PolarSSL v1.1.4
|
00001 #include "fct.h" 00002 00003 #include <polarssl/rsa.h> 00004 #include <polarssl/md.h> 00005 #include <polarssl/md2.h> 00006 #include <polarssl/md4.h> 00007 #include <polarssl/md5.h> 00008 #include <polarssl/sha1.h> 00009 #include <polarssl/sha2.h> 00010 #include <polarssl/sha4.h> 00011 00012 #include <polarssl/config.h> 00013 00014 #ifdef _MSC_VER 00015 #include <basetsd.h> 00016 typedef UINT32 uint32_t; 00017 #else 00018 #include <inttypes.h> 00019 #endif 00020 00021 /* 00022 * 32-bit integer manipulation macros (big endian) 00023 */ 00024 #ifndef GET_ULONG_BE 00025 #define GET_ULONG_BE(n,b,i) \ 00026 { \ 00027 (n) = ( (unsigned long) (b)[(i) ] << 24 ) \ 00028 | ( (unsigned long) (b)[(i) + 1] << 16 ) \ 00029 | ( (unsigned long) (b)[(i) + 2] << 8 ) \ 00030 | ( (unsigned long) (b)[(i) + 3] ); \ 00031 } 00032 #endif 00033 00034 #ifndef PUT_ULONG_BE 00035 #define PUT_ULONG_BE(n,b,i) \ 00036 { \ 00037 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ 00038 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ 00039 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ 00040 (b)[(i) + 3] = (unsigned char) ( (n) ); \ 00041 } 00042 #endif 00043 00044 int unhexify(unsigned char *obuf, const char *ibuf) 00045 { 00046 unsigned char c, c2; 00047 int len = strlen(ibuf) / 2; 00048 assert(!(strlen(ibuf) %1)); // must be even number of bytes 00049 00050 while (*ibuf != 0) 00051 { 00052 c = *ibuf++; 00053 if( c >= '0' && c <= '9' ) 00054 c -= '0'; 00055 else if( c >= 'a' && c <= 'f' ) 00056 c -= 'a' - 10; 00057 else if( c >= 'A' && c <= 'F' ) 00058 c -= 'A' - 10; 00059 else 00060 assert( 0 ); 00061 00062 c2 = *ibuf++; 00063 if( c2 >= '0' && c2 <= '9' ) 00064 c2 -= '0'; 00065 else if( c2 >= 'a' && c2 <= 'f' ) 00066 c2 -= 'a' - 10; 00067 else if( c2 >= 'A' && c2 <= 'F' ) 00068 c2 -= 'A' - 10; 00069 else 00070 assert( 0 ); 00071 00072 *obuf++ = ( c << 4 ) | c2; 00073 } 00074 00075 return len; 00076 } 00077 00078 void hexify(unsigned char *obuf, const unsigned char *ibuf, int len) 00079 { 00080 unsigned char l, h; 00081 00082 while (len != 0) 00083 { 00084 h = (*ibuf) / 16; 00085 l = (*ibuf) % 16; 00086 00087 if( h < 10 ) 00088 *obuf++ = '0' + h; 00089 else 00090 *obuf++ = 'a' + h - 10; 00091 00092 if( l < 10 ) 00093 *obuf++ = '0' + l; 00094 else 00095 *obuf++ = 'a' + l - 10; 00096 00097 ++ibuf; 00098 len--; 00099 } 00100 } 00101 00111 static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len ) 00112 { 00113 size_t i; 00114 00115 if( rng_state != NULL ) 00116 rng_state = NULL; 00117 00118 for( i = 0; i < len; ++i ) 00119 output[i] = rand(); 00120 00121 return( 0 ); 00122 } 00123 00129 static int rnd_zero_rand( void *rng_state, unsigned char *output, size_t len ) 00130 { 00131 if( rng_state != NULL ) 00132 rng_state = NULL; 00133 00134 memset( output, 0, len ); 00135 00136 return( 0 ); 00137 } 00138 00139 typedef struct 00140 { 00141 unsigned char *buf; 00142 size_t length; 00143 } rnd_buf_info; 00144 00156 static int rnd_buffer_rand( void *rng_state, unsigned char *output, size_t len ) 00157 { 00158 rnd_buf_info *info = (rnd_buf_info *) rng_state; 00159 size_t use_len; 00160 00161 if( rng_state == NULL ) 00162 return( rnd_std_rand( NULL, output, len ) ); 00163 00164 use_len = len; 00165 if( len > info->length ) 00166 use_len = info->length; 00167 00168 if( use_len ) 00169 { 00170 memcpy( output, info->buf, use_len ); 00171 info->buf += use_len; 00172 info->length -= use_len; 00173 } 00174 00175 if( len - use_len > 0 ) 00176 return( rnd_std_rand( NULL, output + use_len, len - use_len ) ); 00177 00178 return( 0 ); 00179 } 00180 00188 typedef struct 00189 { 00190 uint32_t key[16]; 00191 uint32_t v0, v1; 00192 } rnd_pseudo_info; 00193 00202 static int rnd_pseudo_rand( void *rng_state, unsigned char *output, size_t len ) 00203 { 00204 rnd_pseudo_info *info = (rnd_pseudo_info *) rng_state; 00205 uint32_t i, *k, sum, delta=0x9E3779B9; 00206 unsigned char result[4]; 00207 00208 if( rng_state == NULL ) 00209 return( rnd_std_rand( NULL, output, len ) ); 00210 00211 k = info->key; 00212 00213 while( len > 0 ) 00214 { 00215 size_t use_len = ( len > 4 ) ? 4 : len; 00216 sum = 0; 00217 00218 for( i = 0; i < 32; i++ ) 00219 { 00220 info->v0 += (((info->v1 << 4) ^ (info->v1 >> 5)) + info->v1) ^ (sum + k[sum & 3]); 00221 sum += delta; 00222 info->v1 += (((info->v0 << 4) ^ (info->v0 >> 5)) + info->v0) ^ (sum + k[(sum>>11) & 3]); 00223 } 00224 00225 PUT_ULONG_BE( info->v0, result, 0 ); 00226 memcpy( output, result, use_len ); 00227 len -= use_len; 00228 } 00229 00230 return( 0 ); 00231 } 00232 00233 00234 FCT_BGN() 00235 { 00236 #ifdef POLARSSL_PKCS1_V21 00237 #ifdef POLARSSL_RSA_C 00238 #ifdef POLARSSL_BIGNUM_C 00239 #ifdef POLARSSL_SHA1_C 00240 #ifdef POLARSSL_GENPRIME 00241 00242 00243 FCT_SUITE_BGN(test_suite_pkcs1_v21) 00244 { 00245 00246 FCT_TEST_BGN(rsaes_oaep_encryption_test_vector_int) 00247 { 00248 unsigned char message_str[1000]; 00249 unsigned char output[1000]; 00250 unsigned char output_str[1000]; 00251 unsigned char rnd_buf[1000]; 00252 rsa_context ctx; 00253 size_t msg_len; 00254 rnd_buf_info info; 00255 00256 info.length = unhexify( rnd_buf, "aafd12f659cae63489b479e5076ddec2f06cb58f" ); 00257 info.buf = rnd_buf; 00258 00259 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 00260 memset( message_str, 0x00, 1000 ); 00261 memset( output, 0x00, 1000 ); 00262 memset( output_str, 0x00, 1000 ); 00263 00264 ctx.len = 1024 / 8 + ( ( 1024 % 8 ) ? 1 : 0 ); 00265 fct_chk( mpi_read_string( &ctx.N, 16, "bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb" ) == 0 ); 00266 fct_chk( mpi_read_string( &ctx.E, 16, "11" ) == 0 ); 00267 00268 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 00269 00270 msg_len = unhexify( message_str, "d436e99569fd32a7c8a05bbc90d32c49" ); 00271 00272 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 00273 if( 0 == 0 ) 00274 { 00275 hexify( output_str, output, ctx.len ); 00276 00277 fct_chk( strcasecmp( (char *) output_str, "1253e04dc0a5397bb44a7ab87e9bf2a039a33d1e996fc82a94ccd30074c95df763722017069e5268da5d1c0b4f872cf653c11df82314a67968dfeae28def04bb6d84b1c31d654a1970e5783bd6eb96a024c2ca2f4a90fe9f2ef5c9c140e5bb48da9536ad8700c84fc9130adea74e558d51a74ddf85d8b50de96838d6063e0955" ) == 0 ); 00278 } 00279 } 00280 FCT_TEST_END(); 00281 00282 00283 FCT_TEST_BGN(rsaes_oaep_encryption_test_vector_1_1) 00284 { 00285 unsigned char message_str[1000]; 00286 unsigned char output[1000]; 00287 unsigned char output_str[1000]; 00288 unsigned char rnd_buf[1000]; 00289 rsa_context ctx; 00290 size_t msg_len; 00291 rnd_buf_info info; 00292 00293 info.length = unhexify( rnd_buf, "18b776ea21069d69776a33e96bad48e1dda0a5ef" ); 00294 info.buf = rnd_buf; 00295 00296 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 00297 memset( message_str, 0x00, 1000 ); 00298 memset( output, 0x00, 1000 ); 00299 memset( output_str, 0x00, 1000 ); 00300 00301 ctx.len = 1024 / 8 + ( ( 1024 % 8 ) ? 1 : 0 ); 00302 fct_chk( mpi_read_string( &ctx.N, 16, "a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb" ) == 0 ); 00303 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 00304 00305 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 00306 00307 msg_len = unhexify( message_str, "6628194e12073db03ba94cda9ef9532397d50dba79b987004afefe34" ); 00308 00309 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 00310 if( 0 == 0 ) 00311 { 00312 hexify( output_str, output, ctx.len ); 00313 00314 fct_chk( strcasecmp( (char *) output_str, "354fe67b4a126d5d35fe36c777791a3f7ba13def484e2d3908aff722fad468fb21696de95d0be911c2d3174f8afcc201035f7b6d8e69402de5451618c21a535fa9d7bfc5b8dd9fc243f8cf927db31322d6e881eaa91a996170e657a05a266426d98c88003f8477c1227094a0d9fa1e8c4024309ce1ecccb5210035d47ac72e8a" ) == 0 ); 00315 } 00316 } 00317 FCT_TEST_END(); 00318 00319 00320 FCT_TEST_BGN(rsaes_oaep_encryption_test_vector_1_2) 00321 { 00322 unsigned char message_str[1000]; 00323 unsigned char output[1000]; 00324 unsigned char output_str[1000]; 00325 unsigned char rnd_buf[1000]; 00326 rsa_context ctx; 00327 size_t msg_len; 00328 rnd_buf_info info; 00329 00330 info.length = unhexify( rnd_buf, "0cc742ce4a9b7f32f951bcb251efd925fe4fe35f" ); 00331 info.buf = rnd_buf; 00332 00333 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 00334 memset( message_str, 0x00, 1000 ); 00335 memset( output, 0x00, 1000 ); 00336 memset( output_str, 0x00, 1000 ); 00337 00338 ctx.len = 1024 / 8 + ( ( 1024 % 8 ) ? 1 : 0 ); 00339 fct_chk( mpi_read_string( &ctx.N, 16, "a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb" ) == 0 ); 00340 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 00341 00342 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 00343 00344 msg_len = unhexify( message_str, "750c4047f547e8e41411856523298ac9bae245efaf1397fbe56f9dd5" ); 00345 00346 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 00347 if( 0 == 0 ) 00348 { 00349 hexify( output_str, output, ctx.len ); 00350 00351 fct_chk( strcasecmp( (char *) output_str, "640db1acc58e0568fe5407e5f9b701dff8c3c91e716c536fc7fcec6cb5b71c1165988d4a279e1577d730fc7a29932e3f00c81515236d8d8e31017a7a09df4352d904cdeb79aa583adcc31ea698a4c05283daba9089be5491f67c1a4ee48dc74bbbe6643aef846679b4cb395a352d5ed115912df696ffe0702932946d71492b44" ) == 0 ); 00352 } 00353 } 00354 FCT_TEST_END(); 00355 00356 00357 FCT_TEST_BGN(rsaes_oaep_encryption_test_vector_1_3) 00358 { 00359 unsigned char message_str[1000]; 00360 unsigned char output[1000]; 00361 unsigned char output_str[1000]; 00362 unsigned char rnd_buf[1000]; 00363 rsa_context ctx; 00364 size_t msg_len; 00365 rnd_buf_info info; 00366 00367 info.length = unhexify( rnd_buf, "2514df4695755a67b288eaf4905c36eec66fd2fd" ); 00368 info.buf = rnd_buf; 00369 00370 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 00371 memset( message_str, 0x00, 1000 ); 00372 memset( output, 0x00, 1000 ); 00373 memset( output_str, 0x00, 1000 ); 00374 00375 ctx.len = 1024 / 8 + ( ( 1024 % 8 ) ? 1 : 0 ); 00376 fct_chk( mpi_read_string( &ctx.N, 16, "a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb" ) == 0 ); 00377 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 00378 00379 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 00380 00381 msg_len = unhexify( message_str, "d94ae0832e6445ce42331cb06d531a82b1db4baad30f746dc916df24d4e3c2451fff59a6423eb0e1d02d4fe646cf699dfd818c6e97b051" ); 00382 00383 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 00384 if( 0 == 0 ) 00385 { 00386 hexify( output_str, output, ctx.len ); 00387 00388 fct_chk( strcasecmp( (char *) output_str, "423736ed035f6026af276c35c0b3741b365e5f76ca091b4e8c29e2f0befee603595aa8322d602d2e625e95eb81b2f1c9724e822eca76db8618cf09c5343503a4360835b5903bc637e3879fb05e0ef32685d5aec5067cd7cc96fe4b2670b6eac3066b1fcf5686b68589aafb7d629b02d8f8625ca3833624d4800fb081b1cf94eb" ) == 0 ); 00389 } 00390 } 00391 FCT_TEST_END(); 00392 00393 00394 FCT_TEST_BGN(rsaes_oaep_encryption_test_vector_1_4) 00395 { 00396 unsigned char message_str[1000]; 00397 unsigned char output[1000]; 00398 unsigned char output_str[1000]; 00399 unsigned char rnd_buf[1000]; 00400 rsa_context ctx; 00401 size_t msg_len; 00402 rnd_buf_info info; 00403 00404 info.length = unhexify( rnd_buf, "c4435a3e1a18a68b6820436290a37cefb85db3fb" ); 00405 info.buf = rnd_buf; 00406 00407 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 00408 memset( message_str, 0x00, 1000 ); 00409 memset( output, 0x00, 1000 ); 00410 memset( output_str, 0x00, 1000 ); 00411 00412 ctx.len = 1024 / 8 + ( ( 1024 % 8 ) ? 1 : 0 ); 00413 fct_chk( mpi_read_string( &ctx.N, 16, "a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb" ) == 0 ); 00414 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 00415 00416 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 00417 00418 msg_len = unhexify( message_str, "52e650d98e7f2a048b4f86852153b97e01dd316f346a19f67a85" ); 00419 00420 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 00421 if( 0 == 0 ) 00422 { 00423 hexify( output_str, output, ctx.len ); 00424 00425 fct_chk( strcasecmp( (char *) output_str, "45ead4ca551e662c9800f1aca8283b0525e6abae30be4b4aba762fa40fd3d38e22abefc69794f6ebbbc05ddbb11216247d2f412fd0fba87c6e3acd888813646fd0e48e785204f9c3f73d6d8239562722dddd8771fec48b83a31ee6f592c4cfd4bc88174f3b13a112aae3b9f7b80e0fc6f7255ba880dc7d8021e22ad6a85f0755" ) == 0 ); 00426 } 00427 } 00428 FCT_TEST_END(); 00429 00430 00431 FCT_TEST_BGN(rsaes_oaep_encryption_test_vector_1_5) 00432 { 00433 unsigned char message_str[1000]; 00434 unsigned char output[1000]; 00435 unsigned char output_str[1000]; 00436 unsigned char rnd_buf[1000]; 00437 rsa_context ctx; 00438 size_t msg_len; 00439 rnd_buf_info info; 00440 00441 info.length = unhexify( rnd_buf, "b318c42df3be0f83fea823f5a7b47ed5e425a3b5" ); 00442 info.buf = rnd_buf; 00443 00444 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 00445 memset( message_str, 0x00, 1000 ); 00446 memset( output, 0x00, 1000 ); 00447 memset( output_str, 0x00, 1000 ); 00448 00449 ctx.len = 1024 / 8 + ( ( 1024 % 8 ) ? 1 : 0 ); 00450 fct_chk( mpi_read_string( &ctx.N, 16, "a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb" ) == 0 ); 00451 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 00452 00453 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 00454 00455 msg_len = unhexify( message_str, "8da89fd9e5f974a29feffb462b49180f6cf9e802" ); 00456 00457 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 00458 if( 0 == 0 ) 00459 { 00460 hexify( output_str, output, ctx.len ); 00461 00462 fct_chk( strcasecmp( (char *) output_str, "36f6e34d94a8d34daacba33a2139d00ad85a9345a86051e73071620056b920e219005855a213a0f23897cdcd731b45257c777fe908202befdd0b58386b1244ea0cf539a05d5d10329da44e13030fd760dcd644cfef2094d1910d3f433e1c7c6dd18bc1f2df7f643d662fb9dd37ead9059190f4fa66ca39e869c4eb449cbdc439" ) == 0 ); 00463 } 00464 } 00465 FCT_TEST_END(); 00466 00467 00468 FCT_TEST_BGN(rsaes_oaep_encryption_test_vector_1_6) 00469 { 00470 unsigned char message_str[1000]; 00471 unsigned char output[1000]; 00472 unsigned char output_str[1000]; 00473 unsigned char rnd_buf[1000]; 00474 rsa_context ctx; 00475 size_t msg_len; 00476 rnd_buf_info info; 00477 00478 info.length = unhexify( rnd_buf, "e4ec0982c2336f3a677f6a356174eb0ce887abc2" ); 00479 info.buf = rnd_buf; 00480 00481 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 00482 memset( message_str, 0x00, 1000 ); 00483 memset( output, 0x00, 1000 ); 00484 memset( output_str, 0x00, 1000 ); 00485 00486 ctx.len = 1024 / 8 + ( ( 1024 % 8 ) ? 1 : 0 ); 00487 fct_chk( mpi_read_string( &ctx.N, 16, "a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb" ) == 0 ); 00488 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 00489 00490 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 00491 00492 msg_len = unhexify( message_str, "26521050844271" ); 00493 00494 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 00495 if( 0 == 0 ) 00496 { 00497 hexify( output_str, output, ctx.len ); 00498 00499 fct_chk( strcasecmp( (char *) output_str, "42cee2617b1ecea4db3f4829386fbd61dafbf038e180d837c96366df24c097b4ab0fac6bdf590d821c9f10642e681ad05b8d78b378c0f46ce2fad63f74e0ad3df06b075d7eb5f5636f8d403b9059ca761b5c62bb52aa45002ea70baace08ded243b9d8cbd62a68ade265832b56564e43a6fa42ed199a099769742df1539e8255" ) == 0 ); 00500 } 00501 } 00502 FCT_TEST_END(); 00503 00504 00505 FCT_TEST_BGN(rsaes_oaep_encryption_test_vector_2_1) 00506 { 00507 unsigned char message_str[1000]; 00508 unsigned char output[1000]; 00509 unsigned char output_str[1000]; 00510 unsigned char rnd_buf[1000]; 00511 rsa_context ctx; 00512 size_t msg_len; 00513 rnd_buf_info info; 00514 00515 info.length = unhexify( rnd_buf, "8c407b5ec2899e5099c53e8ce793bf94e71b1782" ); 00516 info.buf = rnd_buf; 00517 00518 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 00519 memset( message_str, 0x00, 1000 ); 00520 memset( output, 0x00, 1000 ); 00521 memset( output_str, 0x00, 1000 ); 00522 00523 ctx.len = 1025 / 8 + ( ( 1025 % 8 ) ? 1 : 0 ); 00524 fct_chk( mpi_read_string( &ctx.N, 16, "01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45" ) == 0 ); 00525 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 00526 00527 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 00528 00529 msg_len = unhexify( message_str, "8ff00caa605c702830634d9a6c3d42c652b58cf1d92fec570beee7" ); 00530 00531 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 00532 if( 0 == 0 ) 00533 { 00534 hexify( output_str, output, ctx.len ); 00535 00536 fct_chk( strcasecmp( (char *) output_str, "0181af8922b9fcb4d79d92ebe19815992fc0c1439d8bcd491398a0f4ad3a329a5bd9385560db532683c8b7da04e4b12aed6aacdf471c34c9cda891addcc2df3456653aa6382e9ae59b54455257eb099d562bbe10453f2b6d13c59c02e10f1f8abb5da0d0570932dacf2d0901db729d0fefcc054e70968ea540c81b04bcaefe720e" ) == 0 ); 00537 } 00538 } 00539 FCT_TEST_END(); 00540 00541 00542 FCT_TEST_BGN(rsaes_oaep_encryption_test_vector_2_2) 00543 { 00544 unsigned char message_str[1000]; 00545 unsigned char output[1000]; 00546 unsigned char output_str[1000]; 00547 unsigned char rnd_buf[1000]; 00548 rsa_context ctx; 00549 size_t msg_len; 00550 rnd_buf_info info; 00551 00552 info.length = unhexify( rnd_buf, "b600cf3c2e506d7f16778c910d3a8b003eee61d5" ); 00553 info.buf = rnd_buf; 00554 00555 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 00556 memset( message_str, 0x00, 1000 ); 00557 memset( output, 0x00, 1000 ); 00558 memset( output_str, 0x00, 1000 ); 00559 00560 ctx.len = 1025 / 8 + ( ( 1025 % 8 ) ? 1 : 0 ); 00561 fct_chk( mpi_read_string( &ctx.N, 16, "01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45" ) == 0 ); 00562 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 00563 00564 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 00565 00566 msg_len = unhexify( message_str, "2d" ); 00567 00568 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 00569 if( 0 == 0 ) 00570 { 00571 hexify( output_str, output, ctx.len ); 00572 00573 fct_chk( strcasecmp( (char *) output_str, "018759ff1df63b2792410562314416a8aeaf2ac634b46f940ab82d64dbf165eee33011da749d4bab6e2fcd18129c9e49277d8453112b429a222a8471b070993998e758861c4d3f6d749d91c4290d332c7a4ab3f7ea35ff3a07d497c955ff0ffc95006b62c6d296810d9bfab024196c7934012c2df978ef299aba239940cba10245" ) == 0 ); 00574 } 00575 } 00576 FCT_TEST_END(); 00577 00578 00579 FCT_TEST_BGN(rsaes_oaep_encryption_test_vector_2_3) 00580 { 00581 unsigned char message_str[1000]; 00582 unsigned char output[1000]; 00583 unsigned char output_str[1000]; 00584 unsigned char rnd_buf[1000]; 00585 rsa_context ctx; 00586 size_t msg_len; 00587 rnd_buf_info info; 00588 00589 info.length = unhexify( rnd_buf, "a73768aeeaa91f9d8c1ed6f9d2b63467f07ccae3" ); 00590 info.buf = rnd_buf; 00591 00592 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 00593 memset( message_str, 0x00, 1000 ); 00594 memset( output, 0x00, 1000 ); 00595 memset( output_str, 0x00, 1000 ); 00596 00597 ctx.len = 1025 / 8 + ( ( 1025 % 8 ) ? 1 : 0 ); 00598 fct_chk( mpi_read_string( &ctx.N, 16, "01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45" ) == 0 ); 00599 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 00600 00601 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 00602 00603 msg_len = unhexify( message_str, "74fc88c51bc90f77af9d5e9a4a70133d4b4e0b34da3c37c7ef8e" ); 00604 00605 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 00606 if( 0 == 0 ) 00607 { 00608 hexify( output_str, output, ctx.len ); 00609 00610 fct_chk( strcasecmp( (char *) output_str, "018802bab04c60325e81c4962311f2be7c2adce93041a00719c88f957575f2c79f1b7bc8ced115c706b311c08a2d986ca3b6a9336b147c29c6f229409ddec651bd1fdd5a0b7f610c9937fdb4a3a762364b8b3206b4ea485fd098d08f63d4aa8bb2697d027b750c32d7f74eaf5180d2e9b66b17cb2fa55523bc280da10d14be2053" ) == 0 ); 00611 } 00612 } 00613 FCT_TEST_END(); 00614 00615 00616 FCT_TEST_BGN(rsaes_oaep_encryption_test_vector_2_4) 00617 { 00618 unsigned char message_str[1000]; 00619 unsigned char output[1000]; 00620 unsigned char output_str[1000]; 00621 unsigned char rnd_buf[1000]; 00622 rsa_context ctx; 00623 size_t msg_len; 00624 rnd_buf_info info; 00625 00626 info.length = unhexify( rnd_buf, "9a7b3b0e708bd96f8190ecab4fb9b2b3805a8156" ); 00627 info.buf = rnd_buf; 00628 00629 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 00630 memset( message_str, 0x00, 1000 ); 00631 memset( output, 0x00, 1000 ); 00632 memset( output_str, 0x00, 1000 ); 00633 00634 ctx.len = 1025 / 8 + ( ( 1025 % 8 ) ? 1 : 0 ); 00635 fct_chk( mpi_read_string( &ctx.N, 16, "01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45" ) == 0 ); 00636 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 00637 00638 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 00639 00640 msg_len = unhexify( message_str, "a7eb2a5036931d27d4e891326d99692ffadda9bf7efd3e34e622c4adc085f721dfe885072c78a203b151739be540fa8c153a10f00a" ); 00641 00642 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 00643 if( 0 == 0 ) 00644 { 00645 hexify( output_str, output, ctx.len ); 00646 00647 fct_chk( strcasecmp( (char *) output_str, "00a4578cbc176318a638fba7d01df15746af44d4f6cd96d7e7c495cbf425b09c649d32bf886da48fbaf989a2117187cafb1fb580317690e3ccd446920b7af82b31db5804d87d01514acbfa9156e782f867f6bed9449e0e9a2c09bcecc6aa087636965e34b3ec766f2fe2e43018a2fddeb140616a0e9d82e5331024ee0652fc7641" ) == 0 ); 00648 } 00649 } 00650 FCT_TEST_END(); 00651 00652 00653 FCT_TEST_BGN(rsaes_oaep_encryption_test_vector_2_5) 00654 { 00655 unsigned char message_str[1000]; 00656 unsigned char output[1000]; 00657 unsigned char output_str[1000]; 00658 unsigned char rnd_buf[1000]; 00659 rsa_context ctx; 00660 size_t msg_len; 00661 rnd_buf_info info; 00662 00663 info.length = unhexify( rnd_buf, "eb3cebbc4adc16bb48e88c8aec0e34af7f427fd3" ); 00664 info.buf = rnd_buf; 00665 00666 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 00667 memset( message_str, 0x00, 1000 ); 00668 memset( output, 0x00, 1000 ); 00669 memset( output_str, 0x00, 1000 ); 00670 00671 ctx.len = 1025 / 8 + ( ( 1025 % 8 ) ? 1 : 0 ); 00672 fct_chk( mpi_read_string( &ctx.N, 16, "01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45" ) == 0 ); 00673 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 00674 00675 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 00676 00677 msg_len = unhexify( message_str, "2ef2b066f854c33f3bdcbb5994a435e73d6c6c" ); 00678 00679 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 00680 if( 0 == 0 ) 00681 { 00682 hexify( output_str, output, ctx.len ); 00683 00684 fct_chk( strcasecmp( (char *) output_str, "00ebc5f5fda77cfdad3c83641a9025e77d72d8a6fb33a810f5950f8d74c73e8d931e8634d86ab1246256ae07b6005b71b7f2fb98351218331ce69b8ffbdc9da08bbc9c704f876deb9df9fc2ec065cad87f9090b07acc17aa7f997b27aca48806e897f771d95141fe4526d8a5301b678627efab707fd40fbebd6e792a25613e7aec" ) == 0 ); 00685 } 00686 } 00687 FCT_TEST_END(); 00688 00689 00690 FCT_TEST_BGN(rsaes_oaep_encryption_test_vector_2_6) 00691 { 00692 unsigned char message_str[1000]; 00693 unsigned char output[1000]; 00694 unsigned char output_str[1000]; 00695 unsigned char rnd_buf[1000]; 00696 rsa_context ctx; 00697 size_t msg_len; 00698 rnd_buf_info info; 00699 00700 info.length = unhexify( rnd_buf, "4c45cf4d57c98e3d6d2095adc51c489eb50dff84" ); 00701 info.buf = rnd_buf; 00702 00703 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 00704 memset( message_str, 0x00, 1000 ); 00705 memset( output, 0x00, 1000 ); 00706 memset( output_str, 0x00, 1000 ); 00707 00708 ctx.len = 1025 / 8 + ( ( 1025 % 8 ) ? 1 : 0 ); 00709 fct_chk( mpi_read_string( &ctx.N, 16, "01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45" ) == 0 ); 00710 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 00711 00712 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 00713 00714 msg_len = unhexify( message_str, "8a7fb344c8b6cb2cf2ef1f643f9a3218f6e19bba89c0" ); 00715 00716 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 00717 if( 0 == 0 ) 00718 { 00719 hexify( output_str, output, ctx.len ); 00720 00721 fct_chk( strcasecmp( (char *) output_str, "010839ec20c27b9052e55befb9b77e6fc26e9075d7a54378c646abdf51e445bd5715de81789f56f1803d9170764a9e93cb78798694023ee7393ce04bc5d8f8c5a52c171d43837e3aca62f609eb0aa5ffb0960ef04198dd754f57f7fbe6abf765cf118b4ca443b23b5aab266f952326ac4581100644325f8b721acd5d04ff14ef3a" ) == 0 ); 00722 } 00723 } 00724 FCT_TEST_END(); 00725 00726 00727 FCT_TEST_BGN(rsaes_oaep_encryption_example_3_1) 00728 { 00729 unsigned char message_str[1000]; 00730 unsigned char output[1000]; 00731 unsigned char output_str[1000]; 00732 unsigned char rnd_buf[1000]; 00733 rsa_context ctx; 00734 size_t msg_len; 00735 rnd_buf_info info; 00736 00737 info.length = unhexify( rnd_buf, "8ced6b196290805790e909074015e6a20b0c4894" ); 00738 info.buf = rnd_buf; 00739 00740 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 00741 memset( message_str, 0x00, 1000 ); 00742 memset( output, 0x00, 1000 ); 00743 memset( output_str, 0x00, 1000 ); 00744 00745 ctx.len = 1026 / 8 + ( ( 1026 % 8 ) ? 1 : 0 ); 00746 fct_chk( mpi_read_string( &ctx.N, 16, "02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9" ) == 0 ); 00747 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 00748 00749 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 00750 00751 msg_len = unhexify( message_str, "087820b569e8fa8d" ); 00752 00753 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 00754 if( 0 == 0 ) 00755 { 00756 hexify( output_str, output, ctx.len ); 00757 00758 fct_chk( strcasecmp( (char *) output_str, "026a0485d96aebd96b4382085099b962e6a2bdec3d90c8db625e14372de85e2d5b7baab65c8faf91bb5504fb495afce5c988b3f6a52e20e1d6cbd3566c5cd1f2b8318bb542cc0ea25c4aab9932afa20760eaddec784396a07ea0ef24d4e6f4d37e5052a7a31e146aa480a111bbe926401307e00f410033842b6d82fe5ce4dfae80" ) == 0 ); 00759 } 00760 } 00761 FCT_TEST_END(); 00762 00763 00764 FCT_TEST_BGN(rsaes_oaep_encryption_example_3_2) 00765 { 00766 unsigned char message_str[1000]; 00767 unsigned char output[1000]; 00768 unsigned char output_str[1000]; 00769 unsigned char rnd_buf[1000]; 00770 rsa_context ctx; 00771 size_t msg_len; 00772 rnd_buf_info info; 00773 00774 info.length = unhexify( rnd_buf, "b4291d6567550848cc156967c809baab6ca507f0" ); 00775 info.buf = rnd_buf; 00776 00777 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 00778 memset( message_str, 0x00, 1000 ); 00779 memset( output, 0x00, 1000 ); 00780 memset( output_str, 0x00, 1000 ); 00781 00782 ctx.len = 1026 / 8 + ( ( 1026 % 8 ) ? 1 : 0 ); 00783 fct_chk( mpi_read_string( &ctx.N, 16, "02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9" ) == 0 ); 00784 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 00785 00786 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 00787 00788 msg_len = unhexify( message_str, "4653acaf171960b01f52a7be63a3ab21dc368ec43b50d82ec3781e04" ); 00789 00790 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 00791 if( 0 == 0 ) 00792 { 00793 hexify( output_str, output, ctx.len ); 00794 00795 fct_chk( strcasecmp( (char *) output_str, "024db89c7802989be0783847863084941bf209d761987e38f97cb5f6f1bc88da72a50b73ebaf11c879c4f95df37b850b8f65d7622e25b1b889e80fe80baca2069d6e0e1d829953fc459069de98ea9798b451e557e99abf8fe3d9ccf9096ebbf3e5255d3b4e1c6d2ecadf067a359eea86405acd47d5e165517ccafd47d6dbee4bf5" ) == 0 ); 00796 } 00797 } 00798 FCT_TEST_END(); 00799 00800 00801 FCT_TEST_BGN(rsaes_oaep_encryption_example_3_3) 00802 { 00803 unsigned char message_str[1000]; 00804 unsigned char output[1000]; 00805 unsigned char output_str[1000]; 00806 unsigned char rnd_buf[1000]; 00807 rsa_context ctx; 00808 size_t msg_len; 00809 rnd_buf_info info; 00810 00811 info.length = unhexify( rnd_buf, "ce8928f6059558254008badd9794fadcd2fd1f65" ); 00812 info.buf = rnd_buf; 00813 00814 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 00815 memset( message_str, 0x00, 1000 ); 00816 memset( output, 0x00, 1000 ); 00817 memset( output_str, 0x00, 1000 ); 00818 00819 ctx.len = 1026 / 8 + ( ( 1026 % 8 ) ? 1 : 0 ); 00820 fct_chk( mpi_read_string( &ctx.N, 16, "02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9" ) == 0 ); 00821 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 00822 00823 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 00824 00825 msg_len = unhexify( message_str, "d94cd0e08fa404ed89" ); 00826 00827 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 00828 if( 0 == 0 ) 00829 { 00830 hexify( output_str, output, ctx.len ); 00831 00832 fct_chk( strcasecmp( (char *) output_str, "0239bce681032441528877d6d1c8bb28aa3bc97f1df584563618995797683844ca86664732f4bed7a0aab083aaabfb7238f582e30958c2024e44e57043b97950fd543da977c90cdde5337d618442f99e60d7783ab59ce6dd9d69c47ad1e962bec22d05895cff8d3f64ed5261d92b2678510393484990ba3f7f06818ae6ffce8a3a" ) == 0 ); 00833 } 00834 } 00835 FCT_TEST_END(); 00836 00837 00838 FCT_TEST_BGN(rsaes_oaep_encryption_example_3_4) 00839 { 00840 unsigned char message_str[1000]; 00841 unsigned char output[1000]; 00842 unsigned char output_str[1000]; 00843 unsigned char rnd_buf[1000]; 00844 rsa_context ctx; 00845 size_t msg_len; 00846 rnd_buf_info info; 00847 00848 info.length = unhexify( rnd_buf, "6e2979f52d6814a57d83b090054888f119a5b9a3" ); 00849 info.buf = rnd_buf; 00850 00851 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 00852 memset( message_str, 0x00, 1000 ); 00853 memset( output, 0x00, 1000 ); 00854 memset( output_str, 0x00, 1000 ); 00855 00856 ctx.len = 1026 / 8 + ( ( 1026 % 8 ) ? 1 : 0 ); 00857 fct_chk( mpi_read_string( &ctx.N, 16, "02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9" ) == 0 ); 00858 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 00859 00860 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 00861 00862 msg_len = unhexify( message_str, "6cc641b6b61e6f963974dad23a9013284ef1" ); 00863 00864 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 00865 if( 0 == 0 ) 00866 { 00867 hexify( output_str, output, ctx.len ); 00868 00869 fct_chk( strcasecmp( (char *) output_str, "02994c62afd76f498ba1fd2cf642857fca81f4373cb08f1cbaee6f025c3b512b42c3e8779113476648039dbe0493f9246292fac28950600e7c0f32edf9c81b9dec45c3bde0cc8d8847590169907b7dc5991ceb29bb0714d613d96df0f12ec5d8d3507c8ee7ae78dd83f216fa61de100363aca48a7e914ae9f42ddfbe943b09d9a0" ) == 0 ); 00870 } 00871 } 00872 FCT_TEST_END(); 00873 00874 00875 FCT_TEST_BGN(rsaes_oaep_encryption_example_3_5) 00876 { 00877 unsigned char message_str[1000]; 00878 unsigned char output[1000]; 00879 unsigned char output_str[1000]; 00880 unsigned char rnd_buf[1000]; 00881 rsa_context ctx; 00882 size_t msg_len; 00883 rnd_buf_info info; 00884 00885 info.length = unhexify( rnd_buf, "2d760bfe38c59de34cdc8b8c78a38e66284a2d27" ); 00886 info.buf = rnd_buf; 00887 00888 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 00889 memset( message_str, 0x00, 1000 ); 00890 memset( output, 0x00, 1000 ); 00891 memset( output_str, 0x00, 1000 ); 00892 00893 ctx.len = 1026 / 8 + ( ( 1026 % 8 ) ? 1 : 0 ); 00894 fct_chk( mpi_read_string( &ctx.N, 16, "02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9" ) == 0 ); 00895 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 00896 00897 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 00898 00899 msg_len = unhexify( message_str, "df5151832b61f4f25891fb4172f328d2eddf8371ffcfdbe997939295f30eca6918017cfda1153bf7a6af87593223" ); 00900 00901 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 00902 if( 0 == 0 ) 00903 { 00904 hexify( output_str, output, ctx.len ); 00905 00906 fct_chk( strcasecmp( (char *) output_str, "0162042ff6969592a6167031811a239834ce638abf54fec8b99478122afe2ee67f8c5b18b0339805bfdbc5a4e6720b37c59cfba942464c597ff532a119821545fd2e59b114e61daf71820529f5029cf524954327c34ec5e6f5ba7efcc4de943ab8ad4ed787b1454329f70db798a3a8f4d92f8274e2b2948ade627ce8ee33e43c60" ) == 0 ); 00907 } 00908 } 00909 FCT_TEST_END(); 00910 00911 00912 FCT_TEST_BGN(rsaes_oaep_encryption_example_3_6) 00913 { 00914 unsigned char message_str[1000]; 00915 unsigned char output[1000]; 00916 unsigned char output_str[1000]; 00917 unsigned char rnd_buf[1000]; 00918 rsa_context ctx; 00919 size_t msg_len; 00920 rnd_buf_info info; 00921 00922 info.length = unhexify( rnd_buf, "f174779c5fd3cfe007badcb7a36c9b55bfcfbf0e" ); 00923 info.buf = rnd_buf; 00924 00925 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 00926 memset( message_str, 0x00, 1000 ); 00927 memset( output, 0x00, 1000 ); 00928 memset( output_str, 0x00, 1000 ); 00929 00930 ctx.len = 1026 / 8 + ( ( 1026 % 8 ) ? 1 : 0 ); 00931 fct_chk( mpi_read_string( &ctx.N, 16, "02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9" ) == 0 ); 00932 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 00933 00934 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 00935 00936 msg_len = unhexify( message_str, "3c3bad893c544a6d520ab022319188c8d504b7a788b850903b85972eaa18552e1134a7ad6098826254ff7ab672b3d8eb3158fac6d4cbaef1" ); 00937 00938 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 00939 if( 0 == 0 ) 00940 { 00941 hexify( output_str, output, ctx.len ); 00942 00943 fct_chk( strcasecmp( (char *) output_str, "00112051e75d064943bc4478075e43482fd59cee0679de6893eec3a943daa490b9691c93dfc0464b6623b9f3dbd3e70083264f034b374f74164e1a00763725e574744ba0b9db83434f31df96f6e2a26f6d8eba348bd4686c2238ac07c37aac3785d1c7eea2f819fd91491798ed8e9cef5e43b781b0e0276e37c43ff9492d005730" ) == 0 ); 00944 } 00945 } 00946 FCT_TEST_END(); 00947 00948 00949 FCT_TEST_BGN(rsaes_oaep_encryption_example_4_1) 00950 { 00951 unsigned char message_str[1000]; 00952 unsigned char output[1000]; 00953 unsigned char output_str[1000]; 00954 unsigned char rnd_buf[1000]; 00955 rsa_context ctx; 00956 size_t msg_len; 00957 rnd_buf_info info; 00958 00959 info.length = unhexify( rnd_buf, "1cac19ce993def55f98203f6852896c95ccca1f3" ); 00960 info.buf = rnd_buf; 00961 00962 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 00963 memset( message_str, 0x00, 1000 ); 00964 memset( output, 0x00, 1000 ); 00965 memset( output_str, 0x00, 1000 ); 00966 00967 ctx.len = 1027 / 8 + ( ( 1027 % 8 ) ? 1 : 0 ); 00968 fct_chk( mpi_read_string( &ctx.N, 16, "051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039" ) == 0 ); 00969 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 00970 00971 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 00972 00973 msg_len = unhexify( message_str, "4a86609534ee434a6cbca3f7e962e76d455e3264c19f605f6e5ff6137c65c56d7fb344cd52bc93374f3d166c9f0c6f9c506bad19330972d2" ); 00974 00975 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 00976 if( 0 == 0 ) 00977 { 00978 hexify( output_str, output, ctx.len ); 00979 00980 fct_chk( strcasecmp( (char *) output_str, "04cce19614845e094152a3fe18e54e3330c44e5efbc64ae16886cb1869014cc5781b1f8f9e045384d0112a135ca0d12e9c88a8e4063416deaae3844f60d6e96fe155145f4525b9a34431ca3766180f70e15a5e5d8e8b1a516ff870609f13f896935ced188279a58ed13d07114277d75c6568607e0ab092fd803a223e4a8ee0b1a8" ) == 0 ); 00981 } 00982 } 00983 FCT_TEST_END(); 00984 00985 00986 FCT_TEST_BGN(rsaes_oaep_encryption_example_4_2) 00987 { 00988 unsigned char message_str[1000]; 00989 unsigned char output[1000]; 00990 unsigned char output_str[1000]; 00991 unsigned char rnd_buf[1000]; 00992 rsa_context ctx; 00993 size_t msg_len; 00994 rnd_buf_info info; 00995 00996 info.length = unhexify( rnd_buf, "f545d5897585e3db71aa0cb8da76c51d032ae963" ); 00997 info.buf = rnd_buf; 00998 00999 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 01000 memset( message_str, 0x00, 1000 ); 01001 memset( output, 0x00, 1000 ); 01002 memset( output_str, 0x00, 1000 ); 01003 01004 ctx.len = 1027 / 8 + ( ( 1027 % 8 ) ? 1 : 0 ); 01005 fct_chk( mpi_read_string( &ctx.N, 16, "051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039" ) == 0 ); 01006 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 01007 01008 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 01009 01010 msg_len = unhexify( message_str, "b0adc4f3fe11da59ce992773d9059943c03046497ee9d9f9a06df1166db46d98f58d27ec074c02eee6cbe2449c8b9fc5080c5c3f4433092512ec46aa793743c8" ); 01011 01012 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 01013 if( 0 == 0 ) 01014 { 01015 hexify( output_str, output, ctx.len ); 01016 01017 fct_chk( strcasecmp( (char *) output_str, "0097b698c6165645b303486fbf5a2a4479c0ee85889b541a6f0b858d6b6597b13b854eb4f839af03399a80d79bda6578c841f90d645715b280d37143992dd186c80b949b775cae97370e4ec97443136c6da484e970ffdb1323a20847821d3b18381de13bb49aaea66530c4a4b8271f3eae172cd366e07e6636f1019d2a28aed15e" ) == 0 ); 01018 } 01019 } 01020 FCT_TEST_END(); 01021 01022 01023 FCT_TEST_BGN(rsaes_oaep_encryption_example_4_3) 01024 { 01025 unsigned char message_str[1000]; 01026 unsigned char output[1000]; 01027 unsigned char output_str[1000]; 01028 unsigned char rnd_buf[1000]; 01029 rsa_context ctx; 01030 size_t msg_len; 01031 rnd_buf_info info; 01032 01033 info.length = unhexify( rnd_buf, "ad997feef730d6ea7be60d0dc52e72eacbfdd275" ); 01034 info.buf = rnd_buf; 01035 01036 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 01037 memset( message_str, 0x00, 1000 ); 01038 memset( output, 0x00, 1000 ); 01039 memset( output_str, 0x00, 1000 ); 01040 01041 ctx.len = 1027 / 8 + ( ( 1027 % 8 ) ? 1 : 0 ); 01042 fct_chk( mpi_read_string( &ctx.N, 16, "051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039" ) == 0 ); 01043 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 01044 01045 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 01046 01047 msg_len = unhexify( message_str, "bf6d42e701707b1d0206b0c8b45a1c72641ff12889219a82bdea965b5e79a96b0d0163ed9d578ec9ada20f2fbcf1ea3c4089d83419ba81b0c60f3606da99" ); 01048 01049 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 01050 if( 0 == 0 ) 01051 { 01052 hexify( output_str, output, ctx.len ); 01053 01054 fct_chk( strcasecmp( (char *) output_str, "0301f935e9c47abcb48acbbe09895d9f5971af14839da4ff95417ee453d1fd77319072bb7297e1b55d7561cd9d1bb24c1a9a37c619864308242804879d86ebd001dce5183975e1506989b70e5a83434154d5cbfd6a24787e60eb0c658d2ac193302d1192c6e622d4a12ad4b53923bca246df31c6395e37702c6a78ae081fb9d065" ) == 0 ); 01055 } 01056 } 01057 FCT_TEST_END(); 01058 01059 01060 FCT_TEST_BGN(rsaes_oaep_encryption_example_4_4) 01061 { 01062 unsigned char message_str[1000]; 01063 unsigned char output[1000]; 01064 unsigned char output_str[1000]; 01065 unsigned char rnd_buf[1000]; 01066 rsa_context ctx; 01067 size_t msg_len; 01068 rnd_buf_info info; 01069 01070 info.length = unhexify( rnd_buf, "136454df5730f73c807a7e40d8c1a312ac5b9dd3" ); 01071 info.buf = rnd_buf; 01072 01073 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 01074 memset( message_str, 0x00, 1000 ); 01075 memset( output, 0x00, 1000 ); 01076 memset( output_str, 0x00, 1000 ); 01077 01078 ctx.len = 1027 / 8 + ( ( 1027 % 8 ) ? 1 : 0 ); 01079 fct_chk( mpi_read_string( &ctx.N, 16, "051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039" ) == 0 ); 01080 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 01081 01082 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 01083 01084 msg_len = unhexify( message_str, "fb2ef112f5e766eb94019297934794f7be2f6fc1c58e" ); 01085 01086 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 01087 if( 0 == 0 ) 01088 { 01089 hexify( output_str, output, ctx.len ); 01090 01091 fct_chk( strcasecmp( (char *) output_str, "02d110ad30afb727beb691dd0cf17d0af1a1e7fa0cc040ec1a4ba26a42c59d0a796a2e22c8f357ccc98b6519aceb682e945e62cb734614a529407cd452bee3e44fece8423cc19e55548b8b994b849c7ecde4933e76037e1d0ce44275b08710c68e430130b929730ed77e09b015642c5593f04e4ffb9410798102a8e96ffdfe11e4" ) == 0 ); 01092 } 01093 } 01094 FCT_TEST_END(); 01095 01096 01097 FCT_TEST_BGN(rsaes_oaep_encryption_example_4_5) 01098 { 01099 unsigned char message_str[1000]; 01100 unsigned char output[1000]; 01101 unsigned char output_str[1000]; 01102 unsigned char rnd_buf[1000]; 01103 rsa_context ctx; 01104 size_t msg_len; 01105 rnd_buf_info info; 01106 01107 info.length = unhexify( rnd_buf, "bca8057f824b2ea257f2861407eef63d33208681" ); 01108 info.buf = rnd_buf; 01109 01110 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 01111 memset( message_str, 0x00, 1000 ); 01112 memset( output, 0x00, 1000 ); 01113 memset( output_str, 0x00, 1000 ); 01114 01115 ctx.len = 1027 / 8 + ( ( 1027 % 8 ) ? 1 : 0 ); 01116 fct_chk( mpi_read_string( &ctx.N, 16, "051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039" ) == 0 ); 01117 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 01118 01119 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 01120 01121 msg_len = unhexify( message_str, "28ccd447bb9e85166dabb9e5b7d1adadc4b9d39f204e96d5e440ce9ad928bc1c2284" ); 01122 01123 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 01124 if( 0 == 0 ) 01125 { 01126 hexify( output_str, output, ctx.len ); 01127 01128 fct_chk( strcasecmp( (char *) output_str, "00dbb8a7439d90efd919a377c54fae8fe11ec58c3b858362e23ad1b8a44310799066b99347aa525691d2adc58d9b06e34f288c170390c5f0e11c0aa3645959f18ee79e8f2be8d7ac5c23d061f18dd74b8c5f2a58fcb5eb0c54f99f01a83247568292536583340948d7a8c97c4acd1e98d1e29dc320e97a260532a8aa7a758a1ec2" ) == 0 ); 01129 } 01130 } 01131 FCT_TEST_END(); 01132 01133 01134 FCT_TEST_BGN(rsaes_oaep_encryption_example_4_6) 01135 { 01136 unsigned char message_str[1000]; 01137 unsigned char output[1000]; 01138 unsigned char output_str[1000]; 01139 unsigned char rnd_buf[1000]; 01140 rsa_context ctx; 01141 size_t msg_len; 01142 rnd_buf_info info; 01143 01144 info.length = unhexify( rnd_buf, "2e7e1e17f647b5ddd033e15472f90f6812f3ac4e" ); 01145 info.buf = rnd_buf; 01146 01147 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 01148 memset( message_str, 0x00, 1000 ); 01149 memset( output, 0x00, 1000 ); 01150 memset( output_str, 0x00, 1000 ); 01151 01152 ctx.len = 1027 / 8 + ( ( 1027 % 8 ) ? 1 : 0 ); 01153 fct_chk( mpi_read_string( &ctx.N, 16, "051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039" ) == 0 ); 01154 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 01155 01156 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 01157 01158 msg_len = unhexify( message_str, "f22242751ec6b1" ); 01159 01160 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 01161 if( 0 == 0 ) 01162 { 01163 hexify( output_str, output, ctx.len ); 01164 01165 fct_chk( strcasecmp( (char *) output_str, "00a5ffa4768c8bbecaee2db77e8f2eec99595933545520835e5ba7db9493d3e17cddefe6a5f567624471908db4e2d83a0fbee60608fc84049503b2234a07dc83b27b22847ad8920ff42f674ef79b76280b00233d2b51b8cb2703a9d42bfbc8250c96ec32c051e57f1b4ba528db89c37e4c54e27e6e64ac69635ae887d9541619a9" ) == 0 ); 01166 } 01167 } 01168 FCT_TEST_END(); 01169 01170 01171 FCT_TEST_BGN(rsaes_oaep_encryption_example_5_1) 01172 { 01173 unsigned char message_str[1000]; 01174 unsigned char output[1000]; 01175 unsigned char output_str[1000]; 01176 unsigned char rnd_buf[1000]; 01177 rsa_context ctx; 01178 size_t msg_len; 01179 rnd_buf_info info; 01180 01181 info.length = unhexify( rnd_buf, "44c92e283f77b9499c603d963660c87d2f939461" ); 01182 info.buf = rnd_buf; 01183 01184 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 01185 memset( message_str, 0x00, 1000 ); 01186 memset( output, 0x00, 1000 ); 01187 memset( output_str, 0x00, 1000 ); 01188 01189 ctx.len = 1028 / 8 + ( ( 1028 % 8 ) ? 1 : 0 ); 01190 fct_chk( mpi_read_string( &ctx.N, 16, "0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9" ) == 0 ); 01191 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 01192 01193 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 01194 01195 msg_len = unhexify( message_str, "af71a901e3a61d3132f0fc1fdb474f9ea6579257ffc24d164170145b3dbde8" ); 01196 01197 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 01198 if( 0 == 0 ) 01199 { 01200 hexify( output_str, output, ctx.len ); 01201 01202 fct_chk( strcasecmp( (char *) output_str, "036046a4a47d9ed3ba9a89139c105038eb7492b05a5d68bfd53accff4597f7a68651b47b4a4627d927e485eed7b4566420e8b409879e5d606eae251d22a5df799f7920bfc117b992572a53b1263146bcea03385cc5e853c9a101c8c3e1bda31a519807496c6cb5e5efb408823a352b8fa0661fb664efadd593deb99fff5ed000e5" ) == 0 ); 01203 } 01204 } 01205 FCT_TEST_END(); 01206 01207 01208 FCT_TEST_BGN(rsaes_oaep_encryption_example_5_2) 01209 { 01210 unsigned char message_str[1000]; 01211 unsigned char output[1000]; 01212 unsigned char output_str[1000]; 01213 unsigned char rnd_buf[1000]; 01214 rsa_context ctx; 01215 size_t msg_len; 01216 rnd_buf_info info; 01217 01218 info.length = unhexify( rnd_buf, "cb28f5860659fceee49c3eeafce625a70803bd32" ); 01219 info.buf = rnd_buf; 01220 01221 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 01222 memset( message_str, 0x00, 1000 ); 01223 memset( output, 0x00, 1000 ); 01224 memset( output_str, 0x00, 1000 ); 01225 01226 ctx.len = 1028 / 8 + ( ( 1028 % 8 ) ? 1 : 0 ); 01227 fct_chk( mpi_read_string( &ctx.N, 16, "0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9" ) == 0 ); 01228 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 01229 01230 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 01231 01232 msg_len = unhexify( message_str, "a3b844a08239a8ac41605af17a6cfda4d350136585903a417a79268760519a4b4ac3303ec73f0f87cfb32399" ); 01233 01234 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 01235 if( 0 == 0 ) 01236 { 01237 hexify( output_str, output, ctx.len ); 01238 01239 fct_chk( strcasecmp( (char *) output_str, "03d6eb654edce615bc59f455265ed4e5a18223cbb9be4e4069b473804d5de96f54dcaaa603d049c5d94aa1470dfcd2254066b7c7b61ff1f6f6770e3215c51399fd4e34ec5082bc48f089840ad04354ae66dc0f1bd18e461a33cc1258b443a2837a6df26759aa2302334986f87380c9cc9d53be9f99605d2c9a97da7b0915a4a7ad" ) == 0 ); 01240 } 01241 } 01242 FCT_TEST_END(); 01243 01244 01245 FCT_TEST_BGN(rsaes_oaep_encryption_example_5_3) 01246 { 01247 unsigned char message_str[1000]; 01248 unsigned char output[1000]; 01249 unsigned char output_str[1000]; 01250 unsigned char rnd_buf[1000]; 01251 rsa_context ctx; 01252 size_t msg_len; 01253 rnd_buf_info info; 01254 01255 info.length = unhexify( rnd_buf, "2285f40d770482f9a9efa2c72cb3ac55716dc0ca" ); 01256 info.buf = rnd_buf; 01257 01258 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 01259 memset( message_str, 0x00, 1000 ); 01260 memset( output, 0x00, 1000 ); 01261 memset( output_str, 0x00, 1000 ); 01262 01263 ctx.len = 1028 / 8 + ( ( 1028 % 8 ) ? 1 : 0 ); 01264 fct_chk( mpi_read_string( &ctx.N, 16, "0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9" ) == 0 ); 01265 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 01266 01267 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 01268 01269 msg_len = unhexify( message_str, "308b0ecbd2c76cb77fc6f70c5edd233fd2f20929d629f026953bb62a8f4a3a314bde195de85b5f816da2aab074d26cb6acddf323ae3b9c678ac3cf12fbdde7" ); 01270 01271 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 01272 if( 0 == 0 ) 01273 { 01274 hexify( output_str, output, ctx.len ); 01275 01276 fct_chk( strcasecmp( (char *) output_str, "0770952181649f9f9f07ff626ff3a22c35c462443d905d456a9fd0bff43cac2ca7a9f554e9478b9acc3ac838b02040ffd3e1847de2e4253929f9dd9ee4044325a9b05cabb808b2ee840d34e15d105a3f1f7b27695a1a07a2d73fe08ecaaa3c9c9d4d5a89ff890d54727d7ae40c0ec1a8dd86165d8ee2c6368141016a48b55b6967" ) == 0 ); 01277 } 01278 } 01279 FCT_TEST_END(); 01280 01281 01282 FCT_TEST_BGN(rsaes_oaep_encryption_example_5_4) 01283 { 01284 unsigned char message_str[1000]; 01285 unsigned char output[1000]; 01286 unsigned char output_str[1000]; 01287 unsigned char rnd_buf[1000]; 01288 rsa_context ctx; 01289 size_t msg_len; 01290 rnd_buf_info info; 01291 01292 info.length = unhexify( rnd_buf, "49fa45d3a78dd10dfd577399d1eb00af7eed5513" ); 01293 info.buf = rnd_buf; 01294 01295 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 01296 memset( message_str, 0x00, 1000 ); 01297 memset( output, 0x00, 1000 ); 01298 memset( output_str, 0x00, 1000 ); 01299 01300 ctx.len = 1028 / 8 + ( ( 1028 % 8 ) ? 1 : 0 ); 01301 fct_chk( mpi_read_string( &ctx.N, 16, "0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9" ) == 0 ); 01302 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 01303 01304 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 01305 01306 msg_len = unhexify( message_str, "15c5b9ee1185" ); 01307 01308 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 01309 if( 0 == 0 ) 01310 { 01311 hexify( output_str, output, ctx.len ); 01312 01313 fct_chk( strcasecmp( (char *) output_str, "0812b76768ebcb642d040258e5f4441a018521bd96687e6c5e899fcd6c17588ff59a82cc8ae03a4b45b31299af1788c329f7dcd285f8cf4ced82606b97612671a45bedca133442144d1617d114f802857f0f9d739751c57a3f9ee400912c61e2e6992be031a43dd48fa6ba14eef7c422b5edc4e7afa04fdd38f402d1c8bb719abf" ) == 0 ); 01314 } 01315 } 01316 FCT_TEST_END(); 01317 01318 01319 FCT_TEST_BGN(rsaes_oaep_encryption_example_5_5) 01320 { 01321 unsigned char message_str[1000]; 01322 unsigned char output[1000]; 01323 unsigned char output_str[1000]; 01324 unsigned char rnd_buf[1000]; 01325 rsa_context ctx; 01326 size_t msg_len; 01327 rnd_buf_info info; 01328 01329 info.length = unhexify( rnd_buf, "f0287413234cc5034724a094c4586b87aff133fc" ); 01330 info.buf = rnd_buf; 01331 01332 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 01333 memset( message_str, 0x00, 1000 ); 01334 memset( output, 0x00, 1000 ); 01335 memset( output_str, 0x00, 1000 ); 01336 01337 ctx.len = 1028 / 8 + ( ( 1028 % 8 ) ? 1 : 0 ); 01338 fct_chk( mpi_read_string( &ctx.N, 16, "0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9" ) == 0 ); 01339 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 01340 01341 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 01342 01343 msg_len = unhexify( message_str, "21026e6800c7fa728fcaaba0d196ae28d7a2ac4ffd8abce794f0985f60c8a6737277365d3fea11db8923a2029a" ); 01344 01345 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 01346 if( 0 == 0 ) 01347 { 01348 hexify( output_str, output, ctx.len ); 01349 01350 fct_chk( strcasecmp( (char *) output_str, "07b60e14ec954bfd29e60d0047e789f51d57186c63589903306793ced3f68241c743529aba6a6374f92e19e0163efa33697e196f7661dfaaa47aac6bde5e51deb507c72c589a2ca1693d96b1460381249b2cdb9eac44769f2489c5d3d2f99f0ee3c7ee5bf64a5ac79c42bd433f149be8cb59548361640595513c97af7bc2509723" ) == 0 ); 01351 } 01352 } 01353 FCT_TEST_END(); 01354 01355 01356 FCT_TEST_BGN(rsaes_oaep_encryption_example_5_6) 01357 { 01358 unsigned char message_str[1000]; 01359 unsigned char output[1000]; 01360 unsigned char output_str[1000]; 01361 unsigned char rnd_buf[1000]; 01362 rsa_context ctx; 01363 size_t msg_len; 01364 rnd_buf_info info; 01365 01366 info.length = unhexify( rnd_buf, "d9fba45c96f21e6e26d29eb2cdcb6585be9cb341" ); 01367 info.buf = rnd_buf; 01368 01369 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 01370 memset( message_str, 0x00, 1000 ); 01371 memset( output, 0x00, 1000 ); 01372 memset( output_str, 0x00, 1000 ); 01373 01374 ctx.len = 1028 / 8 + ( ( 1028 % 8 ) ? 1 : 0 ); 01375 fct_chk( mpi_read_string( &ctx.N, 16, "0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9" ) == 0 ); 01376 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 01377 01378 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 01379 01380 msg_len = unhexify( message_str, "541e37b68b6c8872b84c02" ); 01381 01382 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 01383 if( 0 == 0 ) 01384 { 01385 hexify( output_str, output, ctx.len ); 01386 01387 fct_chk( strcasecmp( (char *) output_str, "08c36d4dda33423b2ed6830d85f6411ba1dcf470a1fae0ebefee7c089f256cef74cb96ea69c38f60f39abee44129bcb4c92de7f797623b20074e3d9c2899701ed9071e1efa0bdd84d4c3e5130302d8f0240baba4b84a71cc032f2235a5ff0fae277c3e8f9112bef44c9ae20d175fc9a4058bfc930ba31b02e2e4f444483710f24a" ) == 0 ); 01388 } 01389 } 01390 FCT_TEST_END(); 01391 01392 01393 FCT_TEST_BGN(rsaes_oaep_encryption_example_6_1) 01394 { 01395 unsigned char message_str[1000]; 01396 unsigned char output[1000]; 01397 unsigned char output_str[1000]; 01398 unsigned char rnd_buf[1000]; 01399 rsa_context ctx; 01400 size_t msg_len; 01401 rnd_buf_info info; 01402 01403 info.length = unhexify( rnd_buf, "dd0f6cfe415e88e5a469a51fbba6dfd40adb4384" ); 01404 info.buf = rnd_buf; 01405 01406 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 01407 memset( message_str, 0x00, 1000 ); 01408 memset( output, 0x00, 1000 ); 01409 memset( output_str, 0x00, 1000 ); 01410 01411 ctx.len = 1029 / 8 + ( ( 1029 % 8 ) ? 1 : 0 ); 01412 fct_chk( mpi_read_string( &ctx.N, 16, "12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af" ) == 0 ); 01413 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 01414 01415 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 01416 01417 msg_len = unhexify( message_str, "4046ca8baa3347ca27f49e0d81f9cc1d71be9ba517d4" ); 01418 01419 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 01420 if( 0 == 0 ) 01421 { 01422 hexify( output_str, output, ctx.len ); 01423 01424 fct_chk( strcasecmp( (char *) output_str, "0630eebcd2856c24f798806e41f9e67345eda9ceda386acc9facaea1eeed06ace583709718d9d169fadf414d5c76f92996833ef305b75b1e4b95f662a20faedc3bae0c4827a8bf8a88edbd57ec203a27a841f02e43a615bab1a8cac0701de34debdef62a088089b55ec36ea7522fd3ec8d06b6a073e6df833153bc0aefd93bd1a3" ) == 0 ); 01425 } 01426 } 01427 FCT_TEST_END(); 01428 01429 01430 FCT_TEST_BGN(rsaes_oaep_encryption_example_6_2) 01431 { 01432 unsigned char message_str[1000]; 01433 unsigned char output[1000]; 01434 unsigned char output_str[1000]; 01435 unsigned char rnd_buf[1000]; 01436 rsa_context ctx; 01437 size_t msg_len; 01438 rnd_buf_info info; 01439 01440 info.length = unhexify( rnd_buf, "8d14bd946a1351148f5cae2ed9a0c653e85ebd85" ); 01441 info.buf = rnd_buf; 01442 01443 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 01444 memset( message_str, 0x00, 1000 ); 01445 memset( output, 0x00, 1000 ); 01446 memset( output_str, 0x00, 1000 ); 01447 01448 ctx.len = 1029 / 8 + ( ( 1029 % 8 ) ? 1 : 0 ); 01449 fct_chk( mpi_read_string( &ctx.N, 16, "12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af" ) == 0 ); 01450 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 01451 01452 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 01453 01454 msg_len = unhexify( message_str, "5cc72c60231df03b3d40f9b57931bc31109f972527f28b19e7480c7288cb3c92b22512214e4be6c914792ddabdf57faa8aa7" ); 01455 01456 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 01457 if( 0 == 0 ) 01458 { 01459 hexify( output_str, output, ctx.len ); 01460 01461 fct_chk( strcasecmp( (char *) output_str, "0ebc37376173a4fd2f89cc55c2ca62b26b11d51c3c7ce49e8845f74e7607317c436bc8d23b9667dfeb9d087234b47bc6837175ae5c0559f6b81d7d22416d3e50f4ac533d8f0812f2db9e791fe9c775ac8b6ad0f535ad9ceb23a4a02014c58ab3f8d3161499a260f39348e714ae2a1d3443208fd8b722ccfdfb393e98011f99e63f" ) == 0 ); 01462 } 01463 } 01464 FCT_TEST_END(); 01465 01466 01467 FCT_TEST_BGN(rsaes_oaep_encryption_example_6_3) 01468 { 01469 unsigned char message_str[1000]; 01470 unsigned char output[1000]; 01471 unsigned char output_str[1000]; 01472 unsigned char rnd_buf[1000]; 01473 rsa_context ctx; 01474 size_t msg_len; 01475 rnd_buf_info info; 01476 01477 info.length = unhexify( rnd_buf, "6c075bc45520f165c0bf5ea4c5df191bc9ef0e44" ); 01478 info.buf = rnd_buf; 01479 01480 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 01481 memset( message_str, 0x00, 1000 ); 01482 memset( output, 0x00, 1000 ); 01483 memset( output_str, 0x00, 1000 ); 01484 01485 ctx.len = 1029 / 8 + ( ( 1029 % 8 ) ? 1 : 0 ); 01486 fct_chk( mpi_read_string( &ctx.N, 16, "12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af" ) == 0 ); 01487 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 01488 01489 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 01490 01491 msg_len = unhexify( message_str, "b20e651303092f4bccb43070c0f86d23049362ed96642fc5632c27db4a52e3d831f2ab068b23b149879c002f6bf3feee97591112562c" ); 01492 01493 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 01494 if( 0 == 0 ) 01495 { 01496 hexify( output_str, output, ctx.len ); 01497 01498 fct_chk( strcasecmp( (char *) output_str, "0a98bf1093619394436cf68d8f38e2f158fde8ea54f3435f239b8d06b8321844202476aeed96009492480ce3a8d705498c4c8c68f01501dc81db608f60087350c8c3b0bd2e9ef6a81458b7c801b89f2e4fe99d4900ba6a4b5e5a96d865dc676c7755928794130d6280a8160a190f2df3ea7cf9aa0271d88e9e6905ecf1c5152d65" ) == 0 ); 01499 } 01500 } 01501 FCT_TEST_END(); 01502 01503 01504 FCT_TEST_BGN(rsaes_oaep_encryption_example_6_4) 01505 { 01506 unsigned char message_str[1000]; 01507 unsigned char output[1000]; 01508 unsigned char output_str[1000]; 01509 unsigned char rnd_buf[1000]; 01510 rsa_context ctx; 01511 size_t msg_len; 01512 rnd_buf_info info; 01513 01514 info.length = unhexify( rnd_buf, "3bbc3bd6637dfe12846901029bf5b0c07103439c" ); 01515 info.buf = rnd_buf; 01516 01517 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 01518 memset( message_str, 0x00, 1000 ); 01519 memset( output, 0x00, 1000 ); 01520 memset( output_str, 0x00, 1000 ); 01521 01522 ctx.len = 1029 / 8 + ( ( 1029 % 8 ) ? 1 : 0 ); 01523 fct_chk( mpi_read_string( &ctx.N, 16, "12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af" ) == 0 ); 01524 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 01525 01526 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 01527 01528 msg_len = unhexify( message_str, "684e3038c5c041f7" ); 01529 01530 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 01531 if( 0 == 0 ) 01532 { 01533 hexify( output_str, output, ctx.len ); 01534 01535 fct_chk( strcasecmp( (char *) output_str, "008e7a67cacfb5c4e24bec7dee149117f19598ce8c45808fef88c608ff9cd6e695263b9a3c0ad4b8ba4c95238e96a8422b8535629c8d5382374479ad13fa39974b242f9a759eeaf9c83ad5a8ca18940a0162ba755876df263f4bd50c6525c56090267c1f0e09ce0899a0cf359e88120abd9bf893445b3cae77d3607359ae9a52f8" ) == 0 ); 01536 } 01537 } 01538 FCT_TEST_END(); 01539 01540 01541 FCT_TEST_BGN(rsaes_oaep_encryption_example_6_5) 01542 { 01543 unsigned char message_str[1000]; 01544 unsigned char output[1000]; 01545 unsigned char output_str[1000]; 01546 unsigned char rnd_buf[1000]; 01547 rsa_context ctx; 01548 size_t msg_len; 01549 rnd_buf_info info; 01550 01551 info.length = unhexify( rnd_buf, "b46b41893e8bef326f6759383a83071dae7fcabc" ); 01552 info.buf = rnd_buf; 01553 01554 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 01555 memset( message_str, 0x00, 1000 ); 01556 memset( output, 0x00, 1000 ); 01557 memset( output_str, 0x00, 1000 ); 01558 01559 ctx.len = 1029 / 8 + ( ( 1029 % 8 ) ? 