERIFY_FAILED );
441  return( 0 );
442  }
443  if( strcmp( str, "POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE" ) == 0 )
444  {
446  return( 0 );
447  }
448  if( strcmp( str, "POLARSSL_ERR_RSA_INVALID_PADDING" ) == 0 )
449  {
451  return( 0 );
452  }
453 
454 
455  printf( "Expected integer for parameter and got: %s\n", str );
456  return( -1 );
457 }
458 
459 void test_suite_rsa_pkcs1_sign( char *message_hex_string, int padding_mode, int digest,
460  int mod, int radix_P, char *input_P, int radix_Q,
461  char *input_Q, int radix_N, char *input_N, int radix_E,
462  char *input_E, char *result_hex_str, int result )
463 {
464  unsigned char message_str[1000];
465  unsigned char hash_result[1000];
466  unsigned char output[1000];
467  unsigned char output_str[1000];
468  rsa_context ctx;
469  mpi P1, Q1, H, G;
470  int msg_len;
471  rnd_pseudo_info rnd_info;
472 
473  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
474  rsa_init( &ctx, padding_mode, 0 );
475 
476  memset( message_str, 0x00, 1000 );
477  memset( hash_result, 0x00, 1000 );
478  memset( output, 0x00, 1000 );
479  memset( output_str, 0x00, 1000 );
480  memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
481 
482  ctx.len = mod / 8;
483  TEST_ASSERT( mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
484  TEST_ASSERT( mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
485  TEST_ASSERT( mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
486  TEST_ASSERT( mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
487 
488  TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
489  TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
490  TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
491  TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H ) == 0 );
492  TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
493  TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
494  TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
495  TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
496 
497  TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
498 
499  msg_len = unhexify( message_str, message_hex_string );
500 
501  if( md_info_from_type( digest ) != NULL )
502  TEST_ASSERT( md( md_info_from_type( digest ), message_str, msg_len, hash_result ) == 0 );
503 
504  TEST_ASSERT( rsa_pkcs1_sign( &ctx, &rnd_pseudo_rand, &rnd_info, RSA_PRIVATE, digest, 0, hash_result, output ) == result );
505  if( result == 0 )
506  {
507  hexify( output_str, output, ctx.len );
508 
509  TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
510  }
511 
512  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
513  rsa_free( &ctx );
514 }
515 
516 void test_suite_rsa_pkcs1_verify( char *message_hex_string, int padding_mode, int digest,
517  int mod, int radix_N, char *input_N, int radix_E,
518  char *input_E, char *result_hex_str, int result )
519 {
520  unsigned char message_str[1000];
521  unsigned char hash_result[1000];
522  unsigned char result_str[1000];
523  rsa_context ctx;
524  int msg_len;
525 
526  rsa_init( &ctx, padding_mode, 0 );
527  memset( message_str, 0x00, 1000 );
528  memset( hash_result, 0x00, 1000 );
529  memset( result_str, 0x00, 1000 );
530 
531  ctx.len = mod / 8;
532  TEST_ASSERT( mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
533  TEST_ASSERT( mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
534 
535  TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
536 
537  msg_len = unhexify( message_str, message_hex_string );
538  unhexify( result_str, result_hex_str );
539 
540  if( md_info_from_type( digest ) != NULL )
541  TEST_ASSERT( md( md_info_from_type( digest ), message_str, msg_len, hash_result ) == 0 );
542 
543  TEST_ASSERT( rsa_pkcs1_verify( &ctx, NULL, NULL, RSA_PUBLIC, digest, 0, hash_result, result_str ) == result );
544 
545  rsa_free( &ctx );
546 }
547 
548 void test_suite_rsa_pkcs1_sign_raw( char *message_hex_string, char *hash_result_string,
549  int padding_mode, int mod, int radix_P, char *input_P,
550  int radix_Q, char *input_Q, int radix_N,
551  char *input_N, int radix_E, char *input_E,
552  char *result_hex_str )
553 {
554  unsigned char message_str[1000];
555  unsigned char hash_result[1000];
556  unsigned char output[1000];
557  unsigned char output_str[1000];
558  rsa_context ctx;
559  mpi P1, Q1, H, G;
560  int hash_len;
561  rnd_pseudo_info rnd_info;
562 
563  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
564  rsa_init( &ctx, padding_mode, 0 );
565 
566  memset( message_str, 0x00, 1000 );
567  memset( hash_result, 0x00, 1000 );
568  memset( output, 0x00, 1000 );
569  memset( output_str, 0x00, 1000 );
570  memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
571 
572  ctx.len = mod / 8;
573  TEST_ASSERT( mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
574  TEST_ASSERT( mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
575  TEST_ASSERT( mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
576  TEST_ASSERT( mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
577 
578  TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
579  TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
580  TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
581  TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H ) == 0 );
582  TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
583  TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
584  TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
585  TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
586 
587  TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
588 
589  unhexify( message_str, message_hex_string );
590  hash_len = unhexify( hash_result, hash_result_string );
591 
592  TEST_ASSERT( rsa_pkcs1_sign( &ctx, &rnd_pseudo_rand, &rnd_info, RSA_PRIVATE, POLARSSL_MD_NONE, hash_len, hash_result, output ) == 0 );
