1 #if !defined(POLARSSL_CONFIG_FILE)
4 #include POLARSSL_CONFIG_FILE
7 #ifdef POLARSSL_PKCS1_V21
18 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
22 #if defined(POLARSSL_PLATFORM_C)
25 #define polarssl_malloc malloc
26 #define polarssl_free free
31 typedef UINT32 uint32_t;
44 #define GET_UINT32_BE(n,b,i) \
46 (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
47 | ( (uint32_t) (b)[(i) + 1] << 16 ) \
48 | ( (uint32_t) (b)[(i) + 2] << 8 ) \
49 | ( (uint32_t) (b)[(i) + 3] ); \
54 #define PUT_UINT32_BE(n,b,i) \
56 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
57 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
58 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
59 (b)[(i) + 3] = (unsigned char) ( (n) ); \
63 static int unhexify(
unsigned char *obuf,
const char *ibuf)
66 int len = strlen(ibuf) / 2;
67 assert(!(strlen(ibuf) %1));
72 if( c >=
'0' && c <=
'9' )
74 else if( c >=
'a' && c <=
'f' )
76 else if( c >=
'A' && c <=
'F' )
82 if( c2 >=
'0' && c2 <=
'9' )
84 else if( c2 >=
'a' && c2 <=
'f' )
86 else if( c2 >=
'A' && c2 <=
'F' )
91 *obuf++ = ( c << 4 ) | c2;
97 static void hexify(
unsigned char *obuf,
const unsigned char *ibuf,
int len)
109 *obuf++ =
'a' + h - 10;
114 *obuf++ =
'a' + l - 10;
131 size_t actual_len = len != 0 ? len : 1;
136 memset( p, 0x00, actual_len );
155 *olen = strlen(ibuf) / 2;
161 assert( obuf != NULL );
177 static int rnd_std_rand(
void *rng_state,
unsigned char *output,
size_t len )
179 #if !defined(__OpenBSD__)
182 if( rng_state != NULL )
185 for( i = 0; i < len; ++i )
188 if( rng_state != NULL )
191 arc4random_buf( output, len );
202 static int rnd_zero_rand(
void *rng_state,
unsigned char *output,
size_t len )
204 if( rng_state != NULL )
207 memset( output, 0, len );
234 if( rng_state == NULL )
243 memcpy( output, info->
buf, use_len );
244 info->
buf += use_len;
248 if( len - use_len > 0 )
249 return(
rnd_std_rand( NULL, output + use_len, len - use_len ) );
278 uint32_t i, *k, sum, delta=0x9E3779B9;
279 unsigned char result[4], *out = output;
281 if( rng_state == NULL )
288 size_t use_len = ( len > 4 ) ? 4 : len;
291 for( i = 0; i < 32; i++ )
293 info->
v0 += (((info->
v1 << 4) ^ (info->
v1 >> 5)) + info->
v1) ^ (sum + k[sum & 3]);
295 info->
v1 += (((info->
v0 << 4) ^ (info->
v0 >> 5)) + info->
v0) ^ (sum + k[(sum>>11) & 3]);
299 memcpy( out, result, use_len );
311 #if defined(POLARSSL_PLATFORM_C)
314 #define polarssl_printf printf
315 #define polarssl_malloc malloc
316 #define polarssl_free free
321 #ifdef POLARSSL_PKCS1_V21
322 #ifdef POLARSSL_RSA_C
323 #ifdef POLARSSL_SHA1_C
325 #define TEST_SUITE_ACTIVE
327 static int test_assert(
int correct,
const char *test )
334 printf(
"FAILED\n" );
335 printf(
" %s\n", test );
340 #define TEST_ASSERT( TEST ) \
341 do { test_assert( (TEST) ? 1 : 0, #TEST ); \
342 if( test_errors) goto exit; \
347 if( (*str)[0] !=
'"' ||
348 (*str)[strlen( *str ) - 1] !=
'"' )
350 printf(
"Expected string (with \"\") for parameter and got: %s\n", *str );
355 (*str)[strlen( *str ) - 1] =
'\0';
367 for( i = 0; i < strlen( str ); i++ )
369 if( i == 0 && str[i] ==
'-' )
375 if( ( ( minus && i == 2 ) || ( !minus && i == 1 ) ) &&
376 str[i - 1] ==
'0' && str[i] ==
'x' )
382 if( ! ( ( str[i] >=
'0' && str[i] <=
'9' ) ||