1 : 0 ); 01560 fct_chk( mpi_read_string( &ctx.N, 16, "12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af" ) == 0 ); 01561 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 01562 01563 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 01564 01565 msg_len = unhexify( message_str, "32488cb262d041d6e4dd35f987bf3ca696db1f06ac29a44693" ); 01566 01567 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 01568 if( 0 == 0 ) 01569 { 01570 hexify( output_str, output, ctx.len ); 01571 01572 fct_chk( strcasecmp( (char *) output_str, "00003474416c7b68bdf961c385737944d7f1f40cb395343c693cc0b4fe63b31fedf1eaeeac9ccc0678b31dc32e0977489514c4f09085f6298a9653f01aea4045ff582ee887be26ae575b73eef7f3774921e375a3d19adda0ca31aa1849887c1f42cac9677f7a2f4e923f6e5a868b38c084ef187594dc9f7f048fea2e02955384ab" ) == 0 ); 01573 } 01574 } 01575 FCT_TEST_END(); 01576 01577 01578 FCT_TEST_BGN(rsaes_oaep_encryption_example_6_6) 01579 { 01580 unsigned char message_str[1000]; 01581 unsigned char output[1000]; 01582 unsigned char output_str[1000]; 01583 unsigned char rnd_buf[1000]; 01584 rsa_context ctx; 01585 size_t msg_len; 01586 rnd_buf_info info; 01587 01588 info.length = unhexify( rnd_buf, "0a2403312a41e3d52f060fbc13a67de5cf7609a7" ); 01589 info.buf = rnd_buf; 01590 01591 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 01592 memset( message_str, 0x00, 1000 ); 01593 memset( output, 0x00, 1000 ); 01594 memset( output_str, 0x00, 1000 ); 01595 01596 ctx.len = 1029 / 8 + ( ( 1029 % 8 ) ? 1 : 0 ); 01597 fct_chk( mpi_read_string( &ctx.N, 16, "12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af" ) == 0 ); 01598 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 01599 01600 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 01601 01602 msg_len = unhexify( message_str, "50ba14be8462720279c306ba" ); 01603 01604 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 01605 if( 0 == 0 ) 01606 { 01607 hexify( output_str, output, ctx.len ); 01608 01609 fct_chk( strcasecmp( (char *) output_str, "0a026dda5fc8785f7bd9bf75327b63e85e2c0fdee5dadb65ebdcac9ae1de95c92c672ab433aa7a8e69ce6a6d8897fac4ac4a54de841ae5e5bbce7687879d79634cea7a30684065c714d52409b928256bbf53eabcd5231eb7259504537399bd29164b726d33a46da701360a4168a091ccab72d44a62fed246c0ffea5b1348ab5470" ) == 0 ); 01610 } 01611 } 01612 FCT_TEST_END(); 01613 01614 01615 FCT_TEST_BGN(rsaes_oaep_encryption_example_7_1) 01616 { 01617 unsigned char message_str[1000]; 01618 unsigned char output[1000]; 01619 unsigned char output_str[1000]; 01620 unsigned char rnd_buf[1000]; 01621 rsa_context ctx; 01622 size_t msg_len; 01623 rnd_buf_info info; 01624 01625 info.length = unhexify( rnd_buf, "43dd09a07ff4cac71caa4632ee5e1c1daee4cd8f" ); 01626 info.buf = rnd_buf; 01627 01628 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 01629 memset( message_str, 0x00, 1000 ); 01630 memset( output, 0x00, 1000 ); 01631 memset( output_str, 0x00, 1000 ); 01632 01633 ctx.len = 1030 / 8 + ( ( 1030 % 8 ) ? 1 : 0 ); 01634 fct_chk( mpi_read_string( &ctx.N, 16, "311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373" ) == 0 ); 01635 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 01636 01637 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 01638 01639 msg_len = unhexify( message_str, "47aae909" ); 01640 01641 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 01642 if( 0 == 0 ) 01643 { 01644 hexify( output_str, output, ctx.len ); 01645 01646 fct_chk( strcasecmp( (char *) output_str, "1688e4ce7794bba6cb7014169ecd559cede2a30b56a52b68d9fe18cf1973ef97b2a03153951c755f6294aa49adbdb55845ab6875fb3986c93ecf927962840d282f9e54ce8b690f7c0cb8bbd73440d9571d1b16cd9260f9eab4783cc482e5223dc60973871783ec27b0ae0fd47732cbc286a173fc92b00fb4ba6824647cd93c85c1" ) == 0 ); 01647 } 01648 } 01649 FCT_TEST_END(); 01650 01651 01652 FCT_TEST_BGN(rsaes_oaep_encryption_example_7_2) 01653 { 01654 unsigned char message_str[1000]; 01655 unsigned char output[1000]; 01656 unsigned char output_str[1000]; 01657 unsigned char rnd_buf[1000]; 01658 rsa_context ctx; 01659 size_t msg_len; 01660 rnd_buf_info info; 01661 01662 info.length = unhexify( rnd_buf, "3a9c3cec7b84f9bd3adecbc673ec99d54b22bc9b" ); 01663 info.buf = rnd_buf; 01664 01665 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 01666 memset( message_str, 0x00, 1000 ); 01667 memset( output, 0x00, 1000 ); 01668 memset( output_str, 0x00, 1000 ); 01669 01670 ctx.len = 1030 / 8 + ( ( 1030 % 8 ) ? 1 : 0 ); 01671 fct_chk( mpi_read_string( &ctx.N, 16, "311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373" ) == 0 ); 01672 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 01673 01674 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 01675 01676 msg_len = unhexify( message_str, "1d9b2e2223d9bc13bfb9f162ce735db48ba7c68f6822a0a1a7b6ae165834e7" ); 01677 01678 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 01679 if( 0 == 0 ) 01680 { 01681 hexify( output_str, output, ctx.len ); 01682 01683 fct_chk( strcasecmp( (char *) output_str, "1052ed397b2e01e1d0ee1c50bf24363f95e504f4a03434a08fd822574ed6b9736edbb5f390db10321479a8a139350e2bd4977c3778ef331f3e78ae118b268451f20a2f01d471f5d53c566937171b2dbc2d4bde459a5799f0372d6574239b2323d245d0bb81c286b63c89a361017337e4902f88a467f4c7f244bfd5ab46437ff3b6" ) == 0 ); 01684 } 01685 } 01686 FCT_TEST_END(); 01687 01688 01689 FCT_TEST_BGN(rsaes_oaep_encryption_example_7_3) 01690 { 01691 unsigned char message_str[1000]; 01692 unsigned char output[1000]; 01693 unsigned char output_str[1000]; 01694 unsigned char rnd_buf[1000]; 01695 rsa_context ctx; 01696 size_t msg_len; 01697 rnd_buf_info info; 01698 01699 info.length = unhexify( rnd_buf, "76a75e5b6157a556cf8884bb2e45c293dd545cf5" ); 01700 info.buf = rnd_buf; 01701 01702 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 01703 memset( message_str, 0x00, 1000 ); 01704 memset( output, 0x00, 1000 ); 01705 memset( output_str, 0x00, 1000 ); 01706 01707 ctx.len = 1030 / 8 + ( ( 1030 % 8 ) ? 1 : 0 ); 01708 fct_chk( mpi_read_string( &ctx.N, 16, "311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373" ) == 0 ); 01709 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 01710 01711 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 01712 01713 msg_len = unhexify( message_str, "d976fc" ); 01714 01715 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 01716 if( 0 == 0 ) 01717 { 01718 hexify( output_str, output, ctx.len ); 01719 01720 fct_chk( strcasecmp( (char *) output_str, "2155cd843ff24a4ee8badb7694260028a490813ba8b369a4cbf106ec148e5298707f5965be7d101c1049ea8584c24cd63455ad9c104d686282d3fb803a4c11c1c2e9b91c7178801d1b6640f003f5728df007b8a4ccc92bce05e41a27278d7c85018c52414313a5077789001d4f01910b72aad05d220aa14a58733a7489bc54556b" ) == 0 ); 01721 } 01722 } 01723 FCT_TEST_END(); 01724 01725 01726 FCT_TEST_BGN(rsaes_oaep_encryption_example_7_4) 01727 { 01728 unsigned char message_str[1000]; 01729 unsigned char output[1000]; 01730 unsigned char output_str[1000]; 01731 unsigned char rnd_buf[1000]; 01732 rsa_context ctx; 01733 size_t msg_len; 01734 rnd_buf_info info; 01735 01736 info.length = unhexify( rnd_buf, "7866314a6ad6f2b250a35941db28f5864b585859" ); 01737 info.buf = rnd_buf; 01738 01739 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 01740 memset( message_str, 0x00, 1000 ); 01741 memset( output, 0x00, 1000 ); 01742 memset( output_str, 0x00, 1000 ); 01743 01744 ctx.len = 1030 / 8 + ( ( 1030 % 8 ) ? 1 : 0 ); 01745 fct_chk( mpi_read_string( &ctx.N, 16, "311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373" ) == 0 ); 01746 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 01747 01748 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 01749 01750 msg_len = unhexify( message_str, "d4738623df223aa43843df8467534c41d013e0c803c624e263666b239bde40a5f29aeb8de79e3daa61dd0370f49bd4b013834b98212aef6b1c5ee373b3cb" ); 01751 01752 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 01753 if( 0 == 0 ) 01754 { 01755 hexify( output_str, output, ctx.len ); 01756 01757 fct_chk( strcasecmp( (char *) output_str, "0ab14c373aeb7d4328d0aaad8c094d88b9eb098b95f21054a29082522be7c27a312878b637917e3d819e6c3c568db5d843802b06d51d9e98a2be0bf40c031423b00edfbff8320efb9171bd2044653a4cb9c5122f6c65e83cda2ec3c126027a9c1a56ba874d0fea23f380b82cf240b8cf540004758c4c77d934157a74f3fc12bfac" ) == 0 ); 01758 } 01759 } 01760 FCT_TEST_END(); 01761 01762 01763 FCT_TEST_BGN(rsaes_oaep_encryption_example_7_5) 01764 { 01765 unsigned char message_str[1000]; 01766 unsigned char output[1000]; 01767 unsigned char output_str[1000]; 01768 unsigned char rnd_buf[1000]; 01769 rsa_context ctx; 01770 size_t msg_len; 01771 rnd_buf_info info; 01772 01773 info.length = unhexify( rnd_buf, "b2166ed472d58db10cab2c6b000cccf10a7dc509" ); 01774 info.buf = rnd_buf; 01775 01776 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 01777 memset( message_str, 0x00, 1000 ); 01778 memset( output, 0x00, 1000 ); 01779 memset( output_str, 0x00, 1000 ); 01780 01781 ctx.len = 1030 / 8 + ( ( 1030 % 8 ) ? 1 : 0 ); 01782 fct_chk( mpi_read_string( &ctx.N, 16, "311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373" ) == 0 ); 01783 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 01784 01785 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 01786 01787 msg_len = unhexify( message_str, "bb47231ca5ea1d3ad46c99345d9a8a61" ); 01788 01789 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 01790 if( 0 == 0 ) 01791 { 01792 hexify( output_str, output, ctx.len ); 01793 01794 fct_chk( strcasecmp( (char *) output_str, "028387a318277434798b4d97f460068df5298faba5041ba11761a1cb7316b24184114ec500257e2589ed3b607a1ebbe97a6cc2e02bf1b681f42312a33b7a77d8e7855c4a6de03e3c04643f786b91a264a0d6805e2cea91e68177eb7a64d9255e4f27e713b7ccec00dc200ebd21c2ea2bb890feae4942df941dc3f97890ed347478" ) == 0 ); 01795 } 01796 } 01797 FCT_TEST_END(); 01798 01799 01800 FCT_TEST_BGN(rsaes_oaep_encryption_example_7_6) 01801 { 01802 unsigned char message_str[1000]; 01803 unsigned char output[1000]; 01804 unsigned char output_str[1000]; 01805 unsigned char rnd_buf[1000]; 01806 rsa_context ctx; 01807 size_t msg_len; 01808 rnd_buf_info info; 01809 01810 info.length = unhexify( rnd_buf, "52673bde2ca166c2aa46131ac1dc808d67d7d3b1" ); 01811 info.buf = rnd_buf; 01812 01813 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 01814 memset( message_str, 0x00, 1000 ); 01815 memset( output, 0x00, 1000 ); 01816 memset( output_str, 0x00, 1000 ); 01817 01818 ctx.len = 1030 / 8 + ( ( 1030 % 8 ) ? 1 : 0 ); 01819 fct_chk( mpi_read_string( &ctx.N, 16, "311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373" ) == 0 ); 01820 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 01821 01822 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 01823 01824 msg_len = unhexify( message_str, "2184827095d35c3f86f600e8e59754013296" ); 01825 01826 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 01827 if( 0 == 0 ) 01828 { 01829 hexify( output_str, output, ctx.len ); 01830 01831 fct_chk( strcasecmp( (char *) output_str, "14c678a94ad60525ef39e959b2f3ba5c097a94ff912b67dbace80535c187abd47d075420b1872152bba08f7fc31f313bbf9273c912fc4c0149a9b0cfb79807e346eb332069611bec0ff9bcd168f1f7c33e77313cea454b94e2549eecf002e2acf7f6f2d2845d4fe0aab2e5a92ddf68c480ae11247935d1f62574842216ae674115" ) == 0 ); 01832 } 01833 } 01834 FCT_TEST_END(); 01835 01836 01837 FCT_TEST_BGN(rsaes_oaep_encryption_example_8_1) 01838 { 01839 unsigned char message_str[1000]; 01840 unsigned char output[1000]; 01841 unsigned char output_str[1000]; 01842 unsigned char rnd_buf[1000]; 01843 rsa_context ctx; 01844 size_t msg_len; 01845 rnd_buf_info info; 01846 01847 info.length = unhexify( rnd_buf, "7706ffca1ecfb1ebee2a55e5c6e24cd2797a4125" ); 01848 info.buf = rnd_buf; 01849 01850 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 01851 memset( message_str, 0x00, 1000 ); 01852 memset( output, 0x00, 1000 ); 01853 memset( output_str, 0x00, 1000 ); 01854 01855 ctx.len = 1031 / 8 + ( ( 1031 % 8 ) ? 1 : 0 ); 01856 fct_chk( mpi_read_string( &ctx.N, 16, "5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7" ) == 0 ); 01857 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 01858 01859 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 01860 01861 msg_len = unhexify( message_str, "050b755e5e6880f7b9e9d692a74c37aae449b31bfea6deff83747a897f6c2c825bb1adbf850a3c96994b5de5b33cbc7d4a17913a7967" ); 01862 01863 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 01864 if( 0 == 0 ) 01865 { 01866 hexify( output_str, output, ctx.len ); 01867 01868 fct_chk( strcasecmp( (char *) output_str, "09b3683d8a2eb0fb295b62ed1fb9290b714457b7825319f4647872af889b30409472020ad12912bf19b11d4819f49614824ffd84d09c0a17e7d17309d12919790410aa2995699f6a86dbe3242b5acc23af45691080d6b1ae810fb3e3057087f0970092ce00be9562ff4053b6262ce0caa93e13723d2e3a5ba075d45f0d61b54b61" ) == 0 ); 01869 } 01870 } 01871 FCT_TEST_END(); 01872 01873 01874 FCT_TEST_BGN(rsaes_oaep_encryption_example_8_2) 01875 { 01876 unsigned char message_str[1000]; 01877 unsigned char output[1000]; 01878 unsigned char output_str[1000]; 01879 unsigned char rnd_buf[1000]; 01880 rsa_context ctx; 01881 size_t msg_len; 01882 rnd_buf_info info; 01883 01884 info.length = unhexify( rnd_buf, "a3717da143b4dcffbc742665a8fa950585548343" ); 01885 info.buf = rnd_buf; 01886 01887 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 01888 memset( message_str, 0x00, 1000 ); 01889 memset( output, 0x00, 1000 ); 01890 memset( output_str, 0x00, 1000 ); 01891 01892 ctx.len = 1031 / 8 + ( ( 1031 % 8 ) ? 1 : 0 ); 01893 fct_chk( mpi_read_string( &ctx.N, 16, "5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7" ) == 0 ); 01894 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 01895 01896 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 01897 01898 msg_len = unhexify( message_str, "4eb68dcd93ca9b19df111bd43608f557026fe4aa1d5cfac227a3eb5ab9548c18a06dded23f81825986b2fcd71109ecef7eff88873f075c2aa0c469f69c92bc" ); 01899 01900 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 01901 if( 0 == 0 ) 01902 { 01903 hexify( output_str, output, ctx.len ); 01904 01905 fct_chk( strcasecmp( (char *) output_str, "2ecf15c97c5a15b1476ae986b371b57a24284f4a162a8d0c8182e7905e792256f1812ba5f83f1f7a130e42dcc02232844edc14a31a68ee97ae564a383a3411656424c5f62ddb646093c367be1fcda426cf00a06d8acb7e57776fbbd855ac3df506fc16b1d7c3f2110f3d8068e91e186363831c8409680d8da9ecd8cf1fa20ee39d" ) == 0 ); 01906 } 01907 } 01908 FCT_TEST_END(); 01909 01910 01911 FCT_TEST_BGN(rsaes_oaep_encryption_example_8_3) 01912 { 01913 unsigned char message_str[1000]; 01914 unsigned char output[1000]; 01915 unsigned char output_str[1000]; 01916 unsigned char rnd_buf[1000]; 01917 rsa_context ctx; 01918 size_t msg_len; 01919 rnd_buf_info info; 01920 01921 info.length = unhexify( rnd_buf, "ee06209073cca026bb264e5185bf8c68b7739f86" ); 01922 info.buf = rnd_buf; 01923 01924 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 01925 memset( message_str, 0x00, 1000 ); 01926 memset( output, 0x00, 1000 ); 01927 memset( output_str, 0x00, 1000 ); 01928 01929 ctx.len = 1031 / 8 + ( ( 1031 % 8 ) ? 1 : 0 ); 01930 fct_chk( mpi_read_string( &ctx.N, 16, "5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7" ) == 0 ); 01931 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 01932 01933 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 01934 01935 msg_len = unhexify( message_str, "8604ac56328c1ab5ad917861" ); 01936 01937 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 01938 if( 0 == 0 ) 01939 { 01940 hexify( output_str, output, ctx.len ); 01941 01942 fct_chk( strcasecmp( (char *) output_str, "4bc89130a5b2dabb7c2fcf90eb5d0eaf9e681b7146a38f3173a3d9cfec52ea9e0a41932e648a9d69344c50da763f51a03c95762131e8052254dcd2248cba40fd31667786ce05a2b7b531ac9dac9ed584a59b677c1a8aed8c5d15d68c05569e2be780bf7db638fd2bfd2a85ab276860f3777338fca989ffd743d13ee08e0ca9893f" ) == 0 ); 01943 } 01944 } 01945 FCT_TEST_END(); 01946 01947 01948 FCT_TEST_BGN(rsaes_oaep_encryption_example_8_4) 01949 { 01950 unsigned char message_str[1000]; 01951 unsigned char output[1000]; 01952 unsigned char output_str[1000]; 01953 unsigned char rnd_buf[1000]; 01954 rsa_context ctx; 01955 size_t msg_len; 01956 rnd_buf_info info; 01957 01958 info.length = unhexify( rnd_buf, "990ad573dc48a973235b6d82543618f2e955105d" ); 01959 info.buf = rnd_buf; 01960 01961 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 01962 memset( message_str, 0x00, 1000 ); 01963 memset( output, 0x00, 1000 ); 01964 memset( output_str, 0x00, 1000 ); 01965 01966 ctx.len = 1031 / 8 + ( ( 1031 % 8 ) ? 1 : 0 ); 01967 fct_chk( mpi_read_string( &ctx.N, 16, "5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7" ) == 0 ); 01968 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 01969 01970 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 01971 01972 msg_len = unhexify( message_str, "fdda5fbf6ec361a9d9a4ac68af216a0686f438b1e0e5c36b955f74e107f39c0dddcc" ); 01973 01974 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 01975 if( 0 == 0 ) 01976 { 01977 hexify( output_str, output, ctx.len ); 01978 01979 fct_chk( strcasecmp( (char *) output_str, "2e456847d8fc36ff0147d6993594b9397227d577752c79d0f904fcb039d4d812fea605a7b574dd82ca786f93752348438ee9f5b5454985d5f0e1699e3e7ad175a32e15f03deb042ab9fe1dd9db1bb86f8c089ccb45e7ef0c5ee7ca9b7290ca6b15bed47039788a8a93ff83e0e8d6244c71006362deef69b6f416fb3c684383fbd0" ) == 0 ); 01980 } 01981 } 01982 FCT_TEST_END(); 01983 01984 01985 FCT_TEST_BGN(rsaes_oaep_encryption_example_8_5) 01986 { 01987 unsigned char message_str[1000]; 01988 unsigned char output[1000]; 01989 unsigned char output_str[1000]; 01990 unsigned char rnd_buf[1000]; 01991 rsa_context ctx; 01992 size_t msg_len; 01993 rnd_buf_info info; 01994 01995 info.length = unhexify( rnd_buf, "ecc63b28f0756f22f52ac8e6ec1251a6ec304718" ); 01996 info.buf = rnd_buf; 01997 01998 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 01999 memset( message_str, 0x00, 1000 ); 02000 memset( output, 0x00, 1000 ); 02001 memset( output_str, 0x00, 1000 ); 02002 02003 ctx.len = 1031 / 8 + ( ( 1031 % 8 ) ? 1 : 0 ); 02004 fct_chk( mpi_read_string( &ctx.N, 16, "5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7" ) == 0 ); 02005 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 02006 02007 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 02008 02009 msg_len = unhexify( message_str, "4a5f4914bee25de3c69341de07" ); 02010 02011 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 02012 if( 0 == 0 ) 02013 { 02014 hexify( output_str, output, ctx.len ); 02015 02016 fct_chk( strcasecmp( (char *) output_str, "1fb9356fd5c4b1796db2ebf7d0d393cc810adf6145defc2fce714f79d93800d5e2ac211ea8bbecca4b654b94c3b18b30dd576ce34dc95436ef57a09415645923359a5d7b4171ef22c24670f1b229d3603e91f76671b7df97e7317c97734476d5f3d17d21cf82b5ba9f83df2e588d36984fd1b584468bd23b2e875f32f68953f7b2" ) == 0 ); 02017 } 02018 } 02019 FCT_TEST_END(); 02020 02021 02022 FCT_TEST_BGN(rsaes_oaep_encryption_example_8_6) 02023 { 02024 unsigned char message_str[1000]; 02025 unsigned char output[1000]; 02026 unsigned char output_str[1000]; 02027 unsigned char rnd_buf[1000]; 02028 rsa_context ctx; 02029 size_t msg_len; 02030 rnd_buf_info info; 02031 02032 info.length = unhexify( rnd_buf, "3925c71b362d40a0a6de42145579ba1e7dd459fc" ); 02033 info.buf = rnd_buf; 02034 02035 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 02036 memset( message_str, 0x00, 1000 ); 02037 memset( output, 0x00, 1000 ); 02038 memset( output_str, 0x00, 1000 ); 02039 02040 ctx.len = 1031 / 8 + ( ( 1031 % 8 ) ? 1 : 0 ); 02041 fct_chk( mpi_read_string( &ctx.N, 16, "5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7" ) == 0 ); 02042 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 02043 02044 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 02045 02046 msg_len = unhexify( message_str, "8e07d66f7b880a72563abcd3f35092bc33409fb7f88f2472be" ); 02047 02048 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 02049 if( 0 == 0 ) 02050 { 02051 hexify( output_str, output, ctx.len ); 02052 02053 fct_chk( strcasecmp( (char *) output_str, "3afd9c6600147b21798d818c655a0f4c9212db26d0b0dfdc2a7594ccb3d22f5bf1d7c3e112cd73fc7d509c7a8bafdd3c274d1399009f9609ec4be6477e453f075aa33db382870c1c3409aef392d7386ae3a696b99a94b4da0589447e955d16c98b17602a59bd736279fcd8fb280c4462d590bfa9bf13fed570eafde97330a2c210" ) == 0 ); 02054 } 02055 } 02056 FCT_TEST_END(); 02057 02058 02059 FCT_TEST_BGN(rsaes_oaep_encryption_example_9_1) 02060 { 02061 unsigned char message_str[1000]; 02062 unsigned char output[1000]; 02063 unsigned char output_str[1000]; 02064 unsigned char rnd_buf[1000]; 02065 rsa_context ctx; 02066 size_t msg_len; 02067 rnd_buf_info info; 02068 02069 info.length = unhexify( rnd_buf, "8ec965f134a3ec9931e92a1ca0dc8169d5ea705c" ); 02070 info.buf = rnd_buf; 02071 02072 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 02073 memset( message_str, 0x00, 1000 ); 02074 memset( output, 0x00, 1000 ); 02075 memset( output_str, 0x00, 1000 ); 02076 02077 ctx.len = 1536 / 8 + ( ( 1536 % 8 ) ? 1 : 0 ); 02078 fct_chk( mpi_read_string( &ctx.N, 16, "cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d" ) == 0 ); 02079 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 02080 02081 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 02082 02083 msg_len = unhexify( message_str, "f735fd55ba92592c3b52b8f9c4f69aaa1cbef8fe88add095595412467f9cf4ec0b896c59eda16210e7549c8abb10cdbc21a12ec9b6b5b8fd2f10399eb6" ); 02084 02085 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 02086 if( 0 == 0 ) 02087 { 02088 hexify( output_str, output, ctx.len ); 02089 02090 fct_chk( strcasecmp( (char *) output_str, "267bcd118acab1fc8ba81c85d73003cb8610fa55c1d97da8d48a7c7f06896a4db751aa284255b9d36ad65f37653d829f1b37f97b8001942545b2fc2c55a7376ca7a1be4b1760c8e05a33e5aa2526b8d98e317088e7834c755b2a59b12631a182c05d5d43ab1779264f8456f515ce57dfdf512d5493dab7b7338dc4b7d78db9c091ac3baf537a69fc7f549d979f0eff9a94fda4169bd4d1d19a69c99e33c3b55490d501b39b1edae118ff6793a153261584d3a5f39f6e682e3d17c8cd1261fa72" ) == 0 ); 02091 } 02092 } 02093 FCT_TEST_END(); 02094 02095 02096 FCT_TEST_BGN(rsaes_oaep_encryption_example_9_2) 02097 { 02098 unsigned char message_str[1000]; 02099 unsigned char output[1000]; 02100 unsigned char output_str[1000]; 02101 unsigned char rnd_buf[1000]; 02102 rsa_context ctx; 02103 size_t msg_len; 02104 rnd_buf_info info; 02105 02106 info.length = unhexify( rnd_buf, "ecb1b8b25fa50cdab08e56042867f4af5826d16c" ); 02107 info.buf = rnd_buf; 02108 02109 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 02110 memset( message_str, 0x00, 1000 ); 02111 memset( output, 0x00, 1000 ); 02112 memset( output_str, 0x00, 1000 ); 02113 02114 ctx.len = 1536 / 8 + ( ( 1536 % 8 ) ? 1 : 0 ); 02115 fct_chk( mpi_read_string( &ctx.N, 16, "cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d" ) == 0 ); 02116 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 02117 02118 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 02119 02120 msg_len = unhexify( message_str, "81b906605015a63aabe42ddf11e1978912f5404c7474b26dce3ed482bf961ecc818bf420c54659" ); 02121 02122 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 02123 if( 0 == 0 ) 02124 { 02125 hexify( output_str, output, ctx.len ); 02126 02127 fct_chk( strcasecmp( (char *) output_str, "93ac9f0671ec29acbb444effc1a5741351d60fdb0e393fbf754acf0de49761a14841df7772e9bc82773966a1584c4d72baea00118f83f35cca6e537cbd4d811f5583b29783d8a6d94cd31be70d6f526c10ff09c6fa7ce069795a3fcd0511fd5fcb564bcc80ea9c78f38b80012539d8a4ddf6fe81e9cddb7f50dbbbbcc7e5d86097ccf4ec49189fb8bf318be6d5a0715d516b49af191258cd32dc833ce6eb4673c03a19bbace88cc54895f636cc0c1ec89096d11ce235a265ca1764232a689ae8" ) == 0 ); 02128 } 02129 } 02130 FCT_TEST_END(); 02131 02132 02133 FCT_TEST_BGN(rsaes_oaep_encryption_example_9_3) 02134 { 02135 unsigned char message_str[1000]; 02136 unsigned char output[1000]; 02137 unsigned char output_str[1000]; 02138 unsigned char rnd_buf[1000]; 02139 rsa_context ctx; 02140 size_t msg_len; 02141 rnd_buf_info info; 02142 02143 info.length = unhexify( rnd_buf, "e89bb032c6ce622cbdb53bc9466014ea77f777c0" ); 02144 info.buf = rnd_buf; 02145 02146 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 02147 memset( message_str, 0x00, 1000 ); 02148 memset( output, 0x00, 1000 ); 02149 memset( output_str, 0x00, 1000 ); 02150 02151 ctx.len = 1536 / 8 + ( ( 1536 % 8 ) ? 1 : 0 ); 02152 fct_chk( mpi_read_string( &ctx.N, 16, "cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d" ) == 0 ); 02153 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 02154 02155 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 02156 02157 msg_len = unhexify( message_str, "fd326429df9b890e09b54b18b8f34f1e24" ); 02158 02159 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 02160 if( 0 == 0 ) 02161 { 02162 hexify( output_str, output, ctx.len ); 02163 02164 fct_chk( strcasecmp( (char *) output_str, "81ebdd95054b0c822ef9ad7693f5a87adfb4b4c4ce70df2df84ed49c04da58ba5fc20a19e1a6e8b7a3900b22796dc4e869ee6b42792d15a8eceb56c09c69914e813cea8f6931e4b8ed6f421af298d595c97f4789c7caa612c7ef360984c21b93edc5401068b5af4c78a8771b984d53b8ea8adf2f6a7d4a0ba76c75e1dd9f658f20ded4a46071d46d7791b56803d8fea7f0b0f8e41ae3f09383a6f9585fe7753eaaffd2bf94563108beecc207bbb535f5fcc705f0dde9f708c62f49a9c90371d3" ) == 0 ); 02165 } 02166 } 02167 FCT_TEST_END(); 02168 02169 02170 FCT_TEST_BGN(rsaes_oaep_encryption_example_9_4) 02171 { 02172 unsigned char message_str[1000]; 02173 unsigned char output[1000]; 02174 unsigned char output_str[1000]; 02175 unsigned char rnd_buf[1000]; 02176 rsa_context ctx; 02177 size_t msg_len; 02178 rnd_buf_info info; 02179 02180 info.length = unhexify( rnd_buf, "606f3b99c0b9ccd771eaa29ea0e4c884f3189ccc" ); 02181 info.buf = rnd_buf; 02182 02183 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 02184 memset( message_str, 0x00, 1000 ); 02185 memset( output, 0x00, 1000 ); 02186 memset( output_str, 0x00, 1000 ); 02187 02188 ctx.len = 1536 / 8 + ( ( 1536 % 8 ) ? 1 : 0 ); 02189 fct_chk( mpi_read_string( &ctx.N, 16, "cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d" ) == 0 ); 02190 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 02191 02192 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 02193 02194 msg_len = unhexify( message_str, "f1459b5f0c92f01a0f723a2e5662484d8f8c0a20fc29dad6acd43bb5f3effdf4e1b63e07fdfe6628d0d74ca19bf2d69e4a0abf86d293925a796772f8088e" ); 02195 02196 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 02197 if( 0 == 0 ) 02198 { 02199 hexify( output_str, output, ctx.len ); 02200 02201 fct_chk( strcasecmp( (char *) output_str, "bcc35f94cde66cb1136625d625b94432a35b22f3d2fa11a613ff0fca5bd57f87b902ccdc1cd0aebcb0715ee869d1d1fe395f6793003f5eca465059c88660d446ff5f0818552022557e38c08a67ead991262254f10682975ec56397768537f4977af6d5f6aaceb7fb25dec5937230231fd8978af49119a29f29e424ab8272b47562792d5c94f774b8829d0b0d9f1a8c9eddf37574d5fa248eefa9c5271fc5ec2579c81bdd61b410fa61fe36e424221c113addb275664c801d34ca8c6351e4a858" ) == 0 ); 02202 } 02203 } 02204 FCT_TEST_END(); 02205 02206 02207 FCT_TEST_BGN(rsaes_oaep_encryption_example_9_5) 02208 { 02209 unsigned char message_str[1000]; 02210 unsigned char output[1000]; 02211 unsigned char output_str[1000]; 02212 unsigned char rnd_buf[1000]; 02213 rsa_context ctx; 02214 size_t msg_len; 02215 rnd_buf_info info; 02216 02217 info.length = unhexify( rnd_buf, "fcbc421402e9ecabc6082afa40ba5f26522c840e" ); 02218 info.buf = rnd_buf; 02219 02220 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 02221 memset( message_str, 0x00, 1000 ); 02222 memset( output, 0x00, 1000 ); 02223 memset( output_str, 0x00, 1000 ); 02224 02225 ctx.len = 1536 / 8 + ( ( 1536 % 8 ) ? 1 : 0 ); 02226 fct_chk( mpi_read_string( &ctx.N, 16, "cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d" ) == 0 ); 02227 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 02228 02229 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 02230 02231 msg_len = unhexify( message_str, "53e6e8c729d6f9c319dd317e74b0db8e4ccca25f3c8305746e137ac63a63ef3739e7b595abb96e8d55e54f7bd41ab433378ffb911d" ); 02232 02233 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 02234 if( 0 == 0 ) 02235 { 02236 hexify( output_str, output, ctx.len ); 02237 02238 fct_chk( strcasecmp( (char *) output_str, "232afbc927fa08c2f6a27b87d4a5cb09c07dc26fae73d73a90558839f4fd66d281b87ec734bce237ba166698ed829106a7de6942cd6cdce78fed8d2e4d81428e66490d036264cef92af941d3e35055fe3981e14d29cbb9a4f67473063baec79a1179f5a17c9c1832f2838fd7d5e59bb9659d56dce8a019edef1bb3accc697cc6cc7a778f60a064c7f6f5d529c6210262e003de583e81e3167b89971fb8c0e15d44fffef89b53d8d64dd797d159b56d2b08ea5307ea12c241bd58d4ee278a1f2e" ) == 0 ); 02239 } 02240 } 02241 FCT_TEST_END(); 02242 02243 02244 FCT_TEST_BGN(rsaes_oaep_encryption_example_9_6) 02245 { 02246 unsigned char message_str[1000]; 02247 unsigned char output[1000]; 02248 unsigned char output_str[1000]; 02249 unsigned char rnd_buf[1000]; 02250 rsa_context ctx; 02251 size_t msg_len; 02252 rnd_buf_info info; 02253 02254 info.length = unhexify( rnd_buf, "23aade0e1e08bb9b9a78d2302a52f9c21b2e1ba2" ); 02255 info.buf = rnd_buf; 02256 02257 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 02258 memset( message_str, 0x00, 1000 ); 02259 memset( output, 0x00, 1000 ); 02260 memset( output_str, 0x00, 1000 ); 02261 02262 ctx.len = 1536 / 8 + ( ( 1536 % 8 ) ? 1 : 0 ); 02263 fct_chk( mpi_read_string( &ctx.N, 16, "cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d" ) == 0 ); 02264 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 02265 02266 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 02267 02268 msg_len = unhexify( message_str, "b6b28ea2198d0c1008bc64" ); 02269 02270 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 02271 if( 0 == 0 ) 02272 { 02273 hexify( output_str, output, ctx.len ); 02274 02275 fct_chk( strcasecmp( (char *) output_str, "438cc7dc08a68da249e42505f8573ba60e2c2773d5b290f4cf9dff718e842081c383e67024a0f29594ea987b9d25e4b738f285970d195abb3a8c8054e3d79d6b9c9a8327ba596f1259e27126674766907d8d582ff3a8476154929adb1e6d1235b2ccb4ec8f663ba9cc670a92bebd853c8dbf69c6436d016f61add836e94732450434207f9fd4c43dec2a12a958efa01efe2669899b5e604c255c55fb7166de5589e369597bb09168c06dd5db177e06a1740eb2d5c82faeca6d92fcee9931ba9f" ) == 0 ); 02276 } 02277 } 02278 FCT_TEST_END(); 02279 02280 02281 FCT_TEST_BGN(rsaes_oaep_encryption_example_10_1) 02282 { 02283 unsigned char message_str[1000]; 02284 unsigned char output[1000]; 02285 unsigned char output_str[1000]; 02286 unsigned char rnd_buf[1000]; 02287 rsa_context ctx; 02288 size_t msg_len; 02289 rnd_buf_info info; 02290 02291 info.length = unhexify( rnd_buf, "47e1ab7119fee56c95ee5eaad86f40d0aa63bd33" ); 02292 info.buf = rnd_buf; 02293 02294 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 02295 memset( message_str, 0x00, 1000 ); 02296 memset( output, 0x00, 1000 ); 02297 memset( output_str, 0x00, 1000 ); 02298 02299 ctx.len = 2048 / 8 + ( ( 2048 % 8 ) ? 1 : 0 ); 02300 fct_chk( mpi_read_string( &ctx.N, 16, "ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb" ) == 0 ); 02301 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 02302 02303 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 02304 02305 msg_len = unhexify( message_str, "8bba6bf82a6c0f86d5f1756e97956870b08953b06b4eb205bc1694ee" ); 02306 02307 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 02308 if( 0 == 0 ) 02309 { 02310 hexify( output_str, output, ctx.len ); 02311 02312 fct_chk( strcasecmp( (char *) output_str, "53ea5dc08cd260fb3b858567287fa91552c30b2febfba213f0ae87702d068d19bab07fe574523dfb42139d68c3c5afeee0bfe4cb7969cbf382b804d6e61396144e2d0e60741f8993c3014b58b9b1957a8babcd23af854f4c356fb1662aa72bfcc7e586559dc4280d160c126785a723ebeebeff71f11594440aaef87d10793a8774a239d4a04c87fe1467b9daf85208ec6c7255794a96cc29142f9a8bd418e3c1fd67344b0cd0829df3b2bec60253196293c6b34d3f75d32f213dd45c6273d505adf4cced1057cb758fc26aeefa441255ed4e64c199ee075e7f16646182fdb464739b68ab5daff0e63e9552016824f054bf4d3c8c90a97bb6b6553284eb429fcc" ) == 0 ); 02313 } 02314 } 02315 FCT_TEST_END(); 02316 02317 02318 FCT_TEST_BGN(rsaes_oaep_encryption_example_10_2) 02319 { 02320 unsigned char message_str[1000]; 02321 unsigned char output[1000]; 02322 unsigned char output_str[1000]; 02323 unsigned char rnd_buf[1000]; 02324 rsa_context ctx; 02325 size_t msg_len; 02326 rnd_buf_info info; 02327 02328 info.length = unhexify( rnd_buf, "6d17f5b4c1ffac351d195bf7b09d09f09a4079cf" ); 02329 info.buf = rnd_buf; 02330 02331 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 02332 memset( message_str, 0x00, 1000 ); 02333 memset( output, 0x00, 1000 ); 02334 memset( output_str, 0x00, 1000 ); 02335 02336 ctx.len = 2048 / 8 + ( ( 2048 % 8 ) ? 1 : 0 ); 02337 fct_chk( mpi_read_string( &ctx.N, 16, "ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb" ) == 0 ); 02338 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 02339 02340 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 02341 02342 msg_len = unhexify( message_str, "e6ad181f053b58a904f2457510373e57" ); 02343 02344 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 02345 if( 0 == 0 ) 02346 { 02347 hexify( output_str, output, ctx.len ); 02348 02349 fct_chk( strcasecmp( (char *) output_str, "a2b1a430a9d657e2fa1c2bb5ed43ffb25c05a308fe9093c01031795f5874400110828ae58fb9b581ce9dddd3e549ae04a0985459bde6c626594e7b05dc4278b2a1465c1368408823c85e96dc66c3a30983c639664fc4569a37fe21e5a195b5776eed2df8d8d361af686e750229bbd663f161868a50615e0c337bec0ca35fec0bb19c36eb2e0bbcc0582fa1d93aacdb061063f59f2ce1ee43605e5d89eca183d2acdfe9f81011022ad3b43a3dd417dac94b4e11ea81b192966e966b182082e71964607b4f8002f36299844a11f2ae0faeac2eae70f8f4f98088acdcd0ac556e9fccc511521908fad26f04c64201450305778758b0538bf8b5bb144a828e629795" ) == 0 ); 02350 } 02351 } 02352 FCT_TEST_END(); 02353 02354 02355 FCT_TEST_BGN(rsaes_oaep_encryption_example_10_3) 02356 { 02357 unsigned char message_str[1000]; 02358 unsigned char output[1000]; 02359 unsigned char output_str[1000]; 02360 unsigned char rnd_buf[1000]; 02361 rsa_context ctx; 02362 size_t msg_len; 02363 rnd_buf_info info; 02364 02365 info.length = unhexify( rnd_buf, "385387514deccc7c740dd8cdf9daee49a1cbfd54" ); 02366 info.buf = rnd_buf; 02367 02368 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 02369 memset( message_str, 0x00, 1000 ); 02370 memset( output, 0x00, 1000 ); 02371 memset( output_str, 0x00, 1000 ); 02372 02373 ctx.len = 2048 / 8 + ( ( 2048 % 8 ) ? 1 : 0 ); 02374 fct_chk( mpi_read_string( &ctx.N, 16, "ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb" ) == 0 ); 02375 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 02376 02377 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 02378 02379 msg_len = unhexify( message_str, "510a2cf60e866fa2340553c94ea39fbc256311e83e94454b4124" ); 02380 02381 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 02382 if( 0 == 0 ) 02383 { 02384 hexify( output_str, output, ctx.len ); 02385 02386 fct_chk( strcasecmp( (char *) output_str, "9886c3e6764a8b9a84e84148ebd8c3b1aa8050381a78f668714c16d9cfd2a6edc56979c535d9dee3b44b85c18be8928992371711472216d95dda98d2ee8347c9b14dffdff84aa48d25ac06f7d7e65398ac967b1ce90925f67dce049b7f812db0742997a74d44fe81dbe0e7a3feaf2e5c40af888d550ddbbe3bc20657a29543f8fc2913b9bd1a61b2ab2256ec409bbd7dc0d17717ea25c43f42ed27df8738bf4afc6766ff7aff0859555ee283920f4c8a63c4a7340cbafddc339ecdb4b0515002f96c932b5b79167af699c0ad3fccfdf0f44e85a70262bf2e18fe34b850589975e867ff969d48eabf212271546cdc05a69ecb526e52870c836f307bd798780ede" ) == 0 ); 02387 } 02388 } 02389 FCT_TEST_END(); 02390 02391 02392 FCT_TEST_BGN(rsaes_oaep_encryption_example_10_4) 02393 { 02394 unsigned char message_str[1000]; 02395 unsigned char output[1000]; 02396 unsigned char output_str[1000]; 02397 unsigned char rnd_buf[1000]; 02398 rsa_context ctx; 02399 size_t msg_len; 02400 rnd_buf_info info; 02401 02402 info.length = unhexify( rnd_buf, "5caca6a0f764161a9684f85d92b6e0ef37ca8b65" ); 02403 info.buf = rnd_buf; 02404 02405 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 02406 memset( message_str, 0x00, 1000 ); 02407 memset( output, 0x00, 1000 ); 02408 memset( output_str, 0x00, 1000 ); 02409 02410 ctx.len = 2048 / 8 + ( ( 2048 % 8 ) ? 1 : 0 ); 02411 fct_chk( mpi_read_string( &ctx.N, 16, "ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb" ) == 0 ); 02412 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 02413 02414 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 02415 02416 msg_len = unhexify( message_str, "bcdd190da3b7d300df9a06e22caae2a75f10c91ff667b7c16bde8b53064a2649a94045c9" ); 02417 02418 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 02419 if( 0 == 0 ) 02420 { 02421 hexify( output_str, output, ctx.len ); 02422 02423 fct_chk( strcasecmp( (char *) output_str, "6318e9fb5c0d05e5307e1683436e903293ac4642358aaa223d7163013aba87e2dfda8e60c6860e29a1e92686163ea0b9175f329ca3b131a1edd3a77759a8b97bad6a4f8f4396f28cf6f39ca58112e48160d6e203daa5856f3aca5ffed577af499408e3dfd233e3e604dbe34a9c4c9082de65527cac6331d29dc80e0508a0fa7122e7f329f6cca5cfa34d4d1da417805457e008bec549e478ff9e12a763c477d15bbb78f5b69bd57830fc2c4ed686d79bc72a95d85f88134c6b0afe56a8ccfbc855828bb339bd17909cf1d70de3335ae07039093e606d655365de6550b872cd6de1d440ee031b61945f629ad8a353b0d40939e96a3c450d2a8d5eee9f678093c8" ) == 0 ); 02424 } 02425 } 02426 FCT_TEST_END(); 02427 02428 02429 FCT_TEST_BGN(rsaes_oaep_encryption_example_10_5) 02430 { 02431 unsigned char message_str[1000]; 02432 unsigned char output[1000]; 02433 unsigned char output_str[1000]; 02434 unsigned char rnd_buf[1000]; 02435 rsa_context ctx; 02436 size_t msg_len; 02437 rnd_buf_info info; 02438 02439 info.length = unhexify( rnd_buf, "95bca9e3859894b3dd869fa7ecd5bbc6401bf3e4" ); 02440 info.buf = rnd_buf; 02441 02442 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 02443 memset( message_str, 0x00, 1000 ); 02444 memset( output, 0x00, 1000 ); 02445 memset( output_str, 0x00, 1000 ); 02446 02447 ctx.len = 2048 / 8 + ( ( 2048 % 8 ) ? 1 : 0 ); 02448 fct_chk( mpi_read_string( &ctx.N, 16, "ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb" ) == 0 ); 02449 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 02450 02451 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 02452 02453 msg_len = unhexify( message_str, "a7dd6c7dc24b46f9dd5f1e91ada4c3b3df947e877232a9" ); 02454 02455 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 02456 if( 0 == 0 ) 02457 { 02458 hexify( output_str, output, ctx.len ); 02459 02460 fct_chk( strcasecmp( (char *) output_str, "75290872ccfd4a4505660d651f56da6daa09ca1301d890632f6a992f3d565cee464afded40ed3b5be9356714ea5aa7655f4a1366c2f17c728f6f2c5a5d1f8e28429bc4e6f8f2cff8da8dc0e0a9808e45fd09ea2fa40cb2b6ce6ffff5c0e159d11b68d90a85f7b84e103b09e682666480c657505c0929259468a314786d74eab131573cf234bf57db7d9e66cc6748192e002dc0deea930585f0831fdcd9bc33d51f79ed2ffc16bcf4d59812fcebcaa3f9069b0e445686d644c25ccf63b456ee5fa6ffe96f19cdf751fed9eaf35957754dbf4bfea5216aa1844dc507cb2d080e722eba150308c2b5ff1193620f1766ecf4481bafb943bd292877f2136ca494aba0" ) == 0 ); 02461 } 02462 } 02463 FCT_TEST_END(); 02464 02465 02466 FCT_TEST_BGN(rsaes_oaep_encryption_example_10_6) 02467 { 02468 unsigned char message_str[1000]; 02469 unsigned char output[1000]; 02470 unsigned char output_str[1000]; 02471 unsigned char rnd_buf[1000]; 02472 rsa_context ctx; 02473 size_t msg_len; 02474 rnd_buf_info info; 02475 02476 info.length = unhexify( rnd_buf, "9f47ddf42e97eea856a9bdbc714eb3ac22f6eb32" ); 02477 info.buf = rnd_buf; 02478 02479 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 02480 memset( message_str, 0x00, 1000 ); 02481 memset( output, 0x00, 1000 ); 02482 memset( output_str, 0x00, 1000 ); 02483 02484 ctx.len = 2048 / 8 + ( ( 2048 % 8 ) ? 1 : 0 ); 02485 fct_chk( mpi_read_string( &ctx.N, 16, "ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb" ) == 0 ); 02486 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 02487 02488 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 02489 02490 msg_len = unhexify( message_str, "eaf1a73a1b0c4609537de69cd9228bbcfb9a8ca8c6c3efaf056fe4a7f4634ed00b7c39ec6922d7b8ea2c04ebac" ); 02491 02492 fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_buffer_rand, &info, RSA_PUBLIC, msg_len, message_str, output ) == 0 ); 02493 if( 0 == 0 ) 02494 { 02495 hexify( output_str, output, ctx.len ); 02496 02497 fct_chk( strcasecmp( (char *) output_str, "2d207a73432a8fb4c03051b3f73b28a61764098dfa34c47a20995f8115aa6816679b557e82dbee584908c6e69782d7deb34dbd65af063d57fca76a5fd069492fd6068d9984d209350565a62e5c77f23038c12cb10c6634709b547c46f6b4a709bd85ca122d74465ef97762c29763e06dbc7a9e738c78bfca0102dc5e79d65b973f28240caab2e161a78b57d262457ed8195d53e3c7ae9da021883c6db7c24afdd2322eac972ad3c354c5fcef1e146c3a0290fb67adf007066e00428d2cec18ce58f9328698defef4b2eb5ec76918fde1c198cbb38b7afc67626a9aefec4322bfd90d2563481c9a221f78c8272c82d1b62ab914e1c69f6af6ef30ca5260db4a46" ) == 0 ); 02498 } 02499 } 02500 FCT_TEST_END(); 02501 02502 02503 FCT_TEST_BGN(rsaes_oaep_decryption_test_vector_int) 02504 { 02505 unsigned char message_str[1000]; 02506 unsigned char output[1000]; 02507 unsigned char output_str[1000]; 02508 rsa_context ctx; 02509 mpi P1, Q1, H, G; 02510 size_t output_len; 02511 02512 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 02513 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 02514 02515 memset( message_str, 0x00, 1000 ); 02516 memset( output, 0x00, 1000 ); 02517 memset( output_str, 0x00, 1000 ); 02518 02519 ctx.len = 1024 / 8 + ( ( 1024 % 8 ) ? 1 : 0 ); 02520 fct_chk( mpi_read_string( &ctx.P, 16, "eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599" ) == 0 ); 02521 fct_chk( mpi_read_string( &ctx.Q, 16, "c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503" ) == 0 ); 02522 fct_chk( mpi_read_string( &ctx.N, 16, "bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb" ) == 0 ); 02523 fct_chk( mpi_read_string( &ctx.E, 16, "11" ) == 0 ); 02524 02525 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 02526 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 02527 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 02528 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 02529 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 02530 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 02531 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 02532 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 02533 02534 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 02535 02536 unhexify( message_str, "1253e04dc0a5397bb44a7ab87e9bf2a039a33d1e996fc82a94ccd30074c95df763722017069e5268da5d1c0b4f872cf653c11df82314a67968dfeae28def04bb6d84b1c31d654a1970e5783bd6eb96a024c2ca2f4a90fe9f2ef5c9c140e5bb48da9536ad8700c84fc9130adea74e558d51a74ddf85d8b50de96838d6063e0955" ); 02537 02538 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 02539 if( 0 == 0 ) 02540 { 02541 hexify( output_str, output, ctx.len ); 02542 02543 fct_chk( strncasecmp( (char *) output_str, "d436e99569fd32a7c8a05bbc90d32c49", strlen( "d436e99569fd32a7c8a05bbc90d32c49" ) ) == 0 ); 02544 } 02545 02546 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 02547 } 02548 FCT_TEST_END(); 02549 02550 02551 FCT_TEST_BGN(rsaes_oaep_decryption_test_vector_1_1) 02552 { 02553 unsigned char message_str[1000]; 02554 unsigned char output[1000]; 02555 unsigned char output_str[1000]; 02556 rsa_context ctx; 02557 mpi P1, Q1, H, G; 02558 size_t output_len; 02559 02560 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 02561 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 02562 02563 memset( message_str, 0x00, 1000 ); 02564 memset( output, 0x00, 1000 ); 02565 memset( output_str, 0x00, 1000 ); 02566 02567 ctx.len = 1024 / 8 + ( ( 1024 % 8 ) ? 1 : 0 ); 02568 fct_chk( mpi_read_string( &ctx.P, 16, "d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d" ) == 0 ); 02569 fct_chk( mpi_read_string( &ctx.Q, 16, "cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77" ) == 0 ); 02570 fct_chk( mpi_read_string( &ctx.N, 16, "a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb" ) == 0 ); 02571 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 02572 02573 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 02574 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 02575 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 02576 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 02577 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 02578 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 02579 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 02580 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 02581 02582 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 02583 02584 unhexify( message_str, "354fe67b4a126d5d35fe36c777791a3f7ba13def484e2d3908aff722fad468fb21696de95d0be911c2d3174f8afcc201035f7b6d8e69402de5451618c21a535fa9d7bfc5b8dd9fc243f8cf927db31322d6e881eaa91a996170e657a05a266426d98c88003f8477c1227094a0d9fa1e8c4024309ce1ecccb5210035d47ac72e8a" ); 02585 02586 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 02587 if( 0 == 0 ) 02588 { 02589 hexify( output_str, output, ctx.len ); 02590 02591 fct_chk( strncasecmp( (char *) output_str, "6628194e12073db03ba94cda9ef9532397d50dba79b987004afefe34", strlen( "6628194e12073db03ba94cda9ef9532397d50dba79b987004afefe34" ) ) == 0 ); 02592 } 02593 02594 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 02595 } 02596 FCT_TEST_END(); 02597 02598 02599 FCT_TEST_BGN(rsaes_oaep_decryption_test_vector_1_2) 02600 { 02601 unsigned char message_str[1000]; 02602 unsigned char output[1000]; 02603 unsigned char output_str[1000]; 02604 rsa_context ctx; 02605 mpi P1, Q1, H, G; 02606 size_t output_len; 02607 02608 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 02609 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 02610 02611 memset( message_str, 0x00, 1000 ); 02612 memset( output, 0x00, 1000 ); 02613 memset( output_str, 0x00, 1000 ); 02614 02615 ctx.len = 1024 / 8 + ( ( 1024 % 8 ) ? 1 : 0 ); 02616 fct_chk( mpi_read_string( &ctx.P, 16, "d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d" ) == 0 ); 02617 fct_chk( mpi_read_string( &ctx.Q, 16, "cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77" ) == 0 ); 02618 fct_chk( mpi_read_string( &ctx.N, 16, "a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb" ) == 0 ); 02619 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 02620 02621 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 02622 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 02623 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 02624 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 02625 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 02626 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 02627 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 02628 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 02629 02630 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 02631 02632 unhexify( message_str, "640db1acc58e0568fe5407e5f9b701dff8c3c91e716c536fc7fcec6cb5b71c1165988d4a279e1577d730fc7a29932e3f00c81515236d8d8e31017a7a09df4352d904cdeb79aa583adcc31ea698a4c05283daba9089be5491f67c1a4ee48dc74bbbe6643aef846679b4cb395a352d5ed115912df696ffe0702932946d71492b44" ); 02633 02634 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 02635 if( 0 == 0 ) 02636 { 02637 hexify( output_str, output, ctx.len ); 02638 02639 fct_chk( strncasecmp( (char *) output_str, "750c4047f547e8e41411856523298ac9bae245efaf1397fbe56f9dd5", strlen( "750c4047f547e8e41411856523298ac9bae245efaf1397fbe56f9dd5" ) ) == 0 ); 02640 } 02641 02642 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 02643 } 02644 FCT_TEST_END(); 02645 02646 02647 FCT_TEST_BGN(rsaes_oaep_decryption_test_vector_1_3) 02648 { 02649 unsigned char message_str[1000]; 02650 unsigned char output[1000]; 02651 unsigned char output_str[1000]; 02652 rsa_context ctx; 02653 mpi P1, Q1, H, G; 02654 size_t output_len; 02655 02656 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 02657 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 02658 02659 memset( message_str, 0x00, 1000 ); 02660 memset( output, 0x00, 1000 ); 02661 memset( output_str, 0x00, 1000 ); 02662 02663 ctx.len = 1024 / 8 + ( ( 1024 % 8 ) ? 1 : 0 ); 02664 fct_chk( mpi_read_string( &ctx.P, 16, "d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d" ) == 0 ); 02665 fct_chk( mpi_read_string( &ctx.Q, 16, "cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77" ) == 0 ); 02666 fct_chk( mpi_read_string( &ctx.N, 16, "a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb" ) == 0 ); 02667 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 02668 02669 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 02670 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 02671 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 02672 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 02673 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 02674 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 02675 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 02676 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 02677 02678 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 02679 02680 unhexify( message_str, "423736ed035f6026af276c35c0b3741b365e5f76ca091b4e8c29e2f0befee603595aa8322d602d2e625e95eb81b2f1c9724e822eca76db8618cf09c5343503a4360835b5903bc637e3879fb05e0ef32685d5aec5067cd7cc96fe4b2670b6eac3066b1fcf5686b68589aafb7d629b02d8f8625ca3833624d4800fb081b1cf94eb" ); 02681 02682 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 02683 if( 0 == 0 ) 02684 { 02685 hexify( output_str, output, ctx.len ); 02686 02687 fct_chk( strncasecmp( (char *) output_str, "d94ae0832e6445ce42331cb06d531a82b1db4baad30f746dc916df24d4e3c2451fff59a6423eb0e1d02d4fe646cf699dfd818c6e97b051", strlen( "d94ae0832e6445ce42331cb06d531a82b1db4baad30f746dc916df24d4e3c2451fff59a6423eb0e1d02d4fe646cf699dfd818c6e97b051" ) ) == 0 ); 02688 } 02689 02690 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 02691 } 02692 FCT_TEST_END(); 02693 02694 02695 FCT_TEST_BGN(rsaes_oaep_decryption_test_vector_1_4) 02696 { 02697 unsigned char message_str[1000]; 02698 unsigned char output[1000]; 02699 unsigned char output_str[1000]; 02700 rsa_context ctx; 02701 mpi P1, Q1, H, G; 02702 size_t output_len; 02703 02704 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 02705 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 02706 02707 memset( message_str, 0x00, 1000 ); 02708 memset( output, 0x00, 1000 ); 02709 memset( output_str, 0x00, 1000 ); 02710 02711 ctx.len = 1024 / 8 + ( ( 1024 % 8 ) ? 1 : 0 ); 02712 fct_chk( mpi_read_string( &ctx.P, 16, "d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d" ) == 0 ); 02713 fct_chk( mpi_read_string( &ctx.Q, 16, "cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77" ) == 0 ); 02714 fct_chk( mpi_read_string( &ctx.N, 16, "a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb" ) == 0 ); 02715 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 02716 02717 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 02718 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 02719 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 02720 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 02721 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 02722 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 02723 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 02724 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 02725 02726 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 02727 02728 unhexify( message_str, "45ead4ca551e662c9800f1aca8283b0525e6abae30be4b4aba762fa40fd3d38e22abefc69794f6ebbbc05ddbb11216247d2f412fd0fba87c6e3acd888813646fd0e48e785204f9c3f73d6d8239562722dddd8771fec48b83a31ee6f592c4cfd4bc88174f3b13a112aae3b9f7b80e0fc6f7255ba880dc7d8021e22ad6a85f0755" ); 02729 02730 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 02731 if( 0 == 0 ) 02732 { 02733 hexify( output_str, output, ctx.len ); 02734 02735 fct_chk( strncasecmp( (char *) output_str, "52e650d98e7f2a048b4f86852153b97e01dd316f346a19f67a85", strlen( "52e650d98e7f2a048b4f86852153b97e01dd316f346a19f67a85" ) ) == 0 ); 02736 } 02737 02738 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 02739 } 02740 FCT_TEST_END(); 02741 02742 02743 FCT_TEST_BGN(rsaes_oaep_decryption_test_vector_1_5) 02744 { 02745 unsigned char message_str[1000]; 02746 unsigned char output[1000]; 02747 unsigned char output_str[1000]; 02748 rsa_context ctx; 02749 mpi P1, Q1, H, G; 02750 size_t output_len; 02751 02752 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 02753 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 02754 02755 memset( message_str, 0x00, 1000 ); 02756 memset( output, 0x00, 1000 ); 02757 memset( output_str, 0x00, 1000 ); 02758 02759 ctx.len = 1024 / 8 + ( ( 1024 % 8 ) ? 1 : 0 ); 02760 fct_chk( mpi_read_string( &ctx.P, 16, "d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d" ) == 0 ); 02761 fct_chk( mpi_read_string( &ctx.Q, 16, "cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77" ) == 0 ); 02762 fct_chk( mpi_read_string( &ctx.N, 16, "a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb" ) == 0 ); 02763 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 02764 02765 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 02766 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 02767 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 02768 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 02769 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 02770 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 02771 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 02772 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 02773 02774 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 02775 02776 unhexify( message_str, "36f6e34d94a8d34daacba33a2139d00ad85a9345a86051e73071620056b920e219005855a213a0f23897cdcd731b45257c777fe908202befdd0b58386b1244ea0cf539a05d5d10329da44e13030fd760dcd644cfef2094d1910d3f433e1c7c6dd18bc1f2df7f643d662fb9dd37ead9059190f4fa66ca39e869c4eb449cbdc439" ); 02777 02778 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 02779 if( 0 == 0 ) 02780 { 02781 hexify( output_str, output, ctx.len ); 02782 02783 fct_chk( strncasecmp( (char *) output_str, "8da89fd9e5f974a29feffb462b49180f6cf9e802", strlen( "8da89fd9e5f974a29feffb462b49180f6cf9e802" ) ) == 0 ); 02784 } 02785 02786 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 02787 } 02788 FCT_TEST_END(); 02789 02790 02791 FCT_TEST_BGN(rsaes_oaep_decryption_test_vector_1_6) 02792 { 02793 unsigned char message_str[1000]; 02794 unsigned char output[1000]; 02795 unsigned char output_str[1000]; 02796 rsa_context ctx; 02797 mpi P1, Q1, H, G; 02798 size_t output_len; 02799 02800 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 02801 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 02802 02803 memset( message_str, 0x00, 1000 ); 02804 memset( output, 0x00, 1000 ); 02805 memset( output_str, 0x00, 1000 ); 02806 02807 ctx.len = 1024 / 8 + ( ( 1024 % 8 ) ? 1 : 0 ); 02808 fct_chk( mpi_read_string( &ctx.P, 16, "d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d" ) == 0 ); 02809 fct_chk( mpi_read_string( &ctx.Q, 16, "cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77" ) == 0 ); 02810 fct_chk( mpi_read_string( &ctx.N, 16, "a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb" ) == 0 ); 02811 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 02812 02813 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 02814 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 02815 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 02816 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 02817 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 02818 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 02819 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 02820 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 02821 02822 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 02823 02824 unhexify( message_str, "42cee2617b1ecea4db3f4829386fbd61dafbf038e180d837c96366df24c097b4ab0fac6bdf590d821c9f10642e681ad05b8d78b378c0f46ce2fad63f74e0ad3df06b075d7eb5f5636f8d403b9059ca761b5c62bb52aa45002ea70baace08ded243b9d8cbd62a68ade265832b56564e43a6fa42ed199a099769742df1539e8255" ); 02825 02826 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 02827 if( 0 == 0 ) 02828 { 02829 hexify( output_str, output, ctx.len ); 02830 02831 fct_chk( strncasecmp( (char *) output_str, "26521050844271", strlen( "26521050844271" ) ) == 0 ); 02832 } 02833 02834 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 02835 } 02836 FCT_TEST_END(); 02837 02838 02839 FCT_TEST_BGN(rsaes_oaep_decryption_test_vector_2_1) 02840 { 02841 unsigned char message_str[1000]; 02842 unsigned char output[1000]; 02843 unsigned char output_str[1000]; 02844 rsa_context ctx; 02845 mpi P1, Q1, H, G; 02846 size_t output_len; 02847 02848 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 02849 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 02850 02851 memset( message_str, 0x00, 1000 ); 02852 memset( output, 0x00, 1000 ); 02853 memset( output_str, 0x00, 1000 ); 02854 02855 ctx.len = 1025 / 8 + ( ( 1025 % 8 ) ? 1 : 0 ); 02856 fct_chk( mpi_read_string( &ctx.P, 16, "0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43" ) == 0 ); 02857 fct_chk( mpi_read_string( &ctx.Q, 16, "012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7" ) == 0 ); 02858 fct_chk( mpi_read_string( &ctx.N, 16, "01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45" ) == 0 ); 02859 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 02860 02861 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 02862 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 02863 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 02864 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 02865 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 02866 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 02867 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 02868 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 02869 02870 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 02871 02872 unhexify( message_str, "0181af8922b9fcb4d79d92ebe19815992fc0c1439d8bcd491398a0f4ad3a329a5bd9385560db532683c8b7da04e4b12aed6aacdf471c34c9cda891addcc2df3456653aa6382e9ae59b54455257eb099d562bbe10453f2b6d13c59c02e10f1f8abb5da0d0570932dacf2d0901db729d0fefcc054e70968ea540c81b04bcaefe720e" ); 02873 02874 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 02875 if( 0 == 0 ) 02876 { 02877 hexify( output_str, output, ctx.len ); 02878 02879 fct_chk( strncasecmp( (char *) output_str, "8ff00caa605c702830634d9a6c3d42c652b58cf1d92fec570beee7", strlen( "8ff00caa605c702830634d9a6c3d42c652b58cf1d92fec570beee7" ) ) == 0 ); 02880 } 02881 02882 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 02883 } 02884 FCT_TEST_END(); 02885 02886 02887 FCT_TEST_BGN(rsaes_oaep_decryption_test_vector_2_2) 02888 { 02889 unsigned char message_str[1000]; 02890 unsigned char output[1000]; 02891 unsigned char output_str[1000]; 02892 rsa_context ctx; 02893 mpi P1, Q1, H, G; 02894 size_t output_len; 02895 02896 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 02897 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 02898 02899 memset( message_str, 0x00, 1000 ); 02900 memset( output, 0x00, 1000 ); 02901 memset( output_str, 0x00, 1000 ); 02902 02903 ctx.len = 1025 / 8 + ( ( 1025 % 8 ) ? 