593 
594  hexify( output_str, output, ctx.len );
595 
596  TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
597 
598  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
599  rsa_free( &ctx );
600 }
601 
602 void test_suite_rsa_pkcs1_verify_raw( char *message_hex_string, char *hash_result_string,
603  int padding_mode, int mod, int radix_N,
604  char *input_N, int radix_E, char *input_E,
605  char *result_hex_str, int correct )
606 {
607  unsigned char message_str[1000];
608  unsigned char hash_result[1000];
609  unsigned char result_str[1000];
610  rsa_context ctx;
611  size_t hash_len;
612 
613  rsa_init( &ctx, padding_mode, 0 );
614  memset( message_str, 0x00, 1000 );
615  memset( hash_result, 0x00, 1000 );
616  memset( result_str, 0x00, 1000 );
617 
618  ctx.len = mod / 8;
619  TEST_ASSERT( mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
620  TEST_ASSERT( mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
621 
622  TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
623 
624  unhexify( message_str, message_hex_string );
625  hash_len = unhexify( hash_result, hash_result_string );
626  unhexify( result_str, result_hex_str );
627 
628  TEST_ASSERT( rsa_pkcs1_verify( &ctx, NULL, NULL, RSA_PUBLIC, POLARSSL_MD_NONE, hash_len, hash_result, result_str ) == correct );
629 
630  rsa_free( &ctx );
631 }
632 
633 void test_suite_rsa_pkcs1_encrypt( char *message_hex_string, int padding_mode, int mod,
634  int radix_N, char *input_N, int radix_E, char *input_E,
635  char *result_hex_str, int result )
636 {
637  unsigned char message_str[1000];
638  unsigned char output[1000];
639  unsigned char output_str[1000];
640  rsa_context ctx;
641  size_t msg_len;
642  rnd_pseudo_info rnd_info;
643 
644  memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
645 
646  rsa_init( &ctx, padding_mode, 0 );
647  memset( message_str, 0x00, 1000 );
648  memset( output, 0x00, 1000 );
649  memset( output_str, 0x00, 1000 );
650 
651  ctx.len = mod / 8;
652  TEST_ASSERT( mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
653  TEST_ASSERT( mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
654 
655  TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
656 
657  msg_len = unhexify( message_str, message_hex_string );
658 
659  TEST_ASSERT( rsa_pkcs1_encrypt( &ctx, &rnd_pseudo_rand, &rnd_info, RSA_PUBLIC, msg_len, message_str, output ) == result );
660  if( result == 0 )
661  {
662  hexify( output_str, output, ctx.len );
663 
664  TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
665  }
666 
667  rsa_free( &ctx );
668 }
669 
670 void test_suite_rsa_pkcs1_encrypt_bad_rng( char *message_hex_string, int padding_mode,
671  int mod, int radix_N, char *input_N,
672  int radix_E, char *input_E,
673  char *result_hex_str, int result )
674 {
675  unsigned char message_str[1000];
676  unsigned char output[1000];
677  unsigned char output_str[1000];
678  rsa_context ctx;
679  size_t msg_len;
680 
681  rsa_init( &ctx, padding_mode, 0 );
682  memset( message_str, 0x00, 1000 );
683  memset( output, 0x00, 1000 );
684  memset( output_str, 0x00, 1000 );
685 
686  ctx.len = mod / 8;
687  TEST_ASSERT( mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
688  TEST_ASSERT( mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
689 
690  TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
691 
692  msg_len = unhexify( message_str, message_hex_string );
693 
694  TEST_ASSERT( rsa_pkcs1_encrypt( &ctx, &rnd_zero_rand, NULL, RSA_PUBLIC, msg_len, message_str, output ) == result );
695  if( result == 0 )
696  {
697  hexify( output_str, output, ctx.len );
698 
699  TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
700  }
701 
702  rsa_free( &ctx );
703 }
704 
705 void test_suite_rsa_pkcs1_decrypt( char *message_hex_string, int padding_mode, int mod,
706  int radix_P, char *input_P, int radix_Q, char *input_Q,
707  int radix_N, char *input_N, int radix_E, char *input_E,
708  int max_output, char *result_hex_str, int result )
709 {
710  unsigned char message_str[1000];
711  unsigned char output[1000];
712  unsigned char output_str[1000];
713  rsa_context ctx;
714  mpi P1, Q1, H, G;
715  size_t output_len;
716  rnd_pseudo_info rnd_info;
717 
718  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
719  rsa_init( &ctx, padding_mode, 0 );
720 
721  memset( message_str, 0x00, 1000 );
722  memset( output, 0x00, 1000 );
723  memset( output_str, 0x00, 1000 );
724  memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
725 
726  ctx.len = mod / 8;
727  TEST_ASSERT( mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
728  TEST_ASSERT( mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
729  TEST_ASSERT( mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
730  TEST_ASSERT( mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
731 
732  TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
733  TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
734  TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
735  TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H ) == 0 );
736  TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
737  TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
738  TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
739  TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
740 
741  TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
742 
743  unhexify( message_str, message_hex_string );
744  output_len = 0;
745 
746  TEST_ASSERT( rsa_pkcs1_decrypt( &ctx, rnd_pseudo_rand, &rnd_info, RSA_PRIVATE, &output_len, message_str, output, max_output ) == result );
747  if( result == 0 )
748  {
749  hexify( output_str, output, ctx.len );
750 
751  TEST_ASSERT( strncasecmp( (char *) output_str, result_hex_str, strlen( result_hex_str ) ) == 0 );