383 ( hex && ( ( str[i] >=
'a' && str[i] <=
'f' ) ||
384 ( str[i] >=
'A' && str[i] <=
'F' ) ) ) ) )
394 *value = strtol( str, NULL, 16 );
396 *value = strtol( str, NULL, 10 );
401 if( strcmp( str,
"POLARSSL_ERR_RSA_VERIFY_FAILED" ) == 0 )
406 if( strcmp( str,
"POLARSSL_ERR_RSA_BAD_INPUT_DATA" ) == 0 )
411 if( strcmp( str,
"POLARSSL_MD_SHA1" ) == 0 )
416 if( strcmp( str,
"POLARSSL_MD_SHA512" ) == 0 )
421 if( strcmp( str,
"POLARSSL_ERR_RSA_INVALID_PADDING" ) == 0 )
426 if( strcmp( str,
"POLARSSL_MD_SHA256" ) == 0 )
431 if( strcmp( str,
"RSA_SALT_LEN_ANY" ) == 0 )
436 if( strcmp( str,
"POLARSSL_MD_NONE" ) == 0 )
443 printf(
"Expected integer for parameter and got: %s\n", str );
447 void test_suite_pkcs1_rsaes_oaep_encrypt(
int mod,
int radix_N,
char *input_N,
int radix_E,
448 char *input_E,
int hash,
449 char *message_hex_string,
char *seed,
450 char *result_hex_str,
int result )
452 unsigned char message_str[1000];
453 unsigned char output[1000];
454 unsigned char output_str[1000];
455 unsigned char rnd_buf[1000];
464 memset( message_str, 0x00, 1000 );
465 memset( output, 0x00, 1000 );
466 memset( output_str, 0x00, 1000 );
468 ctx.
len = mod / 8 + ( ( mod % 8 ) ? 1 : 0 );
474 msg_len =
unhexify( message_str, message_hex_string );
481 TEST_ASSERT( strcasecmp( (
char *) output_str, result_hex_str ) == 0 );
488 void test_suite_pkcs1_rsaes_oaep_decrypt(
int mod,
int radix_P,
char *input_P,
489 int radix_Q,
char *input_Q,
int radix_N,
490 char *input_N,
int radix_E,
char *input_E,
491 int hash,
char *result_hex_str,
char *seed,
492 char *message_hex_string,
int result )
494 unsigned char message_str[1000];
495 unsigned char output[1000];
496 unsigned char output_str[1000];
506 memset( message_str, 0x00, 1000 );
507 memset( output, 0x00, 1000 );
508 memset( output_str, 0x00, 1000 );
511 ctx.
len = mod / 8 + ( ( mod % 8 ) ? 1 : 0 );
528 unhexify( message_str, message_hex_string );
535 TEST_ASSERT( strncasecmp( (
char *) output_str, result_hex_str, strlen( result_hex_str ) ) == 0 );
543 void test_suite_pkcs1_rsassa_pss_sign(
int mod,
int radix_P,
char *input_P,
int radix_Q,
544 char *input_Q,
int radix_N,
char *input_N,
545 int radix_E,
char *input_E,
int digest,
int hash,
546 char *message_hex_string,
char *salt,
547 char *result_hex_str,
int result )
549 unsigned char message_str[1000];
550 unsigned char hash_result[1000];
551 unsigned char output[1000];
552 unsigned char output_str[1000];
553 unsigned char rnd_buf[1000];
565 memset( message_str, 0x00, 1000 );
566 memset( hash_result, 0x00, 1000 );
567 memset( output, 0x00, 1000 );
568 memset( output_str, 0x00, 1000 );
570 ctx.
len = mod / 8 + ( ( mod % 8 ) ? 1 : 0 );
587 msg_len =
unhexify( message_str, message_hex_string );
597 TEST_ASSERT( strcasecmp( (
char *) output_str, result_hex_str ) == 0 );
605 void test_suite_pkcs1_rsassa_pss_verify(
int mod,
int radix_N,
char *input_N,
int radix_E,
606 char *input_E,
int digest,
int hash,
607 char *message_hex_string,
char *salt,
608 char *result_hex_str,
int result )
610 unsigned char message_str[1000];
611 unsigned char hash_result[1000];
612 unsigned char result_str[1000];
618 memset( message_str, 0x00, 1000 );
619 memset( hash_result, 0x00, 1000 );
620 memset( result_str, 0x00, 1000 );
622 ctx.