1 : 0 ); 02904 fct_chk( mpi_read_string( &ctx.P, 16, "0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43" ) == 0 ); 02905 fct_chk( mpi_read_string( &ctx.Q, 16, "012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7" ) == 0 ); 02906 fct_chk( mpi_read_string( &ctx.N, 16, "01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45" ) == 0 ); 02907 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 02908 02909 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 02910 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 02911 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 02912 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 02913 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 02914 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 02915 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 02916 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 02917 02918 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 02919 02920 unhexify( message_str, "018759ff1df63b2792410562314416a8aeaf2ac634b46f940ab82d64dbf165eee33011da749d4bab6e2fcd18129c9e49277d8453112b429a222a8471b070993998e758861c4d3f6d749d91c4290d332c7a4ab3f7ea35ff3a07d497c955ff0ffc95006b62c6d296810d9bfab024196c7934012c2df978ef299aba239940cba10245" ); 02921 02922 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 02923 if( 0 == 0 ) 02924 { 02925 hexify( output_str, output, ctx.len ); 02926 02927 fct_chk( strncasecmp( (char *) output_str, "2d", strlen( "2d" ) ) == 0 ); 02928 } 02929 02930 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 02931 } 02932 FCT_TEST_END(); 02933 02934 02935 FCT_TEST_BGN(rsaes_oaep_decryption_test_vector_2_3) 02936 { 02937 unsigned char message_str[1000]; 02938 unsigned char output[1000]; 02939 unsigned char output_str[1000]; 02940 rsa_context ctx; 02941 mpi P1, Q1, H, G; 02942 size_t output_len; 02943 02944 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 02945 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 02946 02947 memset( message_str, 0x00, 1000 ); 02948 memset( output, 0x00, 1000 ); 02949 memset( output_str, 0x00, 1000 ); 02950 02951 ctx.len = 1025 / 8 + ( ( 1025 % 8 ) ? 1 : 0 ); 02952 fct_chk( mpi_read_string( &ctx.P, 16, "0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43" ) == 0 ); 02953 fct_chk( mpi_read_string( &ctx.Q, 16, "012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7" ) == 0 ); 02954 fct_chk( mpi_read_string( &ctx.N, 16, "01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45" ) == 0 ); 02955 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 02956 02957 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 02958 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 02959 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 02960 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 02961 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 02962 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 02963 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 02964 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 02965 02966 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 02967 02968 unhexify( message_str, "018802bab04c60325e81c4962311f2be7c2adce93041a00719c88f957575f2c79f1b7bc8ced115c706b311c08a2d986ca3b6a9336b147c29c6f229409ddec651bd1fdd5a0b7f610c9937fdb4a3a762364b8b3206b4ea485fd098d08f63d4aa8bb2697d027b750c32d7f74eaf5180d2e9b66b17cb2fa55523bc280da10d14be2053" ); 02969 02970 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 02971 if( 0 == 0 ) 02972 { 02973 hexify( output_str, output, ctx.len ); 02974 02975 fct_chk( strncasecmp( (char *) output_str, "74fc88c51bc90f77af9d5e9a4a70133d4b4e0b34da3c37c7ef8e", strlen( "74fc88c51bc90f77af9d5e9a4a70133d4b4e0b34da3c37c7ef8e" ) ) == 0 ); 02976 } 02977 02978 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 02979 } 02980 FCT_TEST_END(); 02981 02982 02983 FCT_TEST_BGN(rsaes_oaep_decryption_test_vector_2_4) 02984 { 02985 unsigned char message_str[1000]; 02986 unsigned char output[1000]; 02987 unsigned char output_str[1000]; 02988 rsa_context ctx; 02989 mpi P1, Q1, H, G; 02990 size_t output_len; 02991 02992 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 02993 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 02994 02995 memset( message_str, 0x00, 1000 ); 02996 memset( output, 0x00, 1000 ); 02997 memset( output_str, 0x00, 1000 ); 02998 02999 ctx.len = 1025 / 8 + ( ( 1025 % 8 ) ? 1 : 0 ); 03000 fct_chk( mpi_read_string( &ctx.P, 16, "0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43" ) == 0 ); 03001 fct_chk( mpi_read_string( &ctx.Q, 16, "012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7" ) == 0 ); 03002 fct_chk( mpi_read_string( &ctx.N, 16, "01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45" ) == 0 ); 03003 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 03004 03005 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 03006 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 03007 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 03008 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 03009 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 03010 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 03011 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 03012 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 03013 03014 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 03015 03016 unhexify( message_str, "00a4578cbc176318a638fba7d01df15746af44d4f6cd96d7e7c495cbf425b09c649d32bf886da48fbaf989a2117187cafb1fb580317690e3ccd446920b7af82b31db5804d87d01514acbfa9156e782f867f6bed9449e0e9a2c09bcecc6aa087636965e34b3ec766f2fe2e43018a2fddeb140616a0e9d82e5331024ee0652fc7641" ); 03017 03018 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 03019 if( 0 == 0 ) 03020 { 03021 hexify( output_str, output, ctx.len ); 03022 03023 fct_chk( strncasecmp( (char *) output_str, "a7eb2a5036931d27d4e891326d99692ffadda9bf7efd3e34e622c4adc085f721dfe885072c78a203b151739be540fa8c153a10f00a", strlen( "a7eb2a5036931d27d4e891326d99692ffadda9bf7efd3e34e622c4adc085f721dfe885072c78a203b151739be540fa8c153a10f00a" ) ) == 0 ); 03024 } 03025 03026 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 03027 } 03028 FCT_TEST_END(); 03029 03030 03031 FCT_TEST_BGN(rsaes_oaep_decryption_test_vector_2_5) 03032 { 03033 unsigned char message_str[1000]; 03034 unsigned char output[1000]; 03035 unsigned char output_str[1000]; 03036 rsa_context ctx; 03037 mpi P1, Q1, H, G; 03038 size_t output_len; 03039 03040 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 03041 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 03042 03043 memset( message_str, 0x00, 1000 ); 03044 memset( output, 0x00, 1000 ); 03045 memset( output_str, 0x00, 1000 ); 03046 03047 ctx.len = 1025 / 8 + ( ( 1025 % 8 ) ? 1 : 0 ); 03048 fct_chk( mpi_read_string( &ctx.P, 16, "0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43" ) == 0 ); 03049 fct_chk( mpi_read_string( &ctx.Q, 16, "012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7" ) == 0 ); 03050 fct_chk( mpi_read_string( &ctx.N, 16, "01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45" ) == 0 ); 03051 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 03052 03053 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 03054 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 03055 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 03056 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 03057 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 03058 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 03059 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 03060 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 03061 03062 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 03063 03064 unhexify( message_str, "00ebc5f5fda77cfdad3c83641a9025e77d72d8a6fb33a810f5950f8d74c73e8d931e8634d86ab1246256ae07b6005b71b7f2fb98351218331ce69b8ffbdc9da08bbc9c704f876deb9df9fc2ec065cad87f9090b07acc17aa7f997b27aca48806e897f771d95141fe4526d8a5301b678627efab707fd40fbebd6e792a25613e7aec" ); 03065 03066 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 03067 if( 0 == 0 ) 03068 { 03069 hexify( output_str, output, ctx.len ); 03070 03071 fct_chk( strncasecmp( (char *) output_str, "2ef2b066f854c33f3bdcbb5994a435e73d6c6c", strlen( "2ef2b066f854c33f3bdcbb5994a435e73d6c6c" ) ) == 0 ); 03072 } 03073 03074 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 03075 } 03076 FCT_TEST_END(); 03077 03078 03079 FCT_TEST_BGN(rsaes_oaep_decryption_test_vector_2_6) 03080 { 03081 unsigned char message_str[1000]; 03082 unsigned char output[1000]; 03083 unsigned char output_str[1000]; 03084 rsa_context ctx; 03085 mpi P1, Q1, H, G; 03086 size_t output_len; 03087 03088 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 03089 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 03090 03091 memset( message_str, 0x00, 1000 ); 03092 memset( output, 0x00, 1000 ); 03093 memset( output_str, 0x00, 1000 ); 03094 03095 ctx.len = 1025 / 8 + ( ( 1025 % 8 ) ? 1 : 0 ); 03096 fct_chk( mpi_read_string( &ctx.P, 16, "0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43" ) == 0 ); 03097 fct_chk( mpi_read_string( &ctx.Q, 16, "012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7" ) == 0 ); 03098 fct_chk( mpi_read_string( &ctx.N, 16, "01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45" ) == 0 ); 03099 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 03100 03101 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 03102 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 03103 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 03104 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 03105 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 03106 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 03107 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 03108 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 03109 03110 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 03111 03112 unhexify( message_str, "010839ec20c27b9052e55befb9b77e6fc26e9075d7a54378c646abdf51e445bd5715de81789f56f1803d9170764a9e93cb78798694023ee7393ce04bc5d8f8c5a52c171d43837e3aca62f609eb0aa5ffb0960ef04198dd754f57f7fbe6abf765cf118b4ca443b23b5aab266f952326ac4581100644325f8b721acd5d04ff14ef3a" ); 03113 03114 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 03115 if( 0 == 0 ) 03116 { 03117 hexify( output_str, output, ctx.len ); 03118 03119 fct_chk( strncasecmp( (char *) output_str, "8a7fb344c8b6cb2cf2ef1f643f9a3218f6e19bba89c0", strlen( "8a7fb344c8b6cb2cf2ef1f643f9a3218f6e19bba89c0" ) ) == 0 ); 03120 } 03121 03122 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 03123 } 03124 FCT_TEST_END(); 03125 03126 03127 FCT_TEST_BGN(rsaes_oaep_decryption_example_3_1) 03128 { 03129 unsigned char message_str[1000]; 03130 unsigned char output[1000]; 03131 unsigned char output_str[1000]; 03132 rsa_context ctx; 03133 mpi P1, Q1, H, G; 03134 size_t output_len; 03135 03136 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 03137 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 03138 03139 memset( message_str, 0x00, 1000 ); 03140 memset( output, 0x00, 1000 ); 03141 memset( output_str, 0x00, 1000 ); 03142 03143 ctx.len = 1026 / 8 + ( ( 1026 % 8 ) ? 1 : 0 ); 03144 fct_chk( mpi_read_string( &ctx.P, 16, "01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf" ) == 0 ); 03145 fct_chk( mpi_read_string( &ctx.Q, 16, "018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7" ) == 0 ); 03146 fct_chk( mpi_read_string( &ctx.N, 16, "02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9" ) == 0 ); 03147 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 03148 03149 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 03150 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 03151 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 03152 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 03153 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 03154 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 03155 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 03156 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 03157 03158 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 03159 03160 unhexify( message_str, "026a0485d96aebd96b4382085099b962e6a2bdec3d90c8db625e14372de85e2d5b7baab65c8faf91bb5504fb495afce5c988b3f6a52e20e1d6cbd3566c5cd1f2b8318bb542cc0ea25c4aab9932afa20760eaddec784396a07ea0ef24d4e6f4d37e5052a7a31e146aa480a111bbe926401307e00f410033842b6d82fe5ce4dfae80" ); 03161 03162 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 03163 if( 0 == 0 ) 03164 { 03165 hexify( output_str, output, ctx.len ); 03166 03167 fct_chk( strncasecmp( (char *) output_str, "087820b569e8fa8d", strlen( "087820b569e8fa8d" ) ) == 0 ); 03168 } 03169 03170 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 03171 } 03172 FCT_TEST_END(); 03173 03174 03175 FCT_TEST_BGN(rsaes_oaep_decryption_example_3_2) 03176 { 03177 unsigned char message_str[1000]; 03178 unsigned char output[1000]; 03179 unsigned char output_str[1000]; 03180 rsa_context ctx; 03181 mpi P1, Q1, H, G; 03182 size_t output_len; 03183 03184 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 03185 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 03186 03187 memset( message_str, 0x00, 1000 ); 03188 memset( output, 0x00, 1000 ); 03189 memset( output_str, 0x00, 1000 ); 03190 03191 ctx.len = 1026 / 8 + ( ( 1026 % 8 ) ? 1 : 0 ); 03192 fct_chk( mpi_read_string( &ctx.P, 16, "01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf" ) == 0 ); 03193 fct_chk( mpi_read_string( &ctx.Q, 16, "018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7" ) == 0 ); 03194 fct_chk( mpi_read_string( &ctx.N, 16, "02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9" ) == 0 ); 03195 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 03196 03197 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 03198 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 03199 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 03200 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 03201 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 03202 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 03203 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 03204 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 03205 03206 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 03207 03208 unhexify( message_str, "024db89c7802989be0783847863084941bf209d761987e38f97cb5f6f1bc88da72a50b73ebaf11c879c4f95df37b850b8f65d7622e25b1b889e80fe80baca2069d6e0e1d829953fc459069de98ea9798b451e557e99abf8fe3d9ccf9096ebbf3e5255d3b4e1c6d2ecadf067a359eea86405acd47d5e165517ccafd47d6dbee4bf5" ); 03209 03210 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 03211 if( 0 == 0 ) 03212 { 03213 hexify( output_str, output, ctx.len ); 03214 03215 fct_chk( strncasecmp( (char *) output_str, "4653acaf171960b01f52a7be63a3ab21dc368ec43b50d82ec3781e04", strlen( "4653acaf171960b01f52a7be63a3ab21dc368ec43b50d82ec3781e04" ) ) == 0 ); 03216 } 03217 03218 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 03219 } 03220 FCT_TEST_END(); 03221 03222 03223 FCT_TEST_BGN(rsaes_oaep_decryption_example_3_3) 03224 { 03225 unsigned char message_str[1000]; 03226 unsigned char output[1000]; 03227 unsigned char output_str[1000]; 03228 rsa_context ctx; 03229 mpi P1, Q1, H, G; 03230 size_t output_len; 03231 03232 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 03233 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 03234 03235 memset( message_str, 0x00, 1000 ); 03236 memset( output, 0x00, 1000 ); 03237 memset( output_str, 0x00, 1000 ); 03238 03239 ctx.len = 1026 / 8 + ( ( 1026 % 8 ) ? 1 : 0 ); 03240 fct_chk( mpi_read_string( &ctx.P, 16, "01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf" ) == 0 ); 03241 fct_chk( mpi_read_string( &ctx.Q, 16, "018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7" ) == 0 ); 03242 fct_chk( mpi_read_string( &ctx.N, 16, "02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9" ) == 0 ); 03243 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 03244 03245 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 03246 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 03247 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 03248 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 03249 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 03250 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 03251 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 03252 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 03253 03254 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 03255 03256 unhexify( message_str, "0239bce681032441528877d6d1c8bb28aa3bc97f1df584563618995797683844ca86664732f4bed7a0aab083aaabfb7238f582e30958c2024e44e57043b97950fd543da977c90cdde5337d618442f99e60d7783ab59ce6dd9d69c47ad1e962bec22d05895cff8d3f64ed5261d92b2678510393484990ba3f7f06818ae6ffce8a3a" ); 03257 03258 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 03259 if( 0 == 0 ) 03260 { 03261 hexify( output_str, output, ctx.len ); 03262 03263 fct_chk( strncasecmp( (char *) output_str, "d94cd0e08fa404ed89", strlen( "d94cd0e08fa404ed89" ) ) == 0 ); 03264 } 03265 03266 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 03267 } 03268 FCT_TEST_END(); 03269 03270 03271 FCT_TEST_BGN(rsaes_oaep_decryption_example_3_4) 03272 { 03273 unsigned char message_str[1000]; 03274 unsigned char output[1000]; 03275 unsigned char output_str[1000]; 03276 rsa_context ctx; 03277 mpi P1, Q1, H, G; 03278 size_t output_len; 03279 03280 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 03281 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 03282 03283 memset( message_str, 0x00, 1000 ); 03284 memset( output, 0x00, 1000 ); 03285 memset( output_str, 0x00, 1000 ); 03286 03287 ctx.len = 1026 / 8 + ( ( 1026 % 8 ) ? 1 : 0 ); 03288 fct_chk( mpi_read_string( &ctx.P, 16, "01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf" ) == 0 ); 03289 fct_chk( mpi_read_string( &ctx.Q, 16, "018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7" ) == 0 ); 03290 fct_chk( mpi_read_string( &ctx.N, 16, "02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9" ) == 0 ); 03291 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 03292 03293 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 03294 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 03295 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 03296 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 03297 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 03298 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 03299 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 03300 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 03301 03302 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 03303 03304 unhexify( message_str, "02994c62afd76f498ba1fd2cf642857fca81f4373cb08f1cbaee6f025c3b512b42c3e8779113476648039dbe0493f9246292fac28950600e7c0f32edf9c81b9dec45c3bde0cc8d8847590169907b7dc5991ceb29bb0714d613d96df0f12ec5d8d3507c8ee7ae78dd83f216fa61de100363aca48a7e914ae9f42ddfbe943b09d9a0" ); 03305 03306 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 03307 if( 0 == 0 ) 03308 { 03309 hexify( output_str, output, ctx.len ); 03310 03311 fct_chk( strncasecmp( (char *) output_str, "6cc641b6b61e6f963974dad23a9013284ef1", strlen( "6cc641b6b61e6f963974dad23a9013284ef1" ) ) == 0 ); 03312 } 03313 03314 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 03315 } 03316 FCT_TEST_END(); 03317 03318 03319 FCT_TEST_BGN(rsaes_oaep_decryption_example_3_5) 03320 { 03321 unsigned char message_str[1000]; 03322 unsigned char output[1000]; 03323 unsigned char output_str[1000]; 03324 rsa_context ctx; 03325 mpi P1, Q1, H, G; 03326 size_t output_len; 03327 03328 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 03329 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 03330 03331 memset( message_str, 0x00, 1000 ); 03332 memset( output, 0x00, 1000 ); 03333 memset( output_str, 0x00, 1000 ); 03334 03335 ctx.len = 1026 / 8 + ( ( 1026 % 8 ) ? 1 : 0 ); 03336 fct_chk( mpi_read_string( &ctx.P, 16, "01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf" ) == 0 ); 03337 fct_chk( mpi_read_string( &ctx.Q, 16, "018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7" ) == 0 ); 03338 fct_chk( mpi_read_string( &ctx.N, 16, "02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9" ) == 0 ); 03339 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 03340 03341 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 03342 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 03343 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 03344 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 03345 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 03346 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 03347 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 03348 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 03349 03350 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 03351 03352 unhexify( message_str, "0162042ff6969592a6167031811a239834ce638abf54fec8b99478122afe2ee67f8c5b18b0339805bfdbc5a4e6720b37c59cfba942464c597ff532a119821545fd2e59b114e61daf71820529f5029cf524954327c34ec5e6f5ba7efcc4de943ab8ad4ed787b1454329f70db798a3a8f4d92f8274e2b2948ade627ce8ee33e43c60" ); 03353 03354 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 03355 if( 0 == 0 ) 03356 { 03357 hexify( output_str, output, ctx.len ); 03358 03359 fct_chk( strncasecmp( (char *) output_str, "df5151832b61f4f25891fb4172f328d2eddf8371ffcfdbe997939295f30eca6918017cfda1153bf7a6af87593223", strlen( "df5151832b61f4f25891fb4172f328d2eddf8371ffcfdbe997939295f30eca6918017cfda1153bf7a6af87593223" ) ) == 0 ); 03360 } 03361 03362 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 03363 } 03364 FCT_TEST_END(); 03365 03366 03367 FCT_TEST_BGN(rsaes_oaep_decryption_example_3_6) 03368 { 03369 unsigned char message_str[1000]; 03370 unsigned char output[1000]; 03371 unsigned char output_str[1000]; 03372 rsa_context ctx; 03373 mpi P1, Q1, H, G; 03374 size_t output_len; 03375 03376 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 03377 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 03378 03379 memset( message_str, 0x00, 1000 ); 03380 memset( output, 0x00, 1000 ); 03381 memset( output_str, 0x00, 1000 ); 03382 03383 ctx.len = 1026 / 8 + ( ( 1026 % 8 ) ? 1 : 0 ); 03384 fct_chk( mpi_read_string( &ctx.P, 16, "01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf" ) == 0 ); 03385 fct_chk( mpi_read_string( &ctx.Q, 16, "018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7" ) == 0 ); 03386 fct_chk( mpi_read_string( &ctx.N, 16, "02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9" ) == 0 ); 03387 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 03388 03389 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 03390 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 03391 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 03392 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 03393 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 03394 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 03395 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 03396 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 03397 03398 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 03399 03400 unhexify( message_str, "00112051e75d064943bc4478075e43482fd59cee0679de6893eec3a943daa490b9691c93dfc0464b6623b9f3dbd3e70083264f034b374f74164e1a00763725e574744ba0b9db83434f31df96f6e2a26f6d8eba348bd4686c2238ac07c37aac3785d1c7eea2f819fd91491798ed8e9cef5e43b781b0e0276e37c43ff9492d005730" ); 03401 03402 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 03403 if( 0 == 0 ) 03404 { 03405 hexify( output_str, output, ctx.len ); 03406 03407 fct_chk( strncasecmp( (char *) output_str, "3c3bad893c544a6d520ab022319188c8d504b7a788b850903b85972eaa18552e1134a7ad6098826254ff7ab672b3d8eb3158fac6d4cbaef1", strlen( "3c3bad893c544a6d520ab022319188c8d504b7a788b850903b85972eaa18552e1134a7ad6098826254ff7ab672b3d8eb3158fac6d4cbaef1" ) ) == 0 ); 03408 } 03409 03410 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 03411 } 03412 FCT_TEST_END(); 03413 03414 03415 FCT_TEST_BGN(rsaes_oaep_decryption_example_4_1) 03416 { 03417 unsigned char message_str[1000]; 03418 unsigned char output[1000]; 03419 unsigned char output_str[1000]; 03420 rsa_context ctx; 03421 mpi P1, Q1, H, G; 03422 size_t output_len; 03423 03424 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 03425 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 03426 03427 memset( message_str, 0x00, 1000 ); 03428 memset( output, 0x00, 1000 ); 03429 memset( output_str, 0x00, 1000 ); 03430 03431 ctx.len = 1027 / 8 + ( ( 1027 % 8 ) ? 1 : 0 ); 03432 fct_chk( mpi_read_string( &ctx.P, 16, "027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701" ) == 0 ); 03433 fct_chk( mpi_read_string( &ctx.Q, 16, "0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139" ) == 0 ); 03434 fct_chk( mpi_read_string( &ctx.N, 16, "051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039" ) == 0 ); 03435 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 03436 03437 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 03438 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 03439 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 03440 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 03441 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 03442 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 03443 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 03444 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 03445 03446 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 03447 03448 unhexify( message_str, "04cce19614845e094152a3fe18e54e3330c44e5efbc64ae16886cb1869014cc5781b1f8f9e045384d0112a135ca0d12e9c88a8e4063416deaae3844f60d6e96fe155145f4525b9a34431ca3766180f70e15a5e5d8e8b1a516ff870609f13f896935ced188279a58ed13d07114277d75c6568607e0ab092fd803a223e4a8ee0b1a8" ); 03449 03450 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 03451 if( 0 == 0 ) 03452 { 03453 hexify( output_str, output, ctx.len ); 03454 03455 fct_chk( strncasecmp( (char *) output_str, "4a86609534ee434a6cbca3f7e962e76d455e3264c19f605f6e5ff6137c65c56d7fb344cd52bc93374f3d166c9f0c6f9c506bad19330972d2", strlen( "4a86609534ee434a6cbca3f7e962e76d455e3264c19f605f6e5ff6137c65c56d7fb344cd52bc93374f3d166c9f0c6f9c506bad19330972d2" ) ) == 0 ); 03456 } 03457 03458 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 03459 } 03460 FCT_TEST_END(); 03461 03462 03463 FCT_TEST_BGN(rsaes_oaep_decryption_example_4_2) 03464 { 03465 unsigned char message_str[1000]; 03466 unsigned char output[1000]; 03467 unsigned char output_str[1000]; 03468 rsa_context ctx; 03469 mpi P1, Q1, H, G; 03470 size_t output_len; 03471 03472 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 03473 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 03474 03475 memset( message_str, 0x00, 1000 ); 03476 memset( output, 0x00, 1000 ); 03477 memset( output_str, 0x00, 1000 ); 03478 03479 ctx.len = 1027 / 8 + ( ( 1027 % 8 ) ? 1 : 0 ); 03480 fct_chk( mpi_read_string( &ctx.P, 16, "027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701" ) == 0 ); 03481 fct_chk( mpi_read_string( &ctx.Q, 16, "0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139" ) == 0 ); 03482 fct_chk( mpi_read_string( &ctx.N, 16, "051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039" ) == 0 ); 03483 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 03484 03485 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 03486 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 03487 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 03488 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 03489 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 03490 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 03491 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 03492 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 03493 03494 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 03495 03496 unhexify( message_str, "0097b698c6165645b303486fbf5a2a4479c0ee85889b541a6f0b858d6b6597b13b854eb4f839af03399a80d79bda6578c841f90d645715b280d37143992dd186c80b949b775cae97370e4ec97443136c6da484e970ffdb1323a20847821d3b18381de13bb49aaea66530c4a4b8271f3eae172cd366e07e6636f1019d2a28aed15e" ); 03497 03498 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 03499 if( 0 == 0 ) 03500 { 03501 hexify( output_str, output, ctx.len ); 03502 03503 fct_chk( strncasecmp( (char *) output_str, "b0adc4f3fe11da59ce992773d9059943c03046497ee9d9f9a06df1166db46d98f58d27ec074c02eee6cbe2449c8b9fc5080c5c3f4433092512ec46aa793743c8", strlen( "b0adc4f3fe11da59ce992773d9059943c03046497ee9d9f9a06df1166db46d98f58d27ec074c02eee6cbe2449c8b9fc5080c5c3f4433092512ec46aa793743c8" ) ) == 0 ); 03504 } 03505 03506 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 03507 } 03508 FCT_TEST_END(); 03509 03510 03511 FCT_TEST_BGN(rsaes_oaep_decryption_example_4_3) 03512 { 03513 unsigned char message_str[1000]; 03514 unsigned char output[1000]; 03515 unsigned char output_str[1000]; 03516 rsa_context ctx; 03517 mpi P1, Q1, H, G; 03518 size_t output_len; 03519 03520 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 03521 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 03522 03523 memset( message_str, 0x00, 1000 ); 03524 memset( output, 0x00, 1000 ); 03525 memset( output_str, 0x00, 1000 ); 03526 03527 ctx.len = 1027 / 8 + ( ( 1027 % 8 ) ? 1 : 0 ); 03528 fct_chk( mpi_read_string( &ctx.P, 16, "027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701" ) == 0 ); 03529 fct_chk( mpi_read_string( &ctx.Q, 16, "0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139" ) == 0 ); 03530 fct_chk( mpi_read_string( &ctx.N, 16, "051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039" ) == 0 ); 03531 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 03532 03533 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 03534 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 03535 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 03536 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 03537 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 03538 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 03539 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 03540 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 03541 03542 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 03543 03544 unhexify( message_str, "0301f935e9c47abcb48acbbe09895d9f5971af14839da4ff95417ee453d1fd77319072bb7297e1b55d7561cd9d1bb24c1a9a37c619864308242804879d86ebd001dce5183975e1506989b70e5a83434154d5cbfd6a24787e60eb0c658d2ac193302d1192c6e622d4a12ad4b53923bca246df31c6395e37702c6a78ae081fb9d065" ); 03545 03546 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 03547 if( 0 == 0 ) 03548 { 03549 hexify( output_str, output, ctx.len ); 03550 03551 fct_chk( strncasecmp( (char *) output_str, "bf6d42e701707b1d0206b0c8b45a1c72641ff12889219a82bdea965b5e79a96b0d0163ed9d578ec9ada20f2fbcf1ea3c4089d83419ba81b0c60f3606da99", strlen( "bf6d42e701707b1d0206b0c8b45a1c72641ff12889219a82bdea965b5e79a96b0d0163ed9d578ec9ada20f2fbcf1ea3c4089d83419ba81b0c60f3606da99" ) ) == 0 ); 03552 } 03553 03554 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 03555 } 03556 FCT_TEST_END(); 03557 03558 03559 FCT_TEST_BGN(rsaes_oaep_decryption_example_4_4) 03560 { 03561 unsigned char message_str[1000]; 03562 unsigned char output[1000]; 03563 unsigned char output_str[1000]; 03564 rsa_context ctx; 03565 mpi P1, Q1, H, G; 03566 size_t output_len; 03567 03568 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 03569 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 03570 03571 memset( message_str, 0x00, 1000 ); 03572 memset( output, 0x00, 1000 ); 03573 memset( output_str, 0x00, 1000 ); 03574 03575 ctx.len = 1027 / 8 + ( ( 1027 % 8 ) ? 1 : 0 ); 03576 fct_chk( mpi_read_string( &ctx.P, 16, "027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701" ) == 0 ); 03577 fct_chk( mpi_read_string( &ctx.Q, 16, "0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139" ) == 0 ); 03578 fct_chk( mpi_read_string( &ctx.N, 16, "051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039" ) == 0 ); 03579 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 03580 03581 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 03582 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 03583 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 03584 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 03585 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 03586 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 03587 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 03588 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 03589 03590 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 03591 03592 unhexify( message_str, "02d110ad30afb727beb691dd0cf17d0af1a1e7fa0cc040ec1a4ba26a42c59d0a796a2e22c8f357ccc98b6519aceb682e945e62cb734614a529407cd452bee3e44fece8423cc19e55548b8b994b849c7ecde4933e76037e1d0ce44275b08710c68e430130b929730ed77e09b015642c5593f04e4ffb9410798102a8e96ffdfe11e4" ); 03593 03594 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 03595 if( 0 == 0 ) 03596 { 03597 hexify( output_str, output, ctx.len ); 03598 03599 fct_chk( strncasecmp( (char *) output_str, "fb2ef112f5e766eb94019297934794f7be2f6fc1c58e", strlen( "fb2ef112f5e766eb94019297934794f7be2f6fc1c58e" ) ) == 0 ); 03600 } 03601 03602 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 03603 } 03604 FCT_TEST_END(); 03605 03606 03607 FCT_TEST_BGN(rsaes_oaep_decryption_example_4_5) 03608 { 03609 unsigned char message_str[1000]; 03610 unsigned char output[1000]; 03611 unsigned char output_str[1000]; 03612 rsa_context ctx; 03613 mpi P1, Q1, H, G; 03614 size_t output_len; 03615 03616 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 03617 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 03618 03619 memset( message_str, 0x00, 1000 ); 03620 memset( output, 0x00, 1000 ); 03621 memset( output_str, 0x00, 1000 ); 03622 03623 ctx.len = 1027 / 8 + ( ( 1027 % 8 ) ? 1 : 0 ); 03624 fct_chk( mpi_read_string( &ctx.P, 16, "027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701" ) == 0 ); 03625 fct_chk( mpi_read_string( &ctx.Q, 16, "0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139" ) == 0 ); 03626 fct_chk( mpi_read_string( &ctx.N, 16, "051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039" ) == 0 ); 03627 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 03628 03629 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 03630 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 03631 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 03632 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 03633 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 03634 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 03635 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 03636 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 03637 03638 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 03639 03640 unhexify( message_str, "00dbb8a7439d90efd919a377c54fae8fe11ec58c3b858362e23ad1b8a44310799066b99347aa525691d2adc58d9b06e34f288c170390c5f0e11c0aa3645959f18ee79e8f2be8d7ac5c23d061f18dd74b8c5f2a58fcb5eb0c54f99f01a83247568292536583340948d7a8c97c4acd1e98d1e29dc320e97a260532a8aa7a758a1ec2" ); 03641 03642 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 03643 if( 0 == 0 ) 03644 { 03645 hexify( output_str, output, ctx.len ); 03646 03647 fct_chk( strncasecmp( (char *) output_str, "28ccd447bb9e85166dabb9e5b7d1adadc4b9d39f204e96d5e440ce9ad928bc1c2284", strlen( "28ccd447bb9e85166dabb9e5b7d1adadc4b9d39f204e96d5e440ce9ad928bc1c2284" ) ) == 0 ); 03648 } 03649 03650 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 03651 } 03652 FCT_TEST_END(); 03653 03654 03655 FCT_TEST_BGN(rsaes_oaep_decryption_example_4_6) 03656 { 03657 unsigned char message_str[1000]; 03658 unsigned char output[1000]; 03659 unsigned char output_str[1000]; 03660 rsa_context ctx; 03661 mpi P1, Q1, H, G; 03662 size_t output_len; 03663 03664 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 03665 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 03666 03667 memset( message_str, 0x00, 1000 ); 03668 memset( output, 0x00, 1000 ); 03669 memset( output_str, 0x00, 1000 ); 03670 03671 ctx.len = 1027 / 8 + ( ( 1027 % 8 ) ? 1 : 0 ); 03672 fct_chk( mpi_read_string( &ctx.P, 16, "027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701" ) == 0 ); 03673 fct_chk( mpi_read_string( &ctx.Q, 16, "0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139" ) == 0 ); 03674 fct_chk( mpi_read_string( &ctx.N, 16, "051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039" ) == 0 ); 03675 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 03676 03677 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 03678 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 03679 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 03680 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 03681 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 03682 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 03683 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 03684 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 03685 03686 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 03687 03688 unhexify( message_str, "00a5ffa4768c8bbecaee2db77e8f2eec99595933545520835e5ba7db9493d3e17cddefe6a5f567624471908db4e2d83a0fbee60608fc84049503b2234a07dc83b27b22847ad8920ff42f674ef79b76280b00233d2b51b8cb2703a9d42bfbc8250c96ec32c051e57f1b4ba528db89c37e4c54e27e6e64ac69635ae887d9541619a9" ); 03689 03690 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 03691 if( 0 == 0 ) 03692 { 03693 hexify( output_str, output, ctx.len ); 03694 03695 fct_chk( strncasecmp( (char *) output_str, "f22242751ec6b1", strlen( "f22242751ec6b1" ) ) == 0 ); 03696 } 03697 03698 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 03699 } 03700 FCT_TEST_END(); 03701 03702 03703 FCT_TEST_BGN(rsaes_oaep_decryption_example_5_1) 03704 { 03705 unsigned char message_str[1000]; 03706 unsigned char output[1000]; 03707 unsigned char output_str[1000]; 03708 rsa_context ctx; 03709 mpi P1, Q1, H, G; 03710 size_t output_len; 03711 03712 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 03713 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 03714 03715 memset( message_str, 0x00, 1000 ); 03716 memset( output, 0x00, 1000 ); 03717 memset( output_str, 0x00, 1000 ); 03718 03719 ctx.len = 1028 / 8 + ( ( 1028 % 8 ) ? 1 : 0 ); 03720 fct_chk( mpi_read_string( &ctx.P, 16, "03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707" ) == 0 ); 03721 fct_chk( mpi_read_string( &ctx.Q, 16, "02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f" ) == 0 ); 03722 fct_chk( mpi_read_string( &ctx.N, 16, "0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9" ) == 0 ); 03723 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 03724 03725 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 03726 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 03727 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 03728 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 03729 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 03730 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 03731 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 03732 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 03733 03734 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 03735 03736 unhexify( message_str, "036046a4a47d9ed3ba9a89139c105038eb7492b05a5d68bfd53accff4597f7a68651b47b4a4627d927e485eed7b4566420e8b409879e5d606eae251d22a5df799f7920bfc117b992572a53b1263146bcea03385cc5e853c9a101c8c3e1bda31a519807496c6cb5e5efb408823a352b8fa0661fb664efadd593deb99fff5ed000e5" ); 03737 03738 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 03739 if( 0 == 0 ) 03740 { 03741 hexify( output_str, output, ctx.len ); 03742 03743 fct_chk( strncasecmp( (char *) output_str, "af71a901e3a61d3132f0fc1fdb474f9ea6579257ffc24d164170145b3dbde8", strlen( "af71a901e3a61d3132f0fc1fdb474f9ea6579257ffc24d164170145b3dbde8" ) ) == 0 ); 03744 } 03745 03746 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 03747 } 03748 FCT_TEST_END(); 03749 03750 03751 FCT_TEST_BGN(rsaes_oaep_decryption_example_5_2) 03752 { 03753 unsigned char message_str[1000]; 03754 unsigned char output[1000]; 03755 unsigned char output_str[1000]; 03756 rsa_context ctx; 03757 mpi P1, Q1, H, G; 03758 size_t output_len; 03759 03760 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 03761 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 03762 03763 memset( message_str, 0x00, 1000 ); 03764 memset( output, 0x00, 1000 ); 03765 memset( output_str, 0x00, 1000 ); 03766 03767 ctx.len = 1028 / 8 + ( ( 1028 % 8 ) ? 1 : 0 ); 03768 fct_chk( mpi_read_string( &ctx.P, 16, "03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707" ) == 0 ); 03769 fct_chk( mpi_read_string( &ctx.Q, 16, "02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f" ) == 0 ); 03770 fct_chk( mpi_read_string( &ctx.N, 16, "0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9" ) == 0 ); 03771 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 03772 03773 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 03774 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 03775 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 03776 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 03777 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 03778 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 03779 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 03780 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 03781 03782 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 03783 03784 unhexify( message_str, "03d6eb654edce615bc59f455265ed4e5a18223cbb9be4e4069b473804d5de96f54dcaaa603d049c5d94aa1470dfcd2254066b7c7b61ff1f6f6770e3215c51399fd4e34ec5082bc48f089840ad04354ae66dc0f1bd18e461a33cc1258b443a2837a6df26759aa2302334986f87380c9cc9d53be9f99605d2c9a97da7b0915a4a7ad" ); 03785 03786 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 03787 if( 0 == 0 ) 03788 { 03789 hexify( output_str, output, ctx.len ); 03790 03791 fct_chk( strncasecmp( (char *) output_str, "a3b844a08239a8ac41605af17a6cfda4d350136585903a417a79268760519a4b4ac3303ec73f0f87cfb32399", strlen( "a3b844a08239a8ac41605af17a6cfda4d350136585903a417a79268760519a4b4ac3303ec73f0f87cfb32399" ) ) == 0 ); 03792 } 03793 03794 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 03795 } 03796 FCT_TEST_END(); 03797 03798 03799 FCT_TEST_BGN(rsaes_oaep_decryption_example_5_3) 03800 { 03801 unsigned char message_str[1000]; 03802 unsigned char output[1000]; 03803 unsigned char output_str[1000]; 03804 rsa_context ctx; 03805 mpi P1, Q1, H, G; 03806 size_t output_len; 03807 03808 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 03809 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 03810 03811 memset( message_str, 0x00, 1000 ); 03812 memset( output, 0x00, 1000 ); 03813 memset( output_str, 0x00, 1000 ); 03814 03815 ctx.len = 1028 / 8 + ( ( 1028 % 8 ) ? 1 : 0 ); 03816 fct_chk( mpi_read_string( &ctx.P, 16, "03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707" ) == 0 ); 03817 fct_chk( mpi_read_string( &ctx.Q, 16, "02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f" ) == 0 ); 03818 fct_chk( mpi_read_string( &ctx.N, 16, "0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9" ) == 0 ); 03819 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 03820 03821 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 03822 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 03823 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 03824 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 03825 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 03826 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 03827 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 03828 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 03829 03830 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 03831 03832 unhexify( message_str, "0770952181649f9f9f07ff626ff3a22c35c462443d905d456a9fd0bff43cac2ca7a9f554e9478b9acc3ac838b02040ffd3e1847de2e4253929f9dd9ee4044325a9b05cabb808b2ee840d34e15d105a3f1f7b27695a1a07a2d73fe08ecaaa3c9c9d4d5a89ff890d54727d7ae40c0ec1a8dd86165d8ee2c6368141016a48b55b6967" ); 03833 03834 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 03835 if( 0 == 0 ) 03836 { 03837 hexify( output_str, output, ctx.len ); 03838 03839 fct_chk( strncasecmp( (char *) output_str, "308b0ecbd2c76cb77fc6f70c5edd233fd2f20929d629f026953bb62a8f4a3a314bde195de85b5f816da2aab074d26cb6acddf323ae3b9c678ac3cf12fbdde7", strlen( "308b0ecbd2c76cb77fc6f70c5edd233fd2f20929d629f026953bb62a8f4a3a314bde195de85b5f816da2aab074d26cb6acddf323ae3b9c678ac3cf12fbdde7" ) ) == 0 ); 03840 } 03841 03842 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 03843 } 03844 FCT_TEST_END(); 03845 03846 03847 FCT_TEST_BGN(rsaes_oaep_decryption_example_5_4) 03848 { 03849 unsigned char message_str[1000]; 03850 unsigned char output[1000]; 03851 unsigned char output_str[1000]; 03852 rsa_context ctx; 03853 mpi P1, Q1, H, G; 03854 size_t output_len; 03855 03856 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 03857 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 03858 03859 memset( message_str, 0x00, 1000 ); 03860 memset( output, 0x00, 1000 ); 03861 memset( output_str, 0x00, 1000 ); 03862 03863 ctx.len = 1028 / 8 + ( ( 1028 % 8 ) ? 1 : 0 ); 03864 fct_chk( mpi_read_string( &ctx.P, 16, "03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707" ) == 0 ); 03865 fct_chk( mpi_read_string( &ctx.Q, 16, "02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f" ) == 0 ); 03866 fct_chk( mpi_read_string( &ctx.N, 16, "0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9" ) == 0 ); 03867 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 03868 03869 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 03870 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 03871 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 03872 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 03873 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 03874 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 03875 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 03876 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 03877 03878 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 03879 03880 unhexify( message_str, "0812b76768ebcb642d040258e5f4441a018521bd96687e6c5e899fcd6c17588ff59a82cc8ae03a4b45b31299af1788c329f7dcd285f8cf4ced82606b97612671a45bedca133442144d1617d114f802857f0f9d739751c57a3f9ee400912c61e2e6992be031a43dd48fa6ba14eef7c422b5edc4e7afa04fdd38f402d1c8bb719abf" ); 03881 03882 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 03883 if( 0 == 0 ) 03884 { 03885 hexify( output_str, output, ctx.len ); 03886 03887 fct_chk( strncasecmp( (char *) output_str, "15c5b9ee1185", strlen( "15c5b9ee1185" ) ) == 0 ); 03888 } 03889 03890 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 03891 } 03892 FCT_TEST_END(); 03893 03894 03895 FCT_TEST_BGN(rsaes_oaep_decryption_example_5_5) 03896 { 03897 unsigned char message_str[1000]; 03898 unsigned char output[1000]; 03899 unsigned char output_str[1000]; 03900 rsa_context ctx; 03901 mpi P1, Q1, H, G; 03902 size_t output_len; 03903 03904 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 03905 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 03906 03907 memset( message_str, 0x00, 1000 ); 03908 memset( output, 0x00, 1000 ); 03909 memset( output_str, 0x00, 1000 ); 03910 03911 ctx.len = 1028 / 8 + ( ( 1028 % 8 ) ? 1 : 0 ); 03912 fct_chk( mpi_read_string( &ctx.P, 16, "03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707" ) == 0 ); 03913 fct_chk( mpi_read_string( &ctx.Q, 16, "02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f" ) == 0 ); 03914 fct_chk( mpi_read_string( &ctx.N, 16, "0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9" ) == 0 ); 03915 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 03916 03917 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 03918 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 03919 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 03920 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 03921 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 03922 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 03923 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 03924 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 03925 03926 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 03927 03928 unhexify( message_str, "07b60e14ec954bfd29e60d0047e789f51d57186c63589903306793ced3f68241c743529aba6a6374f92e19e0163efa33697e196f7661dfaaa47aac6bde5e51deb507c72c589a2ca1693d96b1460381249b2cdb9eac44769f2489c5d3d2f99f0ee3c7ee5bf64a5ac79c42bd433f149be8cb59548361640595513c97af7bc2509723" ); 03929 03930 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 03931 if( 0 == 0 ) 03932 { 03933 hexify( output_str, output, ctx.len ); 03934 03935 fct_chk( strncasecmp( (char *) output_str, "21026e6800c7fa728fcaaba0d196ae28d7a2ac4ffd8abce794f0985f60c8a6737277365d3fea11db8923a2029a", strlen( "21026e6800c7fa728fcaaba0d196ae28d7a2ac4ffd8abce794f0985f60c8a6737277365d3fea11db8923a2029a" ) ) == 0 ); 03936 } 03937 03938 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 03939 } 03940 FCT_TEST_END(); 03941 03942 03943 FCT_TEST_BGN(rsaes_oaep_decryption_example_5_6) 03944 { 03945 unsigned char message_str[1000]; 03946 unsigned char output[1000]; 03947 unsigned char output_str[1000]; 03948 rsa_context ctx; 03949 mpi P1, Q1, H, G; 03950 size_t output_len; 03951 03952 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 03953 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 03954 03955 memset( message_str, 0x00, 1000 ); 03956 memset( output, 0x00, 1000 ); 03957 memset( output_str, 0x00, 1000 ); 03958 03959 ctx.len = 1028 / 8 + ( ( 1028 % 8 ) ? 1 : 0 ); 03960 fct_chk( mpi_read_string( &ctx.P, 16, "03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707" ) == 0 ); 03961 fct_chk( mpi_read_string( &ctx.Q, 16, "02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f" ) == 0 ); 03962 fct_chk( mpi_read_string( &ctx.N, 16, "0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9" ) == 0 ); 03963 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 03964 03965 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 03966 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 03967 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 03968 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 03969 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 03970 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 03971 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 03972 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 03973 03974 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 03975 03976 unhexify( message_str, "08c36d4dda33423b2ed6830d85f6411ba1dcf470a1fae0ebefee7c089f256cef74cb96ea69c38f60f39abee44129bcb4c92de7f797623b20074e3d9c2899701ed9071e1efa0bdd84d4c3e5130302d8f0240baba4b84a71cc032f2235a5ff0fae277c3e8f9112bef44c9ae20d175fc9a4058bfc930ba31b02e2e4f444483710f24a" ); 03977 03978 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 03979 if( 0 == 0 ) 03980 { 03981 hexify( output_str, output, ctx.len ); 03982 03983 fct_chk( strncasecmp( (char *) output_str, "541e37b68b6c8872b84c02", strlen( "541e37b68b6c8872b84c02" ) ) == 0 ); 03984 } 03985 03986 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 03987 } 03988 FCT_TEST_END(); 03989 03990 03991 FCT_TEST_BGN(rsaes_oaep_decryption_example_6_1) 03992 { 03993 unsigned char message_str[1000]; 03994 unsigned char output[1000]; 03995 unsigned char output_str[1000]; 03996 rsa_context ctx; 03997 mpi P1, Q1, H, G; 03998 size_t output_len; 03999 04000 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 04001 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 04002 04003 memset( message_str, 0x00, 1000 ); 04004 memset( output, 0x00, 1000 ); 04005 memset( output_str, 0x00, 1000 ); 04006 04007 ctx.len = 1029 / 8 + ( ( 1029 % 8 ) ? 1 : 0 ); 04008 fct_chk( mpi_read_string( &ctx.P, 16, "04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b" ) == 0 ); 04009 fct_chk( mpi_read_string( &ctx.Q, 16, "0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed" ) == 0 ); 04010 fct_chk( mpi_read_string( &ctx.N, 16, "12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af" ) == 0 ); 04011 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 04012 04013 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 04014 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 04015 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 04016 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 04017 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 04018 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 04019 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 04020 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 04021 04022 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 04023 04024 unhexify( message_str, "0630eebcd2856c24f798806e41f9e67345eda9ceda386acc9facaea1eeed06ace583709718d9d169fadf414d5c76f92996833ef305b75b1e4b95f662a20faedc3bae0c4827a8bf8a88edbd57ec203a27a841f02e43a615bab1a8cac0701de34debdef62a088089b55ec36ea7522fd3ec8d06b6a073e6df833153bc0aefd93bd1a3" ); 04025 04026 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 04027 if( 0 == 0 ) 04028 { 04029 hexify( output_str, output, ctx.len ); 04030 04031 fct_chk( strncasecmp( (char *) output_str, "4046ca8baa3347ca27f49e0d81f9cc1d71be9ba517d4", strlen( "4046ca8baa3347ca27f49e0d81f9cc1d71be9ba517d4" ) ) == 0 ); 04032 } 04033 04034 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 04035 } 04036 FCT_TEST_END(); 04037 04038 04039 FCT_TEST_BGN(rsaes_oaep_decryption_example_6_2) 04040 { 04041 unsigned char message_str[1000]; 04042 unsigned char output[1000]; 04043 unsigned char output_str[1000]; 04044 rsa_context ctx; 04045 mpi P1, Q1, H, G; 04046 size_t output_len; 04047 04048 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 04049 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 04050 04051 memset( message_str, 0x00, 1000 ); 04052 memset( output, 0x00, 1000 ); 04053 memset( output_str, 0x00, 1000 ); 04054 04055 ctx.len = 1029 / 8 + ( ( 1029 % 8 ) ? 1 : 0 ); 04056 fct_chk( mpi_read_string( &ctx.P, 16, "04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b" ) == 0 ); 04057 fct_chk( mpi_read_string( &ctx.Q, 16, "0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed" ) == 0 ); 04058 fct_chk( mpi_read_string( &ctx.N, 16, "12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af" ) == 0 ); 04059 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 04060 04061 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 04062 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 04063 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 04064 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 04065 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 04066 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 04067 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 04068 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 04069 04070 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 04071 04072 unhexify( message_str, "0ebc37376173a4fd2f89cc55c2ca62b26b11d51c3c7ce49e8845f74e7607317c436bc8d23b9667dfeb9d087234b47bc6837175ae5c0559f6b81d7d22416d3e50f4ac533d8f0812f2db9e791fe9c775ac8b6ad0f535ad9ceb23a4a02014c58ab3f8d3161499a260f39348e714ae2a1d3443208fd8b722ccfdfb393e98011f99e63f" ); 04073 04074 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 04075 if( 0 == 0 ) 04076 { 04077 hexify( output_str, output, ctx.len ); 04078 04079 fct_chk( strncasecmp( (char *) output_str, "5cc72c60231df03b3d40f9b57931bc31109f972527f28b19e7480c7288cb3c92b22512214e4be6c914792ddabdf57faa8aa7", strlen( "5cc72c60231df03b3d40f9b57931bc31109f972527f28b19e7480c7288cb3c92b22512214e4be6c914792ddabdf57faa8aa7" ) ) == 0 ); 04080 } 04081 04082 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 04083 } 04084 FCT_TEST_END(); 04085 04086 04087 FCT_TEST_BGN(rsaes_oaep_decryption_example_6_3) 04088 { 04089 unsigned char message_str[1000]; 04090 unsigned char output[1000]; 04091 unsigned char output_str[1000]; 04092 rsa_context ctx; 04093 mpi P1, Q1, H, G; 04094 size_t output_len; 04095 04096 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 04097 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 04098 04099 memset( message_str, 0x00, 1000 ); 04100 memset( output, 0x00, 1000 ); 04101 memset( output_str, 0x00, 1000 ); 04102 04103 ctx.len = 1029 / 8 + ( ( 1029 % 8 ) ? 1 : 0 ); 04104 fct_chk( mpi_read_string( &ctx.P, 16, "04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b" ) == 0 ); 04105 fct_chk( mpi_read_string( &ctx.Q, 16, "0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed" ) == 0 ); 04106 fct_chk( mpi_read_string( &ctx.N, 16, "12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af" ) == 0 ); 04107 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 04108 04109 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 04110 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 04111 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 04112 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 04113 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 04114 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 04115 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 04116 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 04117 04118 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 04119 04120 unhexify( message_str, "0a98bf1093619394436cf68d8f38e2f158fde8ea54f3435f239b8d06b8321844202476aeed96009492480ce3a8d705498c4c8c68f01501dc81db608f60087350c8c3b0bd2e9ef6a81458b7c801b89f2e4fe99d4900ba6a4b5e5a96d865dc676c7755928794130d6280a8160a190f2df3ea7cf9aa0271d88e9e6905ecf1c5152d65" ); 04121 04122 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 04123 if( 0 == 0 ) 04124 { 04125 hexify( output_str, output, ctx.len ); 04126 04127 fct_chk( strncasecmp( (char *) output_str, "b20e651303092f4bccb43070c0f86d23049362ed96642fc5632c27db4a52e3d831f2ab068b23b149879c002f6bf3feee97591112562c", strlen( "b20e651303092f4bccb43070c0f86d23049362ed96642fc5632c27db4a52e3d831f2ab068b23b149879c002f6bf3feee97591112562c" ) ) == 0 ); 04128 } 04129 04130 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 04131 } 04132 FCT_TEST_END(); 04133 04134 04135 FCT_TEST_BGN(rsaes_oaep_decryption_example_6_4) 04136 { 04137 unsigned char message_str[1000]; 04138 unsigned char output[1000]; 04139 unsigned char output_str[1000]; 04140 rsa_context ctx; 04141 mpi P1, Q1, H, G; 04142 size_t output_len; 04143 04144 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 04145 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 04146 04147 memset( message_str, 0x00, 1000 ); 04148 memset( output, 0x00, 1000 ); 04149 memset( output_str, 0x00, 1000 ); 04150 04151 ctx.len = 1029 / 8 + ( ( 1029 % 8 ) ? 