752  }
753 
754  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
755  rsa_free( &ctx );
756 }
757 
758 void test_suite_rsa_public( char *message_hex_string, int mod, int radix_N, char *input_N,
759  int radix_E, char *input_E, char *result_hex_str, int result )
760 {
761  unsigned char message_str[1000];
762  unsigned char output[1000];
763  unsigned char output_str[1000];
764  rsa_context ctx;
765 
766  rsa_init( &ctx, RSA_PKCS_V15, 0 );
767  memset( message_str, 0x00, 1000 );
768  memset( output, 0x00, 1000 );
769  memset( output_str, 0x00, 1000 );
770 
771  ctx.len = mod / 8;
772  TEST_ASSERT( mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
773  TEST_ASSERT( mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
774 
775  TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
776 
777  unhexify( message_str, message_hex_string );
778 
779  TEST_ASSERT( rsa_public( &ctx, message_str, output ) == result );
780  if( result == 0 )
781  {
782  hexify( output_str, output, ctx.len );
783 
784  TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
785  }
786 
787  rsa_free( &ctx );
788 }
789 
790 void test_suite_rsa_private( char *message_hex_string, int mod, int radix_P, char *input_P,
791  int radix_Q, char *input_Q, int radix_N, char *input_N,
792  int radix_E, char *input_E, char *result_hex_str, int result )
793 {
794  unsigned char message_str[1000];
795  unsigned char output[1000];
796  unsigned char output_str[1000];
797  rsa_context ctx;
798  mpi P1, Q1, H, G;
799  rnd_pseudo_info rnd_info;
800  int i;
801 
802  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
803  rsa_init( &ctx, RSA_PKCS_V15, 0 );
804 
805  memset( message_str, 0x00, 1000 );
806  memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
807 
808  ctx.len = mod / 8;
809  TEST_ASSERT( mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
810  TEST_ASSERT( mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
811  TEST_ASSERT( mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
812  TEST_ASSERT( mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
813 
814  TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
815  TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
816  TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
817  TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H ) == 0 );
818  TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
819  TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
820  TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
821  TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
822 
823  TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
824 
825  unhexify( message_str, message_hex_string );
826 
827  /* repeat three times to test updating of blinding values */
828  for( i = 0; i < 3; i++ )
829  {
830  memset( output, 0x00, 1000 );
831  memset( output_str, 0x00, 1000 );
832  TEST_ASSERT( rsa_private( &ctx, rnd_pseudo_rand, &rnd_info,
833  message_str, output ) == result );
834  if( result == 0 )
835  {
836  hexify( output_str, output, ctx.len );
837 
838  TEST_ASSERT( strcasecmp( (char *) output_str,
839  result_hex_str ) == 0 );
840  }
841  }
842 
843  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
844  rsa_free( &ctx );
845 }
846 
847 void test_suite_rsa_check_privkey_null()
848 {
849  rsa_context ctx;
850  memset( &ctx, 0x00, sizeof( rsa_context ) );
851 
853 }
854 
855 void test_suite_rsa_check_pubkey( int radix_N, char *input_N, int radix_E, char *input_E,
856  int result )
857 {
858  rsa_context ctx;
859 
860  rsa_init( &ctx, RSA_PKCS_V15, 0 );
861 
862  if( strlen( input_N ) )
863  {
864  TEST_ASSERT( mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
865  }
866  if( strlen( input_E ) )
867  {
868  TEST_ASSERT( mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
869  }
870 
871  TEST_ASSERT( rsa_check_pubkey( &ctx ) == result );
872 
873  rsa_free( &ctx );
874 }
875 
876 void test_suite_rsa_check_privkey( int mod, int radix_P, char *input_P, int radix_Q,
877  char *input_Q, int radix_N, char *input_N,
878  int radix_E, char *input_E, int radix_D, char *input_D,
879  int radix_DP, char *input_DP, int radix_DQ,
880  char *input_DQ, int radix_QP, char *input_QP,
881  int result )
882 {
883  rsa_context ctx;
884 
885  rsa_init( &ctx, RSA_PKCS_V15, 0 );
886 
887  ctx.len = mod / 8;
888  if( strlen( input_P ) )
889  {
890  TEST_ASSERT( mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
891  }
892  if( strlen( input_Q ) )
893  {
894  TEST_ASSERT( mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
895  }
896  if( strlen( input_N ) )
897  {
898  TEST_ASSERT( mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
899  }
900  if( strlen( input_E ) )
901  {
902  TEST_ASSERT( mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
903  }
904  if( strlen( input_D ) )
905  {
906  TEST_ASSERT( mpi_read_string( &ctx.D, radix_D, input_D ) == 0 );
907  }
908  if( strlen( input_DP ) )
909  {
910  TEST_ASSERT( mpi_read_string( &ctx.DP, radix_DP, input_DP ) == 0 );
911  }
912  if( strlen( input_DQ ) )
913  {
914  TEST_ASSERT( mpi_read_string( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
915  }
916  if( strlen( input_QP ) )
917  {
918  TEST_ASSERT( mpi_read_string( &ctx.QP, radix_QP, input_QP ) == 0 );
919  }
920 
921  TEST_ASSERT( rsa_check_privkey( &ctx ) == result );
922 
923  rsa_free( &ctx );
924 }
925 
926 void test_suite_rsa_gen_key( int nrbits, int exponent, int result)
927 {
928  rsa_context ctx;
929  entropy_context entropy;
930  ctr_drbg_context ctr_drbg;
931  const char *pers = "test_suite_rsa";
932 
933  entropy_init( &entropy );
934  TEST_ASSERT( ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
935  (const unsigned char *) pers, strlen( pers ) ) == 0 );
936 
937  rsa_init( &ctx, 0, 0 );
938 