len = mod / 8 + ( ( mod % 8 ) ? 1 : 0 );
628 msg_len =
unhexify( message_str, message_hex_string );
629 unhexify( result_str, result_hex_str );
640 void test_suite_pkcs1_rsassa_pss_verify_ext(
int mod,
641 int radix_N,
char *input_N,
642 int radix_E,
char *input_E,
643 int msg_digest_id,
int ctx_hash,
644 int mgf_hash,
int salt_len,
645 char *message_hex_string,
646 char *result_hex_str,
650 unsigned char message_str[1000];
651 unsigned char hash_result[1000];
652 unsigned char result_str[1000];
654 size_t msg_len, hash_len;
657 memset( message_str, 0x00, 1000 );
658 memset( hash_result, 0x00, 1000 );
659 memset( result_str, 0x00, 1000 );
661 ctx.
len = mod / 8 + ( ( mod % 8 ) ? 1 : 0 );
667 msg_len =
unhexify( message_str, message_hex_string );
668 unhexify( result_str, result_hex_str );
673 message_str, msg_len, hash_result ) == 0 );
678 memcpy( hash_result, message_str, msg_len );
683 msg_digest_id, hash_len, hash_result,
684 result_str ) == result_simple );
687 msg_digest_id, hash_len, hash_result,
689 result_str ) == result_full );
706 if( strcmp( str,
"POLARSSL_SHA256_C" ) == 0 )
708 #if defined(POLARSSL_SHA256_C)
725 #if defined(TEST_SUITE_ACTIVE)
726 if( strcmp( params[0],
"pkcs1_rsaes_oaep_encrypt" ) == 0 )
731 char *param3 = params[3];
733 char *param5 = params[5];
735 char *param7 = params[7];
736 char *param8 = params[8];
737 char *param9 = params[9];
742 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 11 );
746 if(
verify_int( params[1], ¶m1 ) != 0 )
return( 2 );
747 if(
verify_int( params[2], ¶m2 ) != 0 )
return( 2 );
749 if(
verify_int( params[4], ¶m4 ) != 0 )
return( 2 );
751 if(
verify_int( params[6], ¶m6 ) != 0 )
return( 2 );
755 if(
verify_int( params[10], ¶m10 ) != 0 )
return( 2 );
757 test_suite_pkcs1_rsaes_oaep_encrypt( param1, param2, param3, param4, param5, param6, param7, param8, param9, param10 );
763 if( strcmp( params[0],
"pkcs1_rsaes_oaep_decrypt" ) == 0 )
768 char *param3 = params[3];
770 char *param5 = params[5];
772 char *param7 = params[7];
774 char *param9 = params[9];
776 char *param11 = params[11];
777 char *param12 = params[12];
778 char *param13 = params[13];
783 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 15 );
787 if(
verify_int( params[1], ¶m1 ) != 0 )
return( 2 );
788 if(
verify_int( params[2], ¶m2 ) != 0 )
return( 2 );
790 if(
verify_int( params[4], ¶m4 ) != 0 )
return( 2 );
792 if(
verify_int( params[6], ¶m6 ) != 0 )
return( 2 );
794 if(
verify_int( params[8], ¶m8 ) != 0 )
return( 2 );
796 if(
verify_int( params[10], ¶m10 ) != 0 )
return( 2 );
800 if(
verify_int( params[14], ¶m14 ) != 0 )
return( 2 );
802 test_suite_pkcs1_rsaes_oaep_decrypt( param1, param2, param3, param4, param5, param6, param7, param8, param9, param10, param11, param12, param13, param14 );
808 if( strcmp( params[0],
"pkcs1_rsassa_pss_sign" ) == 0 )
813 char *param3 = params[3];
815 char *param5 = params[5];
817 char *param7 = params[7];
819 char *param9 = params[9];
822 char *param12 = params[12];
823 char *param13 = params[13];
824 char *param14 = params[14];
829 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 16 );
833 if(
verify_int( params[1], ¶m1 ) != 0 )
return( 2 );
834 if(
verify_int( params[2], ¶m2 ) != 0 )
return( 2 );
836 if(
verify_int( params[4], ¶m4 ) != 0 )
return( 2 );
838 if(
verify_int( params[6], ¶m6 ) != 0 )
return( 2 );
840 if(
verify_int( params[8], ¶m8 ) != 0 )
return( 2 );
842 if(
verify_int( params[10], ¶m10 ) != 0 )
return( 2 );
843 if(
verify_int( params[11], ¶m11 ) != 0 )
return( 2 );
847 if(
verify_int( params[15], ¶m15 ) != 0 )
return( 2 );
849 test_suite_pkcs1_rsassa_pss_sign( param1, param2, param3, param4, param5, param6, param7, param8, param9, param10, param11, param12, param13, param14, param15 );
855 if( strcmp( params[0],
"pkcs1_rsassa_pss_verify" ) == 0 )
860 char *param3 = params[3];
862 char *param5 = params[5];
865 char *param8 = params[8];
866 char *param9 = params[9];
867 char *param10 = params[10];