1 : 0 ); 04152 fct_chk( mpi_read_string( &ctx.P, 16, "04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b" ) == 0 ); 04153 fct_chk( mpi_read_string( &ctx.Q, 16, "0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed" ) == 0 ); 04154 fct_chk( mpi_read_string( &ctx.N, 16, "12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af" ) == 0 ); 04155 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 04156 04157 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 04158 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 04159 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 04160 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 04161 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 04162 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 04163 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 04164 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 04165 04166 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 04167 04168 unhexify( message_str, "008e7a67cacfb5c4e24bec7dee149117f19598ce8c45808fef88c608ff9cd6e695263b9a3c0ad4b8ba4c95238e96a8422b8535629c8d5382374479ad13fa39974b242f9a759eeaf9c83ad5a8ca18940a0162ba755876df263f4bd50c6525c56090267c1f0e09ce0899a0cf359e88120abd9bf893445b3cae77d3607359ae9a52f8" ); 04169 04170 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 04171 if( 0 == 0 ) 04172 { 04173 hexify( output_str, output, ctx.len ); 04174 04175 fct_chk( strncasecmp( (char *) output_str, "684e3038c5c041f7", strlen( "684e3038c5c041f7" ) ) == 0 ); 04176 } 04177 04178 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 04179 } 04180 FCT_TEST_END(); 04181 04182 04183 FCT_TEST_BGN(rsaes_oaep_decryption_example_6_5) 04184 { 04185 unsigned char message_str[1000]; 04186 unsigned char output[1000]; 04187 unsigned char output_str[1000]; 04188 rsa_context ctx; 04189 mpi P1, Q1, H, G; 04190 size_t output_len; 04191 04192 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 04193 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 04194 04195 memset( message_str, 0x00, 1000 ); 04196 memset( output, 0x00, 1000 ); 04197 memset( output_str, 0x00, 1000 ); 04198 04199 ctx.len = 1029 / 8 + ( ( 1029 % 8 ) ? 1 : 0 ); 04200 fct_chk( mpi_read_string( &ctx.P, 16, "04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b" ) == 0 ); 04201 fct_chk( mpi_read_string( &ctx.Q, 16, "0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed" ) == 0 ); 04202 fct_chk( mpi_read_string( &ctx.N, 16, "12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af" ) == 0 ); 04203 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 04204 04205 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 04206 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 04207 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 04208 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 04209 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 04210 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 04211 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 04212 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 04213 04214 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 04215 04216 unhexify( message_str, "00003474416c7b68bdf961c385737944d7f1f40cb395343c693cc0b4fe63b31fedf1eaeeac9ccc0678b31dc32e0977489514c4f09085f6298a9653f01aea4045ff582ee887be26ae575b73eef7f3774921e375a3d19adda0ca31aa1849887c1f42cac9677f7a2f4e923f6e5a868b38c084ef187594dc9f7f048fea2e02955384ab" ); 04217 04218 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 04219 if( 0 == 0 ) 04220 { 04221 hexify( output_str, output, ctx.len ); 04222 04223 fct_chk( strncasecmp( (char *) output_str, "32488cb262d041d6e4dd35f987bf3ca696db1f06ac29a44693", strlen( "32488cb262d041d6e4dd35f987bf3ca696db1f06ac29a44693" ) ) == 0 ); 04224 } 04225 04226 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 04227 } 04228 FCT_TEST_END(); 04229 04230 04231 FCT_TEST_BGN(rsaes_oaep_decryption_example_6_6) 04232 { 04233 unsigned char message_str[1000]; 04234 unsigned char output[1000]; 04235 unsigned char output_str[1000]; 04236 rsa_context ctx; 04237 mpi P1, Q1, H, G; 04238 size_t output_len; 04239 04240 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 04241 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 04242 04243 memset( message_str, 0x00, 1000 ); 04244 memset( output, 0x00, 1000 ); 04245 memset( output_str, 0x00, 1000 ); 04246 04247 ctx.len = 1029 / 8 + ( ( 1029 % 8 ) ? 1 : 0 ); 04248 fct_chk( mpi_read_string( &ctx.P, 16, "04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b" ) == 0 ); 04249 fct_chk( mpi_read_string( &ctx.Q, 16, "0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed" ) == 0 ); 04250 fct_chk( mpi_read_string( &ctx.N, 16, "12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af" ) == 0 ); 04251 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 04252 04253 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 04254 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 04255 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 04256 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 04257 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 04258 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 04259 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 04260 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 04261 04262 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 04263 04264 unhexify( message_str, "0a026dda5fc8785f7bd9bf75327b63e85e2c0fdee5dadb65ebdcac9ae1de95c92c672ab433aa7a8e69ce6a6d8897fac4ac4a54de841ae5e5bbce7687879d79634cea7a30684065c714d52409b928256bbf53eabcd5231eb7259504537399bd29164b726d33a46da701360a4168a091ccab72d44a62fed246c0ffea5b1348ab5470" ); 04265 04266 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 04267 if( 0 == 0 ) 04268 { 04269 hexify( output_str, output, ctx.len ); 04270 04271 fct_chk( strncasecmp( (char *) output_str, "50ba14be8462720279c306ba", strlen( "50ba14be8462720279c306ba" ) ) == 0 ); 04272 } 04273 04274 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 04275 } 04276 FCT_TEST_END(); 04277 04278 04279 FCT_TEST_BGN(rsaes_oaep_decryption_example_7_1) 04280 { 04281 unsigned char message_str[1000]; 04282 unsigned char output[1000]; 04283 unsigned char output_str[1000]; 04284 rsa_context ctx; 04285 mpi P1, Q1, H, G; 04286 size_t output_len; 04287 04288 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 04289 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 04290 04291 memset( message_str, 0x00, 1000 ); 04292 memset( output, 0x00, 1000 ); 04293 memset( output_str, 0x00, 1000 ); 04294 04295 ctx.len = 1030 / 8 + ( ( 1030 % 8 ) ? 1 : 0 ); 04296 fct_chk( mpi_read_string( &ctx.P, 16, "0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71" ) == 0 ); 04297 fct_chk( mpi_read_string( &ctx.Q, 16, "06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023" ) == 0 ); 04298 fct_chk( mpi_read_string( &ctx.N, 16, "311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373" ) == 0 ); 04299 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 04300 04301 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 04302 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 04303 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 04304 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 04305 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 04306 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 04307 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 04308 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 04309 04310 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 04311 04312 unhexify( message_str, "1688e4ce7794bba6cb7014169ecd559cede2a30b56a52b68d9fe18cf1973ef97b2a03153951c755f6294aa49adbdb55845ab6875fb3986c93ecf927962840d282f9e54ce8b690f7c0cb8bbd73440d9571d1b16cd9260f9eab4783cc482e5223dc60973871783ec27b0ae0fd47732cbc286a173fc92b00fb4ba6824647cd93c85c1" ); 04313 04314 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 04315 if( 0 == 0 ) 04316 { 04317 hexify( output_str, output, ctx.len ); 04318 04319 fct_chk( strncasecmp( (char *) output_str, "47aae909", strlen( "47aae909" ) ) == 0 ); 04320 } 04321 04322 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 04323 } 04324 FCT_TEST_END(); 04325 04326 04327 FCT_TEST_BGN(rsaes_oaep_decryption_example_7_2) 04328 { 04329 unsigned char message_str[1000]; 04330 unsigned char output[1000]; 04331 unsigned char output_str[1000]; 04332 rsa_context ctx; 04333 mpi P1, Q1, H, G; 04334 size_t output_len; 04335 04336 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 04337 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 04338 04339 memset( message_str, 0x00, 1000 ); 04340 memset( output, 0x00, 1000 ); 04341 memset( output_str, 0x00, 1000 ); 04342 04343 ctx.len = 1030 / 8 + ( ( 1030 % 8 ) ? 1 : 0 ); 04344 fct_chk( mpi_read_string( &ctx.P, 16, "0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71" ) == 0 ); 04345 fct_chk( mpi_read_string( &ctx.Q, 16, "06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023" ) == 0 ); 04346 fct_chk( mpi_read_string( &ctx.N, 16, "311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373" ) == 0 ); 04347 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 04348 04349 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 04350 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 04351 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 04352 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 04353 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 04354 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 04355 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 04356 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 04357 04358 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 04359 04360 unhexify( message_str, "1052ed397b2e01e1d0ee1c50bf24363f95e504f4a03434a08fd822574ed6b9736edbb5f390db10321479a8a139350e2bd4977c3778ef331f3e78ae118b268451f20a2f01d471f5d53c566937171b2dbc2d4bde459a5799f0372d6574239b2323d245d0bb81c286b63c89a361017337e4902f88a467f4c7f244bfd5ab46437ff3b6" ); 04361 04362 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 04363 if( 0 == 0 ) 04364 { 04365 hexify( output_str, output, ctx.len ); 04366 04367 fct_chk( strncasecmp( (char *) output_str, "1d9b2e2223d9bc13bfb9f162ce735db48ba7c68f6822a0a1a7b6ae165834e7", strlen( "1d9b2e2223d9bc13bfb9f162ce735db48ba7c68f6822a0a1a7b6ae165834e7" ) ) == 0 ); 04368 } 04369 04370 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 04371 } 04372 FCT_TEST_END(); 04373 04374 04375 FCT_TEST_BGN(rsaes_oaep_decryption_example_7_3) 04376 { 04377 unsigned char message_str[1000]; 04378 unsigned char output[1000]; 04379 unsigned char output_str[1000]; 04380 rsa_context ctx; 04381 mpi P1, Q1, H, G; 04382 size_t output_len; 04383 04384 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 04385 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 04386 04387 memset( message_str, 0x00, 1000 ); 04388 memset( output, 0x00, 1000 ); 04389 memset( output_str, 0x00, 1000 ); 04390 04391 ctx.len = 1030 / 8 + ( ( 1030 % 8 ) ? 1 : 0 ); 04392 fct_chk( mpi_read_string( &ctx.P, 16, "0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71" ) == 0 ); 04393 fct_chk( mpi_read_string( &ctx.Q, 16, "06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023" ) == 0 ); 04394 fct_chk( mpi_read_string( &ctx.N, 16, "311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373" ) == 0 ); 04395 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 04396 04397 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 04398 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 04399 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 04400 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 04401 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 04402 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 04403 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 04404 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 04405 04406 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 04407 04408 unhexify( message_str, "2155cd843ff24a4ee8badb7694260028a490813ba8b369a4cbf106ec148e5298707f5965be7d101c1049ea8584c24cd63455ad9c104d686282d3fb803a4c11c1c2e9b91c7178801d1b6640f003f5728df007b8a4ccc92bce05e41a27278d7c85018c52414313a5077789001d4f01910b72aad05d220aa14a58733a7489bc54556b" ); 04409 04410 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 04411 if( 0 == 0 ) 04412 { 04413 hexify( output_str, output, ctx.len ); 04414 04415 fct_chk( strncasecmp( (char *) output_str, "d976fc", strlen( "d976fc" ) ) == 0 ); 04416 } 04417 04418 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 04419 } 04420 FCT_TEST_END(); 04421 04422 04423 FCT_TEST_BGN(rsaes_oaep_decryption_example_7_4) 04424 { 04425 unsigned char message_str[1000]; 04426 unsigned char output[1000]; 04427 unsigned char output_str[1000]; 04428 rsa_context ctx; 04429 mpi P1, Q1, H, G; 04430 size_t output_len; 04431 04432 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 04433 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 04434 04435 memset( message_str, 0x00, 1000 ); 04436 memset( output, 0x00, 1000 ); 04437 memset( output_str, 0x00, 1000 ); 04438 04439 ctx.len = 1030 / 8 + ( ( 1030 % 8 ) ? 1 : 0 ); 04440 fct_chk( mpi_read_string( &ctx.P, 16, "0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71" ) == 0 ); 04441 fct_chk( mpi_read_string( &ctx.Q, 16, "06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023" ) == 0 ); 04442 fct_chk( mpi_read_string( &ctx.N, 16, "311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373" ) == 0 ); 04443 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 04444 04445 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 04446 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 04447 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 04448 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 04449 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 04450 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 04451 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 04452 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 04453 04454 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 04455 04456 unhexify( message_str, "0ab14c373aeb7d4328d0aaad8c094d88b9eb098b95f21054a29082522be7c27a312878b637917e3d819e6c3c568db5d843802b06d51d9e98a2be0bf40c031423b00edfbff8320efb9171bd2044653a4cb9c5122f6c65e83cda2ec3c126027a9c1a56ba874d0fea23f380b82cf240b8cf540004758c4c77d934157a74f3fc12bfac" ); 04457 04458 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 04459 if( 0 == 0 ) 04460 { 04461 hexify( output_str, output, ctx.len ); 04462 04463 fct_chk( strncasecmp( (char *) output_str, "d4738623df223aa43843df8467534c41d013e0c803c624e263666b239bde40a5f29aeb8de79e3daa61dd0370f49bd4b013834b98212aef6b1c5ee373b3cb", strlen( "d4738623df223aa43843df8467534c41d013e0c803c624e263666b239bde40a5f29aeb8de79e3daa61dd0370f49bd4b013834b98212aef6b1c5ee373b3cb" ) ) == 0 ); 04464 } 04465 04466 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 04467 } 04468 FCT_TEST_END(); 04469 04470 04471 FCT_TEST_BGN(rsaes_oaep_decryption_example_7_5) 04472 { 04473 unsigned char message_str[1000]; 04474 unsigned char output[1000]; 04475 unsigned char output_str[1000]; 04476 rsa_context ctx; 04477 mpi P1, Q1, H, G; 04478 size_t output_len; 04479 04480 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 04481 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 04482 04483 memset( message_str, 0x00, 1000 ); 04484 memset( output, 0x00, 1000 ); 04485 memset( output_str, 0x00, 1000 ); 04486 04487 ctx.len = 1030 / 8 + ( ( 1030 % 8 ) ? 1 : 0 ); 04488 fct_chk( mpi_read_string( &ctx.P, 16, "0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71" ) == 0 ); 04489 fct_chk( mpi_read_string( &ctx.Q, 16, "06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023" ) == 0 ); 04490 fct_chk( mpi_read_string( &ctx.N, 16, "311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373" ) == 0 ); 04491 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 04492 04493 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 04494 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 04495 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 04496 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 04497 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 04498 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 04499 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 04500 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 04501 04502 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 04503 04504 unhexify( message_str, "028387a318277434798b4d97f460068df5298faba5041ba11761a1cb7316b24184114ec500257e2589ed3b607a1ebbe97a6cc2e02bf1b681f42312a33b7a77d8e7855c4a6de03e3c04643f786b91a264a0d6805e2cea91e68177eb7a64d9255e4f27e713b7ccec00dc200ebd21c2ea2bb890feae4942df941dc3f97890ed347478" ); 04505 04506 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 04507 if( 0 == 0 ) 04508 { 04509 hexify( output_str, output, ctx.len ); 04510 04511 fct_chk( strncasecmp( (char *) output_str, "bb47231ca5ea1d3ad46c99345d9a8a61", strlen( "bb47231ca5ea1d3ad46c99345d9a8a61" ) ) == 0 ); 04512 } 04513 04514 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 04515 } 04516 FCT_TEST_END(); 04517 04518 04519 FCT_TEST_BGN(rsaes_oaep_decryption_example_7_6) 04520 { 04521 unsigned char message_str[1000]; 04522 unsigned char output[1000]; 04523 unsigned char output_str[1000]; 04524 rsa_context ctx; 04525 mpi P1, Q1, H, G; 04526 size_t output_len; 04527 04528 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 04529 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 04530 04531 memset( message_str, 0x00, 1000 ); 04532 memset( output, 0x00, 1000 ); 04533 memset( output_str, 0x00, 1000 ); 04534 04535 ctx.len = 1030 / 8 + ( ( 1030 % 8 ) ? 1 : 0 ); 04536 fct_chk( mpi_read_string( &ctx.P, 16, "0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71" ) == 0 ); 04537 fct_chk( mpi_read_string( &ctx.Q, 16, "06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023" ) == 0 ); 04538 fct_chk( mpi_read_string( &ctx.N, 16, "311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373" ) == 0 ); 04539 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 04540 04541 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 04542 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 04543 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 04544 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 04545 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 04546 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 04547 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 04548 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 04549 04550 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 04551 04552 unhexify( message_str, "14c678a94ad60525ef39e959b2f3ba5c097a94ff912b67dbace80535c187abd47d075420b1872152bba08f7fc31f313bbf9273c912fc4c0149a9b0cfb79807e346eb332069611bec0ff9bcd168f1f7c33e77313cea454b94e2549eecf002e2acf7f6f2d2845d4fe0aab2e5a92ddf68c480ae11247935d1f62574842216ae674115" ); 04553 04554 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 04555 if( 0 == 0 ) 04556 { 04557 hexify( output_str, output, ctx.len ); 04558 04559 fct_chk( strncasecmp( (char *) output_str, "2184827095d35c3f86f600e8e59754013296", strlen( "2184827095d35c3f86f600e8e59754013296" ) ) == 0 ); 04560 } 04561 04562 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 04563 } 04564 FCT_TEST_END(); 04565 04566 04567 FCT_TEST_BGN(rsaes_oaep_decryption_example_8_1) 04568 { 04569 unsigned char message_str[1000]; 04570 unsigned char output[1000]; 04571 unsigned char output_str[1000]; 04572 rsa_context ctx; 04573 mpi P1, Q1, H, G; 04574 size_t output_len; 04575 04576 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 04577 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 04578 04579 memset( message_str, 0x00, 1000 ); 04580 memset( output, 0x00, 1000 ); 04581 memset( output_str, 0x00, 1000 ); 04582 04583 ctx.len = 1031 / 8 + ( ( 1031 % 8 ) ? 1 : 0 ); 04584 fct_chk( mpi_read_string( &ctx.P, 16, "0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f" ) == 0 ); 04585 fct_chk( mpi_read_string( &ctx.Q, 16, "092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9" ) == 0 ); 04586 fct_chk( mpi_read_string( &ctx.N, 16, "5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7" ) == 0 ); 04587 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 04588 04589 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 04590 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 04591 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 04592 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 04593 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 04594 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 04595 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 04596 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 04597 04598 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 04599 04600 unhexify( message_str, "09b3683d8a2eb0fb295b62ed1fb9290b714457b7825319f4647872af889b30409472020ad12912bf19b11d4819f49614824ffd84d09c0a17e7d17309d12919790410aa2995699f6a86dbe3242b5acc23af45691080d6b1ae810fb3e3057087f0970092ce00be9562ff4053b6262ce0caa93e13723d2e3a5ba075d45f0d61b54b61" ); 04601 04602 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 04603 if( 0 == 0 ) 04604 { 04605 hexify( output_str, output, ctx.len ); 04606 04607 fct_chk( strncasecmp( (char *) output_str, "050b755e5e6880f7b9e9d692a74c37aae449b31bfea6deff83747a897f6c2c825bb1adbf850a3c96994b5de5b33cbc7d4a17913a7967", strlen( "050b755e5e6880f7b9e9d692a74c37aae449b31bfea6deff83747a897f6c2c825bb1adbf850a3c96994b5de5b33cbc7d4a17913a7967" ) ) == 0 ); 04608 } 04609 04610 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 04611 } 04612 FCT_TEST_END(); 04613 04614 04615 FCT_TEST_BGN(rsaes_oaep_decryption_example_8_2) 04616 { 04617 unsigned char message_str[1000]; 04618 unsigned char output[1000]; 04619 unsigned char output_str[1000]; 04620 rsa_context ctx; 04621 mpi P1, Q1, H, G; 04622 size_t output_len; 04623 04624 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 04625 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 04626 04627 memset( message_str, 0x00, 1000 ); 04628 memset( output, 0x00, 1000 ); 04629 memset( output_str, 0x00, 1000 ); 04630 04631 ctx.len = 1031 / 8 + ( ( 1031 % 8 ) ? 1 : 0 ); 04632 fct_chk( mpi_read_string( &ctx.P, 16, "0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f" ) == 0 ); 04633 fct_chk( mpi_read_string( &ctx.Q, 16, "092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9" ) == 0 ); 04634 fct_chk( mpi_read_string( &ctx.N, 16, "5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7" ) == 0 ); 04635 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 04636 04637 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 04638 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 04639 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 04640 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 04641 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 04642 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 04643 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 04644 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 04645 04646 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 04647 04648 unhexify( message_str, "2ecf15c97c5a15b1476ae986b371b57a24284f4a162a8d0c8182e7905e792256f1812ba5f83f1f7a130e42dcc02232844edc14a31a68ee97ae564a383a3411656424c5f62ddb646093c367be1fcda426cf00a06d8acb7e57776fbbd855ac3df506fc16b1d7c3f2110f3d8068e91e186363831c8409680d8da9ecd8cf1fa20ee39d" ); 04649 04650 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 04651 if( 0 == 0 ) 04652 { 04653 hexify( output_str, output, ctx.len ); 04654 04655 fct_chk( strncasecmp( (char *) output_str, "4eb68dcd93ca9b19df111bd43608f557026fe4aa1d5cfac227a3eb5ab9548c18a06dded23f81825986b2fcd71109ecef7eff88873f075c2aa0c469f69c92bc", strlen( "4eb68dcd93ca9b19df111bd43608f557026fe4aa1d5cfac227a3eb5ab9548c18a06dded23f81825986b2fcd71109ecef7eff88873f075c2aa0c469f69c92bc" ) ) == 0 ); 04656 } 04657 04658 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 04659 } 04660 FCT_TEST_END(); 04661 04662 04663 FCT_TEST_BGN(rsaes_oaep_decryption_example_8_3) 04664 { 04665 unsigned char message_str[1000]; 04666 unsigned char output[1000]; 04667 unsigned char output_str[1000]; 04668 rsa_context ctx; 04669 mpi P1, Q1, H, G; 04670 size_t output_len; 04671 04672 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 04673 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 04674 04675 memset( message_str, 0x00, 1000 ); 04676 memset( output, 0x00, 1000 ); 04677 memset( output_str, 0x00, 1000 ); 04678 04679 ctx.len = 1031 / 8 + ( ( 1031 % 8 ) ? 1 : 0 ); 04680 fct_chk( mpi_read_string( &ctx.P, 16, "0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f" ) == 0 ); 04681 fct_chk( mpi_read_string( &ctx.Q, 16, "092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9" ) == 0 ); 04682 fct_chk( mpi_read_string( &ctx.N, 16, "5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7" ) == 0 ); 04683 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 04684 04685 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 04686 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 04687 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 04688 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 04689 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 04690 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 04691 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 04692 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 04693 04694 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 04695 04696 unhexify( message_str, "4bc89130a5b2dabb7c2fcf90eb5d0eaf9e681b7146a38f3173a3d9cfec52ea9e0a41932e648a9d69344c50da763f51a03c95762131e8052254dcd2248cba40fd31667786ce05a2b7b531ac9dac9ed584a59b677c1a8aed8c5d15d68c05569e2be780bf7db638fd2bfd2a85ab276860f3777338fca989ffd743d13ee08e0ca9893f" ); 04697 04698 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 04699 if( 0 == 0 ) 04700 { 04701 hexify( output_str, output, ctx.len ); 04702 04703 fct_chk( strncasecmp( (char *) output_str, "8604ac56328c1ab5ad917861", strlen( "8604ac56328c1ab5ad917861" ) ) == 0 ); 04704 } 04705 04706 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 04707 } 04708 FCT_TEST_END(); 04709 04710 04711 FCT_TEST_BGN(rsaes_oaep_decryption_example_8_4) 04712 { 04713 unsigned char message_str[1000]; 04714 unsigned char output[1000]; 04715 unsigned char output_str[1000]; 04716 rsa_context ctx; 04717 mpi P1, Q1, H, G; 04718 size_t output_len; 04719 04720 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 04721 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 04722 04723 memset( message_str, 0x00, 1000 ); 04724 memset( output, 0x00, 1000 ); 04725 memset( output_str, 0x00, 1000 ); 04726 04727 ctx.len = 1031 / 8 + ( ( 1031 % 8 ) ? 1 : 0 ); 04728 fct_chk( mpi_read_string( &ctx.P, 16, "0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f" ) == 0 ); 04729 fct_chk( mpi_read_string( &ctx.Q, 16, "092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9" ) == 0 ); 04730 fct_chk( mpi_read_string( &ctx.N, 16, "5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7" ) == 0 ); 04731 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 04732 04733 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 04734 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 04735 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 04736 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 04737 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 04738 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 04739 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 04740 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 04741 04742 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 04743 04744 unhexify( message_str, "2e456847d8fc36ff0147d6993594b9397227d577752c79d0f904fcb039d4d812fea605a7b574dd82ca786f93752348438ee9f5b5454985d5f0e1699e3e7ad175a32e15f03deb042ab9fe1dd9db1bb86f8c089ccb45e7ef0c5ee7ca9b7290ca6b15bed47039788a8a93ff83e0e8d6244c71006362deef69b6f416fb3c684383fbd0" ); 04745 04746 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 04747 if( 0 == 0 ) 04748 { 04749 hexify( output_str, output, ctx.len ); 04750 04751 fct_chk( strncasecmp( (char *) output_str, "fdda5fbf6ec361a9d9a4ac68af216a0686f438b1e0e5c36b955f74e107f39c0dddcc", strlen( "fdda5fbf6ec361a9d9a4ac68af216a0686f438b1e0e5c36b955f74e107f39c0dddcc" ) ) == 0 ); 04752 } 04753 04754 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 04755 } 04756 FCT_TEST_END(); 04757 04758 04759 FCT_TEST_BGN(rsaes_oaep_decryption_example_8_5) 04760 { 04761 unsigned char message_str[1000]; 04762 unsigned char output[1000]; 04763 unsigned char output_str[1000]; 04764 rsa_context ctx; 04765 mpi P1, Q1, H, G; 04766 size_t output_len; 04767 04768 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 04769 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 04770 04771 memset( message_str, 0x00, 1000 ); 04772 memset( output, 0x00, 1000 ); 04773 memset( output_str, 0x00, 1000 ); 04774 04775 ctx.len = 1031 / 8 + ( ( 1031 % 8 ) ? 1 : 0 ); 04776 fct_chk( mpi_read_string( &ctx.P, 16, "0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f" ) == 0 ); 04777 fct_chk( mpi_read_string( &ctx.Q, 16, "092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9" ) == 0 ); 04778 fct_chk( mpi_read_string( &ctx.N, 16, "5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7" ) == 0 ); 04779 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 04780 04781 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 04782 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 04783 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 04784 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 04785 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 04786 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 04787 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 04788 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 04789 04790 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 04791 04792 unhexify( message_str, "1fb9356fd5c4b1796db2ebf7d0d393cc810adf6145defc2fce714f79d93800d5e2ac211ea8bbecca4b654b94c3b18b30dd576ce34dc95436ef57a09415645923359a5d7b4171ef22c24670f1b229d3603e91f76671b7df97e7317c97734476d5f3d17d21cf82b5ba9f83df2e588d36984fd1b584468bd23b2e875f32f68953f7b2" ); 04793 04794 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 04795 if( 0 == 0 ) 04796 { 04797 hexify( output_str, output, ctx.len ); 04798 04799 fct_chk( strncasecmp( (char *) output_str, "4a5f4914bee25de3c69341de07", strlen( "4a5f4914bee25de3c69341de07" ) ) == 0 ); 04800 } 04801 04802 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 04803 } 04804 FCT_TEST_END(); 04805 04806 04807 FCT_TEST_BGN(rsaes_oaep_decryption_example_8_6) 04808 { 04809 unsigned char message_str[1000]; 04810 unsigned char output[1000]; 04811 unsigned char output_str[1000]; 04812 rsa_context ctx; 04813 mpi P1, Q1, H, G; 04814 size_t output_len; 04815 04816 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 04817 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 04818 04819 memset( message_str, 0x00, 1000 ); 04820 memset( output, 0x00, 1000 ); 04821 memset( output_str, 0x00, 1000 ); 04822 04823 ctx.len = 1031 / 8 + ( ( 1031 % 8 ) ? 1 : 0 ); 04824 fct_chk( mpi_read_string( &ctx.P, 16, "0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f" ) == 0 ); 04825 fct_chk( mpi_read_string( &ctx.Q, 16, "092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9" ) == 0 ); 04826 fct_chk( mpi_read_string( &ctx.N, 16, "5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7" ) == 0 ); 04827 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 04828 04829 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 04830 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 04831 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 04832 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 04833 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 04834 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 04835 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 04836 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 04837 04838 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 04839 04840 unhexify( message_str, "3afd9c6600147b21798d818c655a0f4c9212db26d0b0dfdc2a7594ccb3d22f5bf1d7c3e112cd73fc7d509c7a8bafdd3c274d1399009f9609ec4be6477e453f075aa33db382870c1c3409aef392d7386ae3a696b99a94b4da0589447e955d16c98b17602a59bd736279fcd8fb280c4462d590bfa9bf13fed570eafde97330a2c210" ); 04841 04842 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 04843 if( 0 == 0 ) 04844 { 04845 hexify( output_str, output, ctx.len ); 04846 04847 fct_chk( strncasecmp( (char *) output_str, "8e07d66f7b880a72563abcd3f35092bc33409fb7f88f2472be", strlen( "8e07d66f7b880a72563abcd3f35092bc33409fb7f88f2472be" ) ) == 0 ); 04848 } 04849 04850 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 04851 } 04852 FCT_TEST_END(); 04853 04854 04855 FCT_TEST_BGN(rsaes_oaep_decryption_example_9_1) 04856 { 04857 unsigned char message_str[1000]; 04858 unsigned char output[1000]; 04859 unsigned char output_str[1000]; 04860 rsa_context ctx; 04861 mpi P1, Q1, H, G; 04862 size_t output_len; 04863 04864 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 04865 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 04866 04867 memset( message_str, 0x00, 1000 ); 04868 memset( output, 0x00, 1000 ); 04869 memset( output_str, 0x00, 1000 ); 04870 04871 ctx.len = 1536 / 8 + ( ( 1536 % 8 ) ? 1 : 0 ); 04872 fct_chk( mpi_read_string( &ctx.P, 16, "fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd" ) == 0 ); 04873 fct_chk( mpi_read_string( &ctx.Q, 16, "d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1" ) == 0 ); 04874 fct_chk( mpi_read_string( &ctx.N, 16, "cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d" ) == 0 ); 04875 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 04876 04877 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 04878 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 04879 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 04880 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 04881 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 04882 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 04883 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 04884 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 04885 04886 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 04887 04888 unhexify( message_str, "267bcd118acab1fc8ba81c85d73003cb8610fa55c1d97da8d48a7c7f06896a4db751aa284255b9d36ad65f37653d829f1b37f97b8001942545b2fc2c55a7376ca7a1be4b1760c8e05a33e5aa2526b8d98e317088e7834c755b2a59b12631a182c05d5d43ab1779264f8456f515ce57dfdf512d5493dab7b7338dc4b7d78db9c091ac3baf537a69fc7f549d979f0eff9a94fda4169bd4d1d19a69c99e33c3b55490d501b39b1edae118ff6793a153261584d3a5f39f6e682e3d17c8cd1261fa72" ); 04889 04890 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 04891 if( 0 == 0 ) 04892 { 04893 hexify( output_str, output, ctx.len ); 04894 04895 fct_chk( strncasecmp( (char *) output_str, "f735fd55ba92592c3b52b8f9c4f69aaa1cbef8fe88add095595412467f9cf4ec0b896c59eda16210e7549c8abb10cdbc21a12ec9b6b5b8fd2f10399eb6", strlen( "f735fd55ba92592c3b52b8f9c4f69aaa1cbef8fe88add095595412467f9cf4ec0b896c59eda16210e7549c8abb10cdbc21a12ec9b6b5b8fd2f10399eb6" ) ) == 0 ); 04896 } 04897 04898 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 04899 } 04900 FCT_TEST_END(); 04901 04902 04903 FCT_TEST_BGN(rsaes_oaep_decryption_example_9_2) 04904 { 04905 unsigned char message_str[1000]; 04906 unsigned char output[1000]; 04907 unsigned char output_str[1000]; 04908 rsa_context ctx; 04909 mpi P1, Q1, H, G; 04910 size_t output_len; 04911 04912 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 04913 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 04914 04915 memset( message_str, 0x00, 1000 ); 04916 memset( output, 0x00, 1000 ); 04917 memset( output_str, 0x00, 1000 ); 04918 04919 ctx.len = 1536 / 8 + ( ( 1536 % 8 ) ? 1 : 0 ); 04920 fct_chk( mpi_read_string( &ctx.P, 16, "fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd" ) == 0 ); 04921 fct_chk( mpi_read_string( &ctx.Q, 16, "d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1" ) == 0 ); 04922 fct_chk( mpi_read_string( &ctx.N, 16, "cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d" ) == 0 ); 04923 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 04924 04925 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 04926 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 04927 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 04928 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 04929 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 04930 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 04931 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 04932 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 04933 04934 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 04935 04936 unhexify( message_str, "93ac9f0671ec29acbb444effc1a5741351d60fdb0e393fbf754acf0de49761a14841df7772e9bc82773966a1584c4d72baea00118f83f35cca6e537cbd4d811f5583b29783d8a6d94cd31be70d6f526c10ff09c6fa7ce069795a3fcd0511fd5fcb564bcc80ea9c78f38b80012539d8a4ddf6fe81e9cddb7f50dbbbbcc7e5d86097ccf4ec49189fb8bf318be6d5a0715d516b49af191258cd32dc833ce6eb4673c03a19bbace88cc54895f636cc0c1ec89096d11ce235a265ca1764232a689ae8" ); 04937 04938 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 04939 if( 0 == 0 ) 04940 { 04941 hexify( output_str, output, ctx.len ); 04942 04943 fct_chk( strncasecmp( (char *) output_str, "81b906605015a63aabe42ddf11e1978912f5404c7474b26dce3ed482bf961ecc818bf420c54659", strlen( "81b906605015a63aabe42ddf11e1978912f5404c7474b26dce3ed482bf961ecc818bf420c54659" ) ) == 0 ); 04944 } 04945 04946 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 04947 } 04948 FCT_TEST_END(); 04949 04950 04951 FCT_TEST_BGN(rsaes_oaep_decryption_example_9_3) 04952 { 04953 unsigned char message_str[1000]; 04954 unsigned char output[1000]; 04955 unsigned char output_str[1000]; 04956 rsa_context ctx; 04957 mpi P1, Q1, H, G; 04958 size_t output_len; 04959 04960 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 04961 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 04962 04963 memset( message_str, 0x00, 1000 ); 04964 memset( output, 0x00, 1000 ); 04965 memset( output_str, 0x00, 1000 ); 04966 04967 ctx.len = 1536 / 8 + ( ( 1536 % 8 ) ? 1 : 0 ); 04968 fct_chk( mpi_read_string( &ctx.P, 16, "fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd" ) == 0 ); 04969 fct_chk( mpi_read_string( &ctx.Q, 16, "d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1" ) == 0 ); 04970 fct_chk( mpi_read_string( &ctx.N, 16, "cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d" ) == 0 ); 04971 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 04972 04973 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 04974 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 04975 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 04976 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 04977 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 04978 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 04979 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 04980 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 04981 04982 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 04983 04984 unhexify( message_str, "81ebdd95054b0c822ef9ad7693f5a87adfb4b4c4ce70df2df84ed49c04da58ba5fc20a19e1a6e8b7a3900b22796dc4e869ee6b42792d15a8eceb56c09c69914e813cea8f6931e4b8ed6f421af298d595c97f4789c7caa612c7ef360984c21b93edc5401068b5af4c78a8771b984d53b8ea8adf2f6a7d4a0ba76c75e1dd9f658f20ded4a46071d46d7791b56803d8fea7f0b0f8e41ae3f09383a6f9585fe7753eaaffd2bf94563108beecc207bbb535f5fcc705f0dde9f708c62f49a9c90371d3" ); 04985 04986 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 04987 if( 0 == 0 ) 04988 { 04989 hexify( output_str, output, ctx.len ); 04990 04991 fct_chk( strncasecmp( (char *) output_str, "fd326429df9b890e09b54b18b8f34f1e24", strlen( "fd326429df9b890e09b54b18b8f34f1e24" ) ) == 0 ); 04992 } 04993 04994 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 04995 } 04996 FCT_TEST_END(); 04997 04998 04999 FCT_TEST_BGN(rsaes_oaep_decryption_example_9_4) 05000 { 05001 unsigned char message_str[1000]; 05002 unsigned char output[1000]; 05003 unsigned char output_str[1000]; 05004 rsa_context ctx; 05005 mpi P1, Q1, H, G; 05006 size_t output_len; 05007 05008 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 05009 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 05010 05011 memset( message_str, 0x00, 1000 ); 05012 memset( output, 0x00, 1000 ); 05013 memset( output_str, 0x00, 1000 ); 05014 05015 ctx.len = 1536 / 8 + ( ( 1536 % 8 ) ? 1 : 0 ); 05016 fct_chk( mpi_read_string( &ctx.P, 16, "fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd" ) == 0 ); 05017 fct_chk( mpi_read_string( &ctx.Q, 16, "d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1" ) == 0 ); 05018 fct_chk( mpi_read_string( &ctx.N, 16, "cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d" ) == 0 ); 05019 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 05020 05021 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 05022 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 05023 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 05024 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 05025 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 05026 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 05027 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 05028 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 05029 05030 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 05031 05032 unhexify( message_str, "bcc35f94cde66cb1136625d625b94432a35b22f3d2fa11a613ff0fca5bd57f87b902ccdc1cd0aebcb0715ee869d1d1fe395f6793003f5eca465059c88660d446ff5f0818552022557e38c08a67ead991262254f10682975ec56397768537f4977af6d5f6aaceb7fb25dec5937230231fd8978af49119a29f29e424ab8272b47562792d5c94f774b8829d0b0d9f1a8c9eddf37574d5fa248eefa9c5271fc5ec2579c81bdd61b410fa61fe36e424221c113addb275664c801d34ca8c6351e4a858" ); 05033 05034 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 05035 if( 0 == 0 ) 05036 { 05037 hexify( output_str, output, ctx.len ); 05038 05039 fct_chk( strncasecmp( (char *) output_str, "f1459b5f0c92f01a0f723a2e5662484d8f8c0a20fc29dad6acd43bb5f3effdf4e1b63e07fdfe6628d0d74ca19bf2d69e4a0abf86d293925a796772f8088e", strlen( "f1459b5f0c92f01a0f723a2e5662484d8f8c0a20fc29dad6acd43bb5f3effdf4e1b63e07fdfe6628d0d74ca19bf2d69e4a0abf86d293925a796772f8088e" ) ) == 0 ); 05040 } 05041 05042 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 05043 } 05044 FCT_TEST_END(); 05045 05046 05047 FCT_TEST_BGN(rsaes_oaep_decryption_example_9_5) 05048 { 05049 unsigned char message_str[1000]; 05050 unsigned char output[1000]; 05051 unsigned char output_str[1000]; 05052 rsa_context ctx; 05053 mpi P1, Q1, H, G; 05054 size_t output_len; 05055 05056 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 05057 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 05058 05059 memset( message_str, 0x00, 1000 ); 05060 memset( output, 0x00, 1000 ); 05061 memset( output_str, 0x00, 1000 ); 05062 05063 ctx.len = 1536 / 8 + ( ( 1536 % 8 ) ? 1 : 0 ); 05064 fct_chk( mpi_read_string( &ctx.P, 16, "fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd" ) == 0 ); 05065 fct_chk( mpi_read_string( &ctx.Q, 16, "d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1" ) == 0 ); 05066 fct_chk( mpi_read_string( &ctx.N, 16, "cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d" ) == 0 ); 05067 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 05068 05069 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 05070 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 05071 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 05072 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 05073 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 05074 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 05075 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 05076 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 05077 05078 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 05079 05080 unhexify( message_str, "232afbc927fa08c2f6a27b87d4a5cb09c07dc26fae73d73a90558839f4fd66d281b87ec734bce237ba166698ed829106a7de6942cd6cdce78fed8d2e4d81428e66490d036264cef92af941d3e35055fe3981e14d29cbb9a4f67473063baec79a1179f5a17c9c1832f2838fd7d5e59bb9659d56dce8a019edef1bb3accc697cc6cc7a778f60a064c7f6f5d529c6210262e003de583e81e3167b89971fb8c0e15d44fffef89b53d8d64dd797d159b56d2b08ea5307ea12c241bd58d4ee278a1f2e" ); 05081 05082 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 05083 if( 0 == 0 ) 05084 { 05085 hexify( output_str, output, ctx.len ); 05086 05087 fct_chk( strncasecmp( (char *) output_str, "53e6e8c729d6f9c319dd317e74b0db8e4ccca25f3c8305746e137ac63a63ef3739e7b595abb96e8d55e54f7bd41ab433378ffb911d", strlen( "53e6e8c729d6f9c319dd317e74b0db8e4ccca25f3c8305746e137ac63a63ef3739e7b595abb96e8d55e54f7bd41ab433378ffb911d" ) ) == 0 ); 05088 } 05089 05090 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 05091 } 05092 FCT_TEST_END(); 05093 05094 05095 FCT_TEST_BGN(rsaes_oaep_decryption_example_9_6) 05096 { 05097 unsigned char message_str[1000]; 05098 unsigned char output[1000]; 05099 unsigned char output_str[1000]; 05100 rsa_context ctx; 05101 mpi P1, Q1, H, G; 05102 size_t output_len; 05103 05104 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 05105 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 05106 05107 memset( message_str, 0x00, 1000 ); 05108 memset( output, 0x00, 1000 ); 05109 memset( output_str, 0x00, 1000 ); 05110 05111 ctx.len = 1536 / 8 + ( ( 1536 % 8 ) ? 1 : 0 ); 05112 fct_chk( mpi_read_string( &ctx.P, 16, "fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd" ) == 0 ); 05113 fct_chk( mpi_read_string( &ctx.Q, 16, "d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1" ) == 0 ); 05114 fct_chk( mpi_read_string( &ctx.N, 16, "cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d" ) == 0 ); 05115 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 05116 05117 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 05118 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 05119 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 05120 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 05121 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 05122 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 05123 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 05124 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 05125 05126 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 05127 05128 unhexify( message_str, "438cc7dc08a68da249e42505f8573ba60e2c2773d5b290f4cf9dff718e842081c383e67024a0f29594ea987b9d25e4b738f285970d195abb3a8c8054e3d79d6b9c9a8327ba596f1259e27126674766907d8d582ff3a8476154929adb1e6d1235b2ccb4ec8f663ba9cc670a92bebd853c8dbf69c6436d016f61add836e94732450434207f9fd4c43dec2a12a958efa01efe2669899b5e604c255c55fb7166de5589e369597bb09168c06dd5db177e06a1740eb2d5c82faeca6d92fcee9931ba9f" ); 05129 05130 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 05131 if( 0 == 0 ) 05132 { 05133 hexify( output_str, output, ctx.len ); 05134 05135 fct_chk( strncasecmp( (char *) output_str, "b6b28ea2198d0c1008bc64", strlen( "b6b28ea2198d0c1008bc64" ) ) == 0 ); 05136 } 05137 05138 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 05139 } 05140 FCT_TEST_END(); 05141 05142 05143 FCT_TEST_BGN(rsaes_oaep_decryption_example_10_1) 05144 { 05145 unsigned char message_str[1000]; 05146 unsigned char output[1000]; 05147 unsigned char output_str[1000]; 05148 rsa_context ctx; 05149 mpi P1, Q1, H, G; 05150 size_t output_len; 05151 05152 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 05153 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 05154 05155 memset( message_str, 0x00, 1000 ); 05156 memset( output, 0x00, 1000 ); 05157 memset( output_str, 0x00, 1000 ); 05158 05159 ctx.len = 2048 / 8 + ( ( 2048 % 8 ) ? 1 : 0 ); 05160 fct_chk( mpi_read_string( &ctx.P, 16, "ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769" ) == 0 ); 05161 fct_chk( mpi_read_string( &ctx.Q, 16, "bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183" ) == 0 ); 05162 fct_chk( mpi_read_string( &ctx.N, 16, "ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb" ) == 0 ); 05163 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 05164 05165 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 05166 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 05167 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 05168 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 05169 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 05170 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 05171 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 05172 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 05173 05174 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 05175 05176 unhexify( message_str, "53ea5dc08cd260fb3b858567287fa91552c30b2febfba213f0ae87702d068d19bab07fe574523dfb42139d68c3c5afeee0bfe4cb7969cbf382b804d6e61396144e2d0e60741f8993c3014b58b9b1957a8babcd23af854f4c356fb1662aa72bfcc7e586559dc4280d160c126785a723ebeebeff71f11594440aaef87d10793a8774a239d4a04c87fe1467b9daf85208ec6c7255794a96cc29142f9a8bd418e3c1fd67344b0cd0829df3b2bec60253196293c6b34d3f75d32f213dd45c6273d505adf4cced1057cb758fc26aeefa441255ed4e64c199ee075e7f16646182fdb464739b68ab5daff0e63e9552016824f054bf4d3c8c90a97bb6b6553284eb429fcc" ); 05177 05178 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 05179 if( 0 == 0 ) 05180 { 05181 hexify( output_str, output, ctx.len ); 05182 05183 fct_chk( strncasecmp( (char *) output_str, "8bba6bf82a6c0f86d5f1756e97956870b08953b06b4eb205bc1694ee", strlen( "8bba6bf82a6c0f86d5f1756e97956870b08953b06b4eb205bc1694ee" ) ) == 0 ); 05184 } 05185 05186 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 05187 } 05188 FCT_TEST_END(); 05189 05190 05191 FCT_TEST_BGN(rsaes_oaep_decryption_example_10_2) 05192 { 05193 unsigned char message_str[1000]; 05194 unsigned char output[1000]; 05195 unsigned char output_str[1000]; 05196 rsa_context ctx; 05197 mpi P1, Q1, H, G; 05198 size_t output_len; 05199 05200 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 05201 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 05202 05203 memset( message_str, 0x00, 1000 ); 05204 memset( output, 0x00, 1000 ); 05205 memset( output_str, 0x00, 1000 ); 05206 05207 ctx.len = 2048 / 8 + ( ( 2048 % 8 ) ? 1 : 0 ); 05208 fct_chk( mpi_read_string( &ctx.P, 16, "ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769" ) == 0 ); 05209 fct_chk( mpi_read_string( &ctx.Q, 16, "bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183" ) == 0 ); 05210 fct_chk( mpi_read_string( &ctx.N, 16, "ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb" ) == 0 ); 05211 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 05212 05213 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 05214 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 05215 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 05216 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 05217 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 05218 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 05219 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 05220 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 05221 05222 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 05223 05224 unhexify( message_str, "a2b1a430a9d657e2fa1c2bb5ed43ffb25c05a308fe9093c01031795f5874400110828ae58fb9b581ce9dddd3e549ae04a0985459bde6c626594e7b05dc4278b2a1465c1368408823c85e96dc66c3a30983c639664fc4569a37fe21e5a195b5776eed2df8d8d361af686e750229bbd663f161868a50615e0c337bec0ca35fec0bb19c36eb2e0bbcc0582fa1d93aacdb061063f59f2ce1ee43605e5d89eca183d2acdfe9f81011022ad3b43a3dd417dac94b4e11ea81b192966e966b182082e71964607b4f8002f36299844a11f2ae0faeac2eae70f8f4f98088acdcd0ac556e9fccc511521908fad26f04c64201450305778758b0538bf8b5bb144a828e629795" ); 05225 05226 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 05227 if( 0 == 0 ) 05228 { 05229 hexify( output_str, output, ctx.len ); 05230 05231 fct_chk( strncasecmp( (char *) output_str, "e6ad181f053b58a904f2457510373e57", strlen( "e6ad181f053b58a904f2457510373e57" ) ) == 0 ); 05232 } 05233 05234 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 05235 } 05236 FCT_TEST_END(); 05237 05238 05239 FCT_TEST_BGN(rsaes_oaep_decryption_example_10_3) 05240 { 05241 unsigned char message_str[1000]; 05242 unsigned char output[1000]; 05243 unsigned char output_str[1000]; 05244 rsa_context ctx; 05245 mpi P1, Q1, H, G; 05246 size_t output_len; 05247 05248 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 05249 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 05250 05251 memset( message_str, 0x00, 1000 ); 05252 memset( output, 0x00, 1000 ); 05253 memset( output_str, 0x00, 1000 ); 05254 05255 ctx.len = 2048 / 8 + ( ( 2048 % 8 ) ? 1 : 0 ); 05256 fct_chk( mpi_read_string( &ctx.P, 16, "ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769" ) == 0 ); 05257 fct_chk( mpi_read_string( &ctx.Q, 16, "bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183" ) == 0 ); 05258 fct_chk( mpi_read_string( &ctx.N, 16, "ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb" ) == 0 ); 05259 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 05260 05261 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 05262 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 05263 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 05264 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 05265 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 05266 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 05267 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 05268 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 05269 05270 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 05271 05272 unhexify( message_str, "9886c3e6764a8b9a84e84148ebd8c3b1aa8050381a78f668714c16d9cfd2a6edc56979c535d9dee3b44b85c18be8928992371711472216d95dda98d2ee8347c9b14dffdff84aa48d25ac06f7d7e65398ac967b1ce90925f67dce049b7f812db0742997a74d44fe81dbe0e7a3feaf2e5c40af888d550ddbbe3bc20657a29543f8fc2913b9bd1a61b2ab2256ec409bbd7dc0d17717ea25c43f42ed27df8738bf4afc6766ff7aff0859555ee283920f4c8a63c4a7340cbafddc339ecdb4b0515002f96c932b5b79167af699c0ad3fccfdf0f44e85a70262bf2e18fe34b850589975e867ff969d48eabf212271546cdc05a69ecb526e52870c836f307bd798780ede" ); 05273 05274 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 05275 if( 0 == 0 ) 05276 { 05277 hexify( output_str, output, ctx.len ); 05278 05279 fct_chk( strncasecmp( (char *) output_str, "510a2cf60e866fa2340553c94ea39fbc256311e83e94454b4124", strlen( "510a2cf60e866fa2340553c94ea39fbc256311e83e94454b4124" ) ) == 0 ); 05280 } 05281 05282 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 05283 } 05284 FCT_TEST_END(); 05285 05286 05287 FCT_TEST_BGN(rsaes_oaep_decryption_example_10_4) 05288 { 05289 unsigned char message_str[1000]; 05290 unsigned char output[1000]; 05291 unsigned char output_str[1000]; 05292 rsa_context ctx; 05293 mpi P1, Q1, H, G; 05294 size_t output_len; 05295 05296 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 05297 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 05298 05299 memset( message_str, 0x00, 1000 ); 05300 memset( output, 0x00, 1000 ); 05301 memset( output_str, 0x00, 1000 ); 05302 05303 ctx.len = 2048 / 8 + ( ( 2048 % 8 ) ? 1 : 0 ); 05304 fct_chk( mpi_read_string( &ctx.P, 16, "ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769" ) == 0 ); 05305 fct_chk( mpi_read_string( &ctx.Q, 16, "bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183" ) == 0 ); 05306 fct_chk( mpi_read_string( &ctx.N, 16, "ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb" ) == 0 ); 05307 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 05308 05309 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 05310 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 05311 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 05312 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 05313 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 05314 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 05315 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 05316 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 05317 05318 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 05319 05320 unhexify( message_str, "6318e9fb5c0d05e5307e1683436e903293ac4642358aaa223d7163013aba87e2dfda8e60c6860e29a1e92686163ea0b9175f329ca3b131a1edd3a77759a8b97bad6a4f8f4396f28cf6f39ca58112e48160d6e203daa5856f3aca5ffed577af499408e3dfd233e3e604dbe34a9c4c9082de65527cac6331d29dc80e0508a0fa7122e7f329f6cca5cfa34d4d1da417805457e008bec549e478ff9e12a763c477d15bbb78f5b69bd57830fc2c4ed686d79bc72a95d85f88134c6b0afe56a8ccfbc855828bb339bd17909cf1d70de3335ae07039093e606d655365de6550b872cd6de1d440ee031b61945f629ad8a353b0d40939e96a3c450d2a8d5eee9f678093c8" ); 05321 05322 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 05323 if( 0 == 0 ) 05324 { 05325 hexify( output_str, output, ctx.len ); 05326 05327 fct_chk( strncasecmp( (char *) output_str, "bcdd190da3b7d300df9a06e22caae2a75f10c91ff667b7c16bde8b53064a2649a94045c9", strlen( "bcdd190da3b7d300df9a06e22caae2a75f10c91ff667b7c16bde8b53064a2649a94045c9" ) ) == 0 ); 05328 } 05329 05330 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 05331 } 05332 FCT_TEST_END(); 05333 05334 05335 FCT_TEST_BGN(rsaes_oaep_decryption_example_10_5) 05336 { 05337 unsigned char message_str[1000]; 05338 unsigned char output[1000]; 05339 unsigned char output_str[1000]; 05340 rsa_context ctx; 05341 mpi P1, Q1, H, G; 05342 size_t output_len; 05343 05344 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 05345 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 05346 05347 memset( message_str, 0x00, 1000 ); 05348 memset( output, 0x00, 1000 ); 05349 memset( output_str, 0x00, 1000 ); 05350 05351 ctx.len = 2048 / 8 + ( ( 2048 % 8 ) ? 