Adapt RSA test suite

Don't expect alternative implementations to implement the RSA operations for wrong key-types.
This commit is contained in:
Hanno Becker 2017-10-05 10:16:37 +01:00
parent 1613715f6f
commit f8b56d4e41

View file

@ -59,9 +59,12 @@ void mbedtls_rsa_pkcs1_sign( char *message_hex_string, int padding_mode, int dig
msg_len = unhexify( message_str, message_hex_string ); msg_len = unhexify( message_str, message_hex_string );
if( mbedtls_md_info_from_type( digest ) != NULL ) if( mbedtls_md_info_from_type( digest ) != NULL )
TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str, msg_len, hash_result ) == 0 ); TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ),
message_str, msg_len, hash_result ) == 0 );
TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE, digest, 0, hash_result, output ) == result ); TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_pseudo_rand, &rnd_info,
MBEDTLS_RSA_PRIVATE, digest, 0,
hash_result, output ) == result );
if( result == 0 ) if( result == 0 )
{ {
hexify( output_str, output, ctx.len ); hexify( output_str, output, ctx.len );
@ -70,7 +73,8 @@ void mbedtls_rsa_pkcs1_sign( char *message_hex_string, int padding_mode, int dig
} }
exit: exit:
mbedtls_mpi_free( &P1 ); mbedtls_mpi_free( &Q1 ); mbedtls_mpi_free( &H ); mbedtls_mpi_free( &G ); mbedtls_mpi_free( &P1 ); mbedtls_mpi_free( &Q1 );
mbedtls_mpi_free( &H ); mbedtls_mpi_free( &G );
mbedtls_rsa_free( &ctx ); mbedtls_rsa_free( &ctx );
} }
/* END_CASE */ /* END_CASE */
@ -118,6 +122,7 @@ void rsa_pkcs1_sign_raw( char *message_hex_string, char *hash_result_string,
char *input_N, int radix_E, char *input_E, char *input_N, int radix_E, char *input_E,
char *result_hex_str ) char *result_hex_str )
{ {
int res;
unsigned char message_str[1000]; unsigned char message_str[1000];
unsigned char hash_result[1000]; unsigned char hash_result[1000];
unsigned char output[1000]; unsigned char output[1000];
@ -156,7 +161,9 @@ void rsa_pkcs1_sign_raw( char *message_hex_string, char *hash_result_string,
unhexify( message_str, message_hex_string ); unhexify( message_str, message_hex_string );
hash_len = unhexify( hash_result, hash_result_string ); hash_len = unhexify( hash_result, hash_result_string );
TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_NONE, hash_len, hash_result, output ) == 0 ); TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &rnd_pseudo_rand, &rnd_info,
MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_NONE,
hash_len, hash_result, output ) == 0 );
hexify( output_str, output, ctx.len ); hexify( output_str, output, ctx.len );
@ -168,13 +175,22 @@ void rsa_pkcs1_sign_raw( char *message_hex_string, char *hash_result_string,
memset( output, 0x00, 1000 ); memset( output, 0x00, 1000 );
memset( output_str, 0x00, 1000 ); memset( output_str, 0x00, 1000 );
TEST_ASSERT( mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, res = mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx,
&rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE, &rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PRIVATE,
hash_len, hash_result, output ) == 0 ); hash_len, hash_result, output );
hexify( output_str, output, ctx.len ); #if !defined(MBEDTLS_RSA_ALT)
TEST_ASSERT( res == 0 );
#else
TEST_ASSERT( ( res == 0 ) ||
( res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION ) );
#endif
TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 ); if( res == 0 )
{
hexify( output_str, output, ctx.len );
TEST_ASSERT( strcasecmp( (char *) output_str, result_hex_str ) == 0 );
}
} }
exit: exit:
@ -189,6 +205,7 @@ void rsa_pkcs1_verify_raw( char *message_hex_string, char *hash_result_string,
char *input_N, int radix_E, char *input_E, char *input_N, int radix_E, char *input_E,
char *result_hex_str, int correct ) char *result_hex_str, int correct )
{ {
int res;
unsigned char message_str[1000]; unsigned char message_str[1000];
unsigned char hash_result[1000]; unsigned char hash_result[1000];
unsigned char result_str[1000]; unsigned char result_str[1000];
@ -219,15 +236,25 @@ void rsa_pkcs1_verify_raw( char *message_hex_string, char *hash_result_string,
{ {
int ok; int ok;
TEST_ASSERT( mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, res = mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx,
NULL, NULL, MBEDTLS_RSA_PUBLIC, NULL, NULL, MBEDTLS_RSA_PUBLIC,
&olen, result_str, output, sizeof( output ) ) == 0 ); &olen, result_str, output, sizeof( output ) );
ok = olen == hash_len && memcmp( output, hash_result, olen ) == 0; #if !defined(MBEDTLS_RSA_ALT)
if( correct == 0 ) TEST_ASSERT( res == 0 );
TEST_ASSERT( ok == 1 ); #else
else TEST_ASSERT( ( res == 0 ) ||
TEST_ASSERT( ok == 0 ); ( res == MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION ) );
#endif
if( res == 0 )
{
ok = olen == hash_len && memcmp( output, hash_result, olen ) == 0;
if( correct == 0 )
TEST_ASSERT( ok == 1 );
else
TEST_ASSERT( ok == 0 );
}
} }
exit: exit:
@ -262,7 +289,9 @@ void mbedtls_rsa_pkcs1_encrypt( char *message_hex_string, int padding_mode, int
msg_len = unhexify( message_str, message_hex_string ); msg_len = unhexify( message_str, message_hex_string );
TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &rnd_pseudo_rand, &rnd_info, MBEDTLS_RSA_PUBLIC, msg_len, message_str, output ) == result ); TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &rnd_pseudo_rand, &rnd_info,
MBEDTLS_RSA_PUBLIC, msg_len,
message_str, output ) == result );
if( result == 0 ) if( result == 0 )
{ {
hexify( output_str, output, ctx.len ); hexify( output_str, output, ctx.len );
@ -300,7 +329,9 @@ void rsa_pkcs1_encrypt_bad_rng( char *message_hex_string, int padding_mode,
msg_len = unhexify( message_str, message_hex_string ); msg_len = unhexify( message_str, message_hex_string );
TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &rnd_zero_rand, NULL, MBEDTLS_RSA_PUBLIC, msg_len, message_str, output ) == result ); TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &rnd_zero_rand, NULL,
MBEDTLS_RSA_PUBLIC, msg_len,
message_str, output ) == result );
if( result == 0 ) if( result == 0 )
{ {
hexify( output_str, output, ctx.len ); hexify( output_str, output, ctx.len );