872 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 12 );
876 if(
verify_int( params[1], ¶m1 ) != 0 )
return( 2 );
877 if(
verify_int( params[2], ¶m2 ) != 0 )
return( 2 );
879 if(
verify_int( params[4], ¶m4 ) != 0 )
return( 2 );
881 if(
verify_int( params[6], ¶m6 ) != 0 )
return( 2 );
882 if(
verify_int( params[7], ¶m7 ) != 0 )
return( 2 );
886 if(
verify_int( params[11], ¶m11 ) != 0 )
return( 2 );
888 test_suite_pkcs1_rsassa_pss_verify( param1, param2, param3, param4, param5, param6, param7, param8, param9, param10, param11 );
894 if( strcmp( params[0],
"pkcs1_rsassa_pss_verify_ext" ) == 0 )
899 char *param3 = params[3];
901 char *param5 = params[5];
906 char *param10 = params[10];
907 char *param11 = params[11];
913 fprintf( stderr,
"\nIncorrect argument count (%d != %d)\n", cnt, 14 );
917 if(
verify_int( params[1], ¶m1 ) != 0 )
return( 2 );
918 if(
verify_int( params[2], ¶m2 ) != 0 )
return( 2 );
920 if(
verify_int( params[4], ¶m4 ) != 0 )
return( 2 );
922 if(
verify_int( params[6], ¶m6 ) != 0 )
return( 2 );
923 if(
verify_int( params[7], ¶m7 ) != 0 )
return( 2 );
924 if(
verify_int( params[8], ¶m8 ) != 0 )
return( 2 );
925 if(
verify_int( params[9], ¶m9 ) != 0 )
return( 2 );
928 if(
verify_int( params[12], ¶m12 ) != 0 )
return( 2 );
929 if(
verify_int( params[13], ¶m13 ) != 0 )
return( 2 );
931 test_suite_pkcs1_rsassa_pss_verify_ext( param1, param2, param3, param4, param5, param6, param7, param8, param9, param10, param11, param12, param13 );
939 fprintf( stdout,
"FAILED\nSkipping unknown test function '%s'\n", params[0] );
953 ret = fgets( buf, len, f );
957 if( strlen( buf ) && buf[strlen(buf) - 1] ==
'\n' )
958 buf[strlen(buf) - 1] =
'\0';
959 if( strlen( buf ) && buf[strlen(buf) - 1] ==
'\r' )
960 buf[strlen(buf) - 1] =
'\0';
973 while( *p !=
'\0' && p < buf + len )
983 if( p + 1 < buf + len )
995 for( i = 0; i < cnt; i++ )
1002 if( *p ==
'\\' && *(p + 1) ==
'n' )
1007 else if( *p ==
'\\' && *(p + 1) ==
':' )
1012 else if( *p ==
'\\' && *(p + 1) ==
'?' )
1028 int ret, i, cnt, total_errors = 0, total_tests = 0, total_skipped = 0;
1029 const char *filename =
"/builddir/build/BUILD/polarssl-1.3.9/tests/suites/test_suite_pkcs1_v21.data";
1034 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
1035 unsigned char alloc_buf[1000000];
1039 file = fopen( filename,
"r" );
1042 fprintf( stderr,
"Failed to open\n" );
1046 while( !feof( file ) )
1050 if( ( ret =
get_line( file, buf,
sizeof(buf) ) ) != 0 )
1052 fprintf( stdout,
"%s%.66s",
test_errors ?
"\n" :
"", buf );
1053 fprintf( stdout,
" " );
1054 for( i = strlen( buf ) + 1; i < 67; i++ )
1055 fprintf( stdout,
"." );
1056 fprintf( stdout,
" " );
1061 if( ( ret =
get_line( file, buf,
sizeof(buf) ) ) != 0 )
1065 if( strcmp( params[0],
"depends_on" ) == 0 )
1067 for( i = 1; i < cnt; i++ )
1071 if( ( ret =
get_line( file, buf,
sizeof(buf) ) ) != 0 )
1082 if( skip == 1 || ret == 3 )
1085 fprintf( stdout,
"----\n" );
1090 fprintf( stdout,
"PASS\n" );
1095 fprintf( stderr,
"FAILED: FATAL PARSE ERROR\n" );
1102 if( ( ret =
get_line( file, buf,
sizeof(buf) ) ) != 0 )
1104 if( strlen(buf) != 0 )
1106 fprintf( stderr,
"Should be empty %d\n", (
int) strlen(buf) );
1112 fprintf( stdout,
"\n----------------------------------------------------------------------------\n\n");
1113 if( total_errors == 0 )
1114 fprintf( stdout,
"PASSED" );
1116 fprintf( stdout,
"FAILED" );
1118 fprintf( stdout,
" (%d / %d tests (%d skipped))\n",
1119 total_tests - total_errors, total_tests, total_skipped );
1121 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
1122 #if defined(POLARSSL_MEMORY_DEBUG)
1123 memory_buffer_alloc_status();
1128 return( total_errors != 0 );
int md(const md_info_t *md_info, const unsigned char *input, size_t ilen, unsigned char *output)
Output = message_digest( input buffer )
int parse_arguments(char *buf, size_t len, char *params[50])
Memory allocation layer (Deprecated to platform layer)
static unsigned char * zero_alloc(size_t len)
Allocate and zeroize a buffer.