1 : 0 ); 05352 fct_chk( mpi_read_string( &ctx.P, 16, "ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769" ) == 0 ); 05353 fct_chk( mpi_read_string( &ctx.Q, 16, "bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183" ) == 0 ); 05354 fct_chk( mpi_read_string( &ctx.N, 16, "ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb" ) == 0 ); 05355 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 05356 05357 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 05358 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 05359 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 05360 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 05361 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 05362 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 05363 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 05364 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 05365 05366 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 05367 05368 unhexify( message_str, "75290872ccfd4a4505660d651f56da6daa09ca1301d890632f6a992f3d565cee464afded40ed3b5be9356714ea5aa7655f4a1366c2f17c728f6f2c5a5d1f8e28429bc4e6f8f2cff8da8dc0e0a9808e45fd09ea2fa40cb2b6ce6ffff5c0e159d11b68d90a85f7b84e103b09e682666480c657505c0929259468a314786d74eab131573cf234bf57db7d9e66cc6748192e002dc0deea930585f0831fdcd9bc33d51f79ed2ffc16bcf4d59812fcebcaa3f9069b0e445686d644c25ccf63b456ee5fa6ffe96f19cdf751fed9eaf35957754dbf4bfea5216aa1844dc507cb2d080e722eba150308c2b5ff1193620f1766ecf4481bafb943bd292877f2136ca494aba0" ); 05369 05370 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 05371 if( 0 == 0 ) 05372 { 05373 hexify( output_str, output, ctx.len ); 05374 05375 fct_chk( strncasecmp( (char *) output_str, "a7dd6c7dc24b46f9dd5f1e91ada4c3b3df947e877232a9", strlen( "a7dd6c7dc24b46f9dd5f1e91ada4c3b3df947e877232a9" ) ) == 0 ); 05376 } 05377 05378 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 05379 } 05380 FCT_TEST_END(); 05381 05382 05383 FCT_TEST_BGN(rsaes_oaep_decryption_example_10_6) 05384 { 05385 unsigned char message_str[1000]; 05386 unsigned char output[1000]; 05387 unsigned char output_str[1000]; 05388 rsa_context ctx; 05389 mpi P1, Q1, H, G; 05390 size_t output_len; 05391 05392 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 05393 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 05394 05395 memset( message_str, 0x00, 1000 ); 05396 memset( output, 0x00, 1000 ); 05397 memset( output_str, 0x00, 1000 ); 05398 05399 ctx.len = 2048 / 8 + ( ( 2048 % 8 ) ? 1 : 0 ); 05400 fct_chk( mpi_read_string( &ctx.P, 16, "ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769" ) == 0 ); 05401 fct_chk( mpi_read_string( &ctx.Q, 16, "bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183" ) == 0 ); 05402 fct_chk( mpi_read_string( &ctx.N, 16, "ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb" ) == 0 ); 05403 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 05404 05405 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 05406 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 05407 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 05408 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 05409 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 05410 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 05411 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 05412 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 05413 05414 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 05415 05416 unhexify( message_str, "2d207a73432a8fb4c03051b3f73b28a61764098dfa34c47a20995f8115aa6816679b557e82dbee584908c6e69782d7deb34dbd65af063d57fca76a5fd069492fd6068d9984d209350565a62e5c77f23038c12cb10c6634709b547c46f6b4a709bd85ca122d74465ef97762c29763e06dbc7a9e738c78bfca0102dc5e79d65b973f28240caab2e161a78b57d262457ed8195d53e3c7ae9da021883c6db7c24afdd2322eac972ad3c354c5fcef1e146c3a0290fb67adf007066e00428d2cec18ce58f9328698defef4b2eb5ec76918fde1c198cbb38b7afc67626a9aefec4322bfd90d2563481c9a221f78c8272c82d1b62ab914e1c69f6af6ef30ca5260db4a46" ); 05417 05418 fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 ); 05419 if( 0 == 0 ) 05420 { 05421 hexify( output_str, output, ctx.len ); 05422 05423 fct_chk( strncasecmp( (char *) output_str, "eaf1a73a1b0c4609537de69cd9228bbcfb9a8ca8c6c3efaf056fe4a7f4634ed00b7c39ec6922d7b8ea2c04ebac", strlen( "eaf1a73a1b0c4609537de69cd9228bbcfb9a8ca8c6c3efaf056fe4a7f4634ed00b7c39ec6922d7b8ea2c04ebac" ) ) == 0 ); 05424 } 05425 05426 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 05427 } 05428 FCT_TEST_END(); 05429 05430 05431 FCT_TEST_BGN(rsassa_pss_signing_test_vector_int) 05432 { 05433 unsigned char message_str[1000]; 05434 unsigned char hash_result[1000]; 05435 unsigned char output[1000]; 05436 unsigned char output_str[1000]; 05437 unsigned char rnd_buf[1000]; 05438 rsa_context ctx; 05439 mpi P1, Q1, H, G; 05440 size_t msg_len; 05441 rnd_buf_info info; 05442 05443 info.length = unhexify( rnd_buf, "e3b5d5d002c1bce50c2b65ef88a188d83bce7e61" ); 05444 info.buf = rnd_buf; 05445 05446 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 05447 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 05448 05449 memset( message_str, 0x00, 1000 ); 05450 memset( hash_result, 0x00, 1000 ); 05451 memset( output, 0x00, 1000 ); 05452 memset( output_str, 0x00, 1000 ); 05453 05454 ctx.len = 1024 / 8 + ( ( 1024 % 8 ) ? 1 : 0 ); 05455 fct_chk( mpi_read_string( &ctx.P, 16, "d17f655bf27c8b16d35462c905cc04a26f37e2a67fa9c0ce0dced472394a0df743fe7f929e378efdb368eddff453cf007af6d948e0ade757371f8a711e278f6b" ) == 0 ); 05456 fct_chk( mpi_read_string( &ctx.Q, 16, "c6d92b6fee7414d1358ce1546fb62987530b90bd15e0f14963a5e2635adb69347ec0c01b2ab1763fd8ac1a592fb22757463a982425bb97a3a437c5bf86d03f2f" ) == 0 ); 05457 fct_chk( mpi_read_string( &ctx.N, 16, "a2ba40ee07e3b2bd2f02ce227f36a195024486e49c19cb41bbbdfbba98b22b0e577c2eeaffa20d883a76e65e394c69d4b3c05a1e8fadda27edb2a42bc000fe888b9b32c22d15add0cd76b3e7936e19955b220dd17d4ea904b1ec102b2e4de7751222aa99151024c7cb41cc5ea21d00eeb41f7c800834d2c6e06bce3bce7ea9a5" ) == 0 ); 05458 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 05459 05460 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 05461 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 05462 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 05463 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 05464 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 05465 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 05466 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 05467 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 05468 05469 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 05470 05471 msg_len = unhexify( message_str, "859eef2fd78aca00308bdc471193bf55bf9d78db8f8a672b484634f3c9c26e6478ae10260fe0dd8c082e53a5293af2173cd50c6d5d354febf78b26021c25c02712e78cd4694c9f469777e451e7f8e9e04cd3739c6bbfedae487fb55644e9ca74ff77a53cb729802f6ed4a5ffa8ba159890fc" ); 05472 05473 switch( SIG_RSA_SHA1 ) 05474 { 05475 #ifdef POLARSSL_MD2_C 05476 case SIG_RSA_MD2: 05477 md2( message_str, msg_len, hash_result ); 05478 break; 05479 #endif 05480 #ifdef POLARSSL_MD4_C 05481 case SIG_RSA_MD4: 05482 md4( message_str, msg_len, hash_result ); 05483 break; 05484 #endif 05485 #ifdef POLARSSL_MD5_C 05486 case SIG_RSA_MD5: 05487 md5( message_str, msg_len, hash_result ); 05488 break; 05489 #endif 05490 #ifdef POLARSSL_SHA1_C 05491 case SIG_RSA_SHA1: 05492 sha1( message_str, msg_len, hash_result ); 05493 break; 05494 #endif 05495 #ifdef POLARSSL_SHA2_C 05496 case SIG_RSA_SHA224: 05497 sha2( message_str, msg_len, hash_result, 1 ); 05498 break; 05499 case SIG_RSA_SHA256: 05500 sha2( message_str, msg_len, hash_result, 0 ); 05501 break; 05502 #endif 05503 #ifdef POLARSSL_SHA4_C 05504 case SIG_RSA_SHA384: 05505 sha4( message_str, msg_len, hash_result, 1 ); 05506 break; 05507 case SIG_RSA_SHA512: 05508 sha4( message_str, msg_len, hash_result, 0 ); 05509 break; 05510 #endif 05511 } 05512 05513 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 05514 if( 0 == 0 ) 05515 { 05516 hexify( output_str, output, ctx.len); 05517 05518 fct_chk( strcasecmp( (char *) output_str, "8daa627d3de7595d63056c7ec659e54406f10610128baae821c8b2a0f3936d54dc3bdce46689f6b7951bb18e840542769718d5715d210d85efbb596192032c42be4c29972c856275eb6d5a45f05f51876fc6743deddd28caec9bb30ea99e02c3488269604fe497f74ccd7c7fca1671897123cbd30def5d54a2b5536ad90a747e" ) == 0 ); 05519 } 05520 05521 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 05522 } 05523 FCT_TEST_END(); 05524 05525 05526 FCT_TEST_BGN(rsassa_pss_verification_test_vector_int) 05527 { 05528 unsigned char message_str[1000]; 05529 unsigned char hash_result[1000]; 05530 unsigned char result_str[1000]; 05531 rsa_context ctx; 05532 size_t msg_len; 05533 05534 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 05535 memset( message_str, 0x00, 1000 ); 05536 memset( hash_result, 0x00, 1000 ); 05537 memset( result_str, 0x00, 1000 ); 05538 05539 ctx.len = 1024 / 8 + ( ( 1024 % 8 ) ? 1 : 0 ); 05540 fct_chk( mpi_read_string( &ctx.N, 16, "a2ba40ee07e3b2bd2f02ce227f36a195024486e49c19cb41bbbdfbba98b22b0e577c2eeaffa20d883a76e65e394c69d4b3c05a1e8fadda27edb2a42bc000fe888b9b32c22d15add0cd76b3e7936e19955b220dd17d4ea904b1ec102b2e4de7751222aa99151024c7cb41cc5ea21d00eeb41f7c800834d2c6e06bce3bce7ea9a5" ) == 0 ); 05541 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 05542 05543 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 05544 05545 msg_len = unhexify( message_str, "859eef2fd78aca00308bdc471193bf55bf9d78db8f8a672b484634f3c9c26e6478ae10260fe0dd8c082e53a5293af2173cd50c6d5d354febf78b26021c25c02712e78cd4694c9f469777e451e7f8e9e04cd3739c6bbfedae487fb55644e9ca74ff77a53cb729802f6ed4a5ffa8ba159890fc" ); 05546 unhexify( result_str, "8daa627d3de7595d63056c7ec659e54406f10610128baae821c8b2a0f3936d54dc3bdce46689f6b7951bb18e840542769718d5715d210d85efbb596192032c42be4c29972c856275eb6d5a45f05f51876fc6743deddd28caec9bb30ea99e02c3488269604fe497f74ccd7c7fca1671897123cbd30def5d54a2b5536ad90a747e" ); 05547 05548 switch( SIG_RSA_SHA1 ) 05549 { 05550 #ifdef POLARSSL_MD2_C 05551 case SIG_RSA_MD2: 05552 md2( message_str, msg_len, hash_result ); 05553 break; 05554 #endif 05555 #ifdef POLARSSL_MD4_C 05556 case SIG_RSA_MD4: 05557 md4( message_str, msg_len, hash_result ); 05558 break; 05559 #endif 05560 #ifdef POLARSSL_MD5_C 05561 case SIG_RSA_MD5: 05562 md5( message_str, msg_len, hash_result ); 05563 break; 05564 #endif 05565 #ifdef POLARSSL_SHA1_C 05566 case SIG_RSA_SHA1: 05567 sha1( message_str, msg_len, hash_result ); 05568 break; 05569 #endif 05570 #ifdef POLARSSL_SHA2_C 05571 case SIG_RSA_SHA224: 05572 sha2( message_str, msg_len, hash_result, 1 ); 05573 break; 05574 case SIG_RSA_SHA256: 05575 sha2( message_str, msg_len, hash_result, 0 ); 05576 break; 05577 #endif 05578 #ifdef POLARSSL_SHA4_C 05579 case SIG_RSA_SHA384: 05580 sha4( message_str, msg_len, hash_result, 1 ); 05581 break; 05582 case SIG_RSA_SHA512: 05583 sha4( message_str, msg_len, hash_result, 0 ); 05584 break; 05585 #endif 05586 } 05587 05588 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 05589 } 05590 FCT_TEST_END(); 05591 05592 05593 FCT_TEST_BGN(rsassa_pss_signature_example_1_1) 05594 { 05595 unsigned char message_str[1000]; 05596 unsigned char hash_result[1000]; 05597 unsigned char output[1000]; 05598 unsigned char output_str[1000]; 05599 unsigned char rnd_buf[1000]; 05600 rsa_context ctx; 05601 mpi P1, Q1, H, G; 05602 size_t msg_len; 05603 rnd_buf_info info; 05604 05605 info.length = unhexify( rnd_buf, "dee959c7e06411361420ff80185ed57f3e6776af" ); 05606 info.buf = rnd_buf; 05607 05608 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 05609 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 05610 05611 memset( message_str, 0x00, 1000 ); 05612 memset( hash_result, 0x00, 1000 ); 05613 memset( output, 0x00, 1000 ); 05614 memset( output_str, 0x00, 1000 ); 05615 05616 ctx.len = 1024 / 8 + ( ( 1024 % 8 ) ? 1 : 0 ); 05617 fct_chk( mpi_read_string( &ctx.P, 16, "e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443" ) == 0 ); 05618 fct_chk( mpi_read_string( &ctx.Q, 16, "b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd" ) == 0 ); 05619 fct_chk( mpi_read_string( &ctx.N, 16, "a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137" ) == 0 ); 05620 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 05621 05622 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 05623 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 05624 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 05625 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 05626 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 05627 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 05628 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 05629 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 05630 05631 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 05632 05633 msg_len = unhexify( message_str, "cdc87da223d786df3b45e0bbbc721326d1ee2af806cc315475cc6f0d9c66e1b62371d45ce2392e1ac92844c310102f156a0d8d52c1f4c40ba3aa65095786cb769757a6563ba958fed0bcc984e8b517a3d5f515b23b8a41e74aa867693f90dfb061a6e86dfaaee64472c00e5f20945729cbebe77f06ce78e08f4098fba41f9d6193c0317e8b60d4b6084acb42d29e3808a3bc372d85e331170fcbf7cc72d0b71c296648b3a4d10f416295d0807aa625cab2744fd9ea8fd223c42537029828bd16be02546f130fd2e33b936d2676e08aed1b73318b750a0167d0" ); 05634 05635 switch( SIG_RSA_SHA1 ) 05636 { 05637 #ifdef POLARSSL_MD2_C 05638 case SIG_RSA_MD2: 05639 md2( message_str, msg_len, hash_result ); 05640 break; 05641 #endif 05642 #ifdef POLARSSL_MD4_C 05643 case SIG_RSA_MD4: 05644 md4( message_str, msg_len, hash_result ); 05645 break; 05646 #endif 05647 #ifdef POLARSSL_MD5_C 05648 case SIG_RSA_MD5: 05649 md5( message_str, msg_len, hash_result ); 05650 break; 05651 #endif 05652 #ifdef POLARSSL_SHA1_C 05653 case SIG_RSA_SHA1: 05654 sha1( message_str, msg_len, hash_result ); 05655 break; 05656 #endif 05657 #ifdef POLARSSL_SHA2_C 05658 case SIG_RSA_SHA224: 05659 sha2( message_str, msg_len, hash_result, 1 ); 05660 break; 05661 case SIG_RSA_SHA256: 05662 sha2( message_str, msg_len, hash_result, 0 ); 05663 break; 05664 #endif 05665 #ifdef POLARSSL_SHA4_C 05666 case SIG_RSA_SHA384: 05667 sha4( message_str, msg_len, hash_result, 1 ); 05668 break; 05669 case SIG_RSA_SHA512: 05670 sha4( message_str, msg_len, hash_result, 0 ); 05671 break; 05672 #endif 05673 } 05674 05675 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 05676 if( 0 == 0 ) 05677 { 05678 hexify( output_str, output, ctx.len); 05679 05680 fct_chk( strcasecmp( (char *) output_str, "9074308fb598e9701b2294388e52f971faac2b60a5145af185df5287b5ed2887e57ce7fd44dc8634e407c8e0e4360bc226f3ec227f9d9e54638e8d31f5051215df6ebb9c2f9579aa77598a38f914b5b9c1bd83c4e2f9f382a0d0aa3542ffee65984a601bc69eb28deb27dca12c82c2d4c3f66cd500f1ff2b994d8a4e30cbb33c" ) == 0 ); 05681 } 05682 05683 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 05684 } 05685 FCT_TEST_END(); 05686 05687 05688 FCT_TEST_BGN(rsassa_pss_signature_example_1_1_verify) 05689 { 05690 unsigned char message_str[1000]; 05691 unsigned char hash_result[1000]; 05692 unsigned char result_str[1000]; 05693 rsa_context ctx; 05694 size_t msg_len; 05695 05696 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 05697 memset( message_str, 0x00, 1000 ); 05698 memset( hash_result, 0x00, 1000 ); 05699 memset( result_str, 0x00, 1000 ); 05700 05701 ctx.len = 1024 / 8 + ( ( 1024 % 8 ) ? 1 : 0 ); 05702 fct_chk( mpi_read_string( &ctx.N, 16, "a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137" ) == 0 ); 05703 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 05704 05705 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 05706 05707 msg_len = unhexify( message_str, "cdc87da223d786df3b45e0bbbc721326d1ee2af806cc315475cc6f0d9c66e1b62371d45ce2392e1ac92844c310102f156a0d8d52c1f4c40ba3aa65095786cb769757a6563ba958fed0bcc984e8b517a3d5f515b23b8a41e74aa867693f90dfb061a6e86dfaaee64472c00e5f20945729cbebe77f06ce78e08f4098fba41f9d6193c0317e8b60d4b6084acb42d29e3808a3bc372d85e331170fcbf7cc72d0b71c296648b3a4d10f416295d0807aa625cab2744fd9ea8fd223c42537029828bd16be02546f130fd2e33b936d2676e08aed1b73318b750a0167d0" ); 05708 unhexify( result_str, "9074308fb598e9701b2294388e52f971faac2b60a5145af185df5287b5ed2887e57ce7fd44dc8634e407c8e0e4360bc226f3ec227f9d9e54638e8d31f5051215df6ebb9c2f9579aa77598a38f914b5b9c1bd83c4e2f9f382a0d0aa3542ffee65984a601bc69eb28deb27dca12c82c2d4c3f66cd500f1ff2b994d8a4e30cbb33c" ); 05709 05710 switch( SIG_RSA_SHA1 ) 05711 { 05712 #ifdef POLARSSL_MD2_C 05713 case SIG_RSA_MD2: 05714 md2( message_str, msg_len, hash_result ); 05715 break; 05716 #endif 05717 #ifdef POLARSSL_MD4_C 05718 case SIG_RSA_MD4: 05719 md4( message_str, msg_len, hash_result ); 05720 break; 05721 #endif 05722 #ifdef POLARSSL_MD5_C 05723 case SIG_RSA_MD5: 05724 md5( message_str, msg_len, hash_result ); 05725 break; 05726 #endif 05727 #ifdef POLARSSL_SHA1_C 05728 case SIG_RSA_SHA1: 05729 sha1( message_str, msg_len, hash_result ); 05730 break; 05731 #endif 05732 #ifdef POLARSSL_SHA2_C 05733 case SIG_RSA_SHA224: 05734 sha2( message_str, msg_len, hash_result, 1 ); 05735 break; 05736 case SIG_RSA_SHA256: 05737 sha2( message_str, msg_len, hash_result, 0 ); 05738 break; 05739 #endif 05740 #ifdef POLARSSL_SHA4_C 05741 case SIG_RSA_SHA384: 05742 sha4( message_str, msg_len, hash_result, 1 ); 05743 break; 05744 case SIG_RSA_SHA512: 05745 sha4( message_str, msg_len, hash_result, 0 ); 05746 break; 05747 #endif 05748 } 05749 05750 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 05751 } 05752 FCT_TEST_END(); 05753 05754 05755 FCT_TEST_BGN(rsassa_pss_signature_example_1_2) 05756 { 05757 unsigned char message_str[1000]; 05758 unsigned char hash_result[1000]; 05759 unsigned char output[1000]; 05760 unsigned char output_str[1000]; 05761 unsigned char rnd_buf[1000]; 05762 rsa_context ctx; 05763 mpi P1, Q1, H, G; 05764 size_t msg_len; 05765 rnd_buf_info info; 05766 05767 info.length = unhexify( rnd_buf, "ef2869fa40c346cb183dab3d7bffc98fd56df42d" ); 05768 info.buf = rnd_buf; 05769 05770 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 05771 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 05772 05773 memset( message_str, 0x00, 1000 ); 05774 memset( hash_result, 0x00, 1000 ); 05775 memset( output, 0x00, 1000 ); 05776 memset( output_str, 0x00, 1000 ); 05777 05778 ctx.len = 1024 / 8 + ( ( 1024 % 8 ) ? 1 : 0 ); 05779 fct_chk( mpi_read_string( &ctx.P, 16, "e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443" ) == 0 ); 05780 fct_chk( mpi_read_string( &ctx.Q, 16, "b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd" ) == 0 ); 05781 fct_chk( mpi_read_string( &ctx.N, 16, "a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137" ) == 0 ); 05782 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 05783 05784 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 05785 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 05786 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 05787 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 05788 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 05789 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 05790 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 05791 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 05792 05793 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 05794 05795 msg_len = unhexify( message_str, "851384cdfe819c22ed6c4ccb30daeb5cf059bc8e1166b7e3530c4c233e2b5f8f71a1cca582d43ecc72b1bca16dfc7013226b9e" ); 05796 05797 switch( SIG_RSA_SHA1 ) 05798 { 05799 #ifdef POLARSSL_MD2_C 05800 case SIG_RSA_MD2: 05801 md2( message_str, msg_len, hash_result ); 05802 break; 05803 #endif 05804 #ifdef POLARSSL_MD4_C 05805 case SIG_RSA_MD4: 05806 md4( message_str, msg_len, hash_result ); 05807 break; 05808 #endif 05809 #ifdef POLARSSL_MD5_C 05810 case SIG_RSA_MD5: 05811 md5( message_str, msg_len, hash_result ); 05812 break; 05813 #endif 05814 #ifdef POLARSSL_SHA1_C 05815 case SIG_RSA_SHA1: 05816 sha1( message_str, msg_len, hash_result ); 05817 break; 05818 #endif 05819 #ifdef POLARSSL_SHA2_C 05820 case SIG_RSA_SHA224: 05821 sha2( message_str, msg_len, hash_result, 1 ); 05822 break; 05823 case SIG_RSA_SHA256: 05824 sha2( message_str, msg_len, hash_result, 0 ); 05825 break; 05826 #endif 05827 #ifdef POLARSSL_SHA4_C 05828 case SIG_RSA_SHA384: 05829 sha4( message_str, msg_len, hash_result, 1 ); 05830 break; 05831 case SIG_RSA_SHA512: 05832 sha4( message_str, msg_len, hash_result, 0 ); 05833 break; 05834 #endif 05835 } 05836 05837 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 05838 if( 0 == 0 ) 05839 { 05840 hexify( output_str, output, ctx.len); 05841 05842 fct_chk( strcasecmp( (char *) output_str, "3ef7f46e831bf92b32274142a585ffcefbdca7b32ae90d10fb0f0c729984f04ef29a9df0780775ce43739b97838390db0a5505e63de927028d9d29b219ca2c4517832558a55d694a6d25b9dab66003c4cccd907802193be5170d26147d37b93590241be51c25055f47ef62752cfbe21418fafe98c22c4d4d47724fdb5669e843" ) == 0 ); 05843 } 05844 05845 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 05846 } 05847 FCT_TEST_END(); 05848 05849 05850 FCT_TEST_BGN(rsassa_pss_signature_example_1_2_verify) 05851 { 05852 unsigned char message_str[1000]; 05853 unsigned char hash_result[1000]; 05854 unsigned char result_str[1000]; 05855 rsa_context ctx; 05856 size_t msg_len; 05857 05858 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 05859 memset( message_str, 0x00, 1000 ); 05860 memset( hash_result, 0x00, 1000 ); 05861 memset( result_str, 0x00, 1000 ); 05862 05863 ctx.len = 1024 / 8 + ( ( 1024 % 8 ) ? 1 : 0 ); 05864 fct_chk( mpi_read_string( &ctx.N, 16, "a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137" ) == 0 ); 05865 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 05866 05867 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 05868 05869 msg_len = unhexify( message_str, "851384cdfe819c22ed6c4ccb30daeb5cf059bc8e1166b7e3530c4c233e2b5f8f71a1cca582d43ecc72b1bca16dfc7013226b9e" ); 05870 unhexify( result_str, "3ef7f46e831bf92b32274142a585ffcefbdca7b32ae90d10fb0f0c729984f04ef29a9df0780775ce43739b97838390db0a5505e63de927028d9d29b219ca2c4517832558a55d694a6d25b9dab66003c4cccd907802193be5170d26147d37b93590241be51c25055f47ef62752cfbe21418fafe98c22c4d4d47724fdb5669e843" ); 05871 05872 switch( SIG_RSA_SHA1 ) 05873 { 05874 #ifdef POLARSSL_MD2_C 05875 case SIG_RSA_MD2: 05876 md2( message_str, msg_len, hash_result ); 05877 break; 05878 #endif 05879 #ifdef POLARSSL_MD4_C 05880 case SIG_RSA_MD4: 05881 md4( message_str, msg_len, hash_result ); 05882 break; 05883 #endif 05884 #ifdef POLARSSL_MD5_C 05885 case SIG_RSA_MD5: 05886 md5( message_str, msg_len, hash_result ); 05887 break; 05888 #endif 05889 #ifdef POLARSSL_SHA1_C 05890 case SIG_RSA_SHA1: 05891 sha1( message_str, msg_len, hash_result ); 05892 break; 05893 #endif 05894 #ifdef POLARSSL_SHA2_C 05895 case SIG_RSA_SHA224: 05896 sha2( message_str, msg_len, hash_result, 1 ); 05897 break; 05898 case SIG_RSA_SHA256: 05899 sha2( message_str, msg_len, hash_result, 0 ); 05900 break; 05901 #endif 05902 #ifdef POLARSSL_SHA4_C 05903 case SIG_RSA_SHA384: 05904 sha4( message_str, msg_len, hash_result, 1 ); 05905 break; 05906 case SIG_RSA_SHA512: 05907 sha4( message_str, msg_len, hash_result, 0 ); 05908 break; 05909 #endif 05910 } 05911 05912 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 05913 } 05914 FCT_TEST_END(); 05915 05916 05917 FCT_TEST_BGN(rsassa_pss_signature_example_1_3) 05918 { 05919 unsigned char message_str[1000]; 05920 unsigned char hash_result[1000]; 05921 unsigned char output[1000]; 05922 unsigned char output_str[1000]; 05923 unsigned char rnd_buf[1000]; 05924 rsa_context ctx; 05925 mpi P1, Q1, H, G; 05926 size_t msg_len; 05927 rnd_buf_info info; 05928 05929 info.length = unhexify( rnd_buf, "710b9c4747d800d4de87f12afdce6df18107cc77" ); 05930 info.buf = rnd_buf; 05931 05932 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 05933 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 05934 05935 memset( message_str, 0x00, 1000 ); 05936 memset( hash_result, 0x00, 1000 ); 05937 memset( output, 0x00, 1000 ); 05938 memset( output_str, 0x00, 1000 ); 05939 05940 ctx.len = 1024 / 8 + ( ( 1024 % 8 ) ? 1 : 0 ); 05941 fct_chk( mpi_read_string( &ctx.P, 16, "e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443" ) == 0 ); 05942 fct_chk( mpi_read_string( &ctx.Q, 16, "b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd" ) == 0 ); 05943 fct_chk( mpi_read_string( &ctx.N, 16, "a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137" ) == 0 ); 05944 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 05945 05946 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 05947 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 05948 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 05949 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 05950 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 05951 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 05952 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 05953 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 05954 05955 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 05956 05957 msg_len = unhexify( message_str, "a4b159941761c40c6a82f2b80d1b94f5aa2654fd17e12d588864679b54cd04ef8bd03012be8dc37f4b83af7963faff0dfa225477437c48017ff2be8191cf3955fc07356eab3f322f7f620e21d254e5db4324279fe067e0910e2e81ca2cab31c745e67a54058eb50d993cdb9ed0b4d029c06d21a94ca661c3ce27fae1d6cb20f4564d66ce4767583d0e5f060215b59017be85ea848939127bd8c9c4d47b51056c031cf336f17c9980f3b8f5b9b6878e8b797aa43b882684333e17893fe9caa6aa299f7ed1a18ee2c54864b7b2b99b72618fb02574d139ef50f019c9eef416971338e7d470" ); 05958 05959 switch( SIG_RSA_SHA1 ) 05960 { 05961 #ifdef POLARSSL_MD2_C 05962 case SIG_RSA_MD2: 05963 md2( message_str, msg_len, hash_result ); 05964 break; 05965 #endif 05966 #ifdef POLARSSL_MD4_C 05967 case SIG_RSA_MD4: 05968 md4( message_str, msg_len, hash_result ); 05969 break; 05970 #endif 05971 #ifdef POLARSSL_MD5_C 05972 case SIG_RSA_MD5: 05973 md5( message_str, msg_len, hash_result ); 05974 break; 05975 #endif 05976 #ifdef POLARSSL_SHA1_C 05977 case SIG_RSA_SHA1: 05978 sha1( message_str, msg_len, hash_result ); 05979 break; 05980 #endif 05981 #ifdef POLARSSL_SHA2_C 05982 case SIG_RSA_SHA224: 05983 sha2( message_str, msg_len, hash_result, 1 ); 05984 break; 05985 case SIG_RSA_SHA256: 05986 sha2( message_str, msg_len, hash_result, 0 ); 05987 break; 05988 #endif 05989 #ifdef POLARSSL_SHA4_C 05990 case SIG_RSA_SHA384: 05991 sha4( message_str, msg_len, hash_result, 1 ); 05992 break; 05993 case SIG_RSA_SHA512: 05994 sha4( message_str, msg_len, hash_result, 0 ); 05995 break; 05996 #endif 05997 } 05998 05999 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 06000 if( 0 == 0 ) 06001 { 06002 hexify( output_str, output, ctx.len); 06003 06004 fct_chk( strcasecmp( (char *) output_str, "666026fba71bd3e7cf13157cc2c51a8e4aa684af9778f91849f34335d141c00154c4197621f9624a675b5abc22ee7d5baaffaae1c9baca2cc373b3f33e78e6143c395a91aa7faca664eb733afd14d8827259d99a7550faca501ef2b04e33c23aa51f4b9e8282efdb728cc0ab09405a91607c6369961bc8270d2d4f39fce612b1" ) == 0 ); 06005 } 06006 06007 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 06008 } 06009 FCT_TEST_END(); 06010 06011 06012 FCT_TEST_BGN(rsassa_pss_signature_example_1_3_verify) 06013 { 06014 unsigned char message_str[1000]; 06015 unsigned char hash_result[1000]; 06016 unsigned char result_str[1000]; 06017 rsa_context ctx; 06018 size_t msg_len; 06019 06020 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 06021 memset( message_str, 0x00, 1000 ); 06022 memset( hash_result, 0x00, 1000 ); 06023 memset( result_str, 0x00, 1000 ); 06024 06025 ctx.len = 1024 / 8 + ( ( 1024 % 8 ) ? 1 : 0 ); 06026 fct_chk( mpi_read_string( &ctx.N, 16, "a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137" ) == 0 ); 06027 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 06028 06029 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 06030 06031 msg_len = unhexify( message_str, "a4b159941761c40c6a82f2b80d1b94f5aa2654fd17e12d588864679b54cd04ef8bd03012be8dc37f4b83af7963faff0dfa225477437c48017ff2be8191cf3955fc07356eab3f322f7f620e21d254e5db4324279fe067e0910e2e81ca2cab31c745e67a54058eb50d993cdb9ed0b4d029c06d21a94ca661c3ce27fae1d6cb20f4564d66ce4767583d0e5f060215b59017be85ea848939127bd8c9c4d47b51056c031cf336f17c9980f3b8f5b9b6878e8b797aa43b882684333e17893fe9caa6aa299f7ed1a18ee2c54864b7b2b99b72618fb02574d139ef50f019c9eef416971338e7d470" ); 06032 unhexify( result_str, "666026fba71bd3e7cf13157cc2c51a8e4aa684af9778f91849f34335d141c00154c4197621f9624a675b5abc22ee7d5baaffaae1c9baca2cc373b3f33e78e6143c395a91aa7faca664eb733afd14d8827259d99a7550faca501ef2b04e33c23aa51f4b9e8282efdb728cc0ab09405a91607c6369961bc8270d2d4f39fce612b1" ); 06033 06034 switch( SIG_RSA_SHA1 ) 06035 { 06036 #ifdef POLARSSL_MD2_C 06037 case SIG_RSA_MD2: 06038 md2( message_str, msg_len, hash_result ); 06039 break; 06040 #endif 06041 #ifdef POLARSSL_MD4_C 06042 case SIG_RSA_MD4: 06043 md4( message_str, msg_len, hash_result ); 06044 break; 06045 #endif 06046 #ifdef POLARSSL_MD5_C 06047 case SIG_RSA_MD5: 06048 md5( message_str, msg_len, hash_result ); 06049 break; 06050 #endif 06051 #ifdef POLARSSL_SHA1_C 06052 case SIG_RSA_SHA1: 06053 sha1( message_str, msg_len, hash_result ); 06054 break; 06055 #endif 06056 #ifdef POLARSSL_SHA2_C 06057 case SIG_RSA_SHA224: 06058 sha2( message_str, msg_len, hash_result, 1 ); 06059 break; 06060 case SIG_RSA_SHA256: 06061 sha2( message_str, msg_len, hash_result, 0 ); 06062 break; 06063 #endif 06064 #ifdef POLARSSL_SHA4_C 06065 case SIG_RSA_SHA384: 06066 sha4( message_str, msg_len, hash_result, 1 ); 06067 break; 06068 case SIG_RSA_SHA512: 06069 sha4( message_str, msg_len, hash_result, 0 ); 06070 break; 06071 #endif 06072 } 06073 06074 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 06075 } 06076 FCT_TEST_END(); 06077 06078 06079 FCT_TEST_BGN(rsassa_pss_signature_example_1_4) 06080 { 06081 unsigned char message_str[1000]; 06082 unsigned char hash_result[1000]; 06083 unsigned char output[1000]; 06084 unsigned char output_str[1000]; 06085 unsigned char rnd_buf[1000]; 06086 rsa_context ctx; 06087 mpi P1, Q1, H, G; 06088 size_t msg_len; 06089 rnd_buf_info info; 06090 06091 info.length = unhexify( rnd_buf, "056f00985de14d8ef5cea9e82f8c27bef720335e" ); 06092 info.buf = rnd_buf; 06093 06094 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 06095 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 06096 06097 memset( message_str, 0x00, 1000 ); 06098 memset( hash_result, 0x00, 1000 ); 06099 memset( output, 0x00, 1000 ); 06100 memset( output_str, 0x00, 1000 ); 06101 06102 ctx.len = 1024 / 8 + ( ( 1024 % 8 ) ? 1 : 0 ); 06103 fct_chk( mpi_read_string( &ctx.P, 16, "e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443" ) == 0 ); 06104 fct_chk( mpi_read_string( &ctx.Q, 16, "b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd" ) == 0 ); 06105 fct_chk( mpi_read_string( &ctx.N, 16, "a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137" ) == 0 ); 06106 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 06107 06108 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 06109 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 06110 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 06111 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 06112 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 06113 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 06114 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 06115 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 06116 06117 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 06118 06119 msg_len = unhexify( message_str, "bc656747fa9eafb3f0" ); 06120 06121 switch( SIG_RSA_SHA1 ) 06122 { 06123 #ifdef POLARSSL_MD2_C 06124 case SIG_RSA_MD2: 06125 md2( message_str, msg_len, hash_result ); 06126 break; 06127 #endif 06128 #ifdef POLARSSL_MD4_C 06129 case SIG_RSA_MD4: 06130 md4( message_str, msg_len, hash_result ); 06131 break; 06132 #endif 06133 #ifdef POLARSSL_MD5_C 06134 case SIG_RSA_MD5: 06135 md5( message_str, msg_len, hash_result ); 06136 break; 06137 #endif 06138 #ifdef POLARSSL_SHA1_C 06139 case SIG_RSA_SHA1: 06140 sha1( message_str, msg_len, hash_result ); 06141 break; 06142 #endif 06143 #ifdef POLARSSL_SHA2_C 06144 case SIG_RSA_SHA224: 06145 sha2( message_str, msg_len, hash_result, 1 ); 06146 break; 06147 case SIG_RSA_SHA256: 06148 sha2( message_str, msg_len, hash_result, 0 ); 06149 break; 06150 #endif 06151 #ifdef POLARSSL_SHA4_C 06152 case SIG_RSA_SHA384: 06153 sha4( message_str, msg_len, hash_result, 1 ); 06154 break; 06155 case SIG_RSA_SHA512: 06156 sha4( message_str, msg_len, hash_result, 0 ); 06157 break; 06158 #endif 06159 } 06160 06161 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 06162 if( 0 == 0 ) 06163 { 06164 hexify( output_str, output, ctx.len); 06165 06166 fct_chk( strcasecmp( (char *) output_str, "4609793b23e9d09362dc21bb47da0b4f3a7622649a47d464019b9aeafe53359c178c91cd58ba6bcb78be0346a7bc637f4b873d4bab38ee661f199634c547a1ad8442e03da015b136e543f7ab07c0c13e4225b8de8cce25d4f6eb8400f81f7e1833b7ee6e334d370964ca79fdb872b4d75223b5eeb08101591fb532d155a6de87" ) == 0 ); 06167 } 06168 06169 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 06170 } 06171 FCT_TEST_END(); 06172 06173 06174 FCT_TEST_BGN(rsassa_pss_signature_example_1_4_verify) 06175 { 06176 unsigned char message_str[1000]; 06177 unsigned char hash_result[1000]; 06178 unsigned char result_str[1000]; 06179 rsa_context ctx; 06180 size_t msg_len; 06181 06182 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 06183 memset( message_str, 0x00, 1000 ); 06184 memset( hash_result, 0x00, 1000 ); 06185 memset( result_str, 0x00, 1000 ); 06186 06187 ctx.len = 1024 / 8 + ( ( 1024 % 8 ) ? 1 : 0 ); 06188 fct_chk( mpi_read_string( &ctx.N, 16, "a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137" ) == 0 ); 06189 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 06190 06191 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 06192 06193 msg_len = unhexify( message_str, "bc656747fa9eafb3f0" ); 06194 unhexify( result_str, "4609793b23e9d09362dc21bb47da0b4f3a7622649a47d464019b9aeafe53359c178c91cd58ba6bcb78be0346a7bc637f4b873d4bab38ee661f199634c547a1ad8442e03da015b136e543f7ab07c0c13e4225b8de8cce25d4f6eb8400f81f7e1833b7ee6e334d370964ca79fdb872b4d75223b5eeb08101591fb532d155a6de87" ); 06195 06196 switch( SIG_RSA_SHA1 ) 06197 { 06198 #ifdef POLARSSL_MD2_C 06199 case SIG_RSA_MD2: 06200 md2( message_str, msg_len, hash_result ); 06201 break; 06202 #endif 06203 #ifdef POLARSSL_MD4_C 06204 case SIG_RSA_MD4: 06205 md4( message_str, msg_len, hash_result ); 06206 break; 06207 #endif 06208 #ifdef POLARSSL_MD5_C 06209 case SIG_RSA_MD5: 06210 md5( message_str, msg_len, hash_result ); 06211 break; 06212 #endif 06213 #ifdef POLARSSL_SHA1_C 06214 case SIG_RSA_SHA1: 06215 sha1( message_str, msg_len, hash_result ); 06216 break; 06217 #endif 06218 #ifdef POLARSSL_SHA2_C 06219 case SIG_RSA_SHA224: 06220 sha2( message_str, msg_len, hash_result, 1 ); 06221 break; 06222 case SIG_RSA_SHA256: 06223 sha2( message_str, msg_len, hash_result, 0 ); 06224 break; 06225 #endif 06226 #ifdef POLARSSL_SHA4_C 06227 case SIG_RSA_SHA384: 06228 sha4( message_str, msg_len, hash_result, 1 ); 06229 break; 06230 case SIG_RSA_SHA512: 06231 sha4( message_str, msg_len, hash_result, 0 ); 06232 break; 06233 #endif 06234 } 06235 06236 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 06237 } 06238 FCT_TEST_END(); 06239 06240 06241 FCT_TEST_BGN(rsassa_pss_signature_example_1_5) 06242 { 06243 unsigned char message_str[1000]; 06244 unsigned char hash_result[1000]; 06245 unsigned char output[1000]; 06246 unsigned char output_str[1000]; 06247 unsigned char rnd_buf[1000]; 06248 rsa_context ctx; 06249 mpi P1, Q1, H, G; 06250 size_t msg_len; 06251 rnd_buf_info info; 06252 06253 info.length = unhexify( rnd_buf, "80e70ff86a08de3ec60972b39b4fbfdcea67ae8e" ); 06254 info.buf = rnd_buf; 06255 06256 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 06257 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 06258 06259 memset( message_str, 0x00, 1000 ); 06260 memset( hash_result, 0x00, 1000 ); 06261 memset( output, 0x00, 1000 ); 06262 memset( output_str, 0x00, 1000 ); 06263 06264 ctx.len = 1024 / 8 + ( ( 1024 % 8 ) ? 1 : 0 ); 06265 fct_chk( mpi_read_string( &ctx.P, 16, "e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443" ) == 0 ); 06266 fct_chk( mpi_read_string( &ctx.Q, 16, "b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd" ) == 0 ); 06267 fct_chk( mpi_read_string( &ctx.N, 16, "a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137" ) == 0 ); 06268 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 06269 06270 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 06271 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 06272 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 06273 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 06274 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 06275 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 06276 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 06277 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 06278 06279 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 06280 06281 msg_len = unhexify( message_str, "b45581547e5427770c768e8b82b75564e0ea4e9c32594d6bff706544de0a8776c7a80b4576550eee1b2acabc7e8b7d3ef7bb5b03e462c11047eadd00629ae575480ac1470fe046f13a2bf5af17921dc4b0aa8b02bee6334911651d7f8525d10f32b51d33be520d3ddf5a709955a3dfe78283b9e0ab54046d150c177f037fdccc5be4ea5f68b5e5a38c9d7edcccc4975f455a6909b4" ); 06282 06283 switch( SIG_RSA_SHA1 ) 06284 { 06285 #ifdef POLARSSL_MD2_C 06286 case SIG_RSA_MD2: 06287 md2( message_str, msg_len, hash_result ); 06288 break; 06289 #endif 06290 #ifdef POLARSSL_MD4_C 06291 case SIG_RSA_MD4: 06292 md4( message_str, msg_len, hash_result ); 06293 break; 06294 #endif 06295 #ifdef POLARSSL_MD5_C 06296 case SIG_RSA_MD5: 06297 md5( message_str, msg_len, hash_result ); 06298 break; 06299 #endif 06300 #ifdef POLARSSL_SHA1_C 06301 case SIG_RSA_SHA1: 06302 sha1( message_str, msg_len, hash_result ); 06303 break; 06304 #endif 06305 #ifdef POLARSSL_SHA2_C 06306 case SIG_RSA_SHA224: 06307 sha2( message_str, msg_len, hash_result, 1 ); 06308 break; 06309 case SIG_RSA_SHA256: 06310 sha2( message_str, msg_len, hash_result, 0 ); 06311 break; 06312 #endif 06313 #ifdef POLARSSL_SHA4_C 06314 case SIG_RSA_SHA384: 06315 sha4( message_str, msg_len, hash_result, 1 ); 06316 break; 06317 case SIG_RSA_SHA512: 06318 sha4( message_str, msg_len, hash_result, 0 ); 06319 break; 06320 #endif 06321 } 06322 06323 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 06324 if( 0 == 0 ) 06325 { 06326 hexify( output_str, output, ctx.len); 06327 06328 fct_chk( strcasecmp( (char *) output_str, "1d2aad221ca4d31ddf13509239019398e3d14b32dc34dc5af4aeaea3c095af73479cf0a45e5629635a53a018377615b16cb9b13b3e09d671eb71e387b8545c5960da5a64776e768e82b2c93583bf104c3fdb23512b7b4e89f633dd0063a530db4524b01c3f384c09310e315a79dcd3d684022a7f31c865a664e316978b759fad" ) == 0 ); 06329 } 06330 06331 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 06332 } 06333 FCT_TEST_END(); 06334 06335 06336 FCT_TEST_BGN(rsassa_pss_signature_example_1_5_verify) 06337 { 06338 unsigned char message_str[1000]; 06339 unsigned char hash_result[1000]; 06340 unsigned char result_str[1000]; 06341 rsa_context ctx; 06342 size_t msg_len; 06343 06344 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 06345 memset( message_str, 0x00, 1000 ); 06346 memset( hash_result, 0x00, 1000 ); 06347 memset( result_str, 0x00, 1000 ); 06348 06349 ctx.len = 1024 / 8 + ( ( 1024 % 8 ) ? 1 : 0 ); 06350 fct_chk( mpi_read_string( &ctx.N, 16, "a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137" ) == 0 ); 06351 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 06352 06353 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 06354 06355 msg_len = unhexify( message_str, "b45581547e5427770c768e8b82b75564e0ea4e9c32594d6bff706544de0a8776c7a80b4576550eee1b2acabc7e8b7d3ef7bb5b03e462c11047eadd00629ae575480ac1470fe046f13a2bf5af17921dc4b0aa8b02bee6334911651d7f8525d10f32b51d33be520d3ddf5a709955a3dfe78283b9e0ab54046d150c177f037fdccc5be4ea5f68b5e5a38c9d7edcccc4975f455a6909b4" ); 06356 unhexify( result_str, "1d2aad221ca4d31ddf13509239019398e3d14b32dc34dc5af4aeaea3c095af73479cf0a45e5629635a53a018377615b16cb9b13b3e09d671eb71e387b8545c5960da5a64776e768e82b2c93583bf104c3fdb23512b7b4e89f633dd0063a530db4524b01c3f384c09310e315a79dcd3d684022a7f31c865a664e316978b759fad" ); 06357 06358 switch( SIG_RSA_SHA1 ) 06359 { 06360 #ifdef POLARSSL_MD2_C 06361 case SIG_RSA_MD2: 06362 md2( message_str, msg_len, hash_result ); 06363 break; 06364 #endif 06365 #ifdef POLARSSL_MD4_C 06366 case SIG_RSA_MD4: 06367 md4( message_str, msg_len, hash_result ); 06368 break; 06369 #endif 06370 #ifdef POLARSSL_MD5_C 06371 case SIG_RSA_MD5: 06372 md5( message_str, msg_len, hash_result ); 06373 break; 06374 #endif 06375 #ifdef POLARSSL_SHA1_C 06376 case SIG_RSA_SHA1: 06377 sha1( message_str, msg_len, hash_result ); 06378 break; 06379 #endif 06380 #ifdef POLARSSL_SHA2_C 06381 case SIG_RSA_SHA224: 06382 sha2( message_str, msg_len, hash_result, 1 ); 06383 break; 06384 case SIG_RSA_SHA256: 06385 sha2( message_str, msg_len, hash_result, 0 ); 06386 break; 06387 #endif 06388 #ifdef POLARSSL_SHA4_C 06389 case SIG_RSA_SHA384: 06390 sha4( message_str, msg_len, hash_result, 1 ); 06391 break; 06392 case SIG_RSA_SHA512: 06393 sha4( message_str, msg_len, hash_result, 0 ); 06394 break; 06395 #endif 06396 } 06397 06398 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 06399 } 06400 FCT_TEST_END(); 06401 06402 06403 FCT_TEST_BGN(rsassa_pss_signature_example_1_6) 06404 { 06405 unsigned char message_str[1000]; 06406 unsigned char hash_result[1000]; 06407 unsigned char output[1000]; 06408 unsigned char output_str[1000]; 06409 unsigned char rnd_buf[1000]; 06410 rsa_context ctx; 06411 mpi P1, Q1, H, G; 06412 size_t msg_len; 06413 rnd_buf_info info; 06414 06415 info.length = unhexify( rnd_buf, "a8ab69dd801f0074c2a1fc60649836c616d99681" ); 06416 info.buf = rnd_buf; 06417 06418 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 06419 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 06420 06421 memset( message_str, 0x00, 1000 ); 06422 memset( hash_result, 0x00, 1000 ); 06423 memset( output, 0x00, 1000 ); 06424 memset( output_str, 0x00, 1000 ); 06425 06426 ctx.len = 1024 / 8 + ( ( 1024 % 8 ) ? 1 : 0 ); 06427 fct_chk( mpi_read_string( &ctx.P, 16, "e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443" ) == 0 ); 06428 fct_chk( mpi_read_string( &ctx.Q, 16, "b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd" ) == 0 ); 06429 fct_chk( mpi_read_string( &ctx.N, 16, "a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137" ) == 0 ); 06430 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 06431 06432 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 06433 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 06434 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 06435 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 06436 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 06437 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 06438 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 06439 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 06440 06441 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 06442 06443 msg_len = unhexify( message_str, "10aae9a0ab0b595d0841207b700d48d75faedde3b775cd6b4cc88ae06e4694ec74ba18f8520d4f5ea69cbbe7cc2beba43efdc10215ac4eb32dc302a1f53dc6c4352267e7936cfebf7c8d67035784a3909fa859c7b7b59b8e39c5c2349f1886b705a30267d402f7486ab4f58cad5d69adb17ab8cd0ce1caf5025af4ae24b1fb8794c6070cc09a51e2f9911311e3877d0044c71c57a993395008806b723ac38373d395481818528c1e7053739282053529510e935cd0fa77b8fa53cc2d474bd4fb3cc5c672d6ffdc90a00f9848712c4bcfe46c60573659b11e6457e861f0f604b6138d144f8ce4e2da73" ); 06444 06445 switch( SIG_RSA_SHA1 ) 06446 { 06447 #ifdef POLARSSL_MD2_C 06448 case SIG_RSA_MD2: 06449 md2( message_str, msg_len, hash_result ); 06450 break; 06451 #endif 06452 #ifdef POLARSSL_MD4_C 06453 case SIG_RSA_MD4: 06454 md4( message_str, msg_len, hash_result ); 06455 break; 06456 #endif 06457 #ifdef POLARSSL_MD5_C 06458 case SIG_RSA_MD5: 06459 md5( message_str, msg_len, hash_result ); 06460 break; 06461 #endif 06462 #ifdef POLARSSL_SHA1_C 06463 case SIG_RSA_SHA1: 06464 sha1( message_str, msg_len, hash_result ); 06465 break; 06466 #endif 06467 #ifdef POLARSSL_SHA2_C 06468 case SIG_RSA_SHA224: 06469 sha2( message_str, msg_len, hash_result, 1 ); 06470 break; 06471 case SIG_RSA_SHA256: 06472 sha2( message_str, msg_len, hash_result, 0 ); 06473 break; 06474 #endif 06475 #ifdef POLARSSL_SHA4_C 06476 case SIG_RSA_SHA384: 06477 sha4( message_str, msg_len, hash_result, 1 ); 06478 break; 06479 case SIG_RSA_SHA512: 06480 sha4( message_str, msg_len, hash_result, 0 ); 06481 break; 06482 #endif 06483 } 06484 06485 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 06486 if( 0 == 0 ) 06487 { 06488 hexify( output_str, output, ctx.len); 06489 06490 fct_chk( strcasecmp( (char *) output_str, "2a34f6125e1f6b0bf971e84fbd41c632be8f2c2ace7de8b6926e31ff93e9af987fbc06e51e9be14f5198f91f3f953bd67da60a9df59764c3dc0fe08e1cbef0b75f868d10ad3fba749fef59fb6dac46a0d6e504369331586f58e4628f39aa278982543bc0eeb537dc61958019b394fb273f215858a0a01ac4d650b955c67f4c58" ) == 0 ); 06491 } 06492 06493 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 06494 } 06495 FCT_TEST_END(); 06496 06497 06498 FCT_TEST_BGN(rsassa_pss_signature_example_1_6_verify) 06499 { 06500 unsigned char message_str[1000]; 06501 unsigned char hash_result[1000]; 06502 unsigned char result_str[1000]; 06503 rsa_context ctx; 06504 size_t msg_len; 06505 06506 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 06507 memset( message_str, 0x00, 1000 ); 06508 memset( hash_result, 0x00, 1000 ); 06509 memset( result_str, 0x00, 1000 ); 06510 06511 ctx.len = 1024 / 8 + ( ( 1024 % 8 ) ? 1 : 0 ); 06512 fct_chk( mpi_read_string( &ctx.N, 16, "a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137" ) == 0 ); 06513 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 06514 06515 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 06516 06517 msg_len = unhexify( message_str, "10aae9a0ab0b595d0841207b700d48d75faedde3b775cd6b4cc88ae06e4694ec74ba18f8520d4f5ea69cbbe7cc2beba43efdc10215ac4eb32dc302a1f53dc6c4352267e7936cfebf7c8d67035784a3909fa859c7b7b59b8e39c5c2349f1886b705a30267d402f7486ab4f58cad5d69adb17ab8cd0ce1caf5025af4ae24b1fb8794c6070cc09a51e2f9911311e3877d0044c71c57a993395008806b723ac38373d395481818528c1e7053739282053529510e935cd0fa77b8fa53cc2d474bd4fb3cc5c672d6ffdc90a00f9848712c4bcfe46c60573659b11e6457e861f0f604b6138d144f8ce4e2da73" ); 06518 unhexify( result_str, "2a34f6125e1f6b0bf971e84fbd41c632be8f2c2ace7de8b6926e31ff93e9af987fbc06e51e9be14f5198f91f3f953bd67da60a9df59764c3dc0fe08e1cbef0b75f868d10ad3fba749fef59fb6dac46a0d6e504369331586f58e4628f39aa278982543bc0eeb537dc61958019b394fb273f215858a0a01ac4d650b955c67f4c58" ); 06519 06520 switch( SIG_RSA_SHA1 ) 06521 { 06522 #ifdef POLARSSL_MD2_C 06523 case SIG_RSA_MD2: 06524 md2( message_str, msg_len, hash_result ); 06525 break; 06526 #endif 06527 #ifdef POLARSSL_MD4_C 06528 case SIG_RSA_MD4: 06529 md4( message_str, msg_len, hash_result ); 06530 break; 06531 #endif 06532 #ifdef POLARSSL_MD5_C 06533 case SIG_RSA_MD5: 06534 md5( message_str, msg_len, hash_result ); 06535 break; 06536 #endif 06537 #ifdef POLARSSL_SHA1_C 06538 case SIG_RSA_SHA1: 06539 sha1( message_str, msg_len, hash_result ); 06540 break; 06541 #endif 06542 #ifdef POLARSSL_SHA2_C 06543 case SIG_RSA_SHA224: 06544 sha2( message_str, msg_len, hash_result, 1 ); 06545 break; 06546 case SIG_RSA_SHA256: 06547 sha2( message_str, msg_len, hash_result, 0 ); 06548 break; 06549 #endif 06550 #ifdef POLARSSL_SHA4_C 06551 case SIG_RSA_SHA384: 06552 sha4( message_str, msg_len, hash_result, 1 ); 06553 break; 06554 case SIG_RSA_SHA512: 06555 sha4( message_str, msg_len, hash_result, 0 ); 06556 break; 06557 #endif 06558 } 06559 06560 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 06561 } 06562 FCT_TEST_END(); 06563 06564 06565 FCT_TEST_BGN(rsassa_pss_signature_example_2_1) 06566 { 06567 unsigned char message_str[1000]; 06568 unsigned char hash_result[1000]; 06569 unsigned char output[1000]; 06570 unsigned char output_str[1000]; 06571 unsigned char rnd_buf[1000]; 06572 rsa_context ctx; 06573 mpi P1, Q1, H, G; 06574 size_t msg_len; 06575 rnd_buf_info info; 06576 06577 info.length = unhexify( rnd_buf, "57bf160bcb02bb1dc7280cf0458530b7d2832ff7" ); 06578 info.buf = rnd_buf; 06579 06580 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 06581 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 06582 06583 memset( message_str, 0x00, 1000 ); 06584 memset( hash_result, 0x00, 1000 ); 06585 memset( output, 0x00, 1000 ); 06586 memset( output_str, 0x00, 1000 ); 06587 06588 ctx.len = 1025 / 8 + ( ( 1025 % 8 ) ? 1 : 0 ); 06589 fct_chk( mpi_read_string( &ctx.P, 16, "016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1" ) == 0 ); 06590 fct_chk( mpi_read_string( &ctx.Q, 16, "014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079" ) == 0 ); 06591 fct_chk( mpi_read_string( &ctx.N, 16, "01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9" ) == 0 ); 06592 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 06593 06594 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 06595 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 06596 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 06597 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 06598 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 06599 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 06600 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 06601 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 06602 06603 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 06604 06605 msg_len = unhexify( message_str, "daba032066263faedb659848115278a52c44faa3a76f37515ed336321072c40a9d9b53bc05014078adf520875146aae70ff060226dcb7b1f1fc27e9360" ); 06606 06607 switch( SIG_RSA_SHA1 ) 06608 { 06609 #ifdef POLARSSL_MD2_C 06610 case SIG_RSA_MD2: 06611 md2( message_str, msg_len, hash_result ); 06612 break; 06613 #endif 06614 #ifdef POLARSSL_MD4_C 06615 case SIG_RSA_MD4: 06616 md4( message_str, msg_len, hash_result ); 06617 break; 06618 #endif 06619 #ifdef POLARSSL_MD5_C 06620 case SIG_RSA_MD5: 06621 md5( message_str, msg_len, hash_result ); 06622 break; 06623 #endif 06624 #ifdef POLARSSL_SHA1_C 06625 case SIG_RSA_SHA1: 06626 sha1( message_str, msg_len, hash_result ); 06627 break; 06628 #endif 06629 #ifdef POLARSSL_SHA2_C 06630 case SIG_RSA_SHA224: 06631 sha2( message_str, msg_len, hash_result, 1 ); 06632 break; 06633 case SIG_RSA_SHA256: 06634 sha2( message_str, msg_len, hash_result, 0 ); 06635 break; 06636 #endif 06637 #ifdef POLARSSL_SHA4_C 06638 case SIG_RSA_SHA384: 06639 sha4( message_str, msg_len, hash_result, 1 ); 06640 break; 06641 case SIG_RSA_SHA512: 06642 sha4( message_str, msg_len, hash_result, 0 ); 06643 break; 06644 #endif 06645 } 06646 06647 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 06648 if( 0 == 0 ) 06649 { 06650 hexify( output_str, output, ctx.len); 06651 06652 fct_chk( strcasecmp( (char *) output_str, "014c5ba5338328ccc6e7a90bf1c0ab3fd606ff4796d3c12e4b639ed9136a5fec6c16d8884bdd99cfdc521456b0742b736868cf90de099adb8d5ffd1deff39ba4007ab746cefdb22d7df0e225f54627dc65466131721b90af445363a8358b9f607642f78fab0ab0f43b7168d64bae70d8827848d8ef1e421c5754ddf42c2589b5b3" ) == 0 ); 06653 } 06654 06655 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 06656 } 06657 FCT_TEST_END(); 06658 06659 06660 FCT_TEST_BGN(rsassa_pss_signature_example_2_1_verify) 06661 { 06662 unsigned char message_str[1000]; 06663 unsigned char hash_result[1000]; 06664 unsigned char result_str[1000]; 06665 rsa_context ctx; 06666 size_t msg_len; 06667 06668 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 06669 memset( message_str, 0x00, 1000 ); 06670 memset( hash_result, 0x00, 1000 ); 06671 memset( result_str, 0x00, 1000 ); 06672 06673 ctx.len = 1025 / 8 + ( ( 1025 % 8 ) ? 1 : 0 ); 06674 fct_chk( mpi_read_string( &ctx.N, 16, "01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9" ) == 0 ); 06675 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 06676 06677 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 06678 06679 msg_len = unhexify( message_str, "daba032066263faedb659848115278a52c44faa3a76f37515ed336321072c40a9d9b53bc05014078adf520875146aae70ff060226dcb7b1f1fc27e9360" ); 06680 unhexify( result_str, "014c5ba5338328ccc6e7a90bf1c0ab3fd606ff4796d3c12e4b639ed9136a5fec6c16d8884bdd99cfdc521456b0742b736868cf90de099adb8d5ffd1deff39ba4007ab746cefdb22d7df0e225f54627dc65466131721b90af445363a8358b9f607642f78fab0ab0f43b7168d64bae70d8827848d8ef1e421c5754ddf42c2589b5b3" ); 06681 06682 switch( SIG_RSA_SHA1 ) 06683 { 06684 #ifdef POLARSSL_MD2_C 06685 case SIG_RSA_MD2: 06686 md2( message_str, msg_len, hash_result ); 06687 break; 06688 #endif 06689 #ifdef POLARSSL_MD4_C 06690 case SIG_RSA_MD4: 06691 md4( message_str, msg_len, hash_result ); 06692 break; 06693 #endif 06694 #ifdef POLARSSL_MD5_C 06695 case SIG_RSA_MD5: 06696 md5( message_str, msg_len, hash_result ); 06697 break; 06698 #endif 06699 #ifdef POLARSSL_SHA1_C 06700 case SIG_RSA_SHA1: 06701 sha1( message_str, msg_len, hash_result ); 06702 break; 06703 #endif 06704 #ifdef POLARSSL_SHA2_C 06705 case SIG_RSA_SHA224: 06706 sha2( message_str, msg_len, hash_result, 1 ); 06707 break; 06708 case SIG_RSA_SHA256: 06709 sha2( message_str, msg_len, hash_result, 0 ); 06710 break; 06711 #endif 06712 #ifdef POLARSSL_SHA4_C 06713 case SIG_RSA_SHA384: 06714 sha4( message_str, msg_len, hash_result, 1 ); 06715 break; 06716 case SIG_RSA_SHA512: 06717 sha4( message_str, msg_len, hash_result, 0 ); 06718 break; 06719 #endif 06720 } 06721 06722 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 06723 } 06724 FCT_TEST_END(); 06725 06726 06727 FCT_TEST_BGN(rsassa_pss_signature_example_2_2) 06728 { 06729 unsigned char message_str[1000]; 06730 unsigned char hash_result[1000]; 06731 unsigned char output[1000]; 06732 unsigned char output_str[1000]; 06733 unsigned char rnd_buf[1000]; 06734 rsa_context ctx; 06735 mpi P1, Q1, H, G; 06736 size_t msg_len; 06737 rnd_buf_info info; 06738 06739 info.length = unhexify( rnd_buf, "7f6dd359e604e60870e898e47b19bf2e5a7b2a90" ); 06740 info.buf = rnd_buf; 06741 06742 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 06743 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 06744 06745 memset( message_str, 0x00, 1000 ); 06746 memset( hash_result, 0x00, 1000 ); 06747 memset( output, 0x00, 1000 ); 06748 memset( output_str, 0x00, 1000 ); 06749 06750 ctx.len = 1025 / 8 + ( ( 1025 % 8 ) ? 1 : 0 ); 06751 fct_chk( mpi_read_string( &ctx.P, 16, "016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1" ) == 0 ); 06752 fct_chk( mpi_read_string( &ctx.Q, 16, "014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079" ) == 0 ); 06753 fct_chk( mpi_read_string( &ctx.N, 16, "01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9" ) == 0 ); 06754 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 06755 06756 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 06757 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 06758 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 06759 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 06760 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 06761 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 06762 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 06763 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 06764 06765 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 06766 06767 msg_len = unhexify( message_str, "e4f8601a8a6da1be34447c0959c058570c3668cfd51dd5f9ccd6ad4411fe8213486d78a6c49f93efc2ca2288cebc2b9b60bd04b1e220d86e3d4848d709d032d1e8c6a070c6af9a499fcf95354b14ba6127c739de1bb0fd16431e46938aec0cf8ad9eb72e832a7035de9b7807bdc0ed8b68eb0f5ac2216be40ce920c0db0eddd3860ed788efaccaca502d8f2bd6d1a7c1f41ff46f1681c8f1f818e9c4f6d91a0c7803ccc63d76a6544d843e084e363b8acc55aa531733edb5dee5b5196e9f03e8b731b3776428d9e457fe3fbcb3db7274442d785890e9cb0854b6444dace791d7273de1889719338a77fe" ); 06768 06769 switch( SIG_RSA_SHA1 ) 06770 { 06771 #ifdef POLARSSL_MD2_C 06772 case SIG_RSA_MD2: 06773 md2( message_str, msg_len, hash_result ); 06774 break; 06775 #endif 06776 #ifdef POLARSSL_MD4_C 06777 case SIG_RSA_MD4: 06778 md4( message_str, msg_len, hash_result ); 06779 break; 06780 #endif 06781 #ifdef POLARSSL_MD5_C 06782 case SIG_RSA_MD5: 06783 md5( message_str, msg_len, hash_result ); 06784 break; 06785 #endif 06786 #ifdef POLARSSL_SHA1_C 06787 case SIG_RSA_SHA1: 06788 sha1( message_str, msg_len, hash_result ); 06789 break; 06790 #endif 06791 #ifdef POLARSSL_SHA2_C 06792 case SIG_RSA_SHA224: 06793 sha2( message_str, msg_len, hash_result, 1 ); 06794 break; 06795 case SIG_RSA_SHA256: 06796 sha2( message_str, msg_len, hash_result, 0 ); 06797 break; 06798 #endif 06799 #ifdef POLARSSL_SHA4_C 06800 case SIG_RSA_SHA384: 06801 sha4( message_str, msg_len, hash_result, 1 ); 06802 break; 06803 case SIG_RSA_SHA512: 06804 sha4( message_str, msg_len, hash_result, 0 ); 06805 break; 06806 #endif 06807 } 06808 06809 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 06810 if( 0 == 0 ) 06811 { 06812 hexify( output_str, output, ctx.len); 06813 06814 fct_chk( strcasecmp( (char *) output_str, "010991656cca182b7f29d2dbc007e7ae0fec158eb6759cb9c45c5ff87c7635dd46d150882f4de1e9ae65e7f7d9018f6836954a47c0a81a8a6b6f83f2944d6081b1aa7c759b254b2c34b691da67cc0226e20b2f18b42212761dcd4b908a62b371b5918c5742af4b537e296917674fb914194761621cc19a41f6fb953fbcbb649dea" ) == 0 ); 06815 } 06816 06817 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 06818 } 06819 FCT_TEST_END(); 06820 06821 06822 FCT_TEST_BGN(rsassa_pss_signature_example_2_2_verify) 06823 { 06824 unsigned char message_str[1000]; 06825 unsigned char hash_result[1000]; 06826 unsigned char result_str[1000]; 06827 rsa_context ctx; 06828 size_t msg_len; 06829 06830 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 06831 memset( message_str, 0x00, 1000 ); 06832 memset( hash_result, 0x00, 1000 ); 06833 memset( result_str, 0x00, 1000 ); 06834 06835 ctx.len = 1025 / 8 + ( ( 1025 % 8 ) ? 