939  TEST_ASSERT( rsa_gen_key( &ctx, ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result );
940  if( result == 0 )
941  {
942  TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
943  }
944 
945  rsa_free( &ctx );
946  entropy_free( &entropy );
947 }
948 
949 #ifdef POLARSSL_SELF_TEST
950 void test_suite_rsa_selftest()
951 {
952  TEST_ASSERT( rsa_self_test( 0 ) == 0 );
953 }
954 #endif /* POLARSSL_SELF_TEST */
955 
956 
957 #endif /* POLARSSL_RSA_C */
958 #endif /* POLARSSL_BIGNUM_C */
959 #endif /* POLARSSL_GENPRIME */
960 
961 
962 int dep_check( char *str )
963 {
964  if( str == NULL )
965  return( 1 );
966 
967  if( strcmp( str, "POLARSSL_PKCS1_V15" ) == 0 )
968  {
969 #if defined(POLARSSL_PKCS1_V15)
970  return( 0 );
971 #else
972  return( 1 );
973 #endif
974  }
975  if( strcmp( str, "POLARSSL_MD5_C" ) == 0 )
976  {
977 #if defined(POLARSSL_MD5_C)
978  return( 0 );
979 #else
980  return( 1 );
981 #endif
982  }
983  if( strcmp( str, "POLARSSL_ENTROPY_C" ) == 0 )
984  {
985 #if defined(POLARSSL_ENTROPY_C)
986  return( 0 );
987 #else
988  return( 1 );
989 #endif
990  }
991  if( strcmp( str, "POLARSSL_SHA1_C" ) == 0 )
992  {
993 #if defined(POLARSSL_SHA1_C)
994  return( 0 );
995 #else
996  return( 1 );
997 #endif
998  }
999  if( strcmp( str, "POLARSSL_CTR_DRBG_C" ) == 0 )
1000  {
1001 #if defined(POLARSSL_CTR_DRBG_C)
1002  return( 0 );
1003 #else
1004  return( 1 );
1005 #endif
1006  }
1007  if( strcmp( str, "POLARSSL_MD4_C" ) == 0 )
1008  {
1009 #if defined(POLARSSL_MD4_C)
1010  return( 0 );
1011 #else
1012  return( 1 );
1013 #endif
1014  }
1015  if( strcmp( str, "POLARSSL_SHA256_C" ) == 0 )
1016  {
1017 #if defined(POLARSSL_SHA256_C)
1018  return( 0 );
1019 #else
1020  return( 1 );
1021 #endif
1022  }
1023  if( strcmp( str, "POLARSSL_SELF_TEST" ) == 0 )
1024  {
1025 #if defined(POLARSSL_SELF_TEST)
1026  return( 0 );
1027 #else
1028  return( 1 );
1029 #endif
1030  }
1031  if( strcmp( str, "POLARSSL_MD2_C" ) == 0 )
1032  {
1033 #if defined(POLARSSL_MD2_C)
1034  return( 0 );
1035 #else
1036  return( 1 );
1037 #endif
1038  }
1039  if( strcmp( str, "POLARSSL_SHA512_C" ) == 0 )
1040  {
1041 #if defined(POLARSSL_SHA512_C)
1042  return( 0 );
1043 #else
1044  return( 1 );
1045 #endif
1046  }
1047 
1048 
1049  return( 1 );
1050 }
1051 
1052 int dispatch_test(int cnt, char *params[50])
1053 {
1054  int ret;
1055  ((void) cnt);
1056  ((void) params);
1057 
1058 #if defined(TEST_SUITE_ACTIVE)
1059  if( strcmp( params[0], "rsa_pkcs1_sign" ) == 0 )
1060  {
1061 
1062  char *param1 = params[1];
1063  int param2;
1064  int param3;
1065  int param4;
1066  int param5;
1067  char *param6 = params[6];
1068  int param7;
1069  char *param8 = params[8];
1070  int param9;
1071  char *param10 = params[10];
1072  int param11;
1073  char *param12 = params[12];
1074  char *param13 = params[13];
1075  int param14;
1076 
1077  if( cnt != 15 )
1078  {
1079  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 15 );
1080  return( 2 );
1081  }
1082 
1083  if( verify_string( &param1 ) != 0 ) return( 2 );
1084  if( verify_int( params[2], &param2 ) != 0 ) return( 2 );
1085  if( verify_int( params[3], &param3 ) != 0 ) return( 2 );
1086  if( verify_int( params[4], &param4 ) != 0 ) return( 2 );
1087  if( verify_int( params[5], &param5 ) != 0 ) return( 2 );
1088  if( verify_string( &param6 ) != 0 ) return( 2 );
1089  if( verify_int( params[7], &param7 ) != 0 ) return( 2 );
1090  if( verify_string( &param8 ) != 0 ) return( 2 );
1091  if( verify_int( params[9], &param9 ) != 0 ) return( 2 );
1092  if( verify_string( &param10 ) != 0 ) return( 2 );
1093  if( verify_int( params[11], &param11 ) != 0 ) return( 2 );
1094  if( verify_string( &param12 ) != 0 ) return( 2 );
1095  if( verify_string( &param13 ) != 0 ) return( 2 );
1096  if( verify_int( params[14], &param14 ) != 0 ) return( 2 );
1097 
1098  test_suite_rsa_pkcs1_sign( param1, param2, param3, param4, param5, param6, param7, param8, param9, param10, param11, param12, param13, param14 );
1099  return ( 0 );
1100 
1101  return ( 3 );
1102  }
1103  else
1104  if( strcmp( params[0], "rsa_pkcs1_verify" ) == 0 )
1105  {
1106 
1107  char *param1 = params[1];
1108  int param2;
1109  int param3;
1110  int param4;
1111  int param5;
1112  char *param6 = params[6];
1113  int param7;
1114  char *param8 = params[8];
1115  char *param9 = params[9];
1116  int param10;
1117 
1118  if( cnt != 11 )
1119  {
1120  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 11 );
1121  return( 2 );
1122  }
1123 
1124  if( verify_string( &param1 ) != 0 ) return( 2 );
1125  if( verify_int( params[2], &param2 ) != 0 ) return( 2 );
1126  if( verify_int( params[3], &param3 ) != 0 ) return( 2 );
1127  if( verify_int( params[4], &param4 ) != 0 ) return( 2 );
1128  if( verify_int( params[5], &param5 ) != 0 ) return( 2 );
1129  if( verify_string( &param6 ) != 0 ) return( 2 );
1130  if( verify_int( params[7], &param7 ) != 0 ) return( 2 );
1131  if( verify_string( &param8 ) != 0 ) return( 2 );
1132  if( verify_string( &param9 ) != 0 ) return( 2 );
1133  if( verify_int( params[10], &param10 ) != 0 ) return( 2 );
1134 
1135  test_suite_rsa_pkcs1_verify( param1, param2, param3, param4, param5, param6, param7, param8, param9, param10 );
1136  return ( 0 );
1137 
1138  return ( 3 );
1139  }
1140  else
1141  if( strcmp( params[0], "rsa_pkcs1_sign_raw" ) == 0 )
1142  {
1143 
1144  char *param1 = params[1];
1145  char *param2 = params[2];
1146  int param3;
1147  int param4;
1148  int param5;
1149  char *param6 = params[6];
1150  int param7;
1151  char *param8 = params[8];
1152  int param9;
1153  char *param10 = params[10];
1154  int param11;
1155  char *param12 = params[12];
1156  char *param13 = params[13];
1157 
1158  if( cnt != 14 )
1159  {
1160  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 14 );
1161  return( 2 );
1162  }
1163 