int rsa_check_privkey(const rsa_context *ctx)
Check a private RSA key.
int mpi_gcd(mpi *G, const mpi *A, const mpi *B)
Greatest common divisor: G = gcd(A, B)
Info structure for the pseudo random function.
void memory_buffer_alloc_free(void)
Free the mutex for thread-safety and clear remaining memory.
static void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
Configuration options (set of defines)
int rsa_check_pubkey(const rsa_context *ctx)
Check a public RSA key.
#define PUT_UINT32_BE(n, b, i)
int rsa_pkcs1_decrypt(rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
Generic wrapper to perform a PKCS#1 decryption using the mode from the context.
static int test_assert(int correct, const char *test)
void mpi_init(mpi *X)
Initialize one MPI.
int memory_buffer_alloc_init(unsigned char *buf, size_t len)
Initialize use of stack-based memory allocator.
#define TEST_ASSERT(TEST)
int rsa_rsassa_pss_verify_ext(rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, md_type_t mgf1_hash_id, int expected_salt_len, const unsigned char *sig)
Perform a PKCS#1 v2.1 PSS verification (RSASSA-PSS-VERIFY) (This is the version with "full" options...
const md_info_t * md_info_from_type(md_type_t md_type)
Returns the message digest information associated with the given digest type.
void rsa_free(rsa_context *ctx)
Free the components of an RSA key.
int rsa_pkcs1_encrypt(rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t ilen, const unsigned char *input, unsigned char *output)
Generic wrapper to perform a PKCS#1 encryption using the mode from the context.
#define POLARSSL_ERR_RSA_INVALID_PADDING
Input data contains invalid padding and is rejected.
static int rnd_pseudo_rand(void *rng_state, unsigned char *output, size_t len)
This function returns random based on a pseudo random function.
int mpi_inv_mod(mpi *X, const mpi *A, const mpi *N)
Modular inverse: X = A^-1 mod N.
void mpi_free(mpi *X)
Unallocate one MPI.
int rsa_pkcs1_verify(rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig)
Generic wrapper to perform a PKCS#1 verification using the mode from the context. ...
#define POLARSSL_ERR_RSA_VERIFY_FAILED
The PKCS#1 verification failed.
static int unhexify(unsigned char *obuf, const char *ibuf)
int rsa_pkcs1_sign(rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
Generic wrapper to perform a PKCS#1 signature using the mode from the context.
int mpi_read_string(mpi *X, int radix, const char *s)
Import from an ASCII string.
Generic message digest wrapper.
The RSA public-key cryptosystem.
int verify_string(char **str)
#define POLARSSL_ERR_RSA_BAD_INPUT_DATA
Bad input parameters to function.
static unsigned char * unhexify_alloc(const char *ibuf, size_t *olen)
Allocate and fill a buffer from hex data.
void rsa_init(rsa_context *ctx, int padding, int hash_id)
Initialize an RSA context.
int mpi_mod_mpi(mpi *R, const mpi *A, const mpi *B)
Modulo: R = A mod B.
int get_line(FILE *f, char *buf, size_t len)
static int rnd_zero_rand(void *rng_state, unsigned char *output, size_t len)
This function only returns zeros.
static int rnd_std_rand(void *rng_state, unsigned char *output, size_t len)
This function just returns data from rand().
static int rnd_buffer_rand(void *rng_state, unsigned char *output, size_t len)
This function returns random based on a buffer it receives.
int mpi_mul_mpi(mpi *X, const mpi *A, const mpi *B)
Baseline multiplication: X = A * B.
int verify_int(char *str, int *value)
int mpi_sub_int(mpi *X, const mpi *A, t_sint b)
Signed subtraction: X = A - b.
int dispatch_test(int cnt, char *params[50])