1 : 0 ); 06836 fct_chk( mpi_read_string( &ctx.N, 16, "01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9" ) == 0 ); 06837 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 06838 06839 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 06840 06841 msg_len = unhexify( message_str, "e4f8601a8a6da1be34447c0959c058570c3668cfd51dd5f9ccd6ad4411fe8213486d78a6c49f93efc2ca2288cebc2b9b60bd04b1e220d86e3d4848d709d032d1e8c6a070c6af9a499fcf95354b14ba6127c739de1bb0fd16431e46938aec0cf8ad9eb72e832a7035de9b7807bdc0ed8b68eb0f5ac2216be40ce920c0db0eddd3860ed788efaccaca502d8f2bd6d1a7c1f41ff46f1681c8f1f818e9c4f6d91a0c7803ccc63d76a6544d843e084e363b8acc55aa531733edb5dee5b5196e9f03e8b731b3776428d9e457fe3fbcb3db7274442d785890e9cb0854b6444dace791d7273de1889719338a77fe" ); 06842 unhexify( result_str, "010991656cca182b7f29d2dbc007e7ae0fec158eb6759cb9c45c5ff87c7635dd46d150882f4de1e9ae65e7f7d9018f6836954a47c0a81a8a6b6f83f2944d6081b1aa7c759b254b2c34b691da67cc0226e20b2f18b42212761dcd4b908a62b371b5918c5742af4b537e296917674fb914194761621cc19a41f6fb953fbcbb649dea" ); 06843 06844 switch( SIG_RSA_SHA1 ) 06845 { 06846 #ifdef POLARSSL_MD2_C 06847 case SIG_RSA_MD2: 06848 md2( message_str, msg_len, hash_result ); 06849 break; 06850 #endif 06851 #ifdef POLARSSL_MD4_C 06852 case SIG_RSA_MD4: 06853 md4( message_str, msg_len, hash_result ); 06854 break; 06855 #endif 06856 #ifdef POLARSSL_MD5_C 06857 case SIG_RSA_MD5: 06858 md5( message_str, msg_len, hash_result ); 06859 break; 06860 #endif 06861 #ifdef POLARSSL_SHA1_C 06862 case SIG_RSA_SHA1: 06863 sha1( message_str, msg_len, hash_result ); 06864 break; 06865 #endif 06866 #ifdef POLARSSL_SHA2_C 06867 case SIG_RSA_SHA224: 06868 sha2( message_str, msg_len, hash_result, 1 ); 06869 break; 06870 case SIG_RSA_SHA256: 06871 sha2( message_str, msg_len, hash_result, 0 ); 06872 break; 06873 #endif 06874 #ifdef POLARSSL_SHA4_C 06875 case SIG_RSA_SHA384: 06876 sha4( message_str, msg_len, hash_result, 1 ); 06877 break; 06878 case SIG_RSA_SHA512: 06879 sha4( message_str, msg_len, hash_result, 0 ); 06880 break; 06881 #endif 06882 } 06883 06884 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 06885 } 06886 FCT_TEST_END(); 06887 06888 06889 FCT_TEST_BGN(rsassa_pss_signature_example_2_3) 06890 { 06891 unsigned char message_str[1000]; 06892 unsigned char hash_result[1000]; 06893 unsigned char output[1000]; 06894 unsigned char output_str[1000]; 06895 unsigned char rnd_buf[1000]; 06896 rsa_context ctx; 06897 mpi P1, Q1, H, G; 06898 size_t msg_len; 06899 rnd_buf_info info; 06900 06901 info.length = unhexify( rnd_buf, "fca862068bce2246724b708a0519da17e648688c" ); 06902 info.buf = rnd_buf; 06903 06904 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 06905 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 06906 06907 memset( message_str, 0x00, 1000 ); 06908 memset( hash_result, 0x00, 1000 ); 06909 memset( output, 0x00, 1000 ); 06910 memset( output_str, 0x00, 1000 ); 06911 06912 ctx.len = 1025 / 8 + ( ( 1025 % 8 ) ? 1 : 0 ); 06913 fct_chk( mpi_read_string( &ctx.P, 16, "016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1" ) == 0 ); 06914 fct_chk( mpi_read_string( &ctx.Q, 16, "014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079" ) == 0 ); 06915 fct_chk( mpi_read_string( &ctx.N, 16, "01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9" ) == 0 ); 06916 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 06917 06918 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 06919 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 06920 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 06921 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 06922 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 06923 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 06924 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 06925 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 06926 06927 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 06928 06929 msg_len = unhexify( message_str, "52a1d96c8ac39e41e455809801b927a5b445c10d902a0dcd3850d22a66d2bb0703e67d5867114595aabf5a7aeb5a8f87034bbb30e13cfd4817a9be76230023606d0286a3faf8a4d22b728ec518079f9e64526e3a0cc7941aa338c437997c680ccac67c66bfa1" ); 06930 06931 switch( SIG_RSA_SHA1 ) 06932 { 06933 #ifdef POLARSSL_MD2_C 06934 case SIG_RSA_MD2: 06935 md2( message_str, msg_len, hash_result ); 06936 break; 06937 #endif 06938 #ifdef POLARSSL_MD4_C 06939 case SIG_RSA_MD4: 06940 md4( message_str, msg_len, hash_result ); 06941 break; 06942 #endif 06943 #ifdef POLARSSL_MD5_C 06944 case SIG_RSA_MD5: 06945 md5( message_str, msg_len, hash_result ); 06946 break; 06947 #endif 06948 #ifdef POLARSSL_SHA1_C 06949 case SIG_RSA_SHA1: 06950 sha1( message_str, msg_len, hash_result ); 06951 break; 06952 #endif 06953 #ifdef POLARSSL_SHA2_C 06954 case SIG_RSA_SHA224: 06955 sha2( message_str, msg_len, hash_result, 1 ); 06956 break; 06957 case SIG_RSA_SHA256: 06958 sha2( message_str, msg_len, hash_result, 0 ); 06959 break; 06960 #endif 06961 #ifdef POLARSSL_SHA4_C 06962 case SIG_RSA_SHA384: 06963 sha4( message_str, msg_len, hash_result, 1 ); 06964 break; 06965 case SIG_RSA_SHA512: 06966 sha4( message_str, msg_len, hash_result, 0 ); 06967 break; 06968 #endif 06969 } 06970 06971 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 06972 if( 0 == 0 ) 06973 { 06974 hexify( output_str, output, ctx.len); 06975 06976 fct_chk( strcasecmp( (char *) output_str, "007f0030018f53cdc71f23d03659fde54d4241f758a750b42f185f87578520c30742afd84359b6e6e8d3ed959dc6fe486bedc8e2cf001f63a7abe16256a1b84df0d249fc05d3194ce5f0912742dbbf80dd174f6c51f6bad7f16cf3364eba095a06267dc3793803ac7526aebe0a475d38b8c2247ab51c4898df7047dc6adf52c6c4" ) == 0 ); 06977 } 06978 06979 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 06980 } 06981 FCT_TEST_END(); 06982 06983 06984 FCT_TEST_BGN(rsassa_pss_signature_example_2_3_verify) 06985 { 06986 unsigned char message_str[1000]; 06987 unsigned char hash_result[1000]; 06988 unsigned char result_str[1000]; 06989 rsa_context ctx; 06990 size_t msg_len; 06991 06992 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 06993 memset( message_str, 0x00, 1000 ); 06994 memset( hash_result, 0x00, 1000 ); 06995 memset( result_str, 0x00, 1000 ); 06996 06997 ctx.len = 1025 / 8 + ( ( 1025 % 8 ) ? 1 : 0 ); 06998 fct_chk( mpi_read_string( &ctx.N, 16, "01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9" ) == 0 ); 06999 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 07000 07001 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 07002 07003 msg_len = unhexify( message_str, "52a1d96c8ac39e41e455809801b927a5b445c10d902a0dcd3850d22a66d2bb0703e67d5867114595aabf5a7aeb5a8f87034bbb30e13cfd4817a9be76230023606d0286a3faf8a4d22b728ec518079f9e64526e3a0cc7941aa338c437997c680ccac67c66bfa1" ); 07004 unhexify( result_str, "007f0030018f53cdc71f23d03659fde54d4241f758a750b42f185f87578520c30742afd84359b6e6e8d3ed959dc6fe486bedc8e2cf001f63a7abe16256a1b84df0d249fc05d3194ce5f0912742dbbf80dd174f6c51f6bad7f16cf3364eba095a06267dc3793803ac7526aebe0a475d38b8c2247ab51c4898df7047dc6adf52c6c4" ); 07005 07006 switch( SIG_RSA_SHA1 ) 07007 { 07008 #ifdef POLARSSL_MD2_C 07009 case SIG_RSA_MD2: 07010 md2( message_str, msg_len, hash_result ); 07011 break; 07012 #endif 07013 #ifdef POLARSSL_MD4_C 07014 case SIG_RSA_MD4: 07015 md4( message_str, msg_len, hash_result ); 07016 break; 07017 #endif 07018 #ifdef POLARSSL_MD5_C 07019 case SIG_RSA_MD5: 07020 md5( message_str, msg_len, hash_result ); 07021 break; 07022 #endif 07023 #ifdef POLARSSL_SHA1_C 07024 case SIG_RSA_SHA1: 07025 sha1( message_str, msg_len, hash_result ); 07026 break; 07027 #endif 07028 #ifdef POLARSSL_SHA2_C 07029 case SIG_RSA_SHA224: 07030 sha2( message_str, msg_len, hash_result, 1 ); 07031 break; 07032 case SIG_RSA_SHA256: 07033 sha2( message_str, msg_len, hash_result, 0 ); 07034 break; 07035 #endif 07036 #ifdef POLARSSL_SHA4_C 07037 case SIG_RSA_SHA384: 07038 sha4( message_str, msg_len, hash_result, 1 ); 07039 break; 07040 case SIG_RSA_SHA512: 07041 sha4( message_str, msg_len, hash_result, 0 ); 07042 break; 07043 #endif 07044 } 07045 07046 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 07047 } 07048 FCT_TEST_END(); 07049 07050 07051 FCT_TEST_BGN(rsassa_pss_signature_example_2_4) 07052 { 07053 unsigned char message_str[1000]; 07054 unsigned char hash_result[1000]; 07055 unsigned char output[1000]; 07056 unsigned char output_str[1000]; 07057 unsigned char rnd_buf[1000]; 07058 rsa_context ctx; 07059 mpi P1, Q1, H, G; 07060 size_t msg_len; 07061 rnd_buf_info info; 07062 07063 info.length = unhexify( rnd_buf, "8070ef2de945c02387684ba0d33096732235d440" ); 07064 info.buf = rnd_buf; 07065 07066 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 07067 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 07068 07069 memset( message_str, 0x00, 1000 ); 07070 memset( hash_result, 0x00, 1000 ); 07071 memset( output, 0x00, 1000 ); 07072 memset( output_str, 0x00, 1000 ); 07073 07074 ctx.len = 1025 / 8 + ( ( 1025 % 8 ) ? 1 : 0 ); 07075 fct_chk( mpi_read_string( &ctx.P, 16, "016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1" ) == 0 ); 07076 fct_chk( mpi_read_string( &ctx.Q, 16, "014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079" ) == 0 ); 07077 fct_chk( mpi_read_string( &ctx.N, 16, "01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9" ) == 0 ); 07078 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 07079 07080 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 07081 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 07082 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 07083 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 07084 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 07085 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 07086 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 07087 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 07088 07089 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 07090 07091 msg_len = unhexify( message_str, "a7182c83ac18be6570a106aa9d5c4e3dbbd4afaeb0c60c4a23e1969d79ff" ); 07092 07093 switch( SIG_RSA_SHA1 ) 07094 { 07095 #ifdef POLARSSL_MD2_C 07096 case SIG_RSA_MD2: 07097 md2( message_str, msg_len, hash_result ); 07098 break; 07099 #endif 07100 #ifdef POLARSSL_MD4_C 07101 case SIG_RSA_MD4: 07102 md4( message_str, msg_len, hash_result ); 07103 break; 07104 #endif 07105 #ifdef POLARSSL_MD5_C 07106 case SIG_RSA_MD5: 07107 md5( message_str, msg_len, hash_result ); 07108 break; 07109 #endif 07110 #ifdef POLARSSL_SHA1_C 07111 case SIG_RSA_SHA1: 07112 sha1( message_str, msg_len, hash_result ); 07113 break; 07114 #endif 07115 #ifdef POLARSSL_SHA2_C 07116 case SIG_RSA_SHA224: 07117 sha2( message_str, msg_len, hash_result, 1 ); 07118 break; 07119 case SIG_RSA_SHA256: 07120 sha2( message_str, msg_len, hash_result, 0 ); 07121 break; 07122 #endif 07123 #ifdef POLARSSL_SHA4_C 07124 case SIG_RSA_SHA384: 07125 sha4( message_str, msg_len, hash_result, 1 ); 07126 break; 07127 case SIG_RSA_SHA512: 07128 sha4( message_str, msg_len, hash_result, 0 ); 07129 break; 07130 #endif 07131 } 07132 07133 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 07134 if( 0 == 0 ) 07135 { 07136 hexify( output_str, output, ctx.len); 07137 07138 fct_chk( strcasecmp( (char *) output_str, "009cd2f4edbe23e12346ae8c76dd9ad3230a62076141f16c152ba18513a48ef6f010e0e37fd3df10a1ec629a0cb5a3b5d2893007298c30936a95903b6ba85555d9ec3673a06108fd62a2fda56d1ce2e85c4db6b24a81ca3b496c36d4fd06eb7c9166d8e94877c42bea622b3bfe9251fdc21d8d5371badad78a488214796335b40b" ) == 0 ); 07139 } 07140 07141 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 07142 } 07143 FCT_TEST_END(); 07144 07145 07146 FCT_TEST_BGN(rsassa_pss_signature_example_2_4_verify) 07147 { 07148 unsigned char message_str[1000]; 07149 unsigned char hash_result[1000]; 07150 unsigned char result_str[1000]; 07151 rsa_context ctx; 07152 size_t msg_len; 07153 07154 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 07155 memset( message_str, 0x00, 1000 ); 07156 memset( hash_result, 0x00, 1000 ); 07157 memset( result_str, 0x00, 1000 ); 07158 07159 ctx.len = 1025 / 8 + ( ( 1025 % 8 ) ? 1 : 0 ); 07160 fct_chk( mpi_read_string( &ctx.N, 16, "01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9" ) == 0 ); 07161 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 07162 07163 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 07164 07165 msg_len = unhexify( message_str, "a7182c83ac18be6570a106aa9d5c4e3dbbd4afaeb0c60c4a23e1969d79ff" ); 07166 unhexify( result_str, "009cd2f4edbe23e12346ae8c76dd9ad3230a62076141f16c152ba18513a48ef6f010e0e37fd3df10a1ec629a0cb5a3b5d2893007298c30936a95903b6ba85555d9ec3673a06108fd62a2fda56d1ce2e85c4db6b24a81ca3b496c36d4fd06eb7c9166d8e94877c42bea622b3bfe9251fdc21d8d5371badad78a488214796335b40b" ); 07167 07168 switch( SIG_RSA_SHA1 ) 07169 { 07170 #ifdef POLARSSL_MD2_C 07171 case SIG_RSA_MD2: 07172 md2( message_str, msg_len, hash_result ); 07173 break; 07174 #endif 07175 #ifdef POLARSSL_MD4_C 07176 case SIG_RSA_MD4: 07177 md4( message_str, msg_len, hash_result ); 07178 break; 07179 #endif 07180 #ifdef POLARSSL_MD5_C 07181 case SIG_RSA_MD5: 07182 md5( message_str, msg_len, hash_result ); 07183 break; 07184 #endif 07185 #ifdef POLARSSL_SHA1_C 07186 case SIG_RSA_SHA1: 07187 sha1( message_str, msg_len, hash_result ); 07188 break; 07189 #endif 07190 #ifdef POLARSSL_SHA2_C 07191 case SIG_RSA_SHA224: 07192 sha2( message_str, msg_len, hash_result, 1 ); 07193 break; 07194 case SIG_RSA_SHA256: 07195 sha2( message_str, msg_len, hash_result, 0 ); 07196 break; 07197 #endif 07198 #ifdef POLARSSL_SHA4_C 07199 case SIG_RSA_SHA384: 07200 sha4( message_str, msg_len, hash_result, 1 ); 07201 break; 07202 case SIG_RSA_SHA512: 07203 sha4( message_str, msg_len, hash_result, 0 ); 07204 break; 07205 #endif 07206 } 07207 07208 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 07209 } 07210 FCT_TEST_END(); 07211 07212 07213 FCT_TEST_BGN(rsassa_pss_signature_example_2_5) 07214 { 07215 unsigned char message_str[1000]; 07216 unsigned char hash_result[1000]; 07217 unsigned char output[1000]; 07218 unsigned char output_str[1000]; 07219 unsigned char rnd_buf[1000]; 07220 rsa_context ctx; 07221 mpi P1, Q1, H, G; 07222 size_t msg_len; 07223 rnd_buf_info info; 07224 07225 info.length = unhexify( rnd_buf, "17639a4e88d722c4fca24d079a8b29c32433b0c9" ); 07226 info.buf = rnd_buf; 07227 07228 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 07229 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 07230 07231 memset( message_str, 0x00, 1000 ); 07232 memset( hash_result, 0x00, 1000 ); 07233 memset( output, 0x00, 1000 ); 07234 memset( output_str, 0x00, 1000 ); 07235 07236 ctx.len = 1025 / 8 + ( ( 1025 % 8 ) ? 1 : 0 ); 07237 fct_chk( mpi_read_string( &ctx.P, 16, "016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1" ) == 0 ); 07238 fct_chk( mpi_read_string( &ctx.Q, 16, "014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079" ) == 0 ); 07239 fct_chk( mpi_read_string( &ctx.N, 16, "01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9" ) == 0 ); 07240 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 07241 07242 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 07243 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 07244 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 07245 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 07246 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 07247 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 07248 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 07249 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 07250 07251 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 07252 07253 msg_len = unhexify( message_str, "86a83d4a72ee932a4f5630af6579a386b78fe88999e0abd2d49034a4bfc854dd94f1094e2e8cd7a179d19588e4aefc1b1bd25e95e3dd461f" ); 07254 07255 switch( SIG_RSA_SHA1 ) 07256 { 07257 #ifdef POLARSSL_MD2_C 07258 case SIG_RSA_MD2: 07259 md2( message_str, msg_len, hash_result ); 07260 break; 07261 #endif 07262 #ifdef POLARSSL_MD4_C 07263 case SIG_RSA_MD4: 07264 md4( message_str, msg_len, hash_result ); 07265 break; 07266 #endif 07267 #ifdef POLARSSL_MD5_C 07268 case SIG_RSA_MD5: 07269 md5( message_str, msg_len, hash_result ); 07270 break; 07271 #endif 07272 #ifdef POLARSSL_SHA1_C 07273 case SIG_RSA_SHA1: 07274 sha1( message_str, msg_len, hash_result ); 07275 break; 07276 #endif 07277 #ifdef POLARSSL_SHA2_C 07278 case SIG_RSA_SHA224: 07279 sha2( message_str, msg_len, hash_result, 1 ); 07280 break; 07281 case SIG_RSA_SHA256: 07282 sha2( message_str, msg_len, hash_result, 0 ); 07283 break; 07284 #endif 07285 #ifdef POLARSSL_SHA4_C 07286 case SIG_RSA_SHA384: 07287 sha4( message_str, msg_len, hash_result, 1 ); 07288 break; 07289 case SIG_RSA_SHA512: 07290 sha4( message_str, msg_len, hash_result, 0 ); 07291 break; 07292 #endif 07293 } 07294 07295 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 07296 if( 0 == 0 ) 07297 { 07298 hexify( output_str, output, ctx.len); 07299 07300 fct_chk( strcasecmp( (char *) output_str, "00ec430824931ebd3baa43034dae98ba646b8c36013d1671c3cf1cf8260c374b19f8e1cc8d965012405e7e9bf7378612dfcc85fce12cda11f950bd0ba8876740436c1d2595a64a1b32efcfb74a21c873b3cc33aaf4e3dc3953de67f0674c0453b4fd9f604406d441b816098cb106fe3472bc251f815f59db2e4378a3addc181ecf" ) == 0 ); 07301 } 07302 07303 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 07304 } 07305 FCT_TEST_END(); 07306 07307 07308 FCT_TEST_BGN(rsassa_pss_signature_example_2_5_verify) 07309 { 07310 unsigned char message_str[1000]; 07311 unsigned char hash_result[1000]; 07312 unsigned char result_str[1000]; 07313 rsa_context ctx; 07314 size_t msg_len; 07315 07316 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 07317 memset( message_str, 0x00, 1000 ); 07318 memset( hash_result, 0x00, 1000 ); 07319 memset( result_str, 0x00, 1000 ); 07320 07321 ctx.len = 1025 / 8 + ( ( 1025 % 8 ) ? 1 : 0 ); 07322 fct_chk( mpi_read_string( &ctx.N, 16, "01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9" ) == 0 ); 07323 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 07324 07325 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 07326 07327 msg_len = unhexify( message_str, "86a83d4a72ee932a4f5630af6579a386b78fe88999e0abd2d49034a4bfc854dd94f1094e2e8cd7a179d19588e4aefc1b1bd25e95e3dd461f" ); 07328 unhexify( result_str, "00ec430824931ebd3baa43034dae98ba646b8c36013d1671c3cf1cf8260c374b19f8e1cc8d965012405e7e9bf7378612dfcc85fce12cda11f950bd0ba8876740436c1d2595a64a1b32efcfb74a21c873b3cc33aaf4e3dc3953de67f0674c0453b4fd9f604406d441b816098cb106fe3472bc251f815f59db2e4378a3addc181ecf" ); 07329 07330 switch( SIG_RSA_SHA1 ) 07331 { 07332 #ifdef POLARSSL_MD2_C 07333 case SIG_RSA_MD2: 07334 md2( message_str, msg_len, hash_result ); 07335 break; 07336 #endif 07337 #ifdef POLARSSL_MD4_C 07338 case SIG_RSA_MD4: 07339 md4( message_str, msg_len, hash_result ); 07340 break; 07341 #endif 07342 #ifdef POLARSSL_MD5_C 07343 case SIG_RSA_MD5: 07344 md5( message_str, msg_len, hash_result ); 07345 break; 07346 #endif 07347 #ifdef POLARSSL_SHA1_C 07348 case SIG_RSA_SHA1: 07349 sha1( message_str, msg_len, hash_result ); 07350 break; 07351 #endif 07352 #ifdef POLARSSL_SHA2_C 07353 case SIG_RSA_SHA224: 07354 sha2( message_str, msg_len, hash_result, 1 ); 07355 break; 07356 case SIG_RSA_SHA256: 07357 sha2( message_str, msg_len, hash_result, 0 ); 07358 break; 07359 #endif 07360 #ifdef POLARSSL_SHA4_C 07361 case SIG_RSA_SHA384: 07362 sha4( message_str, msg_len, hash_result, 1 ); 07363 break; 07364 case SIG_RSA_SHA512: 07365 sha4( message_str, msg_len, hash_result, 0 ); 07366 break; 07367 #endif 07368 } 07369 07370 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 07371 } 07372 FCT_TEST_END(); 07373 07374 07375 FCT_TEST_BGN(rsassa_pss_signature_example_2_6) 07376 { 07377 unsigned char message_str[1000]; 07378 unsigned char hash_result[1000]; 07379 unsigned char output[1000]; 07380 unsigned char output_str[1000]; 07381 unsigned char rnd_buf[1000]; 07382 rsa_context ctx; 07383 mpi P1, Q1, H, G; 07384 size_t msg_len; 07385 rnd_buf_info info; 07386 07387 info.length = unhexify( rnd_buf, "37810def1055ed922b063df798de5d0aabf886ee" ); 07388 info.buf = rnd_buf; 07389 07390 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 07391 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 07392 07393 memset( message_str, 0x00, 1000 ); 07394 memset( hash_result, 0x00, 1000 ); 07395 memset( output, 0x00, 1000 ); 07396 memset( output_str, 0x00, 1000 ); 07397 07398 ctx.len = 1025 / 8 + ( ( 1025 % 8 ) ? 1 : 0 ); 07399 fct_chk( mpi_read_string( &ctx.P, 16, "016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1" ) == 0 ); 07400 fct_chk( mpi_read_string( &ctx.Q, 16, "014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079" ) == 0 ); 07401 fct_chk( mpi_read_string( &ctx.N, 16, "01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9" ) == 0 ); 07402 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 07403 07404 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 07405 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 07406 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 07407 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 07408 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 07409 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 07410 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 07411 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 07412 07413 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 07414 07415 msg_len = unhexify( message_str, "049f9154d871ac4a7c7ab45325ba7545a1ed08f70525b2667cf1" ); 07416 07417 switch( SIG_RSA_SHA1 ) 07418 { 07419 #ifdef POLARSSL_MD2_C 07420 case SIG_RSA_MD2: 07421 md2( message_str, msg_len, hash_result ); 07422 break; 07423 #endif 07424 #ifdef POLARSSL_MD4_C 07425 case SIG_RSA_MD4: 07426 md4( message_str, msg_len, hash_result ); 07427 break; 07428 #endif 07429 #ifdef POLARSSL_MD5_C 07430 case SIG_RSA_MD5: 07431 md5( message_str, msg_len, hash_result ); 07432 break; 07433 #endif 07434 #ifdef POLARSSL_SHA1_C 07435 case SIG_RSA_SHA1: 07436 sha1( message_str, msg_len, hash_result ); 07437 break; 07438 #endif 07439 #ifdef POLARSSL_SHA2_C 07440 case SIG_RSA_SHA224: 07441 sha2( message_str, msg_len, hash_result, 1 ); 07442 break; 07443 case SIG_RSA_SHA256: 07444 sha2( message_str, msg_len, hash_result, 0 ); 07445 break; 07446 #endif 07447 #ifdef POLARSSL_SHA4_C 07448 case SIG_RSA_SHA384: 07449 sha4( message_str, msg_len, hash_result, 1 ); 07450 break; 07451 case SIG_RSA_SHA512: 07452 sha4( message_str, msg_len, hash_result, 0 ); 07453 break; 07454 #endif 07455 } 07456 07457 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 07458 if( 0 == 0 ) 07459 { 07460 hexify( output_str, output, ctx.len); 07461 07462 fct_chk( strcasecmp( (char *) output_str, "00475b1648f814a8dc0abdc37b5527f543b666bb6e39d30e5b49d3b876dccc58eac14e32a2d55c2616014456ad2f246fc8e3d560da3ddf379a1c0bd200f10221df078c219a151bc8d4ec9d2fc2564467811014ef15d8ea01c2ebbff8c2c8efab38096e55fcbe3285c7aa558851254faffa92c1c72b78758663ef4582843139d7a6" ) == 0 ); 07463 } 07464 07465 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 07466 } 07467 FCT_TEST_END(); 07468 07469 07470 FCT_TEST_BGN(rsassa_pss_signature_example_2_6_verify) 07471 { 07472 unsigned char message_str[1000]; 07473 unsigned char hash_result[1000]; 07474 unsigned char result_str[1000]; 07475 rsa_context ctx; 07476 size_t msg_len; 07477 07478 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 07479 memset( message_str, 0x00, 1000 ); 07480 memset( hash_result, 0x00, 1000 ); 07481 memset( result_str, 0x00, 1000 ); 07482 07483 ctx.len = 1025 / 8 + ( ( 1025 % 8 ) ? 1 : 0 ); 07484 fct_chk( mpi_read_string( &ctx.N, 16, "01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9" ) == 0 ); 07485 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 07486 07487 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 07488 07489 msg_len = unhexify( message_str, "049f9154d871ac4a7c7ab45325ba7545a1ed08f70525b2667cf1" ); 07490 unhexify( result_str, "00475b1648f814a8dc0abdc37b5527f543b666bb6e39d30e5b49d3b876dccc58eac14e32a2d55c2616014456ad2f246fc8e3d560da3ddf379a1c0bd200f10221df078c219a151bc8d4ec9d2fc2564467811014ef15d8ea01c2ebbff8c2c8efab38096e55fcbe3285c7aa558851254faffa92c1c72b78758663ef4582843139d7a6" ); 07491 07492 switch( SIG_RSA_SHA1 ) 07493 { 07494 #ifdef POLARSSL_MD2_C 07495 case SIG_RSA_MD2: 07496 md2( message_str, msg_len, hash_result ); 07497 break; 07498 #endif 07499 #ifdef POLARSSL_MD4_C 07500 case SIG_RSA_MD4: 07501 md4( message_str, msg_len, hash_result ); 07502 break; 07503 #endif 07504 #ifdef POLARSSL_MD5_C 07505 case SIG_RSA_MD5: 07506 md5( message_str, msg_len, hash_result ); 07507 break; 07508 #endif 07509 #ifdef POLARSSL_SHA1_C 07510 case SIG_RSA_SHA1: 07511 sha1( message_str, msg_len, hash_result ); 07512 break; 07513 #endif 07514 #ifdef POLARSSL_SHA2_C 07515 case SIG_RSA_SHA224: 07516 sha2( message_str, msg_len, hash_result, 1 ); 07517 break; 07518 case SIG_RSA_SHA256: 07519 sha2( message_str, msg_len, hash_result, 0 ); 07520 break; 07521 #endif 07522 #ifdef POLARSSL_SHA4_C 07523 case SIG_RSA_SHA384: 07524 sha4( message_str, msg_len, hash_result, 1 ); 07525 break; 07526 case SIG_RSA_SHA512: 07527 sha4( message_str, msg_len, hash_result, 0 ); 07528 break; 07529 #endif 07530 } 07531 07532 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 07533 } 07534 FCT_TEST_END(); 07535 07536 07537 FCT_TEST_BGN(rsassa_pss_signature_example_3_1) 07538 { 07539 unsigned char message_str[1000]; 07540 unsigned char hash_result[1000]; 07541 unsigned char output[1000]; 07542 unsigned char output_str[1000]; 07543 unsigned char rnd_buf[1000]; 07544 rsa_context ctx; 07545 mpi P1, Q1, H, G; 07546 size_t msg_len; 07547 rnd_buf_info info; 07548 07549 info.length = unhexify( rnd_buf, "f31ad6c8cf89df78ed77feacbcc2f8b0a8e4cfaa" ); 07550 info.buf = rnd_buf; 07551 07552 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 07553 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 07554 07555 memset( message_str, 0x00, 1000 ); 07556 memset( hash_result, 0x00, 1000 ); 07557 memset( output, 0x00, 1000 ); 07558 memset( output_str, 0x00, 1000 ); 07559 07560 ctx.len = 1026 / 8 + ( ( 1026 % 8 ) ? 1 : 0 ); 07561 fct_chk( mpi_read_string( &ctx.P, 16, "01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853" ) == 0 ); 07562 fct_chk( mpi_read_string( &ctx.Q, 16, "01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651" ) == 0 ); 07563 fct_chk( mpi_read_string( &ctx.N, 16, "02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443" ) == 0 ); 07564 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 07565 07566 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 07567 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 07568 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 07569 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 07570 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 07571 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 07572 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 07573 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 07574 07575 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 07576 07577 msg_len = unhexify( message_str, "594b37333bbb2c84524a87c1a01f75fcec0e3256f108e38dca36d70d0057" ); 07578 07579 switch( SIG_RSA_SHA1 ) 07580 { 07581 #ifdef POLARSSL_MD2_C 07582 case SIG_RSA_MD2: 07583 md2( message_str, msg_len, hash_result ); 07584 break; 07585 #endif 07586 #ifdef POLARSSL_MD4_C 07587 case SIG_RSA_MD4: 07588 md4( message_str, msg_len, hash_result ); 07589 break; 07590 #endif 07591 #ifdef POLARSSL_MD5_C 07592 case SIG_RSA_MD5: 07593 md5( message_str, msg_len, hash_result ); 07594 break; 07595 #endif 07596 #ifdef POLARSSL_SHA1_C 07597 case SIG_RSA_SHA1: 07598 sha1( message_str, msg_len, hash_result ); 07599 break; 07600 #endif 07601 #ifdef POLARSSL_SHA2_C 07602 case SIG_RSA_SHA224: 07603 sha2( message_str, msg_len, hash_result, 1 ); 07604 break; 07605 case SIG_RSA_SHA256: 07606 sha2( message_str, msg_len, hash_result, 0 ); 07607 break; 07608 #endif 07609 #ifdef POLARSSL_SHA4_C 07610 case SIG_RSA_SHA384: 07611 sha4( message_str, msg_len, hash_result, 1 ); 07612 break; 07613 case SIG_RSA_SHA512: 07614 sha4( message_str, msg_len, hash_result, 0 ); 07615 break; 07616 #endif 07617 } 07618 07619 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 07620 if( 0 == 0 ) 07621 { 07622 hexify( output_str, output, ctx.len); 07623 07624 fct_chk( strcasecmp( (char *) output_str, "0088b135fb1794b6b96c4a3e678197f8cac52b64b2fe907d6f27de761124964a99a01a882740ecfaed6c01a47464bb05182313c01338a8cd097214cd68ca103bd57d3bc9e816213e61d784f182467abf8a01cf253e99a156eaa8e3e1f90e3c6e4e3aa2d83ed0345b89fafc9c26077c14b6ac51454fa26e446e3a2f153b2b16797f" ) == 0 ); 07625 } 07626 07627 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 07628 } 07629 FCT_TEST_END(); 07630 07631 07632 FCT_TEST_BGN(rsassa_pss_signature_example_3_1_verify) 07633 { 07634 unsigned char message_str[1000]; 07635 unsigned char hash_result[1000]; 07636 unsigned char result_str[1000]; 07637 rsa_context ctx; 07638 size_t msg_len; 07639 07640 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 07641 memset( message_str, 0x00, 1000 ); 07642 memset( hash_result, 0x00, 1000 ); 07643 memset( result_str, 0x00, 1000 ); 07644 07645 ctx.len = 1026 / 8 + ( ( 1026 % 8 ) ? 1 : 0 ); 07646 fct_chk( mpi_read_string( &ctx.N, 16, "02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443" ) == 0 ); 07647 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 07648 07649 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 07650 07651 msg_len = unhexify( message_str, "594b37333bbb2c84524a87c1a01f75fcec0e3256f108e38dca36d70d0057" ); 07652 unhexify( result_str, "0088b135fb1794b6b96c4a3e678197f8cac52b64b2fe907d6f27de761124964a99a01a882740ecfaed6c01a47464bb05182313c01338a8cd097214cd68ca103bd57d3bc9e816213e61d784f182467abf8a01cf253e99a156eaa8e3e1f90e3c6e4e3aa2d83ed0345b89fafc9c26077c14b6ac51454fa26e446e3a2f153b2b16797f" ); 07653 07654 switch( SIG_RSA_SHA1 ) 07655 { 07656 #ifdef POLARSSL_MD2_C 07657 case SIG_RSA_MD2: 07658 md2( message_str, msg_len, hash_result ); 07659 break; 07660 #endif 07661 #ifdef POLARSSL_MD4_C 07662 case SIG_RSA_MD4: 07663 md4( message_str, msg_len, hash_result ); 07664 break; 07665 #endif 07666 #ifdef POLARSSL_MD5_C 07667 case SIG_RSA_MD5: 07668 md5( message_str, msg_len, hash_result ); 07669 break; 07670 #endif 07671 #ifdef POLARSSL_SHA1_C 07672 case SIG_RSA_SHA1: 07673 sha1( message_str, msg_len, hash_result ); 07674 break; 07675 #endif 07676 #ifdef POLARSSL_SHA2_C 07677 case SIG_RSA_SHA224: 07678 sha2( message_str, msg_len, hash_result, 1 ); 07679 break; 07680 case SIG_RSA_SHA256: 07681 sha2( message_str, msg_len, hash_result, 0 ); 07682 break; 07683 #endif 07684 #ifdef POLARSSL_SHA4_C 07685 case SIG_RSA_SHA384: 07686 sha4( message_str, msg_len, hash_result, 1 ); 07687 break; 07688 case SIG_RSA_SHA512: 07689 sha4( message_str, msg_len, hash_result, 0 ); 07690 break; 07691 #endif 07692 } 07693 07694 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 07695 } 07696 FCT_TEST_END(); 07697 07698 07699 FCT_TEST_BGN(rsassa_pss_signature_example_3_2) 07700 { 07701 unsigned char message_str[1000]; 07702 unsigned char hash_result[1000]; 07703 unsigned char output[1000]; 07704 unsigned char output_str[1000]; 07705 unsigned char rnd_buf[1000]; 07706 rsa_context ctx; 07707 mpi P1, Q1, H, G; 07708 size_t msg_len; 07709 rnd_buf_info info; 07710 07711 info.length = unhexify( rnd_buf, "fcf9f0e1f199a3d1d0da681c5b8606fc642939f7" ); 07712 info.buf = rnd_buf; 07713 07714 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 07715 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 07716 07717 memset( message_str, 0x00, 1000 ); 07718 memset( hash_result, 0x00, 1000 ); 07719 memset( output, 0x00, 1000 ); 07720 memset( output_str, 0x00, 1000 ); 07721 07722 ctx.len = 1026 / 8 + ( ( 1026 % 8 ) ? 1 : 0 ); 07723 fct_chk( mpi_read_string( &ctx.P, 16, "01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853" ) == 0 ); 07724 fct_chk( mpi_read_string( &ctx.Q, 16, "01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651" ) == 0 ); 07725 fct_chk( mpi_read_string( &ctx.N, 16, "02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443" ) == 0 ); 07726 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 07727 07728 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 07729 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 07730 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 07731 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 07732 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 07733 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 07734 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 07735 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 07736 07737 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 07738 07739 msg_len = unhexify( message_str, "8b769528884a0d1ffd090cf102993e796dadcfbddd38e44ff6324ca451" ); 07740 07741 switch( SIG_RSA_SHA1 ) 07742 { 07743 #ifdef POLARSSL_MD2_C 07744 case SIG_RSA_MD2: 07745 md2( message_str, msg_len, hash_result ); 07746 break; 07747 #endif 07748 #ifdef POLARSSL_MD4_C 07749 case SIG_RSA_MD4: 07750 md4( message_str, msg_len, hash_result ); 07751 break; 07752 #endif 07753 #ifdef POLARSSL_MD5_C 07754 case SIG_RSA_MD5: 07755 md5( message_str, msg_len, hash_result ); 07756 break; 07757 #endif 07758 #ifdef POLARSSL_SHA1_C 07759 case SIG_RSA_SHA1: 07760 sha1( message_str, msg_len, hash_result ); 07761 break; 07762 #endif 07763 #ifdef POLARSSL_SHA2_C 07764 case SIG_RSA_SHA224: 07765 sha2( message_str, msg_len, hash_result, 1 ); 07766 break; 07767 case SIG_RSA_SHA256: 07768 sha2( message_str, msg_len, hash_result, 0 ); 07769 break; 07770 #endif 07771 #ifdef POLARSSL_SHA4_C 07772 case SIG_RSA_SHA384: 07773 sha4( message_str, msg_len, hash_result, 1 ); 07774 break; 07775 case SIG_RSA_SHA512: 07776 sha4( message_str, msg_len, hash_result, 0 ); 07777 break; 07778 #endif 07779 } 07780 07781 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 07782 if( 0 == 0 ) 07783 { 07784 hexify( output_str, output, ctx.len); 07785 07786 fct_chk( strcasecmp( (char *) output_str, "02a5f0a858a0864a4f65017a7d69454f3f973a2999839b7bbc48bf78641169179556f595fa41f6ff18e286c2783079bc0910ee9cc34f49ba681124f923dfa88f426141a368a5f5a930c628c2c3c200e18a7644721a0cbec6dd3f6279bde3e8f2be5e2d4ee56f97e7ceaf33054be7042bd91a63bb09f897bd41e81197dee99b11af" ) == 0 ); 07787 } 07788 07789 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 07790 } 07791 FCT_TEST_END(); 07792 07793 07794 FCT_TEST_BGN(rsassa_pss_signature_example_3_2_verify) 07795 { 07796 unsigned char message_str[1000]; 07797 unsigned char hash_result[1000]; 07798 unsigned char result_str[1000]; 07799 rsa_context ctx; 07800 size_t msg_len; 07801 07802 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 07803 memset( message_str, 0x00, 1000 ); 07804 memset( hash_result, 0x00, 1000 ); 07805 memset( result_str, 0x00, 1000 ); 07806 07807 ctx.len = 1026 / 8 + ( ( 1026 % 8 ) ? 1 : 0 ); 07808 fct_chk( mpi_read_string( &ctx.N, 16, "02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443" ) == 0 ); 07809 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 07810 07811 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 07812 07813 msg_len = unhexify( message_str, "8b769528884a0d1ffd090cf102993e796dadcfbddd38e44ff6324ca451" ); 07814 unhexify( result_str, "02a5f0a858a0864a4f65017a7d69454f3f973a2999839b7bbc48bf78641169179556f595fa41f6ff18e286c2783079bc0910ee9cc34f49ba681124f923dfa88f426141a368a5f5a930c628c2c3c200e18a7644721a0cbec6dd3f6279bde3e8f2be5e2d4ee56f97e7ceaf33054be7042bd91a63bb09f897bd41e81197dee99b11af" ); 07815 07816 switch( SIG_RSA_SHA1 ) 07817 { 07818 #ifdef POLARSSL_MD2_C 07819 case SIG_RSA_MD2: 07820 md2( message_str, msg_len, hash_result ); 07821 break; 07822 #endif 07823 #ifdef POLARSSL_MD4_C 07824 case SIG_RSA_MD4: 07825 md4( message_str, msg_len, hash_result ); 07826 break; 07827 #endif 07828 #ifdef POLARSSL_MD5_C 07829 case SIG_RSA_MD5: 07830 md5( message_str, msg_len, hash_result ); 07831 break; 07832 #endif 07833 #ifdef POLARSSL_SHA1_C 07834 case SIG_RSA_SHA1: 07835 sha1( message_str, msg_len, hash_result ); 07836 break; 07837 #endif 07838 #ifdef POLARSSL_SHA2_C 07839 case SIG_RSA_SHA224: 07840 sha2( message_str, msg_len, hash_result, 1 ); 07841 break; 07842 case SIG_RSA_SHA256: 07843 sha2( message_str, msg_len, hash_result, 0 ); 07844 break; 07845 #endif 07846 #ifdef POLARSSL_SHA4_C 07847 case SIG_RSA_SHA384: 07848 sha4( message_str, msg_len, hash_result, 1 ); 07849 break; 07850 case SIG_RSA_SHA512: 07851 sha4( message_str, msg_len, hash_result, 0 ); 07852 break; 07853 #endif 07854 } 07855 07856 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 07857 } 07858 FCT_TEST_END(); 07859 07860 07861 FCT_TEST_BGN(rsassa_pss_signature_example_3_3) 07862 { 07863 unsigned char message_str[1000]; 07864 unsigned char hash_result[1000]; 07865 unsigned char output[1000]; 07866 unsigned char output_str[1000]; 07867 unsigned char rnd_buf[1000]; 07868 rsa_context ctx; 07869 mpi P1, Q1, H, G; 07870 size_t msg_len; 07871 rnd_buf_info info; 07872 07873 info.length = unhexify( rnd_buf, "986e7c43dbb671bd41b9a7f4b6afc80e805f2423" ); 07874 info.buf = rnd_buf; 07875 07876 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 07877 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 07878 07879 memset( message_str, 0x00, 1000 ); 07880 memset( hash_result, 0x00, 1000 ); 07881 memset( output, 0x00, 1000 ); 07882 memset( output_str, 0x00, 1000 ); 07883 07884 ctx.len = 1026 / 8 + ( ( 1026 % 8 ) ? 1 : 0 ); 07885 fct_chk( mpi_read_string( &ctx.P, 16, "01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853" ) == 0 ); 07886 fct_chk( mpi_read_string( &ctx.Q, 16, "01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651" ) == 0 ); 07887 fct_chk( mpi_read_string( &ctx.N, 16, "02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443" ) == 0 ); 07888 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 07889 07890 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 07891 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 07892 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 07893 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 07894 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 07895 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 07896 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 07897 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 07898 07899 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 07900 07901 msg_len = unhexify( message_str, "1abdba489c5ada2f995ed16f19d5a94d9e6ec34a8d84f84557d26e5ef9b02b22887e3f9a4b690ad1149209c20c61431f0c017c36c2657b35d7b07d3f5ad8708507a9c1b831df835a56f831071814ea5d3d8d8f6ade40cba38b42db7a2d3d7a29c8f0a79a7838cf58a9757fa2fe4c40df9baa193bfc6f92b123ad57b07ace3e6ac068c9f106afd9eeb03b4f37c25dbfbcfb3071f6f9771766d072f3bb070af6605532973ae25051" ); 07902 07903 switch( SIG_RSA_SHA1 ) 07904 { 07905 #ifdef POLARSSL_MD2_C 07906 case SIG_RSA_MD2: 07907 md2( message_str, msg_len, hash_result ); 07908 break; 07909 #endif 07910 #ifdef POLARSSL_MD4_C 07911 case SIG_RSA_MD4: 07912 md4( message_str, msg_len, hash_result ); 07913 break; 07914 #endif 07915 #ifdef POLARSSL_MD5_C 07916 case SIG_RSA_MD5: 07917 md5( message_str, msg_len, hash_result ); 07918 break; 07919 #endif 07920 #ifdef POLARSSL_SHA1_C 07921 case SIG_RSA_SHA1: 07922 sha1( message_str, msg_len, hash_result ); 07923 break; 07924 #endif 07925 #ifdef POLARSSL_SHA2_C 07926 case SIG_RSA_SHA224: 07927 sha2( message_str, msg_len, hash_result, 1 ); 07928 break; 07929 case SIG_RSA_SHA256: 07930 sha2( message_str, msg_len, hash_result, 0 ); 07931 break; 07932 #endif 07933 #ifdef POLARSSL_SHA4_C 07934 case SIG_RSA_SHA384: 07935 sha4( message_str, msg_len, hash_result, 1 ); 07936 break; 07937 case SIG_RSA_SHA512: 07938 sha4( message_str, msg_len, hash_result, 0 ); 07939 break; 07940 #endif 07941 } 07942 07943 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 07944 if( 0 == 0 ) 07945 { 07946 hexify( output_str, output, ctx.len); 07947 07948 fct_chk( strcasecmp( (char *) output_str, "0244bcd1c8c16955736c803be401272e18cb990811b14f72db964124d5fa760649cbb57afb8755dbb62bf51f466cf23a0a1607576e983d778fceffa92df7548aea8ea4ecad2c29dd9f95bc07fe91ecf8bee255bfe8762fd7690aa9bfa4fa0849ef728c2c42c4532364522df2ab7f9f8a03b63f7a499175828668f5ef5a29e3802c" ) == 0 ); 07949 } 07950 07951 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 07952 } 07953 FCT_TEST_END(); 07954 07955 07956 FCT_TEST_BGN(rsassa_pss_signature_example_3_3_verify) 07957 { 07958 unsigned char message_str[1000]; 07959 unsigned char hash_result[1000]; 07960 unsigned char result_str[1000]; 07961 rsa_context ctx; 07962 size_t msg_len; 07963 07964 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 07965 memset( message_str, 0x00, 1000 ); 07966 memset( hash_result, 0x00, 1000 ); 07967 memset( result_str, 0x00, 1000 ); 07968 07969 ctx.len = 1026 / 8 + ( ( 1026 % 8 ) ? 1 : 0 ); 07970 fct_chk( mpi_read_string( &ctx.N, 16, "02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443" ) == 0 ); 07971 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 07972 07973 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 07974 07975 msg_len = unhexify( message_str, "1abdba489c5ada2f995ed16f19d5a94d9e6ec34a8d84f84557d26e5ef9b02b22887e3f9a4b690ad1149209c20c61431f0c017c36c2657b35d7b07d3f5ad8708507a9c1b831df835a56f831071814ea5d3d8d8f6ade40cba38b42db7a2d3d7a29c8f0a79a7838cf58a9757fa2fe4c40df9baa193bfc6f92b123ad57b07ace3e6ac068c9f106afd9eeb03b4f37c25dbfbcfb3071f6f9771766d072f3bb070af6605532973ae25051" ); 07976 unhexify( result_str, "0244bcd1c8c16955736c803be401272e18cb990811b14f72db964124d5fa760649cbb57afb8755dbb62bf51f466cf23a0a1607576e983d778fceffa92df7548aea8ea4ecad2c29dd9f95bc07fe91ecf8bee255bfe8762fd7690aa9bfa4fa0849ef728c2c42c4532364522df2ab7f9f8a03b63f7a499175828668f5ef5a29e3802c" ); 07977 07978 switch( SIG_RSA_SHA1 ) 07979 { 07980 #ifdef POLARSSL_MD2_C 07981 case SIG_RSA_MD2: 07982 md2( message_str, msg_len, hash_result ); 07983 break; 07984 #endif 07985 #ifdef POLARSSL_MD4_C 07986 case SIG_RSA_MD4: 07987 md4( message_str, msg_len, hash_result ); 07988 break; 07989 #endif 07990 #ifdef POLARSSL_MD5_C 07991 case SIG_RSA_MD5: 07992 md5( message_str, msg_len, hash_result ); 07993 break; 07994 #endif 07995 #ifdef POLARSSL_SHA1_C 07996 case SIG_RSA_SHA1: 07997 sha1( message_str, msg_len, hash_result ); 07998 break; 07999 #endif 08000 #ifdef POLARSSL_SHA2_C 08001 case SIG_RSA_SHA224: 08002 sha2( message_str, msg_len, hash_result, 1 ); 08003 break; 08004 case SIG_RSA_SHA256: 08005 sha2( message_str, msg_len, hash_result, 0 ); 08006 break; 08007 #endif 08008 #ifdef POLARSSL_SHA4_C 08009 case SIG_RSA_SHA384: 08010 sha4( message_str, msg_len, hash_result, 1 ); 08011 break; 08012 case SIG_RSA_SHA512: 08013 sha4( message_str, msg_len, hash_result, 0 ); 08014 break; 08015 #endif 08016 } 08017 08018 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 08019 } 08020 FCT_TEST_END(); 08021 08022 08023 FCT_TEST_BGN(rsassa_pss_signature_example_3_4) 08024 { 08025 unsigned char message_str[1000]; 08026 unsigned char hash_result[1000]; 08027 unsigned char output[1000]; 08028 unsigned char output_str[1000]; 08029 unsigned char rnd_buf[1000]; 08030 rsa_context ctx; 08031 mpi P1, Q1, H, G; 08032 size_t msg_len; 08033 rnd_buf_info info; 08034 08035 info.length = unhexify( rnd_buf, "f8312d9c8eea13ec0a4c7b98120c87509087c478" ); 08036 info.buf = rnd_buf; 08037 08038 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 08039 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 08040 08041 memset( message_str, 0x00, 1000 ); 08042 memset( hash_result, 0x00, 1000 ); 08043 memset( output, 0x00, 1000 ); 08044 memset( output_str, 0x00, 1000 ); 08045 08046 ctx.len = 1026 / 8 + ( ( 1026 % 8 ) ? 1 : 0 ); 08047 fct_chk( mpi_read_string( &ctx.P, 16, "01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853" ) == 0 ); 08048 fct_chk( mpi_read_string( &ctx.Q, 16, "01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651" ) == 0 ); 08049 fct_chk( mpi_read_string( &ctx.N, 16, "02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443" ) == 0 ); 08050 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 08051 08052 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 08053 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 08054 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 08055 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 08056 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 08057 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 08058 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 08059 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 08060 08061 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 08062 08063 msg_len = unhexify( message_str, "8fb431f5ee792b6c2ac7db53cc428655aeb32d03f4e889c5c25de683c461b53acf89f9f8d3aabdf6b9f0c2a1de12e15b49edb3919a652fe9491c25a7fce1f722c2543608b69dc375ec" ); 08064 08065 switch( SIG_RSA_SHA1 ) 08066 { 08067 #ifdef POLARSSL_MD2_C 08068 case SIG_RSA_MD2: 08069 md2( message_str, msg_len, hash_result ); 08070 break; 08071 #endif 08072 #ifdef POLARSSL_MD4_C 08073 case SIG_RSA_MD4: 08074 md4( message_str, msg_len, hash_result ); 08075 break; 08076 #endif 08077 #ifdef POLARSSL_MD5_C 08078 case SIG_RSA_MD5: 08079 md5( message_str, msg_len, hash_result ); 08080 break; 08081 #endif 08082 #ifdef POLARSSL_SHA1_C 08083 case SIG_RSA_SHA1: 08084 sha1( message_str, msg_len, hash_result ); 08085 break; 08086 #endif 08087 #ifdef POLARSSL_SHA2_C 08088 case SIG_RSA_SHA224: 08089 sha2( message_str, msg_len, hash_result, 1 ); 08090 break; 08091 case SIG_RSA_SHA256: 08092 sha2( message_str, msg_len, hash_result, 0 ); 08093 break; 08094 #endif 08095 #ifdef POLARSSL_SHA4_C 08096 case SIG_RSA_SHA384: 08097 sha4( message_str, msg_len, hash_result, 1 ); 08098 break; 08099 case SIG_RSA_SHA512: 08100 sha4( message_str, msg_len, hash_result, 0 ); 08101 break; 08102 #endif 08103 } 08104 08105 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 08106 if( 0 == 0 ) 08107 { 08108 hexify( output_str, output, ctx.len); 08109 08110 fct_chk( strcasecmp( (char *) output_str, "0196f12a005b98129c8df13c4cb16f8aa887d3c40d96df3a88e7532ef39cd992f273abc370bc1be6f097cfebbf0118fd9ef4b927155f3df22b904d90702d1f7ba7a52bed8b8942f412cd7bd676c9d18e170391dcd345c06a730964b3f30bcce0bb20ba106f9ab0eeb39cf8a6607f75c0347f0af79f16afa081d2c92d1ee6f836b8" ) == 0 ); 08111 } 08112 08113 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 08114 } 08115 FCT_TEST_END(); 08116 08117 08118 FCT_TEST_BGN(rsassa_pss_signature_example_3_4_verify) 08119 { 08120 unsigned char message_str[1000]; 08121 unsigned char hash_result[1000]; 08122 unsigned char result_str[1000]; 08123 rsa_context ctx; 08124 size_t msg_len; 08125 08126 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 08127 memset( message_str, 0x00, 1000 ); 08128 memset( hash_result, 0x00, 1000 ); 08129 memset( result_str, 0x00, 1000 ); 08130 08131 ctx.len = 1026 / 8 + ( ( 1026 % 8 ) ? 1 : 0 ); 08132 fct_chk( mpi_read_string( &ctx.N, 16, "02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443" ) == 0 ); 08133 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 08134 08135 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 08136 08137 msg_len = unhexify( message_str, "8fb431f5ee792b6c2ac7db53cc428655aeb32d03f4e889c5c25de683c461b53acf89f9f8d3aabdf6b9f0c2a1de12e15b49edb3919a652fe9491c25a7fce1f722c2543608b69dc375ec" ); 08138 unhexify( result_str, "0196f12a005b98129c8df13c4cb16f8aa887d3c40d96df3a88e7532ef39cd992f273abc370bc1be6f097cfebbf0118fd9ef4b927155f3df22b904d90702d1f7ba7a52bed8b8942f412cd7bd676c9d18e170391dcd345c06a730964b3f30bcce0bb20ba106f9ab0eeb39cf8a6607f75c0347f0af79f16afa081d2c92d1ee6f836b8" ); 08139 08140 switch( SIG_RSA_SHA1 ) 08141 { 08142 #ifdef POLARSSL_MD2_C 08143 case SIG_RSA_MD2: 08144 md2( message_str, msg_len, hash_result ); 08145 break; 08146 #endif 08147 #ifdef POLARSSL_MD4_C 08148 case SIG_RSA_MD4: 08149 md4( message_str, msg_len, hash_result ); 08150 break; 08151 #endif 08152 #ifdef POLARSSL_MD5_C 08153 case SIG_RSA_MD5: 08154 md5( message_str, msg_len, hash_result ); 08155 break; 08156 #endif 08157 #ifdef POLARSSL_SHA1_C 08158 case SIG_RSA_SHA1: 08159 sha1( message_str, msg_len, hash_result ); 08160 break; 08161 #endif 08162 #ifdef POLARSSL_SHA2_C 08163 case SIG_RSA_SHA224: 08164 sha2( message_str, msg_len, hash_result, 1 ); 08165 break; 08166 case SIG_RSA_SHA256: 08167 sha2( message_str, msg_len, hash_result, 0 ); 08168 break; 08169 #endif 08170 #ifdef POLARSSL_SHA4_C 08171 case SIG_RSA_SHA384: 08172 sha4( message_str, msg_len, hash_result, 1 ); 08173 break; 08174 case SIG_RSA_SHA512: 08175 sha4( message_str, msg_len, hash_result, 0 ); 08176 break; 08177 #endif 08178 } 08179 08180 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 08181 } 08182 FCT_TEST_END(); 08183 08184 08185 FCT_TEST_BGN(rsassa_pss_signature_example_3_5) 08186 { 08187 unsigned char message_str[1000]; 08188 unsigned char hash_result[1000]; 08189 unsigned char output[1000]; 08190 unsigned char output_str[1000]; 08191 unsigned char rnd_buf[1000]; 08192 rsa_context ctx; 08193 mpi P1, Q1, H, G; 08194 size_t msg_len; 08195 rnd_buf_info info; 08196 08197 info.length = unhexify( rnd_buf, "50327efec6292f98019fc67a2a6638563e9b6e2d" ); 08198 info.buf = rnd_buf; 08199 08200 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 08201 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 08202 08203 memset( message_str, 0x00, 1000 ); 08204 memset( hash_result, 0x00, 1000 ); 08205 memset( output, 0x00, 1000 ); 08206 memset( output_str, 0x00, 1000 ); 08207 08208 ctx.len = 1026 / 8 + ( ( 1026 % 8 ) ? 1 : 0 ); 08209 fct_chk( mpi_read_string( &ctx.P, 16, "01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853" ) == 0 ); 08210 fct_chk( mpi_read_string( &ctx.Q, 16, "01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651" ) == 0 ); 08211 fct_chk( mpi_read_string( &ctx.N, 16, "02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443" ) == 0 ); 08212 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 08213 08214 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 08215 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 08216 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 08217 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 08218 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 08219 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 08220 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 08221 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 08222 08223 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 08224 08225 msg_len = unhexify( message_str, "fef4161dfaaf9c5295051dfc1ff3810c8c9ec2e866f7075422c8ec4216a9c4ff49427d483cae10c8534a41b2fd15fee06960ec6fb3f7a7e94a2f8a2e3e43dc4a40576c3097ac953b1de86f0b4ed36d644f23ae14425529622464ca0cbf0b1741347238157fab59e4de5524096d62baec63ac64" ); 08226 08227 switch( SIG_RSA_SHA1 ) 08228 { 08229 #ifdef POLARSSL_MD2_C 08230 case SIG_RSA_MD2: 08231 md2( message_str, msg_len, hash_result ); 08232 break; 08233 #endif 08234 #ifdef POLARSSL_MD4_C 08235 case SIG_RSA_MD4: 08236 md4( message_str, msg_len, hash_result ); 08237 break; 08238 #endif 08239 #ifdef POLARSSL_MD5_C 08240 case SIG_RSA_MD5: 08241 md5( message_str, msg_len, hash_result ); 08242 break; 08243 #endif 08244 #ifdef POLARSSL_SHA1_C 08245 case SIG_RSA_SHA1: 08246 sha1( message_str, msg_len, hash_result ); 08247 break; 08248 #endif 08249 #ifdef POLARSSL_SHA2_C 08250 case SIG_RSA_SHA224: 08251 sha2( message_str, msg_len, hash_result, 1 ); 08252 break; 08253 case SIG_RSA_SHA256: 08254 sha2( message_str, msg_len, hash_result, 0 ); 08255 break; 08256 #endif 08257 #ifdef POLARSSL_SHA4_C 08258 case SIG_RSA_SHA384: 08259 sha4( message_str, msg_len, hash_result, 1 ); 08260 break; 08261 case SIG_RSA_SHA512: 08262 sha4( message_str, msg_len, hash_result, 0 ); 08263 break; 08264 #endif 08265 } 08266 08267 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 08268 if( 0 == 0 ) 08269 { 08270 hexify( output_str, output, ctx.len); 08271 08272 fct_chk( strcasecmp( (char *) output_str, "021eca3ab4892264ec22411a752d92221076d4e01c0e6f0dde9afd26ba5acf6d739ef987545d16683e5674c9e70f1de649d7e61d48d0caeb4fb4d8b24fba84a6e3108fee7d0705973266ac524b4ad280f7ae17dc59d96d3351586b5a3bdb895d1e1f7820ac6135d8753480998382ba32b7349559608c38745290a85ef4e9f9bd83" ) == 0 ); 08273 } 08274 08275 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 08276 } 08277 FCT_TEST_END(); 08278 08279 08280 FCT_TEST_BGN(rsassa_pss_signature_example_3_5_verify) 08281 { 08282 unsigned char message_str[1000]; 08283 unsigned char hash_result[1000]; 08284 unsigned char result_str[1000]; 08285 rsa_context ctx; 08286 size_t msg_len; 08287 08288 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 08289 memset( message_str, 0x00, 1000 ); 08290 memset( hash_result, 0x00, 1000 ); 08291 memset( result_str, 0x00, 1000 ); 08292 08293 ctx.len = 1026 / 8 + ( ( 1026 % 8 ) ? 1 : 0 ); 08294 fct_chk( mpi_read_string( &ctx.N, 16, "02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443" ) == 0 ); 08295 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 08296 08297 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 08298 08299 msg_len = unhexify( message_str, "fef4161dfaaf9c5295051dfc1ff3810c8c9ec2e866f7075422c8ec4216a9c4ff49427d483cae10c8534a41b2fd15fee06960ec6fb3f7a7e94a2f8a2e3e43dc4a40576c3097ac953b1de86f0b4ed36d644f23ae14425529622464ca0cbf0b1741347238157fab59e4de5524096d62baec63ac64" ); 08300 unhexify( result_str, "021eca3ab4892264ec22411a752d92221076d4e01c0e6f0dde9afd26ba5acf6d739ef987545d16683e5674c9e70f1de649d7e61d48d0caeb4fb4d8b24fba84a6e3108fee7d0705973266ac524b4ad280f7ae17dc59d96d3351586b5a3bdb895d1e1f7820ac6135d8753480998382ba32b7349559608c38745290a85ef4e9f9bd83" ); 08301 08302 switch( SIG_RSA_SHA1 ) 08303 { 08304 #ifdef POLARSSL_MD2_C 08305 case SIG_RSA_MD2: 08306 md2( message_str, msg_len, hash_result ); 08307 break; 08308 #endif 08309 #ifdef POLARSSL_MD4_C 08310 case SIG_RSA_MD4: 08311 md4( message_str, msg_len, hash_result ); 08312 break; 08313 #endif 08314 #ifdef POLARSSL_MD5_C 08315 case SIG_RSA_MD5: 08316 md5( message_str, msg_len, hash_result ); 08317 break; 08318 #endif 08319 #ifdef POLARSSL_SHA1_C 08320 case SIG_RSA_SHA1: 08321 sha1( message_str, msg_len, hash_result ); 08322 break; 08323 #endif 08324 #ifdef POLARSSL_SHA2_C 08325 case SIG_RSA_SHA224: 08326 sha2( message_str, msg_len, hash_result, 1 ); 08327 break; 08328 case SIG_RSA_SHA256: 08329 sha2( message_str, msg_len, hash_result, 0 ); 08330 break; 08331 #endif 08332 #ifdef POLARSSL_SHA4_C 08333 case SIG_RSA_SHA384: 08334 sha4( message_str, msg_len, hash_result, 1 ); 08335 break; 08336 case SIG_RSA_SHA512: 08337 sha4( message_str, msg_len, hash_result, 0 ); 08338 break; 08339 #endif 08340 } 08341 08342 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 08343 } 08344 FCT_TEST_END(); 08345 08346 08347 FCT_TEST_BGN(rsassa_pss_signature_example_3_6) 08348 { 08349 unsigned char message_str[1000]; 08350 unsigned char hash_result[1000]; 08351 unsigned char output[1000]; 08352 unsigned char output_str[1000]; 08353 unsigned char rnd_buf[1000]; 08354 rsa_context ctx; 08355 mpi P1, Q1, H, G; 08356 size_t msg_len; 08357 rnd_buf_info info; 08358 08359 info.length = unhexify( rnd_buf, "b0de3fc25b65f5af96b1d5cc3b27d0c6053087b3" ); 08360 info.buf = rnd_buf; 08361 08362 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 08363 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 08364 08365 memset( message_str, 0x00, 1000 ); 08366 memset( hash_result, 0x00, 1000 ); 08367 memset( output, 0x00, 1000 ); 08368 memset( output_str, 0x00, 1000 ); 08369 08370 ctx.len = 1026 / 8 + ( ( 1026 % 8 ) ? 1 : 0 ); 08371 fct_chk( mpi_read_string( &ctx.P, 16, "01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853" ) == 0 ); 08372 fct_chk( mpi_read_string( &ctx.Q, 16, "01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651" ) == 0 ); 08373 fct_chk( mpi_read_string( &ctx.N, 16, "02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443" ) == 0 ); 08374 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 08375 08376 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 08377 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 08378 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 08379 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 08380 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 08381 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 08382 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 08383 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 08384 08385 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 08386 08387 msg_len = unhexify( message_str, "efd237bb098a443aeeb2bf6c3f8c81b8c01b7fcb3feb" ); 08388 08389 switch( SIG_RSA_SHA1 ) 08390 { 08391 #ifdef POLARSSL_MD2_C 08392 case SIG_RSA_MD2: 08393 md2( message_str, msg_len, hash_result ); 08394 break; 08395 #endif 08396 #ifdef POLARSSL_MD4_C 08397 case SIG_RSA_MD4: 08398 md4( message_str, msg_len, hash_result ); 08399 break; 08400 #endif 08401 #ifdef POLARSSL_MD5_C 08402 case SIG_RSA_MD5: 08403 md5( message_str, msg_len, hash_result ); 08404 break; 08405 #endif 08406 #ifdef POLARSSL_SHA1_C 08407 case SIG_RSA_SHA1: 08408 sha1( message_str, msg_len, hash_result ); 08409 break; 08410 #endif 08411 #ifdef POLARSSL_SHA2_C 08412 case SIG_RSA_SHA224: 08413 sha2( message_str, msg_len, hash_result, 1 ); 08414 break; 08415 case SIG_RSA_SHA256: 08416 sha2( message_str, msg_len, hash_result, 0 ); 08417 break; 08418 #endif 08419 #ifdef POLARSSL_SHA4_C 08420 case SIG_RSA_SHA384: 08421 sha4( message_str, msg_len, hash_result, 1 ); 08422 break; 08423 case SIG_RSA_SHA512: 08424 sha4( message_str, msg_len, hash_result, 0 ); 08425 break; 08426 #endif 08427 } 08428 08429 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 08430 if( 0 == 0 ) 08431 { 08432 hexify( output_str, output, ctx.len); 08433 08434 fct_chk( strcasecmp( (char *) output_str, "012fafec862f56e9e92f60ab0c77824f4299a0ca734ed26e0644d5d222c7f0bde03964f8e70a5cb65ed44e44d56ae0edf1ff86ca032cc5dd4404dbb76ab854586c44eed8336d08d457ce6c03693b45c0f1efef93624b95b8ec169c616d20e5538ebc0b6737a6f82b4bc0570924fc6b35759a3348426279f8b3d7744e2d222426ce" ) == 0 ); 08435 } 08436 08437 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 08438 } 08439 FCT_TEST_END(); 08440 08441 08442 FCT_TEST_BGN(rsassa_pss_signature_example_3_6_verify) 08443 { 08444 unsigned char message_str[1000]; 08445 unsigned char hash_result[1000]; 08446 unsigned char result_str[1000]; 08447 rsa_context ctx; 08448 size_t msg_len; 08449 08450 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 08451 memset( message_str, 0x00, 1000 ); 08452 memset( hash_result, 0x00, 1000 ); 08453 memset( result_str, 0x00, 1000 ); 08454 08455 ctx.len = 1026 / 8 + ( ( 1026 % 8 ) ? 