Suyu/mbedtls
1
0
Fork 0
mirror of https://git.suyu.dev/suyu/mbedtls.git synced 2025-12-24 00:06:32 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add expectation when testing RSA key import/export

Browse source 
This commit adds a flag to the RSA import/export tests indicating whether it is
expected that a full RSA keypair can be set up from the provided parameters.

Further, the tests of `mbedtls_rsa_import` and `mbedtls_rsa_import_raw` are
expanded to perform key checks and an example encryption-decryption.
This commit is contained in:
Hanno Becker 2017-09-29 11:51:05 +01:00
parent 4d6e83406c
commit e1582a832b
2 changed files with 131 additions and 47 deletions
Download patch file Download diff file Expand all files Collapse all files

94
tests/suites/test_suite_rsa.function
View file

@ -843,11 +843,17 @@ void mbedtls_rsa_import( int radix_N, char *input_N,
int radix_D, char *input_D,
int radix_E, char *input_E,
int successive,
int is_priv,
int result )
{
mbedtls_mpi N, P, Q, D, E;
mbedtls_rsa_context ctx;
/* Buffers used for encryption-decryption test */
unsigned char *buf_orig = NULL;
unsigned char *buf_enc = NULL;
unsigned char *buf_dec = NULL;
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
const char *pers = "test_suite_rsa";
@ -927,8 +933,47 @@ void mbedtls_rsa_import( int radix_N, char *input_N,
mbedtls_ctr_drbg_random,
&ctr_drbg ) == result );
/* On expected success, perform some public and private
* key operations to check if the key is working properly. */
if( result == 0 )
{
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
/* Did we expect a full private key to be setup? */
if( is_priv )
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
goto exit;
TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
/* Make sure the number we're generating is smaller than the modulus */
buf_orig[0] = 0x00;
TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
if( is_priv )
{
TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
&ctr_drbg, buf_enc,
buf_dec ) == 0 );
TEST_ASSERT( memcmp( buf_orig, buf_dec,
mbedtls_rsa_get_len( &ctx ) ) == 0 );
}
}
exit:
mbedtls_free( buf_orig );
mbedtls_free( buf_enc );
mbedtls_free( buf_dec );
mbedtls_rsa_free( &ctx );
mbedtls_ctr_drbg_free( &ctr_drbg );
@ -946,6 +991,7 @@ void mbedtls_rsa_export( int radix_N, char *input_N,
int radix_Q, char *input_Q,
int radix_D, char *input_D,
int radix_E, char *input_E,
int is_priv,
int successive )
{
/* Original MPI's with which we set up the RSA context */
@ -960,8 +1006,6 @@ void mbedtls_rsa_export( int radix_N, char *input_N,
const int have_D = ( strlen( input_D ) > 0 );
const int have_E = ( strlen( input_E ) > 0 );
const int is_priv = have_P || have_Q || have_D;
mbedtls_rsa_context ctx;
mbedtls_rsa_init( &ctx, 0, 0 );
@ -1132,7 +1176,8 @@ exit:
/* BEGIN_CASE depends_on:MBEDTLS_CTR_DRBG_C:MBEDTLS_ENTROPY_C */
void mbedtls_rsa_export_raw( char *input_N, char *input_P,
char *input_Q, char *input_D,
char *input_E, int successive )
char *input_E, int is_priv,
int successive )
{
/* Original raw buffers with which we set up the RSA context */
unsigned char bufN[1000];
@ -1160,8 +1205,6 @@ void mbedtls_rsa_export_raw( char *input_N, char *input_P,
const int have_D = ( strlen( input_D ) > 0 );
const int have_E = ( strlen( input_E ) > 0 );
const int is_priv = have_P || have_Q || have_D;
mbedtls_rsa_context ctx;
mbedtls_rsa_init( &ctx, 0, 0 );
@ -1265,6 +1308,7 @@ void mbedtls_rsa_import_raw( char *input_N,
char *input_P, char *input_Q,
char *input_D, char *input_E,
int successive,
int is_priv,
int result )
{
unsigned char bufN[1000];
@ -1273,6 +1317,11 @@ void mbedtls_rsa_import_raw( char *input_N,
unsigned char bufD[1000];
unsigned char bufE[1000];
/* Buffers used for encryption-decryption test */
unsigned char *buf_orig = NULL;
unsigned char *buf_enc = NULL;
unsigned char *buf_dec = NULL;
size_t lenN = 0;
size_t lenP = 0;
size_t lenQ = 0;
@ -1351,6 +1400,41 @@ void mbedtls_rsa_import_raw( char *input_N,
mbedtls_ctr_drbg_random,
&ctr_drbg ) == result );
/* On expected success, perform some public and private
* key operations to check if the key is working properly. */
if( result == 0 )
{
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
/* Did we expect a full private key to be setup? */
if( is_priv )
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
buf_orig = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
buf_enc = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
buf_dec = mbedtls_calloc( 1, mbedtls_rsa_get_len( &ctx ) );
if( buf_orig == NULL || buf_enc == NULL || buf_dec == NULL )
goto exit;
TEST_ASSERT( mbedtls_ctr_drbg_random( &ctr_drbg,
buf_orig, mbedtls_rsa_get_len( &ctx ) ) == 0 );
/* Make sure the number we're generating is smaller than the modulus */
buf_orig[0] = 0x00;
TEST_ASSERT( mbedtls_rsa_public( &ctx, buf_orig, buf_enc ) == 0 );
if( is_priv )
{
TEST_ASSERT( mbedtls_rsa_private( &ctx, mbedtls_ctr_drbg_random,
&ctr_drbg, buf_enc,
buf_dec ) == 0 );
TEST_ASSERT( memcmp( buf_orig, buf_dec,
mbedtls_rsa_get_len( &ctx ) ) == 0 );
}
}
exit:
mbedtls_rsa_free( &ctx );