1164  if( verify_string( &param1 ) != 0 ) return( 2 );
1165  if( verify_string( &param2 ) != 0 ) return( 2 );
1166  if( verify_int( params[3], &param3 ) != 0 ) return( 2 );
1167  if( verify_int( params[4], &param4 ) != 0 ) return( 2 );
1168  if( verify_int( params[5], &param5 ) != 0 ) return( 2 );
1169  if( verify_string( &param6 ) != 0 ) return( 2 );
1170  if( verify_int( params[7], &param7 ) != 0 ) return( 2 );
1171  if( verify_string( &param8 ) != 0 ) return( 2 );
1172  if( verify_int( params[9], &param9 ) != 0 ) return( 2 );
1173  if( verify_string( &param10 ) != 0 ) return( 2 );
1174  if( verify_int( params[11], &param11 ) != 0 ) return( 2 );
1175  if( verify_string( &param12 ) != 0 ) return( 2 );
1176  if( verify_string( &param13 ) != 0 ) return( 2 );
1177 
1178  test_suite_rsa_pkcs1_sign_raw( param1, param2, param3, param4, param5, param6, param7, param8, param9, param10, param11, param12, param13 );
1179  return ( 0 );
1180 
1181  return ( 3 );
1182  }
1183  else
1184  if( strcmp( params[0], "rsa_pkcs1_verify_raw" ) == 0 )
1185  {
1186 
1187  char *param1 = params[1];
1188  char *param2 = params[2];
1189  int param3;
1190  int param4;
1191  int param5;
1192  char *param6 = params[6];
1193  int param7;
1194  char *param8 = params[8];
1195  char *param9 = params[9];
1196  int param10;
1197 
1198  if( cnt != 11 )
1199  {
1200  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 11 );
1201  return( 2 );
1202  }
1203 
1204  if( verify_string( &param1 ) != 0 ) return( 2 );
1205  if( verify_string( &param2 ) != 0 ) return( 2 );
1206  if( verify_int( params[3], &param3 ) != 0 ) return( 2 );
1207  if( verify_int( params[4], &param4 ) != 0 ) return( 2 );
1208  if( verify_int( params[5], &param5 ) != 0 ) return( 2 );
1209  if( verify_string( &param6 ) != 0 ) return( 2 );
1210  if( verify_int( params[7], &param7 ) != 0 ) return( 2 );
1211  if( verify_string( &param8 ) != 0 ) return( 2 );
1212  if( verify_string( &param9 ) != 0 ) return( 2 );
1213  if( verify_int( params[10], &param10 ) != 0 ) return( 2 );
1214 
1215  test_suite_rsa_pkcs1_verify_raw( param1, param2, param3, param4, param5, param6, param7, param8, param9, param10 );
1216  return ( 0 );
1217 
1218  return ( 3 );
1219  }
1220  else
1221  if( strcmp( params[0], "rsa_pkcs1_encrypt" ) == 0 )
1222  {
1223 
1224  char *param1 = params[1];
1225  int param2;
1226  int param3;
1227  int param4;
1228  char *param5 = params[5];
1229  int param6;
1230  char *param7 = params[7];
1231  char *param8 = params[8];
1232  int param9;
1233 
1234  if( cnt != 10 )
1235  {
1236  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 10 );
1237  return( 2 );
1238  }
1239 
1240  if( verify_string( &param1 ) != 0 ) return( 2 );
1241  if( verify_int( params[2], &param2 ) != 0 ) return( 2 );
1242  if( verify_int( params[3], &param3 ) != 0 ) return( 2 );
1243  if( verify_int( params[4], &param4 ) != 0 ) return( 2 );
1244  if( verify_string( &param5 ) != 0 ) return( 2 );
1245  if( verify_int( params[6], &param6 ) != 0 ) return( 2 );
1246  if( verify_string( &param7 ) != 0 ) return( 2 );
1247  if( verify_string( &param8 ) != 0 ) return( 2 );
1248  if( verify_int( params[9], &param9 ) != 0 ) return( 2 );
1249 
1250  test_suite_rsa_pkcs1_encrypt( param1, param2, param3, param4, param5, param6, param7, param8, param9 );
1251  return ( 0 );
1252 
1253  return ( 3 );
1254  }
1255  else
1256  if( strcmp( params[0], "rsa_pkcs1_encrypt_bad_rng" ) == 0 )
1257  {
1258 
1259  char *param1 = params[1];
1260  int param2;
1261  int param3;
1262  int param4;
1263  char *param5 = params[5];
1264  int param6;
1265  char *param7 = params[7];
1266  char *param8 = params[8];
1267  int param9;
1268 
1269  if( cnt != 10 )
1270  {
1271  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 10 );
1272  return( 2 );
1273  }
1274 
1275  if( verify_string( &param1 ) != 0 ) return( 2 );
1276  if( verify_int( params[2], &param2 ) != 0 ) return( 2 );
1277  if( verify_int( params[3], &param3 ) != 0 ) return( 2 );
1278  if( verify_int( params[4], &param4 ) != 0 ) return( 2 );
1279  if( verify_string( &param5 ) != 0 ) return( 2 );
1280  if( verify_int( params[6], &param6 ) != 0 ) return( 2 );
1281  if( verify_string( &param7 ) != 0 ) return( 2 );
1282  if( verify_string( &param8 ) != 0 ) return( 2 );
1283  if( verify_int( params[9], &param9 ) != 0 ) return( 2 );
1284 
1285  test_suite_rsa_pkcs1_encrypt_bad_rng( param1, param2, param3, param4, param5, param6, param7, param8, param9 );
1286  return ( 0 );
1287 
1288  return ( 3 );
1289  }
1290  else
1291  if( strcmp( params[0], "rsa_pkcs1_decrypt" ) == 0 )
1292  {
1293 
1294  char *param1 = params[1];
1295  int param2;
1296  int param3;
1297  int param4;
1298  char *param5 = params[5];
1299  int param6;
1300  char *param7 = params[7];
1301  int param8;
1302  char *param9 = params[9];
1303  int param10;
1304  char *param11 = params[11];
1305  int param12;
1306  char *param13 = params[13];
1307  int param14;
1308 
1309  if( cnt != 15 )
1310  {
1311  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 15 );
1312  return( 2 );
1313  }
1314 
1315  if( verify_string( &param1 ) != 0 ) return( 2 );
1316  if( verify_int( params[2], &param2 ) != 0 ) return( 2 );
1317  if( verify_int( params[3], &param3 ) != 0 ) return( 2 );
1318  if( verify_int( params[4], &param4 ) != 0 ) return( 2 );
1319  if( verify_string( &param5 ) != 0 ) return( 2 );
1320  if( verify_int( params[6], &param6 ) != 0 ) return( 2 );
1321  if( verify_string( &param7 ) != 0 ) return( 2 );
1322  if( verify_int( params[8], &param8 ) != 0 ) return( 2 );
1323  if( verify_string( &param9 ) != 0 ) return( 2 );
1324  if( verify_int( params[10], &param10 ) != 0 ) return( 2 );
1325  if( verify_string( &param11 ) != 0 ) return( 2 );
1326  if( verify_int( params[12], &param12 ) != 0 ) return( 2 );