1 : 0 ); 08456 fct_chk( mpi_read_string( &ctx.N, 16, "02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443" ) == 0 ); 08457 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 08458 08459 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 08460 08461 msg_len = unhexify( message_str, "efd237bb098a443aeeb2bf6c3f8c81b8c01b7fcb3feb" ); 08462 unhexify( result_str, "012fafec862f56e9e92f60ab0c77824f4299a0ca734ed26e0644d5d222c7f0bde03964f8e70a5cb65ed44e44d56ae0edf1ff86ca032cc5dd4404dbb76ab854586c44eed8336d08d457ce6c03693b45c0f1efef93624b95b8ec169c616d20e5538ebc0b6737a6f82b4bc0570924fc6b35759a3348426279f8b3d7744e2d222426ce" ); 08463 08464 switch( SIG_RSA_SHA1 ) 08465 { 08466 #ifdef POLARSSL_MD2_C 08467 case SIG_RSA_MD2: 08468 md2( message_str, msg_len, hash_result ); 08469 break; 08470 #endif 08471 #ifdef POLARSSL_MD4_C 08472 case SIG_RSA_MD4: 08473 md4( message_str, msg_len, hash_result ); 08474 break; 08475 #endif 08476 #ifdef POLARSSL_MD5_C 08477 case SIG_RSA_MD5: 08478 md5( message_str, msg_len, hash_result ); 08479 break; 08480 #endif 08481 #ifdef POLARSSL_SHA1_C 08482 case SIG_RSA_SHA1: 08483 sha1( message_str, msg_len, hash_result ); 08484 break; 08485 #endif 08486 #ifdef POLARSSL_SHA2_C 08487 case SIG_RSA_SHA224: 08488 sha2( message_str, msg_len, hash_result, 1 ); 08489 break; 08490 case SIG_RSA_SHA256: 08491 sha2( message_str, msg_len, hash_result, 0 ); 08492 break; 08493 #endif 08494 #ifdef POLARSSL_SHA4_C 08495 case SIG_RSA_SHA384: 08496 sha4( message_str, msg_len, hash_result, 1 ); 08497 break; 08498 case SIG_RSA_SHA512: 08499 sha4( message_str, msg_len, hash_result, 0 ); 08500 break; 08501 #endif 08502 } 08503 08504 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 08505 } 08506 FCT_TEST_END(); 08507 08508 08509 FCT_TEST_BGN(rsassa_pss_signature_example_4_1) 08510 { 08511 unsigned char message_str[1000]; 08512 unsigned char hash_result[1000]; 08513 unsigned char output[1000]; 08514 unsigned char output_str[1000]; 08515 unsigned char rnd_buf[1000]; 08516 rsa_context ctx; 08517 mpi P1, Q1, H, G; 08518 size_t msg_len; 08519 rnd_buf_info info; 08520 08521 info.length = unhexify( rnd_buf, "ed7c98c95f30974fbe4fbddcf0f28d6021c0e91d" ); 08522 info.buf = rnd_buf; 08523 08524 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 08525 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 08526 08527 memset( message_str, 0x00, 1000 ); 08528 memset( hash_result, 0x00, 1000 ); 08529 memset( output, 0x00, 1000 ); 08530 memset( output_str, 0x00, 1000 ); 08531 08532 ctx.len = 1027 / 8 + ( ( 1027 % 8 ) ? 1 : 0 ); 08533 fct_chk( mpi_read_string( &ctx.P, 16, "029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995" ) == 0 ); 08534 fct_chk( mpi_read_string( &ctx.Q, 16, "020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1" ) == 0 ); 08535 fct_chk( mpi_read_string( &ctx.N, 16, "054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705" ) == 0 ); 08536 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 08537 08538 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 08539 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 08540 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 08541 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 08542 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 08543 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 08544 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 08545 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 08546 08547 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 08548 08549 msg_len = unhexify( message_str, "9fb03b827c8217d9" ); 08550 08551 switch( SIG_RSA_SHA1 ) 08552 { 08553 #ifdef POLARSSL_MD2_C 08554 case SIG_RSA_MD2: 08555 md2( message_str, msg_len, hash_result ); 08556 break; 08557 #endif 08558 #ifdef POLARSSL_MD4_C 08559 case SIG_RSA_MD4: 08560 md4( message_str, msg_len, hash_result ); 08561 break; 08562 #endif 08563 #ifdef POLARSSL_MD5_C 08564 case SIG_RSA_MD5: 08565 md5( message_str, msg_len, hash_result ); 08566 break; 08567 #endif 08568 #ifdef POLARSSL_SHA1_C 08569 case SIG_RSA_SHA1: 08570 sha1( message_str, msg_len, hash_result ); 08571 break; 08572 #endif 08573 #ifdef POLARSSL_SHA2_C 08574 case SIG_RSA_SHA224: 08575 sha2( message_str, msg_len, hash_result, 1 ); 08576 break; 08577 case SIG_RSA_SHA256: 08578 sha2( message_str, msg_len, hash_result, 0 ); 08579 break; 08580 #endif 08581 #ifdef POLARSSL_SHA4_C 08582 case SIG_RSA_SHA384: 08583 sha4( message_str, msg_len, hash_result, 1 ); 08584 break; 08585 case SIG_RSA_SHA512: 08586 sha4( message_str, msg_len, hash_result, 0 ); 08587 break; 08588 #endif 08589 } 08590 08591 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 08592 if( 0 == 0 ) 08593 { 08594 hexify( output_str, output, ctx.len); 08595 08596 fct_chk( strcasecmp( (char *) output_str, "0323d5b7bf20ba4539289ae452ae4297080feff4518423ff4811a817837e7d82f1836cdfab54514ff0887bddeebf40bf99b047abc3ecfa6a37a3ef00f4a0c4a88aae0904b745c846c4107e8797723e8ac810d9e3d95dfa30ff4966f4d75d13768d20857f2b1406f264cfe75e27d7652f4b5ed3575f28a702f8c4ed9cf9b2d44948" ) == 0 ); 08597 } 08598 08599 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 08600 } 08601 FCT_TEST_END(); 08602 08603 08604 FCT_TEST_BGN(rsassa_pss_signature_example_4_1_verify) 08605 { 08606 unsigned char message_str[1000]; 08607 unsigned char hash_result[1000]; 08608 unsigned char result_str[1000]; 08609 rsa_context ctx; 08610 size_t msg_len; 08611 08612 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 08613 memset( message_str, 0x00, 1000 ); 08614 memset( hash_result, 0x00, 1000 ); 08615 memset( result_str, 0x00, 1000 ); 08616 08617 ctx.len = 1027 / 8 + ( ( 1027 % 8 ) ? 1 : 0 ); 08618 fct_chk( mpi_read_string( &ctx.N, 16, "054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705" ) == 0 ); 08619 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 08620 08621 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 08622 08623 msg_len = unhexify( message_str, "9fb03b827c8217d9" ); 08624 unhexify( result_str, "0323d5b7bf20ba4539289ae452ae4297080feff4518423ff4811a817837e7d82f1836cdfab54514ff0887bddeebf40bf99b047abc3ecfa6a37a3ef00f4a0c4a88aae0904b745c846c4107e8797723e8ac810d9e3d95dfa30ff4966f4d75d13768d20857f2b1406f264cfe75e27d7652f4b5ed3575f28a702f8c4ed9cf9b2d44948" ); 08625 08626 switch( SIG_RSA_SHA1 ) 08627 { 08628 #ifdef POLARSSL_MD2_C 08629 case SIG_RSA_MD2: 08630 md2( message_str, msg_len, hash_result ); 08631 break; 08632 #endif 08633 #ifdef POLARSSL_MD4_C 08634 case SIG_RSA_MD4: 08635 md4( message_str, msg_len, hash_result ); 08636 break; 08637 #endif 08638 #ifdef POLARSSL_MD5_C 08639 case SIG_RSA_MD5: 08640 md5( message_str, msg_len, hash_result ); 08641 break; 08642 #endif 08643 #ifdef POLARSSL_SHA1_C 08644 case SIG_RSA_SHA1: 08645 sha1( message_str, msg_len, hash_result ); 08646 break; 08647 #endif 08648 #ifdef POLARSSL_SHA2_C 08649 case SIG_RSA_SHA224: 08650 sha2( message_str, msg_len, hash_result, 1 ); 08651 break; 08652 case SIG_RSA_SHA256: 08653 sha2( message_str, msg_len, hash_result, 0 ); 08654 break; 08655 #endif 08656 #ifdef POLARSSL_SHA4_C 08657 case SIG_RSA_SHA384: 08658 sha4( message_str, msg_len, hash_result, 1 ); 08659 break; 08660 case SIG_RSA_SHA512: 08661 sha4( message_str, msg_len, hash_result, 0 ); 08662 break; 08663 #endif 08664 } 08665 08666 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 08667 } 08668 FCT_TEST_END(); 08669 08670 08671 FCT_TEST_BGN(rsassa_pss_signature_example_4_2) 08672 { 08673 unsigned char message_str[1000]; 08674 unsigned char hash_result[1000]; 08675 unsigned char output[1000]; 08676 unsigned char output_str[1000]; 08677 unsigned char rnd_buf[1000]; 08678 rsa_context ctx; 08679 mpi P1, Q1, H, G; 08680 size_t msg_len; 08681 rnd_buf_info info; 08682 08683 info.length = unhexify( rnd_buf, "22d71d54363a4217aa55113f059b3384e3e57e44" ); 08684 info.buf = rnd_buf; 08685 08686 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 08687 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 08688 08689 memset( message_str, 0x00, 1000 ); 08690 memset( hash_result, 0x00, 1000 ); 08691 memset( output, 0x00, 1000 ); 08692 memset( output_str, 0x00, 1000 ); 08693 08694 ctx.len = 1027 / 8 + ( ( 1027 % 8 ) ? 1 : 0 ); 08695 fct_chk( mpi_read_string( &ctx.P, 16, "029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995" ) == 0 ); 08696 fct_chk( mpi_read_string( &ctx.Q, 16, "020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1" ) == 0 ); 08697 fct_chk( mpi_read_string( &ctx.N, 16, "054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705" ) == 0 ); 08698 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 08699 08700 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 08701 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 08702 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 08703 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 08704 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 08705 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 08706 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 08707 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 08708 08709 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 08710 08711 msg_len = unhexify( message_str, "0ca2ad77797ece86de5bf768750ddb5ed6a3116ad99bbd17edf7f782f0db1cd05b0f677468c5ea420dc116b10e80d110de2b0461ea14a38be68620392e7e893cb4ea9393fb886c20ff790642305bf302003892e54df9f667509dc53920df583f50a3dd61abb6fab75d600377e383e6aca6710eeea27156e06752c94ce25ae99fcbf8592dbe2d7e27453cb44de07100ebb1a2a19811a478adbeab270f94e8fe369d90b3ca612f9f" ); 08712 08713 switch( SIG_RSA_SHA1 ) 08714 { 08715 #ifdef POLARSSL_MD2_C 08716 case SIG_RSA_MD2: 08717 md2( message_str, msg_len, hash_result ); 08718 break; 08719 #endif 08720 #ifdef POLARSSL_MD4_C 08721 case SIG_RSA_MD4: 08722 md4( message_str, msg_len, hash_result ); 08723 break; 08724 #endif 08725 #ifdef POLARSSL_MD5_C 08726 case SIG_RSA_MD5: 08727 md5( message_str, msg_len, hash_result ); 08728 break; 08729 #endif 08730 #ifdef POLARSSL_SHA1_C 08731 case SIG_RSA_SHA1: 08732 sha1( message_str, msg_len, hash_result ); 08733 break; 08734 #endif 08735 #ifdef POLARSSL_SHA2_C 08736 case SIG_RSA_SHA224: 08737 sha2( message_str, msg_len, hash_result, 1 ); 08738 break; 08739 case SIG_RSA_SHA256: 08740 sha2( message_str, msg_len, hash_result, 0 ); 08741 break; 08742 #endif 08743 #ifdef POLARSSL_SHA4_C 08744 case SIG_RSA_SHA384: 08745 sha4( message_str, msg_len, hash_result, 1 ); 08746 break; 08747 case SIG_RSA_SHA512: 08748 sha4( message_str, msg_len, hash_result, 0 ); 08749 break; 08750 #endif 08751 } 08752 08753 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 08754 if( 0 == 0 ) 08755 { 08756 hexify( output_str, output, ctx.len); 08757 08758 fct_chk( strcasecmp( (char *) output_str, "049d0185845a264d28feb1e69edaec090609e8e46d93abb38371ce51f4aa65a599bdaaa81d24fba66a08a116cb644f3f1e653d95c89db8bbd5daac2709c8984000178410a7c6aa8667ddc38c741f710ec8665aa9052be929d4e3b16782c1662114c5414bb0353455c392fc28f3db59054b5f365c49e1d156f876ee10cb4fd70598" ) == 0 ); 08759 } 08760 08761 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 08762 } 08763 FCT_TEST_END(); 08764 08765 08766 FCT_TEST_BGN(rsassa_pss_signature_example_4_2_verify) 08767 { 08768 unsigned char message_str[1000]; 08769 unsigned char hash_result[1000]; 08770 unsigned char result_str[1000]; 08771 rsa_context ctx; 08772 size_t msg_len; 08773 08774 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 08775 memset( message_str, 0x00, 1000 ); 08776 memset( hash_result, 0x00, 1000 ); 08777 memset( result_str, 0x00, 1000 ); 08778 08779 ctx.len = 1027 / 8 + ( ( 1027 % 8 ) ? 1 : 0 ); 08780 fct_chk( mpi_read_string( &ctx.N, 16, "054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705" ) == 0 ); 08781 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 08782 08783 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 08784 08785 msg_len = unhexify( message_str, "0ca2ad77797ece86de5bf768750ddb5ed6a3116ad99bbd17edf7f782f0db1cd05b0f677468c5ea420dc116b10e80d110de2b0461ea14a38be68620392e7e893cb4ea9393fb886c20ff790642305bf302003892e54df9f667509dc53920df583f50a3dd61abb6fab75d600377e383e6aca6710eeea27156e06752c94ce25ae99fcbf8592dbe2d7e27453cb44de07100ebb1a2a19811a478adbeab270f94e8fe369d90b3ca612f9f" ); 08786 unhexify( result_str, "049d0185845a264d28feb1e69edaec090609e8e46d93abb38371ce51f4aa65a599bdaaa81d24fba66a08a116cb644f3f1e653d95c89db8bbd5daac2709c8984000178410a7c6aa8667ddc38c741f710ec8665aa9052be929d4e3b16782c1662114c5414bb0353455c392fc28f3db59054b5f365c49e1d156f876ee10cb4fd70598" ); 08787 08788 switch( SIG_RSA_SHA1 ) 08789 { 08790 #ifdef POLARSSL_MD2_C 08791 case SIG_RSA_MD2: 08792 md2( message_str, msg_len, hash_result ); 08793 break; 08794 #endif 08795 #ifdef POLARSSL_MD4_C 08796 case SIG_RSA_MD4: 08797 md4( message_str, msg_len, hash_result ); 08798 break; 08799 #endif 08800 #ifdef POLARSSL_MD5_C 08801 case SIG_RSA_MD5: 08802 md5( message_str, msg_len, hash_result ); 08803 break; 08804 #endif 08805 #ifdef POLARSSL_SHA1_C 08806 case SIG_RSA_SHA1: 08807 sha1( message_str, msg_len, hash_result ); 08808 break; 08809 #endif 08810 #ifdef POLARSSL_SHA2_C 08811 case SIG_RSA_SHA224: 08812 sha2( message_str, msg_len, hash_result, 1 ); 08813 break; 08814 case SIG_RSA_SHA256: 08815 sha2( message_str, msg_len, hash_result, 0 ); 08816 break; 08817 #endif 08818 #ifdef POLARSSL_SHA4_C 08819 case SIG_RSA_SHA384: 08820 sha4( message_str, msg_len, hash_result, 1 ); 08821 break; 08822 case SIG_RSA_SHA512: 08823 sha4( message_str, msg_len, hash_result, 0 ); 08824 break; 08825 #endif 08826 } 08827 08828 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 08829 } 08830 FCT_TEST_END(); 08831 08832 08833 FCT_TEST_BGN(rsassa_pss_signature_example_4_3) 08834 { 08835 unsigned char message_str[1000]; 08836 unsigned char hash_result[1000]; 08837 unsigned char output[1000]; 08838 unsigned char output_str[1000]; 08839 unsigned char rnd_buf[1000]; 08840 rsa_context ctx; 08841 mpi P1, Q1, H, G; 08842 size_t msg_len; 08843 rnd_buf_info info; 08844 08845 info.length = unhexify( rnd_buf, "4af870fbc6516012ca916c70ba862ac7e8243617" ); 08846 info.buf = rnd_buf; 08847 08848 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 08849 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 08850 08851 memset( message_str, 0x00, 1000 ); 08852 memset( hash_result, 0x00, 1000 ); 08853 memset( output, 0x00, 1000 ); 08854 memset( output_str, 0x00, 1000 ); 08855 08856 ctx.len = 1027 / 8 + ( ( 1027 % 8 ) ? 1 : 0 ); 08857 fct_chk( mpi_read_string( &ctx.P, 16, "029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995" ) == 0 ); 08858 fct_chk( mpi_read_string( &ctx.Q, 16, "020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1" ) == 0 ); 08859 fct_chk( mpi_read_string( &ctx.N, 16, "054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705" ) == 0 ); 08860 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 08861 08862 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 08863 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 08864 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 08865 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 08866 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 08867 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 08868 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 08869 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 08870 08871 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 08872 08873 msg_len = unhexify( message_str, "288062afc08fcdb7c5f8650b29837300461dd5676c17a20a3c8fb5148949e3f73d66b3ae82c7240e27c5b3ec4328ee7d6ddf6a6a0c9b5b15bcda196a9d0c76b119d534d85abd123962d583b76ce9d180bce1ca" ); 08874 08875 switch( SIG_RSA_SHA1 ) 08876 { 08877 #ifdef POLARSSL_MD2_C 08878 case SIG_RSA_MD2: 08879 md2( message_str, msg_len, hash_result ); 08880 break; 08881 #endif 08882 #ifdef POLARSSL_MD4_C 08883 case SIG_RSA_MD4: 08884 md4( message_str, msg_len, hash_result ); 08885 break; 08886 #endif 08887 #ifdef POLARSSL_MD5_C 08888 case SIG_RSA_MD5: 08889 md5( message_str, msg_len, hash_result ); 08890 break; 08891 #endif 08892 #ifdef POLARSSL_SHA1_C 08893 case SIG_RSA_SHA1: 08894 sha1( message_str, msg_len, hash_result ); 08895 break; 08896 #endif 08897 #ifdef POLARSSL_SHA2_C 08898 case SIG_RSA_SHA224: 08899 sha2( message_str, msg_len, hash_result, 1 ); 08900 break; 08901 case SIG_RSA_SHA256: 08902 sha2( message_str, msg_len, hash_result, 0 ); 08903 break; 08904 #endif 08905 #ifdef POLARSSL_SHA4_C 08906 case SIG_RSA_SHA384: 08907 sha4( message_str, msg_len, hash_result, 1 ); 08908 break; 08909 case SIG_RSA_SHA512: 08910 sha4( message_str, msg_len, hash_result, 0 ); 08911 break; 08912 #endif 08913 } 08914 08915 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 08916 if( 0 == 0 ) 08917 { 08918 hexify( output_str, output, ctx.len); 08919 08920 fct_chk( strcasecmp( (char *) output_str, "03fbc410a2ced59500fb99f9e2af2781ada74e13145624602782e2994813eefca0519ecd253b855fb626a90d771eae028b0c47a199cbd9f8e3269734af4163599090713a3fa910fa0960652721432b971036a7181a2bc0cab43b0b598bc6217461d7db305ff7e954c5b5bb231c39e791af6bcfa76b147b081321f72641482a2aad" ) == 0 ); 08921 } 08922 08923 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 08924 } 08925 FCT_TEST_END(); 08926 08927 08928 FCT_TEST_BGN(rsassa_pss_signature_example_4_3_verify) 08929 { 08930 unsigned char message_str[1000]; 08931 unsigned char hash_result[1000]; 08932 unsigned char result_str[1000]; 08933 rsa_context ctx; 08934 size_t msg_len; 08935 08936 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 08937 memset( message_str, 0x00, 1000 ); 08938 memset( hash_result, 0x00, 1000 ); 08939 memset( result_str, 0x00, 1000 ); 08940 08941 ctx.len = 1027 / 8 + ( ( 1027 % 8 ) ? 1 : 0 ); 08942 fct_chk( mpi_read_string( &ctx.N, 16, "054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705" ) == 0 ); 08943 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 08944 08945 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 08946 08947 msg_len = unhexify( message_str, "288062afc08fcdb7c5f8650b29837300461dd5676c17a20a3c8fb5148949e3f73d66b3ae82c7240e27c5b3ec4328ee7d6ddf6a6a0c9b5b15bcda196a9d0c76b119d534d85abd123962d583b76ce9d180bce1ca" ); 08948 unhexify( result_str, "03fbc410a2ced59500fb99f9e2af2781ada74e13145624602782e2994813eefca0519ecd253b855fb626a90d771eae028b0c47a199cbd9f8e3269734af4163599090713a3fa910fa0960652721432b971036a7181a2bc0cab43b0b598bc6217461d7db305ff7e954c5b5bb231c39e791af6bcfa76b147b081321f72641482a2aad" ); 08949 08950 switch( SIG_RSA_SHA1 ) 08951 { 08952 #ifdef POLARSSL_MD2_C 08953 case SIG_RSA_MD2: 08954 md2( message_str, msg_len, hash_result ); 08955 break; 08956 #endif 08957 #ifdef POLARSSL_MD4_C 08958 case SIG_RSA_MD4: 08959 md4( message_str, msg_len, hash_result ); 08960 break; 08961 #endif 08962 #ifdef POLARSSL_MD5_C 08963 case SIG_RSA_MD5: 08964 md5( message_str, msg_len, hash_result ); 08965 break; 08966 #endif 08967 #ifdef POLARSSL_SHA1_C 08968 case SIG_RSA_SHA1: 08969 sha1( message_str, msg_len, hash_result ); 08970 break; 08971 #endif 08972 #ifdef POLARSSL_SHA2_C 08973 case SIG_RSA_SHA224: 08974 sha2( message_str, msg_len, hash_result, 1 ); 08975 break; 08976 case SIG_RSA_SHA256: 08977 sha2( message_str, msg_len, hash_result, 0 ); 08978 break; 08979 #endif 08980 #ifdef POLARSSL_SHA4_C 08981 case SIG_RSA_SHA384: 08982 sha4( message_str, msg_len, hash_result, 1 ); 08983 break; 08984 case SIG_RSA_SHA512: 08985 sha4( message_str, msg_len, hash_result, 0 ); 08986 break; 08987 #endif 08988 } 08989 08990 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 08991 } 08992 FCT_TEST_END(); 08993 08994 08995 FCT_TEST_BGN(rsassa_pss_signature_example_4_4) 08996 { 08997 unsigned char message_str[1000]; 08998 unsigned char hash_result[1000]; 08999 unsigned char output[1000]; 09000 unsigned char output_str[1000]; 09001 unsigned char rnd_buf[1000]; 09002 rsa_context ctx; 09003 mpi P1, Q1, H, G; 09004 size_t msg_len; 09005 rnd_buf_info info; 09006 09007 info.length = unhexify( rnd_buf, "40d2e180fae1eac439c190b56c2c0e14ddf9a226" ); 09008 info.buf = rnd_buf; 09009 09010 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 09011 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 09012 09013 memset( message_str, 0x00, 1000 ); 09014 memset( hash_result, 0x00, 1000 ); 09015 memset( output, 0x00, 1000 ); 09016 memset( output_str, 0x00, 1000 ); 09017 09018 ctx.len = 1027 / 8 + ( ( 1027 % 8 ) ? 1 : 0 ); 09019 fct_chk( mpi_read_string( &ctx.P, 16, "029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995" ) == 0 ); 09020 fct_chk( mpi_read_string( &ctx.Q, 16, "020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1" ) == 0 ); 09021 fct_chk( mpi_read_string( &ctx.N, 16, "054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705" ) == 0 ); 09022 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 09023 09024 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 09025 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 09026 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 09027 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 09028 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 09029 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 09030 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 09031 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 09032 09033 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 09034 09035 msg_len = unhexify( message_str, "6f4f9ab9501199cef55c6cf408fe7b36c557c49d420a4763d2463c8ad44b3cfc5be2742c0e7d9b0f6608f08c7f47b693ee" ); 09036 09037 switch( SIG_RSA_SHA1 ) 09038 { 09039 #ifdef POLARSSL_MD2_C 09040 case SIG_RSA_MD2: 09041 md2( message_str, msg_len, hash_result ); 09042 break; 09043 #endif 09044 #ifdef POLARSSL_MD4_C 09045 case SIG_RSA_MD4: 09046 md4( message_str, msg_len, hash_result ); 09047 break; 09048 #endif 09049 #ifdef POLARSSL_MD5_C 09050 case SIG_RSA_MD5: 09051 md5( message_str, msg_len, hash_result ); 09052 break; 09053 #endif 09054 #ifdef POLARSSL_SHA1_C 09055 case SIG_RSA_SHA1: 09056 sha1( message_str, msg_len, hash_result ); 09057 break; 09058 #endif 09059 #ifdef POLARSSL_SHA2_C 09060 case SIG_RSA_SHA224: 09061 sha2( message_str, msg_len, hash_result, 1 ); 09062 break; 09063 case SIG_RSA_SHA256: 09064 sha2( message_str, msg_len, hash_result, 0 ); 09065 break; 09066 #endif 09067 #ifdef POLARSSL_SHA4_C 09068 case SIG_RSA_SHA384: 09069 sha4( message_str, msg_len, hash_result, 1 ); 09070 break; 09071 case SIG_RSA_SHA512: 09072 sha4( message_str, msg_len, hash_result, 0 ); 09073 break; 09074 #endif 09075 } 09076 09077 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 09078 if( 0 == 0 ) 09079 { 09080 hexify( output_str, output, ctx.len); 09081 09082 fct_chk( strcasecmp( (char *) output_str, "0486644bc66bf75d28335a6179b10851f43f09bded9fac1af33252bb9953ba4298cd6466b27539a70adaa3f89b3db3c74ab635d122f4ee7ce557a61e59b82ffb786630e5f9db53c77d9a0c12fab5958d4c2ce7daa807cd89ba2cc7fcd02ff470ca67b229fcce814c852c73cc93bea35be68459ce478e9d4655d121c8472f371d4f" ) == 0 ); 09083 } 09084 09085 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 09086 } 09087 FCT_TEST_END(); 09088 09089 09090 FCT_TEST_BGN(rsassa_pss_signature_example_4_4_verify) 09091 { 09092 unsigned char message_str[1000]; 09093 unsigned char hash_result[1000]; 09094 unsigned char result_str[1000]; 09095 rsa_context ctx; 09096 size_t msg_len; 09097 09098 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 09099 memset( message_str, 0x00, 1000 ); 09100 memset( hash_result, 0x00, 1000 ); 09101 memset( result_str, 0x00, 1000 ); 09102 09103 ctx.len = 1027 / 8 + ( ( 1027 % 8 ) ? 1 : 0 ); 09104 fct_chk( mpi_read_string( &ctx.N, 16, "054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705" ) == 0 ); 09105 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 09106 09107 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 09108 09109 msg_len = unhexify( message_str, "6f4f9ab9501199cef55c6cf408fe7b36c557c49d420a4763d2463c8ad44b3cfc5be2742c0e7d9b0f6608f08c7f47b693ee" ); 09110 unhexify( result_str, "0486644bc66bf75d28335a6179b10851f43f09bded9fac1af33252bb9953ba4298cd6466b27539a70adaa3f89b3db3c74ab635d122f4ee7ce557a61e59b82ffb786630e5f9db53c77d9a0c12fab5958d4c2ce7daa807cd89ba2cc7fcd02ff470ca67b229fcce814c852c73cc93bea35be68459ce478e9d4655d121c8472f371d4f" ); 09111 09112 switch( SIG_RSA_SHA1 ) 09113 { 09114 #ifdef POLARSSL_MD2_C 09115 case SIG_RSA_MD2: 09116 md2( message_str, msg_len, hash_result ); 09117 break; 09118 #endif 09119 #ifdef POLARSSL_MD4_C 09120 case SIG_RSA_MD4: 09121 md4( message_str, msg_len, hash_result ); 09122 break; 09123 #endif 09124 #ifdef POLARSSL_MD5_C 09125 case SIG_RSA_MD5: 09126 md5( message_str, msg_len, hash_result ); 09127 break; 09128 #endif 09129 #ifdef POLARSSL_SHA1_C 09130 case SIG_RSA_SHA1: 09131 sha1( message_str, msg_len, hash_result ); 09132 break; 09133 #endif 09134 #ifdef POLARSSL_SHA2_C 09135 case SIG_RSA_SHA224: 09136 sha2( message_str, msg_len, hash_result, 1 ); 09137 break; 09138 case SIG_RSA_SHA256: 09139 sha2( message_str, msg_len, hash_result, 0 ); 09140 break; 09141 #endif 09142 #ifdef POLARSSL_SHA4_C 09143 case SIG_RSA_SHA384: 09144 sha4( message_str, msg_len, hash_result, 1 ); 09145 break; 09146 case SIG_RSA_SHA512: 09147 sha4( message_str, msg_len, hash_result, 0 ); 09148 break; 09149 #endif 09150 } 09151 09152 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 09153 } 09154 FCT_TEST_END(); 09155 09156 09157 FCT_TEST_BGN(rsassa_pss_signature_example_4_5) 09158 { 09159 unsigned char message_str[1000]; 09160 unsigned char hash_result[1000]; 09161 unsigned char output[1000]; 09162 unsigned char output_str[1000]; 09163 unsigned char rnd_buf[1000]; 09164 rsa_context ctx; 09165 mpi P1, Q1, H, G; 09166 size_t msg_len; 09167 rnd_buf_info info; 09168 09169 info.length = unhexify( rnd_buf, "2497dc2b4615dfae5a663d49ffd56bf7efc11304" ); 09170 info.buf = rnd_buf; 09171 09172 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 09173 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 09174 09175 memset( message_str, 0x00, 1000 ); 09176 memset( hash_result, 0x00, 1000 ); 09177 memset( output, 0x00, 1000 ); 09178 memset( output_str, 0x00, 1000 ); 09179 09180 ctx.len = 1027 / 8 + ( ( 1027 % 8 ) ? 1 : 0 ); 09181 fct_chk( mpi_read_string( &ctx.P, 16, "029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995" ) == 0 ); 09182 fct_chk( mpi_read_string( &ctx.Q, 16, "020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1" ) == 0 ); 09183 fct_chk( mpi_read_string( &ctx.N, 16, "054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705" ) == 0 ); 09184 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 09185 09186 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 09187 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 09188 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 09189 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 09190 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 09191 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 09192 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 09193 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 09194 09195 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 09196 09197 msg_len = unhexify( message_str, "e17d20385d501955823c3f666254c1d3dd36ad5168b8f18d286fdcf67a7dad94097085fab7ed86fe2142a28771717997ef1a7a08884efc39356d76077aaf82459a7fad45848875f2819b098937fe923bcc9dc442d72d754d812025090c9bc03db3080c138dd63b355d0b4b85d6688ac19f4de15084a0ba4e373b93ef4a555096691915dc23c00e954cdeb20a47cd55d16c3d8681d46ed7f2ed5ea42795be17baed25f0f4d113b3636addd585f16a8b5aec0c8fa9c5f03cbf3b9b73" ); 09198 09199 switch( SIG_RSA_SHA1 ) 09200 { 09201 #ifdef POLARSSL_MD2_C 09202 case SIG_RSA_MD2: 09203 md2( message_str, msg_len, hash_result ); 09204 break; 09205 #endif 09206 #ifdef POLARSSL_MD4_C 09207 case SIG_RSA_MD4: 09208 md4( message_str, msg_len, hash_result ); 09209 break; 09210 #endif 09211 #ifdef POLARSSL_MD5_C 09212 case SIG_RSA_MD5: 09213 md5( message_str, msg_len, hash_result ); 09214 break; 09215 #endif 09216 #ifdef POLARSSL_SHA1_C 09217 case SIG_RSA_SHA1: 09218 sha1( message_str, msg_len, hash_result ); 09219 break; 09220 #endif 09221 #ifdef POLARSSL_SHA2_C 09222 case SIG_RSA_SHA224: 09223 sha2( message_str, msg_len, hash_result, 1 ); 09224 break; 09225 case SIG_RSA_SHA256: 09226 sha2( message_str, msg_len, hash_result, 0 ); 09227 break; 09228 #endif 09229 #ifdef POLARSSL_SHA4_C 09230 case SIG_RSA_SHA384: 09231 sha4( message_str, msg_len, hash_result, 1 ); 09232 break; 09233 case SIG_RSA_SHA512: 09234 sha4( message_str, msg_len, hash_result, 0 ); 09235 break; 09236 #endif 09237 } 09238 09239 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 09240 if( 0 == 0 ) 09241 { 09242 hexify( output_str, output, ctx.len); 09243 09244 fct_chk( strcasecmp( (char *) output_str, "022a80045353904cb30cbb542d7d4990421a6eec16a8029a8422adfd22d6aff8c4cc0294af110a0c067ec86a7d364134459bb1ae8ff836d5a8a2579840996b320b19f13a13fad378d931a65625dae2739f0c53670b35d9d3cbac08e733e4ec2b83af4b9196d63e7c4ff1ddeae2a122791a125bfea8deb0de8ccf1f4ffaf6e6fb0a" ) == 0 ); 09245 } 09246 09247 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 09248 } 09249 FCT_TEST_END(); 09250 09251 09252 FCT_TEST_BGN(rsassa_pss_signature_example_4_5_verify) 09253 { 09254 unsigned char message_str[1000]; 09255 unsigned char hash_result[1000]; 09256 unsigned char result_str[1000]; 09257 rsa_context ctx; 09258 size_t msg_len; 09259 09260 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 09261 memset( message_str, 0x00, 1000 ); 09262 memset( hash_result, 0x00, 1000 ); 09263 memset( result_str, 0x00, 1000 ); 09264 09265 ctx.len = 1027 / 8 + ( ( 1027 % 8 ) ? 1 : 0 ); 09266 fct_chk( mpi_read_string( &ctx.N, 16, "054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705" ) == 0 ); 09267 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 09268 09269 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 09270 09271 msg_len = unhexify( message_str, "e17d20385d501955823c3f666254c1d3dd36ad5168b8f18d286fdcf67a7dad94097085fab7ed86fe2142a28771717997ef1a7a08884efc39356d76077aaf82459a7fad45848875f2819b098937fe923bcc9dc442d72d754d812025090c9bc03db3080c138dd63b355d0b4b85d6688ac19f4de15084a0ba4e373b93ef4a555096691915dc23c00e954cdeb20a47cd55d16c3d8681d46ed7f2ed5ea42795be17baed25f0f4d113b3636addd585f16a8b5aec0c8fa9c5f03cbf3b9b73" ); 09272 unhexify( result_str, "022a80045353904cb30cbb542d7d4990421a6eec16a8029a8422adfd22d6aff8c4cc0294af110a0c067ec86a7d364134459bb1ae8ff836d5a8a2579840996b320b19f13a13fad378d931a65625dae2739f0c53670b35d9d3cbac08e733e4ec2b83af4b9196d63e7c4ff1ddeae2a122791a125bfea8deb0de8ccf1f4ffaf6e6fb0a" ); 09273 09274 switch( SIG_RSA_SHA1 ) 09275 { 09276 #ifdef POLARSSL_MD2_C 09277 case SIG_RSA_MD2: 09278 md2( message_str, msg_len, hash_result ); 09279 break; 09280 #endif 09281 #ifdef POLARSSL_MD4_C 09282 case SIG_RSA_MD4: 09283 md4( message_str, msg_len, hash_result ); 09284 break; 09285 #endif 09286 #ifdef POLARSSL_MD5_C 09287 case SIG_RSA_MD5: 09288 md5( message_str, msg_len, hash_result ); 09289 break; 09290 #endif 09291 #ifdef POLARSSL_SHA1_C 09292 case SIG_RSA_SHA1: 09293 sha1( message_str, msg_len, hash_result ); 09294 break; 09295 #endif 09296 #ifdef POLARSSL_SHA2_C 09297 case SIG_RSA_SHA224: 09298 sha2( message_str, msg_len, hash_result, 1 ); 09299 break; 09300 case SIG_RSA_SHA256: 09301 sha2( message_str, msg_len, hash_result, 0 ); 09302 break; 09303 #endif 09304 #ifdef POLARSSL_SHA4_C 09305 case SIG_RSA_SHA384: 09306 sha4( message_str, msg_len, hash_result, 1 ); 09307 break; 09308 case SIG_RSA_SHA512: 09309 sha4( message_str, msg_len, hash_result, 0 ); 09310 break; 09311 #endif 09312 } 09313 09314 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 09315 } 09316 FCT_TEST_END(); 09317 09318 09319 FCT_TEST_BGN(rsassa_pss_signature_example_4_6) 09320 { 09321 unsigned char message_str[1000]; 09322 unsigned char hash_result[1000]; 09323 unsigned char output[1000]; 09324 unsigned char output_str[1000]; 09325 unsigned char rnd_buf[1000]; 09326 rsa_context ctx; 09327 mpi P1, Q1, H, G; 09328 size_t msg_len; 09329 rnd_buf_info info; 09330 09331 info.length = unhexify( rnd_buf, "a334db6faebf11081a04f87c2d621cdec7930b9b" ); 09332 info.buf = rnd_buf; 09333 09334 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 09335 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 09336 09337 memset( message_str, 0x00, 1000 ); 09338 memset( hash_result, 0x00, 1000 ); 09339 memset( output, 0x00, 1000 ); 09340 memset( output_str, 0x00, 1000 ); 09341 09342 ctx.len = 1027 / 8 + ( ( 1027 % 8 ) ? 1 : 0 ); 09343 fct_chk( mpi_read_string( &ctx.P, 16, "029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995" ) == 0 ); 09344 fct_chk( mpi_read_string( &ctx.Q, 16, "020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1" ) == 0 ); 09345 fct_chk( mpi_read_string( &ctx.N, 16, "054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705" ) == 0 ); 09346 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 09347 09348 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 09349 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 09350 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 09351 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 09352 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 09353 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 09354 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 09355 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 09356 09357 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 09358 09359 msg_len = unhexify( message_str, "afbc19d479249018fdf4e09f618726440495de11ddeee38872d775fcea74a23896b5343c9c38d46af0dba224d047580cc60a65e9391cf9b59b36a860598d4e8216722f993b91cfae87bc255af89a6a199bca4a391eadbc3a24903c0bd667368f6be78e3feabfb4ffd463122763740ffbbefeab9a25564bc5d1c24c93e422f75073e2ad72bf45b10df00b52a147128e73fee33fa3f0577d77f80fbc2df1bed313290c12777f50" ); 09360 09361 switch( SIG_RSA_SHA1 ) 09362 { 09363 #ifdef POLARSSL_MD2_C 09364 case SIG_RSA_MD2: 09365 md2( message_str, msg_len, hash_result ); 09366 break; 09367 #endif 09368 #ifdef POLARSSL_MD4_C 09369 case SIG_RSA_MD4: 09370 md4( message_str, msg_len, hash_result ); 09371 break; 09372 #endif 09373 #ifdef POLARSSL_MD5_C 09374 case SIG_RSA_MD5: 09375 md5( message_str, msg_len, hash_result ); 09376 break; 09377 #endif 09378 #ifdef POLARSSL_SHA1_C 09379 case SIG_RSA_SHA1: 09380 sha1( message_str, msg_len, hash_result ); 09381 break; 09382 #endif 09383 #ifdef POLARSSL_SHA2_C 09384 case SIG_RSA_SHA224: 09385 sha2( message_str, msg_len, hash_result, 1 ); 09386 break; 09387 case SIG_RSA_SHA256: 09388 sha2( message_str, msg_len, hash_result, 0 ); 09389 break; 09390 #endif 09391 #ifdef POLARSSL_SHA4_C 09392 case SIG_RSA_SHA384: 09393 sha4( message_str, msg_len, hash_result, 1 ); 09394 break; 09395 case SIG_RSA_SHA512: 09396 sha4( message_str, msg_len, hash_result, 0 ); 09397 break; 09398 #endif 09399 } 09400 09401 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 09402 if( 0 == 0 ) 09403 { 09404 hexify( output_str, output, ctx.len); 09405 09406 fct_chk( strcasecmp( (char *) output_str, "00938dcb6d583046065f69c78da7a1f1757066a7fa75125a9d2929f0b79a60b627b082f11f5b196f28eb9daa6f21c05e5140f6aef1737d2023075c05ecf04a028c686a2ab3e7d5a0664f295ce12995e890908b6ad21f0839eb65b70393a7b5afd9871de0caa0cedec5b819626756209d13ab1e7bb9546a26ff37e9a51af9fd562e" ) == 0 ); 09407 } 09408 09409 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 09410 } 09411 FCT_TEST_END(); 09412 09413 09414 FCT_TEST_BGN(rsassa_pss_signature_example_4_6_verify) 09415 { 09416 unsigned char message_str[1000]; 09417 unsigned char hash_result[1000]; 09418 unsigned char result_str[1000]; 09419 rsa_context ctx; 09420 size_t msg_len; 09421 09422 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 09423 memset( message_str, 0x00, 1000 ); 09424 memset( hash_result, 0x00, 1000 ); 09425 memset( result_str, 0x00, 1000 ); 09426 09427 ctx.len = 1027 / 8 + ( ( 1027 % 8 ) ? 1 : 0 ); 09428 fct_chk( mpi_read_string( &ctx.N, 16, "054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705" ) == 0 ); 09429 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 09430 09431 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 09432 09433 msg_len = unhexify( message_str, "afbc19d479249018fdf4e09f618726440495de11ddeee38872d775fcea74a23896b5343c9c38d46af0dba224d047580cc60a65e9391cf9b59b36a860598d4e8216722f993b91cfae87bc255af89a6a199bca4a391eadbc3a24903c0bd667368f6be78e3feabfb4ffd463122763740ffbbefeab9a25564bc5d1c24c93e422f75073e2ad72bf45b10df00b52a147128e73fee33fa3f0577d77f80fbc2df1bed313290c12777f50" ); 09434 unhexify( result_str, "00938dcb6d583046065f69c78da7a1f1757066a7fa75125a9d2929f0b79a60b627b082f11f5b196f28eb9daa6f21c05e5140f6aef1737d2023075c05ecf04a028c686a2ab3e7d5a0664f295ce12995e890908b6ad21f0839eb65b70393a7b5afd9871de0caa0cedec5b819626756209d13ab1e7bb9546a26ff37e9a51af9fd562e" ); 09435 09436 switch( SIG_RSA_SHA1 ) 09437 { 09438 #ifdef POLARSSL_MD2_C 09439 case SIG_RSA_MD2: 09440 md2( message_str, msg_len, hash_result ); 09441 break; 09442 #endif 09443 #ifdef POLARSSL_MD4_C 09444 case SIG_RSA_MD4: 09445 md4( message_str, msg_len, hash_result ); 09446 break; 09447 #endif 09448 #ifdef POLARSSL_MD5_C 09449 case SIG_RSA_MD5: 09450 md5( message_str, msg_len, hash_result ); 09451 break; 09452 #endif 09453 #ifdef POLARSSL_SHA1_C 09454 case SIG_RSA_SHA1: 09455 sha1( message_str, msg_len, hash_result ); 09456 break; 09457 #endif 09458 #ifdef POLARSSL_SHA2_C 09459 case SIG_RSA_SHA224: 09460 sha2( message_str, msg_len, hash_result, 1 ); 09461 break; 09462 case SIG_RSA_SHA256: 09463 sha2( message_str, msg_len, hash_result, 0 ); 09464 break; 09465 #endif 09466 #ifdef POLARSSL_SHA4_C 09467 case SIG_RSA_SHA384: 09468 sha4( message_str, msg_len, hash_result, 1 ); 09469 break; 09470 case SIG_RSA_SHA512: 09471 sha4( message_str, msg_len, hash_result, 0 ); 09472 break; 09473 #endif 09474 } 09475 09476 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 09477 } 09478 FCT_TEST_END(); 09479 09480 09481 FCT_TEST_BGN(rsassa_pss_signature_example_5_1) 09482 { 09483 unsigned char message_str[1000]; 09484 unsigned char hash_result[1000]; 09485 unsigned char output[1000]; 09486 unsigned char output_str[1000]; 09487 unsigned char rnd_buf[1000]; 09488 rsa_context ctx; 09489 mpi P1, Q1, H, G; 09490 size_t msg_len; 09491 rnd_buf_info info; 09492 09493 info.length = unhexify( rnd_buf, "081b233b43567750bd6e78f396a88b9f6a445151" ); 09494 info.buf = rnd_buf; 09495 09496 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 09497 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 09498 09499 memset( message_str, 0x00, 1000 ); 09500 memset( hash_result, 0x00, 1000 ); 09501 memset( output, 0x00, 1000 ); 09502 memset( output_str, 0x00, 1000 ); 09503 09504 ctx.len = 1028 / 8 + ( ( 1028 % 8 ) ? 1 : 0 ); 09505 fct_chk( mpi_read_string( &ctx.P, 16, "03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f" ) == 0 ); 09506 fct_chk( mpi_read_string( &ctx.Q, 16, "034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839" ) == 0 ); 09507 fct_chk( mpi_read_string( &ctx.N, 16, "0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507" ) == 0 ); 09508 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 09509 09510 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 09511 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 09512 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 09513 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 09514 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 09515 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 09516 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 09517 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 09518 09519 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 09520 09521 msg_len = unhexify( message_str, "30c7d557458b436decfdc14d06cb7b96b06718c48d7de57482a868ae7f065870a6216506d11b779323dfdf046cf5775129134b4d5689e4d9c0ce1e12d7d4b06cb5fc5820decfa41baf59bf257b32f025b7679b445b9499c92555145885992f1b76f84891ee4d3be0f5150fd5901e3a4c8ed43fd36b61d022e65ad5008dbf33293c22bfbfd07321f0f1d5fa9fdf0014c2fcb0358aad0e354b0d29" ); 09522 09523 switch( SIG_RSA_SHA1 ) 09524 { 09525 #ifdef POLARSSL_MD2_C 09526 case SIG_RSA_MD2: 09527 md2( message_str, msg_len, hash_result ); 09528 break; 09529 #endif 09530 #ifdef POLARSSL_MD4_C 09531 case SIG_RSA_MD4: 09532 md4( message_str, msg_len, hash_result ); 09533 break; 09534 #endif 09535 #ifdef POLARSSL_MD5_C 09536 case SIG_RSA_MD5: 09537 md5( message_str, msg_len, hash_result ); 09538 break; 09539 #endif 09540 #ifdef POLARSSL_SHA1_C 09541 case SIG_RSA_SHA1: 09542 sha1( message_str, msg_len, hash_result ); 09543 break; 09544 #endif 09545 #ifdef POLARSSL_SHA2_C 09546 case SIG_RSA_SHA224: 09547 sha2( message_str, msg_len, hash_result, 1 ); 09548 break; 09549 case SIG_RSA_SHA256: 09550 sha2( message_str, msg_len, hash_result, 0 ); 09551 break; 09552 #endif 09553 #ifdef POLARSSL_SHA4_C 09554 case SIG_RSA_SHA384: 09555 sha4( message_str, msg_len, hash_result, 1 ); 09556 break; 09557 case SIG_RSA_SHA512: 09558 sha4( message_str, msg_len, hash_result, 0 ); 09559 break; 09560 #endif 09561 } 09562 09563 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 09564 if( 0 == 0 ) 09565 { 09566 hexify( output_str, output, ctx.len); 09567 09568 fct_chk( strcasecmp( (char *) output_str, "0ba373f76e0921b70a8fbfe622f0bf77b28a3db98e361051c3d7cb92ad0452915a4de9c01722f6823eeb6adf7e0ca8290f5de3e549890ac2a3c5950ab217ba58590894952de96f8df111b2575215da6c161590c745be612476ee578ed384ab33e3ece97481a252f5c79a98b5532ae00cdd62f2ecc0cd1baefe80d80b962193ec1d" ) == 0 ); 09569 } 09570 09571 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 09572 } 09573 FCT_TEST_END(); 09574 09575 09576 FCT_TEST_BGN(rsassa_pss_signature_example_5_1_verify) 09577 { 09578 unsigned char message_str[1000]; 09579 unsigned char hash_result[1000]; 09580 unsigned char result_str[1000]; 09581 rsa_context ctx; 09582 size_t msg_len; 09583 09584 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 09585 memset( message_str, 0x00, 1000 ); 09586 memset( hash_result, 0x00, 1000 ); 09587 memset( result_str, 0x00, 1000 ); 09588 09589 ctx.len = 1028 / 8 + ( ( 1028 % 8 ) ? 1 : 0 ); 09590 fct_chk( mpi_read_string( &ctx.N, 16, "0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507" ) == 0 ); 09591 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 09592 09593 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 09594 09595 msg_len = unhexify( message_str, "30c7d557458b436decfdc14d06cb7b96b06718c48d7de57482a868ae7f065870a6216506d11b779323dfdf046cf5775129134b4d5689e4d9c0ce1e12d7d4b06cb5fc5820decfa41baf59bf257b32f025b7679b445b9499c92555145885992f1b76f84891ee4d3be0f5150fd5901e3a4c8ed43fd36b61d022e65ad5008dbf33293c22bfbfd07321f0f1d5fa9fdf0014c2fcb0358aad0e354b0d29" ); 09596 unhexify( result_str, "0ba373f76e0921b70a8fbfe622f0bf77b28a3db98e361051c3d7cb92ad0452915a4de9c01722f6823eeb6adf7e0ca8290f5de3e549890ac2a3c5950ab217ba58590894952de96f8df111b2575215da6c161590c745be612476ee578ed384ab33e3ece97481a252f5c79a98b5532ae00cdd62f2ecc0cd1baefe80d80b962193ec1d" ); 09597 09598 switch( SIG_RSA_SHA1 ) 09599 { 09600 #ifdef POLARSSL_MD2_C 09601 case SIG_RSA_MD2: 09602 md2( message_str, msg_len, hash_result ); 09603 break; 09604 #endif 09605 #ifdef POLARSSL_MD4_C 09606 case SIG_RSA_MD4: 09607 md4( message_str, msg_len, hash_result ); 09608 break; 09609 #endif 09610 #ifdef POLARSSL_MD5_C 09611 case SIG_RSA_MD5: 09612 md5( message_str, msg_len, hash_result ); 09613 break; 09614 #endif 09615 #ifdef POLARSSL_SHA1_C 09616 case SIG_RSA_SHA1: 09617 sha1( message_str, msg_len, hash_result ); 09618 break; 09619 #endif 09620 #ifdef POLARSSL_SHA2_C 09621 case SIG_RSA_SHA224: 09622 sha2( message_str, msg_len, hash_result, 1 ); 09623 break; 09624 case SIG_RSA_SHA256: 09625 sha2( message_str, msg_len, hash_result, 0 ); 09626 break; 09627 #endif 09628 #ifdef POLARSSL_SHA4_C 09629 case SIG_RSA_SHA384: 09630 sha4( message_str, msg_len, hash_result, 1 ); 09631 break; 09632 case SIG_RSA_SHA512: 09633 sha4( message_str, msg_len, hash_result, 0 ); 09634 break; 09635 #endif 09636 } 09637 09638 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 09639 } 09640 FCT_TEST_END(); 09641 09642 09643 FCT_TEST_BGN(rsassa_pss_signature_example_5_2) 09644 { 09645 unsigned char message_str[1000]; 09646 unsigned char hash_result[1000]; 09647 unsigned char output[1000]; 09648 unsigned char output_str[1000]; 09649 unsigned char rnd_buf[1000]; 09650 rsa_context ctx; 09651 mpi P1, Q1, H, G; 09652 size_t msg_len; 09653 rnd_buf_info info; 09654 09655 info.length = unhexify( rnd_buf, "bd0ce19549d0700120cbe51077dbbbb00a8d8b09" ); 09656 info.buf = rnd_buf; 09657 09658 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 09659 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 09660 09661 memset( message_str, 0x00, 1000 ); 09662 memset( hash_result, 0x00, 1000 ); 09663 memset( output, 0x00, 1000 ); 09664 memset( output_str, 0x00, 1000 ); 09665 09666 ctx.len = 1028 / 8 + ( ( 1028 % 8 ) ? 1 : 0 ); 09667 fct_chk( mpi_read_string( &ctx.P, 16, "03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f" ) == 0 ); 09668 fct_chk( mpi_read_string( &ctx.Q, 16, "034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839" ) == 0 ); 09669 fct_chk( mpi_read_string( &ctx.N, 16, "0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507" ) == 0 ); 09670 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 09671 09672 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 09673 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 09674 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 09675 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 09676 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 09677 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 09678 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 09679 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 09680 09681 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 09682 09683 msg_len = unhexify( message_str, "e7b32e1556ea1b2795046ac69739d22ac8966bf11c116f614b166740e96b90653e5750945fcf772186c03790a07fda323e1a61916b06ee2157db3dff80d67d5e39a53ae268c8f09ed99a732005b0bc6a04af4e08d57a00e7201b3060efaadb73113bfc087fd837093aa25235b8c149f56215f031c24ad5bde7f29960df7d524070f7449c6f785084be1a0f733047f336f9154738674547db02a9f44dfc6e60301081e1ce99847f3b5b601ff06b4d5776a9740b9aa0d34058fd3b906e4f7859dfb07d7173e5e6f6350adac21f27b2307469" ); 09684 09685 switch( SIG_RSA_SHA1 ) 09686 { 09687 #ifdef POLARSSL_MD2_C 09688 case SIG_RSA_MD2: 09689 md2( message_str, msg_len, hash_result ); 09690 break; 09691 #endif 09692 #ifdef POLARSSL_MD4_C 09693 case SIG_RSA_MD4: 09694 md4( message_str, msg_len, hash_result ); 09695 break; 09696 #endif 09697 #ifdef POLARSSL_MD5_C 09698 case SIG_RSA_MD5: 09699 md5( message_str, msg_len, hash_result ); 09700 break; 09701 #endif 09702 #ifdef POLARSSL_SHA1_C 09703 case SIG_RSA_SHA1: 09704 sha1( message_str, msg_len, hash_result ); 09705 break; 09706 #endif 09707 #ifdef POLARSSL_SHA2_C 09708 case SIG_RSA_SHA224: 09709 sha2( message_str, msg_len, hash_result, 1 ); 09710 break; 09711 case SIG_RSA_SHA256: 09712 sha2( message_str, msg_len, hash_result, 0 ); 09713 break; 09714 #endif 09715 #ifdef POLARSSL_SHA4_C 09716 case SIG_RSA_SHA384: 09717 sha4( message_str, msg_len, hash_result, 1 ); 09718 break; 09719 case SIG_RSA_SHA512: 09720 sha4( message_str, msg_len, hash_result, 0 ); 09721 break; 09722 #endif 09723 } 09724 09725 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 09726 if( 0 == 0 ) 09727 { 09728 hexify( output_str, output, ctx.len); 09729 09730 fct_chk( strcasecmp( (char *) output_str, "08180de825e4b8b014a32da8ba761555921204f2f90d5f24b712908ff84f3e220ad17997c0dd6e706630ba3e84add4d5e7ab004e58074b549709565d43ad9e97b5a7a1a29e85b9f90f4aafcdf58321de8c5974ef9abf2d526f33c0f2f82e95d158ea6b81f1736db8d1af3d6ac6a83b32d18bae0ff1b2fe27de4c76ed8c7980a34e" ) == 0 ); 09731 } 09732 09733 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 09734 } 09735 FCT_TEST_END(); 09736 09737 09738 FCT_TEST_BGN(rsassa_pss_signature_example_5_2_verify) 09739 { 09740 unsigned char message_str[1000]; 09741 unsigned char hash_result[1000]; 09742 unsigned char result_str[1000]; 09743 rsa_context ctx; 09744 size_t msg_len; 09745 09746 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 09747 memset( message_str, 0x00, 1000 ); 09748 memset( hash_result, 0x00, 1000 ); 09749 memset( result_str, 0x00, 1000 ); 09750 09751 ctx.len = 1028 / 8 + ( ( 1028 % 8 ) ? 1 : 0 ); 09752 fct_chk( mpi_read_string( &ctx.N, 16, "0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507" ) == 0 ); 09753 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 09754 09755 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 09756 09757 msg_len = unhexify( message_str, "e7b32e1556ea1b2795046ac69739d22ac8966bf11c116f614b166740e96b90653e5750945fcf772186c03790a07fda323e1a61916b06ee2157db3dff80d67d5e39a53ae268c8f09ed99a732005b0bc6a04af4e08d57a00e7201b3060efaadb73113bfc087fd837093aa25235b8c149f56215f031c24ad5bde7f29960df7d524070f7449c6f785084be1a0f733047f336f9154738674547db02a9f44dfc6e60301081e1ce99847f3b5b601ff06b4d5776a9740b9aa0d34058fd3b906e4f7859dfb07d7173e5e6f6350adac21f27b2307469" ); 09758 unhexify( result_str, "08180de825e4b8b014a32da8ba761555921204f2f90d5f24b712908ff84f3e220ad17997c0dd6e706630ba3e84add4d5e7ab004e58074b549709565d43ad9e97b5a7a1a29e85b9f90f4aafcdf58321de8c5974ef9abf2d526f33c0f2f82e95d158ea6b81f1736db8d1af3d6ac6a83b32d18bae0ff1b2fe27de4c76ed8c7980a34e" ); 09759 09760 switch( SIG_RSA_SHA1 ) 09761 { 09762 #ifdef POLARSSL_MD2_C 09763 case SIG_RSA_MD2: 09764 md2( message_str, msg_len, hash_result ); 09765 break; 09766 #endif 09767 #ifdef POLARSSL_MD4_C 09768 case SIG_RSA_MD4: 09769 md4( message_str, msg_len, hash_result ); 09770 break; 09771 #endif 09772 #ifdef POLARSSL_MD5_C 09773 case SIG_RSA_MD5: 09774 md5( message_str, msg_len, hash_result ); 09775 break; 09776 #endif 09777 #ifdef POLARSSL_SHA1_C 09778 case SIG_RSA_SHA1: 09779 sha1( message_str, msg_len, hash_result ); 09780 break; 09781 #endif 09782 #ifdef POLARSSL_SHA2_C 09783 case SIG_RSA_SHA224: 09784 sha2( message_str, msg_len, hash_result, 1 ); 09785 break; 09786 case SIG_RSA_SHA256: 09787 sha2( message_str, msg_len, hash_result, 0 ); 09788 break; 09789 #endif 09790 #ifdef POLARSSL_SHA4_C 09791 case SIG_RSA_SHA384: 09792 sha4( message_str, msg_len, hash_result, 1 ); 09793 break; 09794 case SIG_RSA_SHA512: 09795 sha4( message_str, msg_len, hash_result, 0 ); 09796 break; 09797 #endif 09798 } 09799 09800 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 09801 } 09802 FCT_TEST_END(); 09803 09804 09805 FCT_TEST_BGN(rsassa_pss_signature_example_5_3) 09806 { 09807 unsigned char message_str[1000]; 09808 unsigned char hash_result[1000]; 09809 unsigned char output[1000]; 09810 unsigned char output_str[1000]; 09811 unsigned char rnd_buf[1000]; 09812 rsa_context ctx; 09813 mpi P1, Q1, H, G; 09814 size_t msg_len; 09815 rnd_buf_info info; 09816 09817 info.length = unhexify( rnd_buf, "815779a91b3a8bd049bf2aeb920142772222c9ca" ); 09818 info.buf = rnd_buf; 09819 09820 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 09821 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 09822 09823 memset( message_str, 0x00, 1000 ); 09824 memset( hash_result, 0x00, 1000 ); 09825 memset( output, 0x00, 1000 ); 09826 memset( output_str, 0x00, 1000 ); 09827 09828 ctx.len = 1028 / 8 + ( ( 1028 % 8 ) ? 1 : 0 ); 09829 fct_chk( mpi_read_string( &ctx.P, 16, "03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f" ) == 0 ); 09830 fct_chk( mpi_read_string( &ctx.Q, 16, "034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839" ) == 0 ); 09831 fct_chk( mpi_read_string( &ctx.N, 16, "0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507" ) == 0 ); 09832 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 09833 09834 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 09835 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 09836 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 09837 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 09838 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 09839 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 09840 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 09841 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 09842 09843 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 09844 09845 msg_len = unhexify( message_str, "8d8396e36507fe1ef6a19017548e0c716674c2fec233adb2f775665ec41f2bd0ba396b061a9daa7e866f7c23fd3531954300a342f924535ea1498c48f6c879932865fc02000c528723b7ad0335745b51209a0afed932af8f0887c219004d2abd894ea92559ee3198af3a734fe9b9638c263a728ad95a5ae8ce3eb15839f3aa7852bb390706e7760e43a71291a2e3f827237deda851874c517665f545f27238df86557f375d09ccd8bd15d8ccf61f5d78ca5c7f5cde782e6bf5d0057056d4bad98b3d2f9575e824ab7a33ff57b0ac100ab0d6ead7aa0b50f6e4d3e5ec0b966b" ); 09846 09847 switch( SIG_RSA_SHA1 ) 09848 { 09849 #ifdef POLARSSL_MD2_C 09850 case SIG_RSA_MD2: 09851 md2( message_str, msg_len, hash_result ); 09852 break; 09853 #endif 09854 #ifdef POLARSSL_MD4_C 09855 case SIG_RSA_MD4: 09856 md4( message_str, msg_len, hash_result ); 09857 break; 09858 #endif 09859 #ifdef POLARSSL_MD5_C 09860 case SIG_RSA_MD5: 09861 md5( message_str, msg_len, hash_result ); 09862 break; 09863 #endif 09864 #ifdef POLARSSL_SHA1_C 09865 case SIG_RSA_SHA1: 09866 sha1( message_str, msg_len, hash_result ); 09867 break; 09868 #endif 09869 #ifdef POLARSSL_SHA2_C 09870 case SIG_RSA_SHA224: 09871 sha2( message_str, msg_len, hash_result, 1 ); 09872 break; 09873 case SIG_RSA_SHA256: 09874 sha2( message_str, msg_len, hash_result, 0 ); 09875 break; 09876 #endif 09877 #ifdef POLARSSL_SHA4_C 09878 case SIG_RSA_SHA384: 09879 sha4( message_str, msg_len, hash_result, 1 ); 09880 break; 09881 case SIG_RSA_SHA512: 09882 sha4( message_str, msg_len, hash_result, 0 ); 09883 break; 09884 #endif 09885 } 09886 09887 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 09888 if( 0 == 0 ) 09889 { 09890 hexify( output_str, output, ctx.len); 09891 09892 fct_chk( strcasecmp( (char *) output_str, "05e0fdbdf6f756ef733185ccfa8ced2eb6d029d9d56e35561b5db8e70257ee6fd019d2f0bbf669fe9b9821e78df6d41e31608d58280f318ee34f559941c8df13287574bac000b7e58dc4f414ba49fb127f9d0f8936638c76e85356c994f79750f7fa3cf4fd482df75e3fb9978cd061f7abb17572e6e63e0bde12cbdcf18c68b979" ) == 0 ); 09893 } 09894 09895 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 09896 } 09897 FCT_TEST_END(); 09898 09899 09900 FCT_TEST_BGN(rsassa_pss_signature_example_5_3_verify) 09901 { 09902 unsigned char message_str[1000]; 09903 unsigned char hash_result[1000]; 09904 unsigned char result_str[1000]; 09905 rsa_context ctx; 09906 size_t msg_len; 09907 09908 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 09909 memset( message_str, 0x00, 1000 ); 09910 memset( hash_result, 0x00, 1000 ); 09911 memset( result_str, 0x00, 1000 ); 09912 09913 ctx.len = 1028 / 8 + ( ( 1028 % 8 ) ? 1 : 0 ); 09914 fct_chk( mpi_read_string( &ctx.N, 16, "0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507" ) == 0 ); 09915 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 09916 09917 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 09918 09919 msg_len = unhexify( message_str, "8d8396e36507fe1ef6a19017548e0c716674c2fec233adb2f775665ec41f2bd0ba396b061a9daa7e866f7c23fd3531954300a342f924535ea1498c48f6c879932865fc02000c528723b7ad0335745b51209a0afed932af8f0887c219004d2abd894ea92559ee3198af3a734fe9b9638c263a728ad95a5ae8ce3eb15839f3aa7852bb390706e7760e43a71291a2e3f827237deda851874c517665f545f27238df86557f375d09ccd8bd15d8ccf61f5d78ca5c7f5cde782e6bf5d0057056d4bad98b3d2f9575e824ab7a33ff57b0ac100ab0d6ead7aa0b50f6e4d3e5ec0b966b" ); 09920 unhexify( result_str, "05e0fdbdf6f756ef733185ccfa8ced2eb6d029d9d56e35561b5db8e70257ee6fd019d2f0bbf669fe9b9821e78df6d41e31608d58280f318ee34f559941c8df13287574bac000b7e58dc4f414ba49fb127f9d0f8936638c76e85356c994f79750f7fa3cf4fd482df75e3fb9978cd061f7abb17572e6e63e0bde12cbdcf18c68b979" ); 09921 09922 switch( SIG_RSA_SHA1 ) 09923 { 09924 #ifdef POLARSSL_MD2_C 09925 case SIG_RSA_MD2: 09926 md2( message_str, msg_len, hash_result ); 09927 break; 09928 #endif 09929 #ifdef POLARSSL_MD4_C 09930 case SIG_RSA_MD4: 09931 md4( message_str, msg_len, hash_result ); 09932 break; 09933 #endif 09934 #ifdef POLARSSL_MD5_C 09935 case SIG_RSA_MD5: 09936 md5( message_str, msg_len, hash_result ); 09937 break; 09938 #endif 09939 #ifdef POLARSSL_SHA1_C 09940 case SIG_RSA_SHA1: 09941 sha1( message_str, msg_len, hash_result ); 09942 break; 09943 #endif 09944 #ifdef POLARSSL_SHA2_C 09945 case SIG_RSA_SHA224: 09946 sha2( message_str, msg_len, hash_result, 1 ); 09947 break; 09948 case SIG_RSA_SHA256: 09949 sha2( message_str, msg_len, hash_result, 0 ); 09950 break; 09951 #endif 09952 #ifdef POLARSSL_SHA4_C 09953 case SIG_RSA_SHA384: 09954 sha4( message_str, msg_len, hash_result, 1 ); 09955 break; 09956 case SIG_RSA_SHA512: 09957 sha4( message_str, msg_len, hash_result, 0 ); 09958 break; 09959 #endif 09960 } 09961 09962 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 09963 } 09964 FCT_TEST_END(); 09965 09966 09967 FCT_TEST_BGN(rsassa_pss_signature_example_5_4) 09968 { 09969 unsigned char message_str[1000]; 09970 unsigned char hash_result[1000]; 09971 unsigned char output[1000]; 09972 unsigned char output_str[1000]; 09973 unsigned char rnd_buf[1000]; 09974 rsa_context ctx; 09975 mpi P1, Q1, H, G; 09976 size_t msg_len; 09977 rnd_buf_info info; 09978 09979 info.length = unhexify( rnd_buf, "9aec4a7480d5bbc42920d7ca235db674989c9aac" ); 09980 info.buf = rnd_buf; 09981 09982 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 09983 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 09984 09985 memset( message_str, 0x00, 1000 ); 09986 memset( hash_result, 0x00, 1000 ); 09987 memset( output, 0x00, 1000 ); 09988 memset( output_str, 0x00, 1000 ); 09989 09990 ctx.len = 1028 / 8 + ( ( 1028 % 8 ) ? 1 : 0 ); 09991 fct_chk( mpi_read_string( &ctx.P, 16, "03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f" ) == 0 ); 09992 fct_chk( mpi_read_string( &ctx.Q, 16, "034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839" ) == 0 ); 09993 fct_chk( mpi_read_string( &ctx.N, 16, "0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507" ) == 0 ); 09994 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 09995 09996 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 09997 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 09998 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 09999 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 10000 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 10001 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 10002 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 10003 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 10004 10005 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 10006 10007 msg_len = unhexify( message_str, "328c659e0a6437433cceb73c14" ); 10008 10009 switch( SIG_RSA_SHA1 ) 10010 { 10011 #ifdef POLARSSL_MD2_C 10012 case SIG_RSA_MD2: 10013 md2( message_str, msg_len, hash_result ); 10014 break; 10015 #endif 10016 #ifdef POLARSSL_MD4_C 10017 case SIG_RSA_MD4: 10018 md4( message_str, msg_len, hash_result ); 10019 break; 10020 #endif 10021 #ifdef POLARSSL_MD5_C 10022 case SIG_RSA_MD5: 10023 md5( message_str, msg_len, hash_result ); 10024 break; 10025 #endif 10026 #ifdef POLARSSL_SHA1_C 10027 case SIG_RSA_SHA1: 10028 sha1( message_str, msg_len, hash_result ); 10029 break; 10030 #endif 10031 #ifdef POLARSSL_SHA2_C 10032 case SIG_RSA_SHA224: 10033 sha2( message_str, msg_len, hash_result, 1 ); 10034 break; 10035 case SIG_RSA_SHA256: 10036 sha2( message_str, msg_len, hash_result, 0 ); 10037 break; 10038 #endif 10039 #ifdef POLARSSL_SHA4_C 10040 case SIG_RSA_SHA384: 10041 sha4( message_str, msg_len, hash_result, 1 ); 10042 break; 10043 case SIG_RSA_SHA512: 10044 sha4( message_str, msg_len, hash_result, 0 ); 10045 break; 10046 #endif 10047 } 10048 10049 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 10050 if( 0 == 0 ) 10051 { 10052 hexify( output_str, output, ctx.len); 10053 10054 fct_chk( strcasecmp( (char *) output_str, "0bc989853bc2ea86873271ce183a923ab65e8a53100e6df5d87a24c4194eb797813ee2a187c097dd872d591da60c568605dd7e742d5af4e33b11678ccb63903204a3d080b0902c89aba8868f009c0f1c0cb85810bbdd29121abb8471ff2d39e49fd92d56c655c8e037ad18fafbdc92c95863f7f61ea9efa28fea401369d19daea1" ) == 0 ); 10055 } 10056 10057 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 10058 } 10059 FCT_TEST_END(); 10060 10061 10062 FCT_TEST_BGN(rsassa_pss_signature_example_5_4_verify) 10063 { 10064 unsigned char message_str[1000]; 10065 unsigned char hash_result[1000]; 10066 unsigned char result_str[1000]; 10067 rsa_context ctx; 10068 size_t msg_len; 10069 10070 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 10071 memset( message_str, 0x00, 1000 ); 10072 memset( hash_result, 0x00, 1000 ); 10073 memset( result_str, 0x00, 1000 ); 10074 10075 ctx.len = 1028 / 8 + ( ( 1028 % 8 ) ? 