1327  if( verify_string( &param13 ) != 0 ) return( 2 );
1328  if( verify_int( params[14], &param14 ) != 0 ) return( 2 );
1329 
1330  test_suite_rsa_pkcs1_decrypt( param1, param2, param3, param4, param5, param6, param7, param8, param9, param10, param11, param12, param13, param14 );
1331  return ( 0 );
1332 
1333  return ( 3 );
1334  }
1335  else
1336  if( strcmp( params[0], "rsa_public" ) == 0 )
1337  {
1338 
1339  char *param1 = params[1];
1340  int param2;
1341  int param3;
1342  char *param4 = params[4];
1343  int param5;
1344  char *param6 = params[6];
1345  char *param7 = params[7];
1346  int param8;
1347 
1348  if( cnt != 9 )
1349  {
1350  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 9 );
1351  return( 2 );
1352  }
1353 
1354  if( verify_string( &param1 ) != 0 ) return( 2 );
1355  if( verify_int( params[2], &param2 ) != 0 ) return( 2 );
1356  if( verify_int( params[3], &param3 ) != 0 ) return( 2 );
1357  if( verify_string( &param4 ) != 0 ) return( 2 );
1358  if( verify_int( params[5], &param5 ) != 0 ) return( 2 );
1359  if( verify_string( &param6 ) != 0 ) return( 2 );
1360  if( verify_string( &param7 ) != 0 ) return( 2 );
1361  if( verify_int( params[8], &param8 ) != 0 ) return( 2 );
1362 
1363  test_suite_rsa_public( param1, param2, param3, param4, param5, param6, param7, param8 );
1364  return ( 0 );
1365 
1366  return ( 3 );
1367  }
1368  else
1369  if( strcmp( params[0], "rsa_private" ) == 0 )
1370  {
1371 
1372  char *param1 = params[1];
1373  int param2;
1374  int param3;
1375  char *param4 = params[4];
1376  int param5;
1377  char *param6 = params[6];
1378  int param7;
1379  char *param8 = params[8];
1380  int param9;
1381  char *param10 = params[10];
1382  char *param11 = params[11];
1383  int param12;
1384 
1385  if( cnt != 13 )
1386  {
1387  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 13 );
1388  return( 2 );
1389  }
1390 
1391  if( verify_string( &param1 ) != 0 ) return( 2 );
1392  if( verify_int( params[2], &param2 ) != 0 ) return( 2 );
1393  if( verify_int( params[3], &param3 ) != 0 ) return( 2 );
1394  if( verify_string( &param4 ) != 0 ) return( 2 );
1395  if( verify_int( params[5], &param5 ) != 0 ) return( 2 );
1396  if( verify_string( &param6 ) != 0 ) return( 2 );
1397  if( verify_int( params[7], &param7 ) != 0 ) return( 2 );
1398  if( verify_string( &param8 ) != 0 ) return( 2 );
1399  if( verify_int( params[9], &param9 ) != 0 ) return( 2 );
1400  if( verify_string( &param10 ) != 0 ) return( 2 );
1401  if( verify_string( &param11 ) != 0 ) return( 2 );
1402  if( verify_int( params[12], &param12 ) != 0 ) return( 2 );
1403 
1404  test_suite_rsa_private( param1, param2, param3, param4, param5, param6, param7, param8, param9, param10, param11, param12 );
1405  return ( 0 );
1406 
1407  return ( 3 );
1408  }
1409  else
1410  if( strcmp( params[0], "rsa_check_privkey_null" ) == 0 )
1411  {
1412 
1413 
1414  if( cnt != 1 )
1415  {
1416  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 1 );
1417  return( 2 );
1418  }
1419 
1420 
1421  test_suite_rsa_check_privkey_null( );
1422  return ( 0 );
1423 
1424  return ( 3 );
1425  }
1426  else
1427  if( strcmp( params[0], "rsa_check_pubkey" ) == 0 )
1428  {
1429 
1430  int param1;
1431  char *param2 = params[2];
1432  int param3;
1433  char *param4 = params[4];
1434  int param5;
1435 
1436  if( cnt != 6 )
1437  {
1438  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 6 );
1439  return( 2 );
1440  }
1441 
1442  if( verify_int( params[1], &param1 ) != 0 ) return( 2 );
1443  if( verify_string( &param2 ) != 0 ) return( 2 );
1444  if( verify_int( params[3], &param3 ) != 0 ) return( 2 );
1445  if( verify_string( &param4 ) != 0 ) return( 2 );
1446  if( verify_int( params[5], &param5 ) != 0 ) return( 2 );
1447 
1448  test_suite_rsa_check_pubkey( param1, param2, param3, param4, param5 );
1449  return ( 0 );
1450 
1451  return ( 3 );
1452  }
1453  else
1454  if( strcmp( params[0], "rsa_check_privkey" ) == 0 )
1455  {
1456 
1457  int param1;
1458  int param2;
1459  char *param3 = params[3];
1460  int param4;
1461  char *param5 = params[5];
1462  int param6;
1463  char *param7 = params[7];
1464  int param8;
1465  char *param9 = params[9];
1466  int param10;
1467  char *param11 = params[11];
1468  int param12;
1469  char *param13 = params[13];
1470  int param14;
1471  char *param15 = params[15];
1472  int param16;
1473  char *param17 = params[17];
1474  int param18;
1475 
1476  if( cnt != 19 )
1477  {
1478  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 19 );
1479  return( 2 );
1480  }
1481 
1482  if( verify_int( params[1], &param1 ) != 0 ) return( 2 );
1483  if( verify_int( params[2], &param2 ) != 0 ) return( 2 );
1484  if( verify_string( &param3 ) != 0 ) return( 2 );
1485  if( verify_int( params[4], &param4 ) != 0 ) return( 2 );
1486  if( verify_string( &param5 ) != 0 ) return( 2 );
1487  if( verify_int( params[6], &param6 ) != 0 ) return( 2 );
1488  if( verify_string( &param7 ) != 0 ) return( 2 );
1489  if( verify_int( params[8], &param8 ) != 0 ) return( 2 );
1490  if( verify_string( &param9 ) != 0 ) return( 2 );
1491  if( verify_int( params[10], &param10 ) != 0 ) return( 2 );
1492  if( verify_string( &param11 ) != 0 ) return( 2 );
1493  if( verify_int( params[12], &param12 ) != 0 ) return( 2 );
1494  if( verify_string( &param13 ) != 0 ) return( 2 );
1495  if( verify_int( params[14], &param14 ) != 0 ) return( 2 );
1496  if( verify_string( &param15 ) != 0 ) return( 2 );
1497  if( verify_int( params[16], &param16 ) != 0 ) return( 2 );
1498  if( verify_string( &param17 ) != 0 ) return( 2 );
1499  if( verify_int( params[18], &param18 ) != 0 ) return( 2 );
1500 
1501  test_suite_rsa_check_privkey( param1, param2, param3, param4, param5, param6, param7, param8, param9, param10, param11, param12, param13, param14, param15, param16, param17, param18 );
1502  return ( 0 );
1503 
1504  return ( 3 );
1505  }
1506  else
1507  if( strcmp( params[0], "rsa_gen_key" ) == 0 )
1508  {
1509 
1510  int param1;
1511  int param2;
1512  int param3;
1513 
1514  if( cnt != 4 )
1515  {
1516  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 4 );
1517  return( 2 );
1518  }
1519 
1520  if( verify_int( params[1], &param1 ) != 0 ) return( 2 );
1521  if( verify_int( params[2], &param2 ) != 0 ) return( 2 );
1522  if( verify_int( params[3], &param3 ) != 0 ) return( 2 );
1523 
1524  test_suite_rsa_gen_key( param1, param2, param3 );
1525  return ( 0 );
1526 
1527  return ( 3 );
1528  }
1529  else
1530  if( strcmp( params[0], "rsa_selftest" ) == 0 )
1531  {
1532  #ifdef POLARSSL_SELF_TEST
1533 
1534 
1535  if( cnt != 1 )
1536  {
1537  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 1 );
1538  return( 2 );
1539  }
1540 
1541 
1542  test_suite_rsa_selftest( );
1543  return ( 0 );
1544  #endif /* POLARSSL_SELF_TEST */
1545 
1546  return ( 3 );
1547  }
1548  else
1549 
1550  {
1551  fprintf( stdout, "FAILED\nSkipping unknown test function '%s'\n", params[0] );
1552  fflush( stdout );
1553  return( 1 );
1554  }
1555 #else
1556  return( 3 );
1557 #endif
1558  return( ret );
1559 }
1560 
1561 int get_line( FILE *f, char *buf, size_t len )
1562 {
1563  char *ret;
1564 
1565  ret = fgets( buf, len, f );
1566  if( ret == NULL )
1567  return( -1 );
1568 
1569  if( strlen( buf ) && buf[strlen(buf) - 1] == '\n' )
1570  buf[strlen(buf) - 1] = '\0';
1571  if( strlen( buf ) && buf[strlen(buf) - 1] == '\r' )
1572  buf[strlen(buf) - 1] = '\0';
1573 
1574  return( 0 );
1575 }
1576 
1577 int parse_arguments( char *buf, size_t len, char *params[50] )
1578 {
1579  int cnt = 0, i;
1580  char *cur = buf;
1581  char *p = buf, *q;
1582 
1583  params[cnt++] = cur;
1584 
1585  while( *p != '\0' && p < buf + len )
1586  {
1587  if( *p == '\\' )
1588  {
1589  *p++;
1590  *p++;
1591  continue;
1592  }
1593  if( *p == ':' )
1594  {
1595  if( p + 1 < buf + len )
1596  {
1597  cur = p + 1;
1598  params[cnt++] = cur;
1599  }
1600  *p = '\0';
1601  }
1602 
1603  *p++;
1604  }
1605 
1606  // Replace newlines, question marks and colons in strings
1607  for( i = 0; i < cnt; i++ )
1608  {
1609  p = params[i];
1610  q = params[i];
1611 
1612  while( *p != '\0' )
1613  {
1614  if( *p == '\\' && *(p + 1) == 'n' )
1615  {
1616  p += 2;
1617  *(q++) = '\n';
1618  }
1619  else if( *p == '\\' && *(p + 1) == ':' )
1620  {
1621  p += 2;
1622  *(q++) = ':';
1623  }
1624  else if( *p == '\\' && *(p + 1) == '?' )
1625  {
1626  p += 2;
1627  *(q++) = '?';
1628  }
1629  else
1630  *(q++) = *(p++);
1631  }
1632  *q = '\0';
1633  }
1634 
1635  return( cnt );
1636 }
1637 
1638 int main()
1639 {
1640  int ret, i, cnt, total_errors = 0, total_tests = 0, total_skipped = 0;
1641  const char *filename = "/home/iurt/rpmbuild/BUILD/polarssl-1.3.1/tests/suites/test_suite_rsa.data";
1642  FILE *file;
1643  char buf[5000];
1644  char *params[50];
1645 
1646 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
1647  unsigned char alloc_buf[1000000];
1648  memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) );
1649 #endif
1650 
1651  file = fopen( filename, "r" );
1652  if( file == NULL )
1653  {
1654  fprintf( stderr, "Failed to open\n" );
1655  return( 1 );
1656  }
1657 
1658  while( !feof( file ) )
1659  {
1660  int skip = 0;
1661 
1662  if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
1663  break;
1664  fprintf( stdout, "%s%.66s", test_errors ? "\n" : "", buf );
1665  fprintf( stdout, " " );
1666  for( i = strlen( buf ) + 1; i < 67; i++ )
1667  fprintf( stdout, "." );
1668  fprintf( stdout, " " );
1669  fflush( stdout );
1670 
1671  total_tests++;
1672 
1673  if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
1674  break;
1675  cnt = parse_arguments( buf, strlen(buf), params );
1676 
1677  if( strcmp( params[0], "depends_on" ) == 0 )
1678  {
1679  for( i = 1; i < cnt; i++ )
1680  if( dep_check( params[i] ) != 0 )
1681  skip = 1;
1682 
1683  if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
1684  break;
1685  cnt = parse_arguments( buf, strlen(buf), params );
1686  }
1687 
1688  if( skip == 0 )
1689  {
1690  test_errors = 0;
1691  ret = dispatch_test( cnt, params );
1692  }
1693 
1694  if( skip == 1 || ret == 3 )
1695  {
1696  total_skipped++;
1697  fprintf( stdout, "----\n" );
1698  fflush( stdout );
1699  }
1700  else if( ret == 0 && test_errors == 0 )
1701  {
1702  fprintf( stdout, "PASS\n" );
1703  fflush( stdout );
1704  }
1705  else if( ret == 2 )
1706  {
1707  fprintf( stderr, "FAILED: FATAL PARSE ERROR\n" );
1708  fclose(file);
1709  exit( 2 );
1710  }
1711  else
1712  total_errors++;
1713 
1714  if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
1715  break;
1716  if( strlen(buf) != 0 )
1717  {
1718  fprintf( stderr, "Should be empty %d\n", (int) strlen(buf) );
1719  return( 1 );
1720  }
1721  }
1722  fclose(file);
1723 
1724  fprintf( stdout, "\n----------------------------------------------------------------------------\n\n");
1725  if( total_errors == 0 )
1726  fprintf( stdout, "PASSED" );
1727  else
1728  fprintf( stdout, "FAILED" );
1729 
1730  fprintf( stdout, " (%d / %d tests (%d skipped))\n",
1731  total_tests - total_errors, total_tests, total_skipped );
1732 
1733 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
1734 #if defined(POLARSSL_MEMORY_DEBUG)
1735  memory_buffer_alloc_status();
1736 #endif
1737  memory_buffer_alloc_free();
1738 #endif
1739 
1740  return( total_errors != 0 );
1741 }
1742 
1743 
int md(const md_info_t *md_info, const unsigned char *input, size_t ilen, unsigned char *output)
Output = message_digest( input buffer )
#define POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE
The output buffer for decryption is not large enough.
Definition: rsa.h:49
static int unhexify(unsigned char *obuf, const char *ibuf)
static int rnd_pseudo_rand(void *rng_state, unsigned char *output, size_t len)
This function returns random based on a pseudo random function.
int ctr_drbg_random(void *p_rng, unsigned char *output, size_t output_len)
CTR_DRBG generate random.
static int test_errors
int rsa_self_test(int verbose)
Checkup routine.
Memory allocation layer.
int rsa_check_privkey(const rsa_context *ctx)
Check a private RSA key.
int mpi_gcd(mpi *G, const mpi *A, const mpi *B)
Greatest common divisor: G = gcd(A, B)
Info structure for the pseudo random function.
#define RSA_PUBLIC
Definition: rsa.h:55
mpi DQ
Definition: rsa.h:89
Configuration options (set of defines)
int rsa_check_pubkey(const rsa_context *ctx)
Check a public RSA key.
Entropy context structure.
Definition: entropy.h:101
int rsa_pkcs1_decrypt(rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
Generic wrapper to perform a PKCS#1 decryption using the mode from the context.
#define POLARSSL_ERR_RSA_RNG_FAILED
The random generator failed to generate non-zeros.
Definition: rsa.h:50
MPI structure.
Definition: bignum.h:168
Entropy accumulator implementation.
static int test_assert(int correct, char *test)
void mpi_init(mpi *X)
Initialize one MPI.
int main(int argc, char *argv[])
size_t len
Definition: rsa.h:80
int dep_check(char *str)
mpi P
Definition: rsa.h:86
#define TEST_ASSERT(TEST)
mpi Q
Definition: rsa.h:87
const md_info_t * md_info_from_type(md_type_t md_type)
Returns the message digest information associated with the given digest type.
void rsa_free(rsa_context *ctx)
Free the components of an RSA key.
int rsa_private(rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, const unsigned char *input, unsigned char *output)
Do an RSA private key operation.
RSA context structure.
Definition: rsa.h:77
mpi D
Definition: rsa.h:85
int rsa_pkcs1_encrypt(rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t ilen, const unsigned char *input, unsigned char *output)
Generic wrapper to perform a PKCS#1 encryption using the mode from the context.
#define POLARSSL_ERR_RSA_INVALID_PADDING
Input data contains invalid padding and is rejected.
Definition: rsa.h:43
mpi QP
Definition: rsa.h:90
#define RSA_PKCS_V15
Definition: rsa.h:58
#define RSA_PRIVATE
Definition: rsa.h:56
mpi N
Definition: rsa.h:82
#define PUT_UINT32_BE(n, b, i)
int mpi_inv_mod(mpi *X, const mpi *A, const mpi *N)
Modular inverse: X = A^-1 mod N.
void mpi_free(mpi *X)
Unallocate one MPI.
mpi E
Definition: rsa.h:83
int parse_arguments(char *buf, size_t len, char *params[50])
int rsa_pkcs1_verify(rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig)
Generic wrapper to perform a PKCS#1 verification using the mode from the context. ...
mpi DP
Definition: rsa.h:88
static int rnd_buffer_rand(void *rng_state, unsigned char *output, size_t len)
This function returns random based on a buffer it receives.
static void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
#define POLARSSL_ERR_RSA_VERIFY_FAILED
The PKCS#1 verification failed.
Definition: rsa.h:48
static int rnd_std_rand(void *rng_state, unsigned char *output, size_t len)
This function just returns data from rand().
int rsa_pkcs1_sign(rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
Generic wrapper to perform a PKCS#1 signature using the mode from the context.
CTR_DRBG context structure.
Definition: ctr_drbg.h:67
int mpi_read_string(mpi *X, int radix, const char *s)
Import from an ASCII string.
The RSA public-key cryptosystem.
int verify_string(char **str)
#define POLARSSL_ERR_RSA_BAD_INPUT_DATA
Bad input parameters to function.
Definition: rsa.h:42
SHA-1 cryptographic hash function.
#define POLARSSL_ERR_RSA_KEY_CHECK_FAILED
Key failed to pass the libraries validity check.
Definition: rsa.h:45
int dispatch_test(int cnt, char *params[50])
int rsa_gen_key(rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, unsigned int nbits, int exponent)
Generate an RSA keypair.
void rsa_init(rsa_context *ctx, int padding, int hash_id)
Initialize an RSA context.
int mpi_mod_mpi(mpi *R, const mpi *A, const mpi *B)
Modulo: R = A mod B.
unsigned char * buf
SHA-384 and SHA-512 cryptographic hash function.
int ctr_drbg_init(ctr_drbg_context *ctx, int(*f_entropy)(void *, unsigned char *, size_t), void *p_entropy, const unsigned char *custom, size_t len)
CTR_DRBG initialization.
int mpi_mul_mpi(mpi *X, const mpi *A, const mpi *B)
Baseline multiplication: X = A * B.
int verify_int(char *str, int *value)
MD4 message digest algorithm (hash function)
void entropy_init(entropy_context *ctx)
Initialize the context.
MD5 message digest algorithm (hash function)
SHA-224 and SHA-256 cryptographic hash function.
int mpi_sub_int(mpi *X, const mpi *A, t_sint b)
Signed substraction: X = A - b.
static int not_rnd(void *in, unsigned char *out, size_t len)
This function returns a buffer given as a hex string.
MD2 message digest algorithm (hash function)
int entropy_func(void *data, unsigned char *output, size_t len)
Retrieve entropy from the accumulator (Max ENTROPY_BLOCK_SIZE) (Thread-safe if POLARSSL_THREADING_C i...
static int rnd_zero_rand(void *rng_state, unsigned char *output, size_t len)
This function only returns zeros.
void entropy_free(entropy_context *ctx)
Free the data in the context.
int get_line(FILE *f, char *buf, size_t len)
CTR_DRBG based on AES-256 (NIST SP 800-90)
int rsa_public(rsa_context *ctx, const unsigned char *input, unsigned char *output)
Do an RSA public key operation.