1 : 0 ); 10076 fct_chk( mpi_read_string( &ctx.N, 16, "0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507" ) == 0 ); 10077 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 10078 10079 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 10080 10081 msg_len = unhexify( message_str, "328c659e0a6437433cceb73c14" ); 10082 unhexify( result_str, "0bc989853bc2ea86873271ce183a923ab65e8a53100e6df5d87a24c4194eb797813ee2a187c097dd872d591da60c568605dd7e742d5af4e33b11678ccb63903204a3d080b0902c89aba8868f009c0f1c0cb85810bbdd29121abb8471ff2d39e49fd92d56c655c8e037ad18fafbdc92c95863f7f61ea9efa28fea401369d19daea1" ); 10083 10084 switch( SIG_RSA_SHA1 ) 10085 { 10086 #ifdef POLARSSL_MD2_C 10087 case SIG_RSA_MD2: 10088 md2( message_str, msg_len, hash_result ); 10089 break; 10090 #endif 10091 #ifdef POLARSSL_MD4_C 10092 case SIG_RSA_MD4: 10093 md4( message_str, msg_len, hash_result ); 10094 break; 10095 #endif 10096 #ifdef POLARSSL_MD5_C 10097 case SIG_RSA_MD5: 10098 md5( message_str, msg_len, hash_result ); 10099 break; 10100 #endif 10101 #ifdef POLARSSL_SHA1_C 10102 case SIG_RSA_SHA1: 10103 sha1( message_str, msg_len, hash_result ); 10104 break; 10105 #endif 10106 #ifdef POLARSSL_SHA2_C 10107 case SIG_RSA_SHA224: 10108 sha2( message_str, msg_len, hash_result, 1 ); 10109 break; 10110 case SIG_RSA_SHA256: 10111 sha2( message_str, msg_len, hash_result, 0 ); 10112 break; 10113 #endif 10114 #ifdef POLARSSL_SHA4_C 10115 case SIG_RSA_SHA384: 10116 sha4( message_str, msg_len, hash_result, 1 ); 10117 break; 10118 case SIG_RSA_SHA512: 10119 sha4( message_str, msg_len, hash_result, 0 ); 10120 break; 10121 #endif 10122 } 10123 10124 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 10125 } 10126 FCT_TEST_END(); 10127 10128 10129 FCT_TEST_BGN(rsassa_pss_signature_example_5_5) 10130 { 10131 unsigned char message_str[1000]; 10132 unsigned char hash_result[1000]; 10133 unsigned char output[1000]; 10134 unsigned char output_str[1000]; 10135 unsigned char rnd_buf[1000]; 10136 rsa_context ctx; 10137 mpi P1, Q1, H, G; 10138 size_t msg_len; 10139 rnd_buf_info info; 10140 10141 info.length = unhexify( rnd_buf, "e20c1e9878512c39970f58375e1549a68b64f31d" ); 10142 info.buf = rnd_buf; 10143 10144 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 10145 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 10146 10147 memset( message_str, 0x00, 1000 ); 10148 memset( hash_result, 0x00, 1000 ); 10149 memset( output, 0x00, 1000 ); 10150 memset( output_str, 0x00, 1000 ); 10151 10152 ctx.len = 1028 / 8 + ( ( 1028 % 8 ) ? 1 : 0 ); 10153 fct_chk( mpi_read_string( &ctx.P, 16, "03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f" ) == 0 ); 10154 fct_chk( mpi_read_string( &ctx.Q, 16, "034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839" ) == 0 ); 10155 fct_chk( mpi_read_string( &ctx.N, 16, "0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507" ) == 0 ); 10156 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 10157 10158 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 10159 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 10160 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 10161 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 10162 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 10163 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 10164 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 10165 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 10166 10167 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 10168 10169 msg_len = unhexify( message_str, "f37b962379a47d415a376eec8973150bcb34edd5ab654041b61430560c2144582ba133c867d852d6b8e23321901302ecb45b09ec88b1527178fa043263f3067d9ffe973032a99f4cb08ad2c7e0a2456cdd57a7df56fe6053527a5aeb67d7e552063c1ca97b1beffa7b39e997caf27878ea0f62cbebc8c21df4c889a202851e949088490c249b6e9acf1d8063f5be2343989bf95c4da01a2be78b4ab6b378015bc37957f76948b5e58e440c28453d40d7cfd57e7d690600474ab5e75973b1ea0c5f1e45d14190afe2f4eb6d3bdf71f1d2f8bb156a1c295d04aaeb9d689dce79ed62bc443e" ); 10170 10171 switch( SIG_RSA_SHA1 ) 10172 { 10173 #ifdef POLARSSL_MD2_C 10174 case SIG_RSA_MD2: 10175 md2( message_str, msg_len, hash_result ); 10176 break; 10177 #endif 10178 #ifdef POLARSSL_MD4_C 10179 case SIG_RSA_MD4: 10180 md4( message_str, msg_len, hash_result ); 10181 break; 10182 #endif 10183 #ifdef POLARSSL_MD5_C 10184 case SIG_RSA_MD5: 10185 md5( message_str, msg_len, hash_result ); 10186 break; 10187 #endif 10188 #ifdef POLARSSL_SHA1_C 10189 case SIG_RSA_SHA1: 10190 sha1( message_str, msg_len, hash_result ); 10191 break; 10192 #endif 10193 #ifdef POLARSSL_SHA2_C 10194 case SIG_RSA_SHA224: 10195 sha2( message_str, msg_len, hash_result, 1 ); 10196 break; 10197 case SIG_RSA_SHA256: 10198 sha2( message_str, msg_len, hash_result, 0 ); 10199 break; 10200 #endif 10201 #ifdef POLARSSL_SHA4_C 10202 case SIG_RSA_SHA384: 10203 sha4( message_str, msg_len, hash_result, 1 ); 10204 break; 10205 case SIG_RSA_SHA512: 10206 sha4( message_str, msg_len, hash_result, 0 ); 10207 break; 10208 #endif 10209 } 10210 10211 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 10212 if( 0 == 0 ) 10213 { 10214 hexify( output_str, output, ctx.len); 10215 10216 fct_chk( strcasecmp( (char *) output_str, "0aefa943b698b9609edf898ad22744ac28dc239497cea369cbbd84f65c95c0ad776b594740164b59a739c6ff7c2f07c7c077a86d95238fe51e1fcf33574a4ae0684b42a3f6bf677d91820ca89874467b2c23add77969c80717430d0efc1d3695892ce855cb7f7011630f4df26def8ddf36fc23905f57fa6243a485c770d5681fcd" ) == 0 ); 10217 } 10218 10219 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 10220 } 10221 FCT_TEST_END(); 10222 10223 10224 FCT_TEST_BGN(rsassa_pss_signature_example_5_5_verify) 10225 { 10226 unsigned char message_str[1000]; 10227 unsigned char hash_result[1000]; 10228 unsigned char result_str[1000]; 10229 rsa_context ctx; 10230 size_t msg_len; 10231 10232 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 10233 memset( message_str, 0x00, 1000 ); 10234 memset( hash_result, 0x00, 1000 ); 10235 memset( result_str, 0x00, 1000 ); 10236 10237 ctx.len = 1028 / 8 + ( ( 1028 % 8 ) ? 1 : 0 ); 10238 fct_chk( mpi_read_string( &ctx.N, 16, "0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507" ) == 0 ); 10239 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 10240 10241 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 10242 10243 msg_len = unhexify( message_str, "f37b962379a47d415a376eec8973150bcb34edd5ab654041b61430560c2144582ba133c867d852d6b8e23321901302ecb45b09ec88b1527178fa043263f3067d9ffe973032a99f4cb08ad2c7e0a2456cdd57a7df56fe6053527a5aeb67d7e552063c1ca97b1beffa7b39e997caf27878ea0f62cbebc8c21df4c889a202851e949088490c249b6e9acf1d8063f5be2343989bf95c4da01a2be78b4ab6b378015bc37957f76948b5e58e440c28453d40d7cfd57e7d690600474ab5e75973b1ea0c5f1e45d14190afe2f4eb6d3bdf71f1d2f8bb156a1c295d04aaeb9d689dce79ed62bc443e" ); 10244 unhexify( result_str, "0aefa943b698b9609edf898ad22744ac28dc239497cea369cbbd84f65c95c0ad776b594740164b59a739c6ff7c2f07c7c077a86d95238fe51e1fcf33574a4ae0684b42a3f6bf677d91820ca89874467b2c23add77969c80717430d0efc1d3695892ce855cb7f7011630f4df26def8ddf36fc23905f57fa6243a485c770d5681fcd" ); 10245 10246 switch( SIG_RSA_SHA1 ) 10247 { 10248 #ifdef POLARSSL_MD2_C 10249 case SIG_RSA_MD2: 10250 md2( message_str, msg_len, hash_result ); 10251 break; 10252 #endif 10253 #ifdef POLARSSL_MD4_C 10254 case SIG_RSA_MD4: 10255 md4( message_str, msg_len, hash_result ); 10256 break; 10257 #endif 10258 #ifdef POLARSSL_MD5_C 10259 case SIG_RSA_MD5: 10260 md5( message_str, msg_len, hash_result ); 10261 break; 10262 #endif 10263 #ifdef POLARSSL_SHA1_C 10264 case SIG_RSA_SHA1: 10265 sha1( message_str, msg_len, hash_result ); 10266 break; 10267 #endif 10268 #ifdef POLARSSL_SHA2_C 10269 case SIG_RSA_SHA224: 10270 sha2( message_str, msg_len, hash_result, 1 ); 10271 break; 10272 case SIG_RSA_SHA256: 10273 sha2( message_str, msg_len, hash_result, 0 ); 10274 break; 10275 #endif 10276 #ifdef POLARSSL_SHA4_C 10277 case SIG_RSA_SHA384: 10278 sha4( message_str, msg_len, hash_result, 1 ); 10279 break; 10280 case SIG_RSA_SHA512: 10281 sha4( message_str, msg_len, hash_result, 0 ); 10282 break; 10283 #endif 10284 } 10285 10286 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 10287 } 10288 FCT_TEST_END(); 10289 10290 10291 FCT_TEST_BGN(rsassa_pss_signature_example_5_6) 10292 { 10293 unsigned char message_str[1000]; 10294 unsigned char hash_result[1000]; 10295 unsigned char output[1000]; 10296 unsigned char output_str[1000]; 10297 unsigned char rnd_buf[1000]; 10298 rsa_context ctx; 10299 mpi P1, Q1, H, G; 10300 size_t msg_len; 10301 rnd_buf_info info; 10302 10303 info.length = unhexify( rnd_buf, "23291e4a3307e8bbb776623ab34e4a5f4cc8a8db" ); 10304 info.buf = rnd_buf; 10305 10306 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 10307 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 10308 10309 memset( message_str, 0x00, 1000 ); 10310 memset( hash_result, 0x00, 1000 ); 10311 memset( output, 0x00, 1000 ); 10312 memset( output_str, 0x00, 1000 ); 10313 10314 ctx.len = 1028 / 8 + ( ( 1028 % 8 ) ? 1 : 0 ); 10315 fct_chk( mpi_read_string( &ctx.P, 16, "03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f" ) == 0 ); 10316 fct_chk( mpi_read_string( &ctx.Q, 16, "034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839" ) == 0 ); 10317 fct_chk( mpi_read_string( &ctx.N, 16, "0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507" ) == 0 ); 10318 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 10319 10320 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 10321 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 10322 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 10323 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 10324 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 10325 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 10326 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 10327 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 10328 10329 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 10330 10331 msg_len = unhexify( message_str, "c6103c330c1ef718c141e47b8fa859be4d5b96259e7d142070ecd485839dba5a8369c17c1114035e532d195c74f44a0476a2d3e8a4da210016caced0e367cb867710a4b5aa2df2b8e5daf5fdc647807d4d5ebb6c56b9763ccdae4dea3308eb0ac2a89501cb209d2639fa5bf87ce790747d3cb2d295e84564f2f637824f0c13028129b0aa4a422d162282" ); 10332 10333 switch( SIG_RSA_SHA1 ) 10334 { 10335 #ifdef POLARSSL_MD2_C 10336 case SIG_RSA_MD2: 10337 md2( message_str, msg_len, hash_result ); 10338 break; 10339 #endif 10340 #ifdef POLARSSL_MD4_C 10341 case SIG_RSA_MD4: 10342 md4( message_str, msg_len, hash_result ); 10343 break; 10344 #endif 10345 #ifdef POLARSSL_MD5_C 10346 case SIG_RSA_MD5: 10347 md5( message_str, msg_len, hash_result ); 10348 break; 10349 #endif 10350 #ifdef POLARSSL_SHA1_C 10351 case SIG_RSA_SHA1: 10352 sha1( message_str, msg_len, hash_result ); 10353 break; 10354 #endif 10355 #ifdef POLARSSL_SHA2_C 10356 case SIG_RSA_SHA224: 10357 sha2( message_str, msg_len, hash_result, 1 ); 10358 break; 10359 case SIG_RSA_SHA256: 10360 sha2( message_str, msg_len, hash_result, 0 ); 10361 break; 10362 #endif 10363 #ifdef POLARSSL_SHA4_C 10364 case SIG_RSA_SHA384: 10365 sha4( message_str, msg_len, hash_result, 1 ); 10366 break; 10367 case SIG_RSA_SHA512: 10368 sha4( message_str, msg_len, hash_result, 0 ); 10369 break; 10370 #endif 10371 } 10372 10373 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 10374 if( 0 == 0 ) 10375 { 10376 hexify( output_str, output, ctx.len); 10377 10378 fct_chk( strcasecmp( (char *) output_str, "02802dccfa8dfaf5279bf0b4a29ba1b157611faeaaf419b8919d15941900c1339e7e92e6fae562c53e6cc8e84104b110bce03ad18525e3c49a0eadad5d3f28f244a8ed89edbafbb686277cfa8ae909714d6b28f4bf8e293aa04c41efe7c0a81266d5c061e2575be032aa464674ff71626219bd74cc45f0e7ed4e3ff96eee758e8f" ) == 0 ); 10379 } 10380 10381 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 10382 } 10383 FCT_TEST_END(); 10384 10385 10386 FCT_TEST_BGN(rsassa_pss_signature_example_5_6_verify) 10387 { 10388 unsigned char message_str[1000]; 10389 unsigned char hash_result[1000]; 10390 unsigned char result_str[1000]; 10391 rsa_context ctx; 10392 size_t msg_len; 10393 10394 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 10395 memset( message_str, 0x00, 1000 ); 10396 memset( hash_result, 0x00, 1000 ); 10397 memset( result_str, 0x00, 1000 ); 10398 10399 ctx.len = 1028 / 8 + ( ( 1028 % 8 ) ? 1 : 0 ); 10400 fct_chk( mpi_read_string( &ctx.N, 16, "0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507" ) == 0 ); 10401 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 10402 10403 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 10404 10405 msg_len = unhexify( message_str, "c6103c330c1ef718c141e47b8fa859be4d5b96259e7d142070ecd485839dba5a8369c17c1114035e532d195c74f44a0476a2d3e8a4da210016caced0e367cb867710a4b5aa2df2b8e5daf5fdc647807d4d5ebb6c56b9763ccdae4dea3308eb0ac2a89501cb209d2639fa5bf87ce790747d3cb2d295e84564f2f637824f0c13028129b0aa4a422d162282" ); 10406 unhexify( result_str, "02802dccfa8dfaf5279bf0b4a29ba1b157611faeaaf419b8919d15941900c1339e7e92e6fae562c53e6cc8e84104b110bce03ad18525e3c49a0eadad5d3f28f244a8ed89edbafbb686277cfa8ae909714d6b28f4bf8e293aa04c41efe7c0a81266d5c061e2575be032aa464674ff71626219bd74cc45f0e7ed4e3ff96eee758e8f" ); 10407 10408 switch( SIG_RSA_SHA1 ) 10409 { 10410 #ifdef POLARSSL_MD2_C 10411 case SIG_RSA_MD2: 10412 md2( message_str, msg_len, hash_result ); 10413 break; 10414 #endif 10415 #ifdef POLARSSL_MD4_C 10416 case SIG_RSA_MD4: 10417 md4( message_str, msg_len, hash_result ); 10418 break; 10419 #endif 10420 #ifdef POLARSSL_MD5_C 10421 case SIG_RSA_MD5: 10422 md5( message_str, msg_len, hash_result ); 10423 break; 10424 #endif 10425 #ifdef POLARSSL_SHA1_C 10426 case SIG_RSA_SHA1: 10427 sha1( message_str, msg_len, hash_result ); 10428 break; 10429 #endif 10430 #ifdef POLARSSL_SHA2_C 10431 case SIG_RSA_SHA224: 10432 sha2( message_str, msg_len, hash_result, 1 ); 10433 break; 10434 case SIG_RSA_SHA256: 10435 sha2( message_str, msg_len, hash_result, 0 ); 10436 break; 10437 #endif 10438 #ifdef POLARSSL_SHA4_C 10439 case SIG_RSA_SHA384: 10440 sha4( message_str, msg_len, hash_result, 1 ); 10441 break; 10442 case SIG_RSA_SHA512: 10443 sha4( message_str, msg_len, hash_result, 0 ); 10444 break; 10445 #endif 10446 } 10447 10448 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 10449 } 10450 FCT_TEST_END(); 10451 10452 10453 FCT_TEST_BGN(rsassa_pss_signature_example_6_1) 10454 { 10455 unsigned char message_str[1000]; 10456 unsigned char hash_result[1000]; 10457 unsigned char output[1000]; 10458 unsigned char output_str[1000]; 10459 unsigned char rnd_buf[1000]; 10460 rsa_context ctx; 10461 mpi P1, Q1, H, G; 10462 size_t msg_len; 10463 rnd_buf_info info; 10464 10465 info.length = unhexify( rnd_buf, "5b4ea2ef629cc22f3b538e016904b47b1e40bfd5" ); 10466 info.buf = rnd_buf; 10467 10468 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 10469 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 10470 10471 memset( message_str, 0x00, 1000 ); 10472 memset( hash_result, 0x00, 1000 ); 10473 memset( output, 0x00, 1000 ); 10474 memset( output_str, 0x00, 1000 ); 10475 10476 ctx.len = 1029 / 8 + ( ( 1029 % 8 ) ? 1 : 0 ); 10477 fct_chk( mpi_read_string( &ctx.P, 16, "04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543" ) == 0 ); 10478 fct_chk( mpi_read_string( &ctx.Q, 16, "0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b" ) == 0 ); 10479 fct_chk( mpi_read_string( &ctx.N, 16, "164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1" ) == 0 ); 10480 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 10481 10482 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 10483 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 10484 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 10485 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 10486 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 10487 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 10488 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 10489 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 10490 10491 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 10492 10493 msg_len = unhexify( message_str, "0a20b774addc2fa51245ed7cb9da609e50cac6636a52543f97458eed7340f8d53ffc64918f949078ee03ef60d42b5fec246050bd5505cd8cb597bad3c4e713b0ef30644e76adabb0de01a1561efb255158c74fc801e6e919e581b46f0f0ddd08e4f34c7810b5ed8318f91d7c8c" ); 10494 10495 switch( SIG_RSA_SHA1 ) 10496 { 10497 #ifdef POLARSSL_MD2_C 10498 case SIG_RSA_MD2: 10499 md2( message_str, msg_len, hash_result ); 10500 break; 10501 #endif 10502 #ifdef POLARSSL_MD4_C 10503 case SIG_RSA_MD4: 10504 md4( message_str, msg_len, hash_result ); 10505 break; 10506 #endif 10507 #ifdef POLARSSL_MD5_C 10508 case SIG_RSA_MD5: 10509 md5( message_str, msg_len, hash_result ); 10510 break; 10511 #endif 10512 #ifdef POLARSSL_SHA1_C 10513 case SIG_RSA_SHA1: 10514 sha1( message_str, msg_len, hash_result ); 10515 break; 10516 #endif 10517 #ifdef POLARSSL_SHA2_C 10518 case SIG_RSA_SHA224: 10519 sha2( message_str, msg_len, hash_result, 1 ); 10520 break; 10521 case SIG_RSA_SHA256: 10522 sha2( message_str, msg_len, hash_result, 0 ); 10523 break; 10524 #endif 10525 #ifdef POLARSSL_SHA4_C 10526 case SIG_RSA_SHA384: 10527 sha4( message_str, msg_len, hash_result, 1 ); 10528 break; 10529 case SIG_RSA_SHA512: 10530 sha4( message_str, msg_len, hash_result, 0 ); 10531 break; 10532 #endif 10533 } 10534 10535 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 10536 if( 0 == 0 ) 10537 { 10538 hexify( output_str, output, ctx.len); 10539 10540 fct_chk( strcasecmp( (char *) output_str, "04c0cfacec04e5badbece159a5a1103f69b3f32ba593cb4cc4b1b7ab455916a96a27cd2678ea0f46ba37f7fc9c86325f29733b389f1d97f43e7201c0f348fc45fe42892335362eee018b5b161f2f9393031225c713012a576bc88e23052489868d9010cbf033ecc568e8bc152bdc59d560e41291915d28565208e22aeec9ef85d1" ) == 0 ); 10541 } 10542 10543 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 10544 } 10545 FCT_TEST_END(); 10546 10547 10548 FCT_TEST_BGN(rsassa_pss_signature_example_6_1_verify) 10549 { 10550 unsigned char message_str[1000]; 10551 unsigned char hash_result[1000]; 10552 unsigned char result_str[1000]; 10553 rsa_context ctx; 10554 size_t msg_len; 10555 10556 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 10557 memset( message_str, 0x00, 1000 ); 10558 memset( hash_result, 0x00, 1000 ); 10559 memset( result_str, 0x00, 1000 ); 10560 10561 ctx.len = 1029 / 8 + ( ( 1029 % 8 ) ? 1 : 0 ); 10562 fct_chk( mpi_read_string( &ctx.N, 16, "164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1" ) == 0 ); 10563 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 10564 10565 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 10566 10567 msg_len = unhexify( message_str, "0a20b774addc2fa51245ed7cb9da609e50cac6636a52543f97458eed7340f8d53ffc64918f949078ee03ef60d42b5fec246050bd5505cd8cb597bad3c4e713b0ef30644e76adabb0de01a1561efb255158c74fc801e6e919e581b46f0f0ddd08e4f34c7810b5ed8318f91d7c8c" ); 10568 unhexify( result_str, "04c0cfacec04e5badbece159a5a1103f69b3f32ba593cb4cc4b1b7ab455916a96a27cd2678ea0f46ba37f7fc9c86325f29733b389f1d97f43e7201c0f348fc45fe42892335362eee018b5b161f2f9393031225c713012a576bc88e23052489868d9010cbf033ecc568e8bc152bdc59d560e41291915d28565208e22aeec9ef85d1" ); 10569 10570 switch( SIG_RSA_SHA1 ) 10571 { 10572 #ifdef POLARSSL_MD2_C 10573 case SIG_RSA_MD2: 10574 md2( message_str, msg_len, hash_result ); 10575 break; 10576 #endif 10577 #ifdef POLARSSL_MD4_C 10578 case SIG_RSA_MD4: 10579 md4( message_str, msg_len, hash_result ); 10580 break; 10581 #endif 10582 #ifdef POLARSSL_MD5_C 10583 case SIG_RSA_MD5: 10584 md5( message_str, msg_len, hash_result ); 10585 break; 10586 #endif 10587 #ifdef POLARSSL_SHA1_C 10588 case SIG_RSA_SHA1: 10589 sha1( message_str, msg_len, hash_result ); 10590 break; 10591 #endif 10592 #ifdef POLARSSL_SHA2_C 10593 case SIG_RSA_SHA224: 10594 sha2( message_str, msg_len, hash_result, 1 ); 10595 break; 10596 case SIG_RSA_SHA256: 10597 sha2( message_str, msg_len, hash_result, 0 ); 10598 break; 10599 #endif 10600 #ifdef POLARSSL_SHA4_C 10601 case SIG_RSA_SHA384: 10602 sha4( message_str, msg_len, hash_result, 1 ); 10603 break; 10604 case SIG_RSA_SHA512: 10605 sha4( message_str, msg_len, hash_result, 0 ); 10606 break; 10607 #endif 10608 } 10609 10610 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 10611 } 10612 FCT_TEST_END(); 10613 10614 10615 FCT_TEST_BGN(rsassa_pss_signature_example_6_2) 10616 { 10617 unsigned char message_str[1000]; 10618 unsigned char hash_result[1000]; 10619 unsigned char output[1000]; 10620 unsigned char output_str[1000]; 10621 unsigned char rnd_buf[1000]; 10622 rsa_context ctx; 10623 mpi P1, Q1, H, G; 10624 size_t msg_len; 10625 rnd_buf_info info; 10626 10627 info.length = unhexify( rnd_buf, "83146a9e782722c28b014f98b4267bda2ac9504f" ); 10628 info.buf = rnd_buf; 10629 10630 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 10631 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 10632 10633 memset( message_str, 0x00, 1000 ); 10634 memset( hash_result, 0x00, 1000 ); 10635 memset( output, 0x00, 1000 ); 10636 memset( output_str, 0x00, 1000 ); 10637 10638 ctx.len = 1029 / 8 + ( ( 1029 % 8 ) ? 1 : 0 ); 10639 fct_chk( mpi_read_string( &ctx.P, 16, "04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543" ) == 0 ); 10640 fct_chk( mpi_read_string( &ctx.Q, 16, "0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b" ) == 0 ); 10641 fct_chk( mpi_read_string( &ctx.N, 16, "164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1" ) == 0 ); 10642 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 10643 10644 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 10645 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 10646 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 10647 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 10648 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 10649 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 10650 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 10651 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 10652 10653 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 10654 10655 msg_len = unhexify( message_str, "2aaff6631f621ce615760a9ebce94bb333077ad86488c861d4b76d29c1f48746c611ae1e03ced4445d7cfa1fe5f62e1b3f08452bde3b6ef81973bafbb57f97bceef873985395b8260589aa88cb7db50ab469262e551bdcd9a56f275a0ac4fe484700c35f3dbf2b469ede864741b86fa59172a360ba95a02e139be50ddfb7cf0b42faeabbfbbaa86a4497699c4f2dfd5b08406af7e14144427c253ec0efa20eaf9a8be8cd49ce1f1bc4e93e619cf2aa8ed4fb39bc8590d0f7b96488f7317ac9abf7bee4e3a0e715" ); 10656 10657 switch( SIG_RSA_SHA1 ) 10658 { 10659 #ifdef POLARSSL_MD2_C 10660 case SIG_RSA_MD2: 10661 md2( message_str, msg_len, hash_result ); 10662 break; 10663 #endif 10664 #ifdef POLARSSL_MD4_C 10665 case SIG_RSA_MD4: 10666 md4( message_str, msg_len, hash_result ); 10667 break; 10668 #endif 10669 #ifdef POLARSSL_MD5_C 10670 case SIG_RSA_MD5: 10671 md5( message_str, msg_len, hash_result ); 10672 break; 10673 #endif 10674 #ifdef POLARSSL_SHA1_C 10675 case SIG_RSA_SHA1: 10676 sha1( message_str, msg_len, hash_result ); 10677 break; 10678 #endif 10679 #ifdef POLARSSL_SHA2_C 10680 case SIG_RSA_SHA224: 10681 sha2( message_str, msg_len, hash_result, 1 ); 10682 break; 10683 case SIG_RSA_SHA256: 10684 sha2( message_str, msg_len, hash_result, 0 ); 10685 break; 10686 #endif 10687 #ifdef POLARSSL_SHA4_C 10688 case SIG_RSA_SHA384: 10689 sha4( message_str, msg_len, hash_result, 1 ); 10690 break; 10691 case SIG_RSA_SHA512: 10692 sha4( message_str, msg_len, hash_result, 0 ); 10693 break; 10694 #endif 10695 } 10696 10697 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 10698 if( 0 == 0 ) 10699 { 10700 hexify( output_str, output, ctx.len); 10701 10702 fct_chk( strcasecmp( (char *) output_str, "0a2314250cf52b6e4e908de5b35646bcaa24361da8160fb0f9257590ab3ace42b0dc3e77ad2db7c203a20bd952fbb56b1567046ecfaa933d7b1000c3de9ff05b7d989ba46fd43bc4c2d0a3986b7ffa13471d37eb5b47d64707bd290cfd6a9f393ad08ec1e3bd71bb5792615035cdaf2d8929aed3be098379377e777ce79aaa4773" ) == 0 ); 10703 } 10704 10705 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 10706 } 10707 FCT_TEST_END(); 10708 10709 10710 FCT_TEST_BGN(rsassa_pss_signature_example_6_2_verify) 10711 { 10712 unsigned char message_str[1000]; 10713 unsigned char hash_result[1000]; 10714 unsigned char result_str[1000]; 10715 rsa_context ctx; 10716 size_t msg_len; 10717 10718 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 10719 memset( message_str, 0x00, 1000 ); 10720 memset( hash_result, 0x00, 1000 ); 10721 memset( result_str, 0x00, 1000 ); 10722 10723 ctx.len = 1029 / 8 + ( ( 1029 % 8 ) ? 1 : 0 ); 10724 fct_chk( mpi_read_string( &ctx.N, 16, "164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1" ) == 0 ); 10725 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 10726 10727 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 10728 10729 msg_len = unhexify( message_str, "2aaff6631f621ce615760a9ebce94bb333077ad86488c861d4b76d29c1f48746c611ae1e03ced4445d7cfa1fe5f62e1b3f08452bde3b6ef81973bafbb57f97bceef873985395b8260589aa88cb7db50ab469262e551bdcd9a56f275a0ac4fe484700c35f3dbf2b469ede864741b86fa59172a360ba95a02e139be50ddfb7cf0b42faeabbfbbaa86a4497699c4f2dfd5b08406af7e14144427c253ec0efa20eaf9a8be8cd49ce1f1bc4e93e619cf2aa8ed4fb39bc8590d0f7b96488f7317ac9abf7bee4e3a0e715" ); 10730 unhexify( result_str, "0a2314250cf52b6e4e908de5b35646bcaa24361da8160fb0f9257590ab3ace42b0dc3e77ad2db7c203a20bd952fbb56b1567046ecfaa933d7b1000c3de9ff05b7d989ba46fd43bc4c2d0a3986b7ffa13471d37eb5b47d64707bd290cfd6a9f393ad08ec1e3bd71bb5792615035cdaf2d8929aed3be098379377e777ce79aaa4773" ); 10731 10732 switch( SIG_RSA_SHA1 ) 10733 { 10734 #ifdef POLARSSL_MD2_C 10735 case SIG_RSA_MD2: 10736 md2( message_str, msg_len, hash_result ); 10737 break; 10738 #endif 10739 #ifdef POLARSSL_MD4_C 10740 case SIG_RSA_MD4: 10741 md4( message_str, msg_len, hash_result ); 10742 break; 10743 #endif 10744 #ifdef POLARSSL_MD5_C 10745 case SIG_RSA_MD5: 10746 md5( message_str, msg_len, hash_result ); 10747 break; 10748 #endif 10749 #ifdef POLARSSL_SHA1_C 10750 case SIG_RSA_SHA1: 10751 sha1( message_str, msg_len, hash_result ); 10752 break; 10753 #endif 10754 #ifdef POLARSSL_SHA2_C 10755 case SIG_RSA_SHA224: 10756 sha2( message_str, msg_len, hash_result, 1 ); 10757 break; 10758 case SIG_RSA_SHA256: 10759 sha2( message_str, msg_len, hash_result, 0 ); 10760 break; 10761 #endif 10762 #ifdef POLARSSL_SHA4_C 10763 case SIG_RSA_SHA384: 10764 sha4( message_str, msg_len, hash_result, 1 ); 10765 break; 10766 case SIG_RSA_SHA512: 10767 sha4( message_str, msg_len, hash_result, 0 ); 10768 break; 10769 #endif 10770 } 10771 10772 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 10773 } 10774 FCT_TEST_END(); 10775 10776 10777 FCT_TEST_BGN(rsassa_pss_signature_example_6_3) 10778 { 10779 unsigned char message_str[1000]; 10780 unsigned char hash_result[1000]; 10781 unsigned char output[1000]; 10782 unsigned char output_str[1000]; 10783 unsigned char rnd_buf[1000]; 10784 rsa_context ctx; 10785 mpi P1, Q1, H, G; 10786 size_t msg_len; 10787 rnd_buf_info info; 10788 10789 info.length = unhexify( rnd_buf, "a87b8aed07d7b8e2daf14ddca4ac68c4d0aabff8" ); 10790 info.buf = rnd_buf; 10791 10792 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 10793 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 10794 10795 memset( message_str, 0x00, 1000 ); 10796 memset( hash_result, 0x00, 1000 ); 10797 memset( output, 0x00, 1000 ); 10798 memset( output_str, 0x00, 1000 ); 10799 10800 ctx.len = 1029 / 8 + ( ( 1029 % 8 ) ? 1 : 0 ); 10801 fct_chk( mpi_read_string( &ctx.P, 16, "04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543" ) == 0 ); 10802 fct_chk( mpi_read_string( &ctx.Q, 16, "0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b" ) == 0 ); 10803 fct_chk( mpi_read_string( &ctx.N, 16, "164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1" ) == 0 ); 10804 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 10805 10806 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 10807 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 10808 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 10809 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 10810 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 10811 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 10812 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 10813 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 10814 10815 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 10816 10817 msg_len = unhexify( message_str, "0f6195d04a6e6fc7e2c9600dbf840c39ea8d4d624fd53507016b0e26858a5e0aecd7ada543ae5c0ab3a62599cba0a54e6bf446e262f989978f9ddf5e9a41" ); 10818 10819 switch( SIG_RSA_SHA1 ) 10820 { 10821 #ifdef POLARSSL_MD2_C 10822 case SIG_RSA_MD2: 10823 md2( message_str, msg_len, hash_result ); 10824 break; 10825 #endif 10826 #ifdef POLARSSL_MD4_C 10827 case SIG_RSA_MD4: 10828 md4( message_str, msg_len, hash_result ); 10829 break; 10830 #endif 10831 #ifdef POLARSSL_MD5_C 10832 case SIG_RSA_MD5: 10833 md5( message_str, msg_len, hash_result ); 10834 break; 10835 #endif 10836 #ifdef POLARSSL_SHA1_C 10837 case SIG_RSA_SHA1: 10838 sha1( message_str, msg_len, hash_result ); 10839 break; 10840 #endif 10841 #ifdef POLARSSL_SHA2_C 10842 case SIG_RSA_SHA224: 10843 sha2( message_str, msg_len, hash_result, 1 ); 10844 break; 10845 case SIG_RSA_SHA256: 10846 sha2( message_str, msg_len, hash_result, 0 ); 10847 break; 10848 #endif 10849 #ifdef POLARSSL_SHA4_C 10850 case SIG_RSA_SHA384: 10851 sha4( message_str, msg_len, hash_result, 1 ); 10852 break; 10853 case SIG_RSA_SHA512: 10854 sha4( message_str, msg_len, hash_result, 0 ); 10855 break; 10856 #endif 10857 } 10858 10859 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 10860 if( 0 == 0 ) 10861 { 10862 hexify( output_str, output, ctx.len); 10863 10864 fct_chk( strcasecmp( (char *) output_str, "086df6b500098c120f24ff8423f727d9c61a5c9007d3b6a31ce7cf8f3cbec1a26bb20e2bd4a046793299e03e37a21b40194fb045f90b18bf20a47992ccd799cf9c059c299c0526854954aade8a6ad9d97ec91a1145383f42468b231f4d72f23706d9853c3fa43ce8ace8bfe7484987a1ec6a16c8daf81f7c8bf42774707a9df456" ) == 0 ); 10865 } 10866 10867 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 10868 } 10869 FCT_TEST_END(); 10870 10871 10872 FCT_TEST_BGN(rsassa_pss_signature_example_6_3_verify) 10873 { 10874 unsigned char message_str[1000]; 10875 unsigned char hash_result[1000]; 10876 unsigned char result_str[1000]; 10877 rsa_context ctx; 10878 size_t msg_len; 10879 10880 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 10881 memset( message_str, 0x00, 1000 ); 10882 memset( hash_result, 0x00, 1000 ); 10883 memset( result_str, 0x00, 1000 ); 10884 10885 ctx.len = 1029 / 8 + ( ( 1029 % 8 ) ? 1 : 0 ); 10886 fct_chk( mpi_read_string( &ctx.N, 16, "164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1" ) == 0 ); 10887 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 10888 10889 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 10890 10891 msg_len = unhexify( message_str, "0f6195d04a6e6fc7e2c9600dbf840c39ea8d4d624fd53507016b0e26858a5e0aecd7ada543ae5c0ab3a62599cba0a54e6bf446e262f989978f9ddf5e9a41" ); 10892 unhexify( result_str, "086df6b500098c120f24ff8423f727d9c61a5c9007d3b6a31ce7cf8f3cbec1a26bb20e2bd4a046793299e03e37a21b40194fb045f90b18bf20a47992ccd799cf9c059c299c0526854954aade8a6ad9d97ec91a1145383f42468b231f4d72f23706d9853c3fa43ce8ace8bfe7484987a1ec6a16c8daf81f7c8bf42774707a9df456" ); 10893 10894 switch( SIG_RSA_SHA1 ) 10895 { 10896 #ifdef POLARSSL_MD2_C 10897 case SIG_RSA_MD2: 10898 md2( message_str, msg_len, hash_result ); 10899 break; 10900 #endif 10901 #ifdef POLARSSL_MD4_C 10902 case SIG_RSA_MD4: 10903 md4( message_str, msg_len, hash_result ); 10904 break; 10905 #endif 10906 #ifdef POLARSSL_MD5_C 10907 case SIG_RSA_MD5: 10908 md5( message_str, msg_len, hash_result ); 10909 break; 10910 #endif 10911 #ifdef POLARSSL_SHA1_C 10912 case SIG_RSA_SHA1: 10913 sha1( message_str, msg_len, hash_result ); 10914 break; 10915 #endif 10916 #ifdef POLARSSL_SHA2_C 10917 case SIG_RSA_SHA224: 10918 sha2( message_str, msg_len, hash_result, 1 ); 10919 break; 10920 case SIG_RSA_SHA256: 10921 sha2( message_str, msg_len, hash_result, 0 ); 10922 break; 10923 #endif 10924 #ifdef POLARSSL_SHA4_C 10925 case SIG_RSA_SHA384: 10926 sha4( message_str, msg_len, hash_result, 1 ); 10927 break; 10928 case SIG_RSA_SHA512: 10929 sha4( message_str, msg_len, hash_result, 0 ); 10930 break; 10931 #endif 10932 } 10933 10934 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 10935 } 10936 FCT_TEST_END(); 10937 10938 10939 FCT_TEST_BGN(rsassa_pss_signature_example_6_4) 10940 { 10941 unsigned char message_str[1000]; 10942 unsigned char hash_result[1000]; 10943 unsigned char output[1000]; 10944 unsigned char output_str[1000]; 10945 unsigned char rnd_buf[1000]; 10946 rsa_context ctx; 10947 mpi P1, Q1, H, G; 10948 size_t msg_len; 10949 rnd_buf_info info; 10950 10951 info.length = unhexify( rnd_buf, "a37932f8a7494a942d6f767438e724d6d0c0ef18" ); 10952 info.buf = rnd_buf; 10953 10954 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 10955 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 10956 10957 memset( message_str, 0x00, 1000 ); 10958 memset( hash_result, 0x00, 1000 ); 10959 memset( output, 0x00, 1000 ); 10960 memset( output_str, 0x00, 1000 ); 10961 10962 ctx.len = 1029 / 8 + ( ( 1029 % 8 ) ? 1 : 0 ); 10963 fct_chk( mpi_read_string( &ctx.P, 16, "04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543" ) == 0 ); 10964 fct_chk( mpi_read_string( &ctx.Q, 16, "0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b" ) == 0 ); 10965 fct_chk( mpi_read_string( &ctx.N, 16, "164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1" ) == 0 ); 10966 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 10967 10968 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 10969 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 10970 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 10971 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 10972 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 10973 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 10974 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 10975 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 10976 10977 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 10978 10979 msg_len = unhexify( message_str, "337d25fe9810ebca0de4d4658d3ceb8e0fe4c066aba3bcc48b105d3bf7e0257d44fecea6596f4d0c59a08402833678f70620f9138dfeb7ded905e4a6d5f05c473d55936652e2a5df43c0cfda7bacaf3087f4524b06cf42157d01539739f7fddec9d58125df31a32eab06c19b71f1d5bf" ); 10980 10981 switch( SIG_RSA_SHA1 ) 10982 { 10983 #ifdef POLARSSL_MD2_C 10984 case SIG_RSA_MD2: 10985 md2( message_str, msg_len, hash_result ); 10986 break; 10987 #endif 10988 #ifdef POLARSSL_MD4_C 10989 case SIG_RSA_MD4: 10990 md4( message_str, msg_len, hash_result ); 10991 break; 10992 #endif 10993 #ifdef POLARSSL_MD5_C 10994 case SIG_RSA_MD5: 10995 md5( message_str, msg_len, hash_result ); 10996 break; 10997 #endif 10998 #ifdef POLARSSL_SHA1_C 10999 case SIG_RSA_SHA1: 11000 sha1( message_str, msg_len, hash_result ); 11001 break; 11002 #endif 11003 #ifdef POLARSSL_SHA2_C 11004 case SIG_RSA_SHA224: 11005 sha2( message_str, msg_len, hash_result, 1 ); 11006 break; 11007 case SIG_RSA_SHA256: 11008 sha2( message_str, msg_len, hash_result, 0 ); 11009 break; 11010 #endif 11011 #ifdef POLARSSL_SHA4_C 11012 case SIG_RSA_SHA384: 11013 sha4( message_str, msg_len, hash_result, 1 ); 11014 break; 11015 case SIG_RSA_SHA512: 11016 sha4( message_str, msg_len, hash_result, 0 ); 11017 break; 11018 #endif 11019 } 11020 11021 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 11022 if( 0 == 0 ) 11023 { 11024 hexify( output_str, output, ctx.len); 11025 11026 fct_chk( strcasecmp( (char *) output_str, "0b5b11ad549863ffa9c51a14a1106c2a72cc8b646e5c7262509786105a984776534ca9b54c1cc64bf2d5a44fd7e8a69db699d5ea52087a4748fd2abc1afed1e5d6f7c89025530bdaa2213d7e030fa55df6f34bcf1ce46d2edf4e3ae4f3b01891a068c9e3a44bbc43133edad6ecb9f35400c4252a5762d65744b99cb9f4c559329f" ) == 0 ); 11027 } 11028 11029 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 11030 } 11031 FCT_TEST_END(); 11032 11033 11034 FCT_TEST_BGN(rsassa_pss_signature_example_6_4_verify) 11035 { 11036 unsigned char message_str[1000]; 11037 unsigned char hash_result[1000]; 11038 unsigned char result_str[1000]; 11039 rsa_context ctx; 11040 size_t msg_len; 11041 11042 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 11043 memset( message_str, 0x00, 1000 ); 11044 memset( hash_result, 0x00, 1000 ); 11045 memset( result_str, 0x00, 1000 ); 11046 11047 ctx.len = 1029 / 8 + ( ( 1029 % 8 ) ? 1 : 0 ); 11048 fct_chk( mpi_read_string( &ctx.N, 16, "164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1" ) == 0 ); 11049 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 11050 11051 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 11052 11053 msg_len = unhexify( message_str, "337d25fe9810ebca0de4d4658d3ceb8e0fe4c066aba3bcc48b105d3bf7e0257d44fecea6596f4d0c59a08402833678f70620f9138dfeb7ded905e4a6d5f05c473d55936652e2a5df43c0cfda7bacaf3087f4524b06cf42157d01539739f7fddec9d58125df31a32eab06c19b71f1d5bf" ); 11054 unhexify( result_str, "0b5b11ad549863ffa9c51a14a1106c2a72cc8b646e5c7262509786105a984776534ca9b54c1cc64bf2d5a44fd7e8a69db699d5ea52087a4748fd2abc1afed1e5d6f7c89025530bdaa2213d7e030fa55df6f34bcf1ce46d2edf4e3ae4f3b01891a068c9e3a44bbc43133edad6ecb9f35400c4252a5762d65744b99cb9f4c559329f" ); 11055 11056 switch( SIG_RSA_SHA1 ) 11057 { 11058 #ifdef POLARSSL_MD2_C 11059 case SIG_RSA_MD2: 11060 md2( message_str, msg_len, hash_result ); 11061 break; 11062 #endif 11063 #ifdef POLARSSL_MD4_C 11064 case SIG_RSA_MD4: 11065 md4( message_str, msg_len, hash_result ); 11066 break; 11067 #endif 11068 #ifdef POLARSSL_MD5_C 11069 case SIG_RSA_MD5: 11070 md5( message_str, msg_len, hash_result ); 11071 break; 11072 #endif 11073 #ifdef POLARSSL_SHA1_C 11074 case SIG_RSA_SHA1: 11075 sha1( message_str, msg_len, hash_result ); 11076 break; 11077 #endif 11078 #ifdef POLARSSL_SHA2_C 11079 case SIG_RSA_SHA224: 11080 sha2( message_str, msg_len, hash_result, 1 ); 11081 break; 11082 case SIG_RSA_SHA256: 11083 sha2( message_str, msg_len, hash_result, 0 ); 11084 break; 11085 #endif 11086 #ifdef POLARSSL_SHA4_C 11087 case SIG_RSA_SHA384: 11088 sha4( message_str, msg_len, hash_result, 1 ); 11089 break; 11090 case SIG_RSA_SHA512: 11091 sha4( message_str, msg_len, hash_result, 0 ); 11092 break; 11093 #endif 11094 } 11095 11096 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 11097 } 11098 FCT_TEST_END(); 11099 11100 11101 FCT_TEST_BGN(rsassa_pss_signature_example_6_5) 11102 { 11103 unsigned char message_str[1000]; 11104 unsigned char hash_result[1000]; 11105 unsigned char output[1000]; 11106 unsigned char output_str[1000]; 11107 unsigned char rnd_buf[1000]; 11108 rsa_context ctx; 11109 mpi P1, Q1, H, G; 11110 size_t msg_len; 11111 rnd_buf_info info; 11112 11113 info.length = unhexify( rnd_buf, "7b790c1d62f7b84e94df6af28917cf571018110e" ); 11114 info.buf = rnd_buf; 11115 11116 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 11117 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 11118 11119 memset( message_str, 0x00, 1000 ); 11120 memset( hash_result, 0x00, 1000 ); 11121 memset( output, 0x00, 1000 ); 11122 memset( output_str, 0x00, 1000 ); 11123 11124 ctx.len = 1029 / 8 + ( ( 1029 % 8 ) ? 1 : 0 ); 11125 fct_chk( mpi_read_string( &ctx.P, 16, "04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543" ) == 0 ); 11126 fct_chk( mpi_read_string( &ctx.Q, 16, "0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b" ) == 0 ); 11127 fct_chk( mpi_read_string( &ctx.N, 16, "164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1" ) == 0 ); 11128 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 11129 11130 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 11131 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 11132 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 11133 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 11134 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 11135 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 11136 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 11137 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 11138 11139 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 11140 11141 msg_len = unhexify( message_str, "84ec502b072e8287789d8f9235829ea3b187afd4d4c785611bda5f9eb3cb96717efa7007227f1c08cbcb972e667235e0fb7d431a6570326d2ecce35adb373dc753b3be5f829b89175493193fab16badb41371b3aac0ae670076f24bef420c135add7cee8d35fbc944d79fafb9e307a13b0f556cb654a06f973ed22672330197ef5a748bf826a5db2383a25364b686b9372bb2339aeb1ac9e9889327d016f1670776db06201adbdcaf8a5e3b74e108b73" ); 11142 11143 switch( SIG_RSA_SHA1 ) 11144 { 11145 #ifdef POLARSSL_MD2_C 11146 case SIG_RSA_MD2: 11147 md2( message_str, msg_len, hash_result ); 11148 break; 11149 #endif 11150 #ifdef POLARSSL_MD4_C 11151 case SIG_RSA_MD4: 11152 md4( message_str, msg_len, hash_result ); 11153 break; 11154 #endif 11155 #ifdef POLARSSL_MD5_C 11156 case SIG_RSA_MD5: 11157 md5( message_str, msg_len, hash_result ); 11158 break; 11159 #endif 11160 #ifdef POLARSSL_SHA1_C 11161 case SIG_RSA_SHA1: 11162 sha1( message_str, msg_len, hash_result ); 11163 break; 11164 #endif 11165 #ifdef POLARSSL_SHA2_C 11166 case SIG_RSA_SHA224: 11167 sha2( message_str, msg_len, hash_result, 1 ); 11168 break; 11169 case SIG_RSA_SHA256: 11170 sha2( message_str, msg_len, hash_result, 0 ); 11171 break; 11172 #endif 11173 #ifdef POLARSSL_SHA4_C 11174 case SIG_RSA_SHA384: 11175 sha4( message_str, msg_len, hash_result, 1 ); 11176 break; 11177 case SIG_RSA_SHA512: 11178 sha4( message_str, msg_len, hash_result, 0 ); 11179 break; 11180 #endif 11181 } 11182 11183 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 11184 if( 0 == 0 ) 11185 { 11186 hexify( output_str, output, ctx.len); 11187 11188 fct_chk( strcasecmp( (char *) output_str, "02d71fa9b53e4654fefb7f08385cf6b0ae3a817942ebf66c35ac67f0b069952a3ce9c7e1f1b02e480a9500836de5d64cdb7ecde04542f7a79988787e24c2ba05f5fd482c023ed5c30e04839dc44bed2a3a3a4fee01113c891a47d32eb8025c28cb050b5cdb576c70fe76ef523405c08417faf350b037a43c379339fcb18d3a356b" ) == 0 ); 11189 } 11190 11191 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 11192 } 11193 FCT_TEST_END(); 11194 11195 11196 FCT_TEST_BGN(rsassa_pss_signature_example_6_5_verify) 11197 { 11198 unsigned char message_str[1000]; 11199 unsigned char hash_result[1000]; 11200 unsigned char result_str[1000]; 11201 rsa_context ctx; 11202 size_t msg_len; 11203 11204 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 11205 memset( message_str, 0x00, 1000 ); 11206 memset( hash_result, 0x00, 1000 ); 11207 memset( result_str, 0x00, 1000 ); 11208 11209 ctx.len = 1029 / 8 + ( ( 1029 % 8 ) ? 1 : 0 ); 11210 fct_chk( mpi_read_string( &ctx.N, 16, "164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1" ) == 0 ); 11211 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 11212 11213 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 11214 11215 msg_len = unhexify( message_str, "84ec502b072e8287789d8f9235829ea3b187afd4d4c785611bda5f9eb3cb96717efa7007227f1c08cbcb972e667235e0fb7d431a6570326d2ecce35adb373dc753b3be5f829b89175493193fab16badb41371b3aac0ae670076f24bef420c135add7cee8d35fbc944d79fafb9e307a13b0f556cb654a06f973ed22672330197ef5a748bf826a5db2383a25364b686b9372bb2339aeb1ac9e9889327d016f1670776db06201adbdcaf8a5e3b74e108b73" ); 11216 unhexify( result_str, "02d71fa9b53e4654fefb7f08385cf6b0ae3a817942ebf66c35ac67f0b069952a3ce9c7e1f1b02e480a9500836de5d64cdb7ecde04542f7a79988787e24c2ba05f5fd482c023ed5c30e04839dc44bed2a3a3a4fee01113c891a47d32eb8025c28cb050b5cdb576c70fe76ef523405c08417faf350b037a43c379339fcb18d3a356b" ); 11217 11218 switch( SIG_RSA_SHA1 ) 11219 { 11220 #ifdef POLARSSL_MD2_C 11221 case SIG_RSA_MD2: 11222 md2( message_str, msg_len, hash_result ); 11223 break; 11224 #endif 11225 #ifdef POLARSSL_MD4_C 11226 case SIG_RSA_MD4: 11227 md4( message_str, msg_len, hash_result ); 11228 break; 11229 #endif 11230 #ifdef POLARSSL_MD5_C 11231 case SIG_RSA_MD5: 11232 md5( message_str, msg_len, hash_result ); 11233 break; 11234 #endif 11235 #ifdef POLARSSL_SHA1_C 11236 case SIG_RSA_SHA1: 11237 sha1( message_str, msg_len, hash_result ); 11238 break; 11239 #endif 11240 #ifdef POLARSSL_SHA2_C 11241 case SIG_RSA_SHA224: 11242 sha2( message_str, msg_len, hash_result, 1 ); 11243 break; 11244 case SIG_RSA_SHA256: 11245 sha2( message_str, msg_len, hash_result, 0 ); 11246 break; 11247 #endif 11248 #ifdef POLARSSL_SHA4_C 11249 case SIG_RSA_SHA384: 11250 sha4( message_str, msg_len, hash_result, 1 ); 11251 break; 11252 case SIG_RSA_SHA512: 11253 sha4( message_str, msg_len, hash_result, 0 ); 11254 break; 11255 #endif 11256 } 11257 11258 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 11259 } 11260 FCT_TEST_END(); 11261 11262 11263 FCT_TEST_BGN(rsassa_pss_signature_example_6_6) 11264 { 11265 unsigned char message_str[1000]; 11266 unsigned char hash_result[1000]; 11267 unsigned char output[1000]; 11268 unsigned char output_str[1000]; 11269 unsigned char rnd_buf[1000]; 11270 rsa_context ctx; 11271 mpi P1, Q1, H, G; 11272 size_t msg_len; 11273 rnd_buf_info info; 11274 11275 info.length = unhexify( rnd_buf, "fbbe059025b69b89fb14ae2289e7aaafe60c0fcd" ); 11276 info.buf = rnd_buf; 11277 11278 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 11279 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 11280 11281 memset( message_str, 0x00, 1000 ); 11282 memset( hash_result, 0x00, 1000 ); 11283 memset( output, 0x00, 1000 ); 11284 memset( output_str, 0x00, 1000 ); 11285 11286 ctx.len = 1029 / 8 + ( ( 1029 % 8 ) ? 1 : 0 ); 11287 fct_chk( mpi_read_string( &ctx.P, 16, "04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543" ) == 0 ); 11288 fct_chk( mpi_read_string( &ctx.Q, 16, "0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b" ) == 0 ); 11289 fct_chk( mpi_read_string( &ctx.N, 16, "164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1" ) == 0 ); 11290 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 11291 11292 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 11293 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 11294 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 11295 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 11296 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 11297 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 11298 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 11299 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 11300 11301 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 11302 11303 msg_len = unhexify( message_str, "9906d89f97a9fdedd3ccd824db687326f30f00aa25a7fca2afcb3b0f86cd41e73f0e8ff7d2d83f59e28ed31a5a0d551523374de22e4c7e8ff568b386ee3dc41163f10bf67bb006261c9082f9af90bf1d9049a6b9fae71c7f84fbe6e55f02789de774f230f115026a4b4e96c55b04a95da3aacbb2cece8f81764a1f1c99515411087cf7d34aeded0932c183" ); 11304 11305 switch( SIG_RSA_SHA1 ) 11306 { 11307 #ifdef POLARSSL_MD2_C 11308 case SIG_RSA_MD2: 11309 md2( message_str, msg_len, hash_result ); 11310 break; 11311 #endif 11312 #ifdef POLARSSL_MD4_C 11313 case SIG_RSA_MD4: 11314 md4( message_str, msg_len, hash_result ); 11315 break; 11316 #endif 11317 #ifdef POLARSSL_MD5_C 11318 case SIG_RSA_MD5: 11319 md5( message_str, msg_len, hash_result ); 11320 break; 11321 #endif 11322 #ifdef POLARSSL_SHA1_C 11323 case SIG_RSA_SHA1: 11324 sha1( message_str, msg_len, hash_result ); 11325 break; 11326 #endif 11327 #ifdef POLARSSL_SHA2_C 11328 case SIG_RSA_SHA224: 11329 sha2( message_str, msg_len, hash_result, 1 ); 11330 break; 11331 case SIG_RSA_SHA256: 11332 sha2( message_str, msg_len, hash_result, 0 ); 11333 break; 11334 #endif 11335 #ifdef POLARSSL_SHA4_C 11336 case SIG_RSA_SHA384: 11337 sha4( message_str, msg_len, hash_result, 1 ); 11338 break; 11339 case SIG_RSA_SHA512: 11340 sha4( message_str, msg_len, hash_result, 0 ); 11341 break; 11342 #endif 11343 } 11344 11345 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 11346 if( 0 == 0 ) 11347 { 11348 hexify( output_str, output, ctx.len); 11349 11350 fct_chk( strcasecmp( (char *) output_str, "0a40a16e2fe2b38d1df90546167cf9469c9e3c3681a3442b4b2c2f581deb385ce99fc6188bb02a841d56e76d301891e24560550fcc2a26b55f4ccb26d837d350a154bcaca8392d98fa67959e9727b78cad03269f56968fc56b68bd679926d83cc9cb215550645ccda31c760ff35888943d2d8a1d351e81e5d07b86182e751081ef" ) == 0 ); 11351 } 11352 11353 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 11354 } 11355 FCT_TEST_END(); 11356 11357 11358 FCT_TEST_BGN(rsassa_pss_signature_example_6_6_verify) 11359 { 11360 unsigned char message_str[1000]; 11361 unsigned char hash_result[1000]; 11362 unsigned char result_str[1000]; 11363 rsa_context ctx; 11364 size_t msg_len; 11365 11366 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 11367 memset( message_str, 0x00, 1000 ); 11368 memset( hash_result, 0x00, 1000 ); 11369 memset( result_str, 0x00, 1000 ); 11370 11371 ctx.len = 1029 / 8 + ( ( 1029 % 8 ) ? 1 : 0 ); 11372 fct_chk( mpi_read_string( &ctx.N, 16, "164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1" ) == 0 ); 11373 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 11374 11375 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 11376 11377 msg_len = unhexify( message_str, "9906d89f97a9fdedd3ccd824db687326f30f00aa25a7fca2afcb3b0f86cd41e73f0e8ff7d2d83f59e28ed31a5a0d551523374de22e4c7e8ff568b386ee3dc41163f10bf67bb006261c9082f9af90bf1d9049a6b9fae71c7f84fbe6e55f02789de774f230f115026a4b4e96c55b04a95da3aacbb2cece8f81764a1f1c99515411087cf7d34aeded0932c183" ); 11378 unhexify( result_str, "0a40a16e2fe2b38d1df90546167cf9469c9e3c3681a3442b4b2c2f581deb385ce99fc6188bb02a841d56e76d301891e24560550fcc2a26b55f4ccb26d837d350a154bcaca8392d98fa67959e9727b78cad03269f56968fc56b68bd679926d83cc9cb215550645ccda31c760ff35888943d2d8a1d351e81e5d07b86182e751081ef" ); 11379 11380 switch( SIG_RSA_SHA1 ) 11381 { 11382 #ifdef POLARSSL_MD2_C 11383 case SIG_RSA_MD2: 11384 md2( message_str, msg_len, hash_result ); 11385 break; 11386 #endif 11387 #ifdef POLARSSL_MD4_C 11388 case SIG_RSA_MD4: 11389 md4( message_str, msg_len, hash_result ); 11390 break; 11391 #endif 11392 #ifdef POLARSSL_MD5_C 11393 case SIG_RSA_MD5: 11394 md5( message_str, msg_len, hash_result ); 11395 break; 11396 #endif 11397 #ifdef POLARSSL_SHA1_C 11398 case SIG_RSA_SHA1: 11399 sha1( message_str, msg_len, hash_result ); 11400 break; 11401 #endif 11402 #ifdef POLARSSL_SHA2_C 11403 case SIG_RSA_SHA224: 11404 sha2( message_str, msg_len, hash_result, 1 ); 11405 break; 11406 case SIG_RSA_SHA256: 11407 sha2( message_str, msg_len, hash_result, 0 ); 11408 break; 11409 #endif 11410 #ifdef POLARSSL_SHA4_C 11411 case SIG_RSA_SHA384: 11412 sha4( message_str, msg_len, hash_result, 1 ); 11413 break; 11414 case SIG_RSA_SHA512: 11415 sha4( message_str, msg_len, hash_result, 0 ); 11416 break; 11417 #endif 11418 } 11419 11420 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 11421 } 11422 FCT_TEST_END(); 11423 11424 11425 FCT_TEST_BGN(rsassa_pss_signature_example_7_1) 11426 { 11427 unsigned char message_str[1000]; 11428 unsigned char hash_result[1000]; 11429 unsigned char output[1000]; 11430 unsigned char output_str[1000]; 11431 unsigned char rnd_buf[1000]; 11432 rsa_context ctx; 11433 mpi P1, Q1, H, G; 11434 size_t msg_len; 11435 rnd_buf_info info; 11436 11437 info.length = unhexify( rnd_buf, "b7867a59958cb54328f8775e6546ec06d27eaa50" ); 11438 info.buf = rnd_buf; 11439 11440 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 11441 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 11442 11443 memset( message_str, 0x00, 1000 ); 11444 memset( hash_result, 0x00, 1000 ); 11445 memset( output, 0x00, 1000 ); 11446 memset( output_str, 0x00, 1000 ); 11447 11448 ctx.len = 1030 / 8 + ( ( 1030 % 8 ) ? 1 : 0 ); 11449 fct_chk( mpi_read_string( &ctx.P, 16, "07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535" ) == 0 ); 11450 fct_chk( mpi_read_string( &ctx.Q, 16, "070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547" ) == 0 ); 11451 fct_chk( mpi_read_string( &ctx.N, 16, "37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3" ) == 0 ); 11452 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 11453 11454 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 11455 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 11456 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 11457 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 11458 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 11459 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 11460 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 11461 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 11462 11463 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 11464 11465 msg_len = unhexify( message_str, "9ead0e01945640674eb41cad435e2374eaefa8ad7197d97913c44957d8d83f40d76ee60e39bf9c0f9eaf3021421a074d1ade962c6e9d3dc3bb174fe4dfe652b09115495b8fd2794174020a0602b5ca51848cfc96ce5eb57fc0a2adc1dda36a7cc452641a14911b37e45bfa11daa5c7ecdb74f6d0100d1d3e39e752800e203397de0233077b9a88855537fae927f924380d780f98e18dcff39c5ea741b17d6fdd1885bc9d581482d771ceb562d78a8bf88f0c75b11363e5e36cd479ceb0545f9da84203e0e6e508375cc9e844b88b7ac7a0a201ea0f1bee9a2c577920ca02c01b9d8320e974a56f4efb5763b96255abbf8037bf1802cf018f56379493e569a9" ); 11466 11467 switch( SIG_RSA_SHA1 ) 11468 { 11469 #ifdef POLARSSL_MD2_C 11470 case SIG_RSA_MD2: 11471 md2( message_str, msg_len, hash_result ); 11472 break; 11473 #endif 11474 #ifdef POLARSSL_MD4_C 11475 case SIG_RSA_MD4: 11476 md4( message_str, msg_len, hash_result ); 11477 break; 11478 #endif 11479 #ifdef POLARSSL_MD5_C 11480 case SIG_RSA_MD5: 11481 md5( message_str, msg_len, hash_result ); 11482 break; 11483 #endif 11484 #ifdef POLARSSL_SHA1_C 11485 case SIG_RSA_SHA1: 11486 sha1( message_str, msg_len, hash_result ); 11487 break; 11488 #endif 11489 #ifdef POLARSSL_SHA2_C 11490 case SIG_RSA_SHA224: 11491 sha2( message_str, msg_len, hash_result, 1 ); 11492 break; 11493 case SIG_RSA_SHA256: 11494 sha2( message_str, msg_len, hash_result, 0 ); 11495 break; 11496 #endif 11497 #ifdef POLARSSL_SHA4_C 11498 case SIG_RSA_SHA384: 11499 sha4( message_str, msg_len, hash_result, 1 ); 11500 break; 11501 case SIG_RSA_SHA512: 11502 sha4( message_str, msg_len, hash_result, 0 ); 11503 break; 11504 #endif 11505 } 11506 11507 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 11508 if( 0 == 0 ) 11509 { 11510 hexify( output_str, output, ctx.len); 11511 11512 fct_chk( strcasecmp( (char *) output_str, "187f390723c8902591f0154bae6d4ecbffe067f0e8b795476ea4f4d51ccc810520bb3ca9bca7d0b1f2ea8a17d873fa27570acd642e3808561cb9e975ccfd80b23dc5771cdb3306a5f23159dacbd3aa2db93d46d766e09ed15d900ad897a8d274dc26b47e994a27e97e2268a766533ae4b5e42a2fcaf755c1c4794b294c60555823" ) == 0 ); 11513 } 11514 11515 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 11516 } 11517 FCT_TEST_END(); 11518 11519 11520 FCT_TEST_BGN(rsassa_pss_signature_example_7_1_verify) 11521 { 11522 unsigned char message_str[1000]; 11523 unsigned char hash_result[1000]; 11524 unsigned char result_str[1000]; 11525 rsa_context ctx; 11526 size_t msg_len; 11527 11528 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 11529 memset( message_str, 0x00, 1000 ); 11530 memset( hash_result, 0x00, 1000 ); 11531 memset( result_str, 0x00, 1000 ); 11532 11533 ctx.len = 1030 / 8 + ( ( 1030 % 8 ) ? 1 : 0 ); 11534 fct_chk( mpi_read_string( &ctx.N, 16, "37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3" ) == 0 ); 11535 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 11536 11537 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 11538 11539 msg_len = unhexify( message_str, "9ead0e01945640674eb41cad435e2374eaefa8ad7197d97913c44957d8d83f40d76ee60e39bf9c0f9eaf3021421a074d1ade962c6e9d3dc3bb174fe4dfe652b09115495b8fd2794174020a0602b5ca51848cfc96ce5eb57fc0a2adc1dda36a7cc452641a14911b37e45bfa11daa5c7ecdb74f6d0100d1d3e39e752800e203397de0233077b9a88855537fae927f924380d780f98e18dcff39c5ea741b17d6fdd1885bc9d581482d771ceb562d78a8bf88f0c75b11363e5e36cd479ceb0545f9da84203e0e6e508375cc9e844b88b7ac7a0a201ea0f1bee9a2c577920ca02c01b9d8320e974a56f4efb5763b96255abbf8037bf1802cf018f56379493e569a9" ); 11540 unhexify( result_str, "187f390723c8902591f0154bae6d4ecbffe067f0e8b795476ea4f4d51ccc810520bb3ca9bca7d0b1f2ea8a17d873fa27570acd642e3808561cb9e975ccfd80b23dc5771cdb3306a5f23159dacbd3aa2db93d46d766e09ed15d900ad897a8d274dc26b47e994a27e97e2268a766533ae4b5e42a2fcaf755c1c4794b294c60555823" ); 11541 11542 switch( SIG_RSA_SHA1 ) 11543 { 11544 #ifdef POLARSSL_MD2_C 11545 case SIG_RSA_MD2: 11546 md2( message_str, msg_len, hash_result ); 11547 break; 11548 #endif 11549 #ifdef POLARSSL_MD4_C 11550 case SIG_RSA_MD4: 11551 md4( message_str, msg_len, hash_result ); 11552 break; 11553 #endif 11554 #ifdef POLARSSL_MD5_C 11555 case SIG_RSA_MD5: 11556 md5( message_str, msg_len, hash_result ); 11557 break; 11558 #endif 11559 #ifdef POLARSSL_SHA1_C 11560 case SIG_RSA_SHA1: 11561 sha1( message_str, msg_len, hash_result ); 11562 break; 11563 #endif 11564 #ifdef POLARSSL_SHA2_C 11565 case SIG_RSA_SHA224: 11566 sha2( message_str, msg_len, hash_result, 1 ); 11567 break; 11568 case SIG_RSA_SHA256: 11569 sha2( message_str, msg_len, hash_result, 0 ); 11570 break; 11571 #endif 11572 #ifdef POLARSSL_SHA4_C 11573 case SIG_RSA_SHA384: 11574 sha4( message_str, msg_len, hash_result, 1 ); 11575 break; 11576 case SIG_RSA_SHA512: 11577 sha4( message_str, msg_len, hash_result, 0 ); 11578 break; 11579 #endif 11580 } 11581 11582 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 11583 } 11584 FCT_TEST_END(); 11585 11586 11587 FCT_TEST_BGN(rsassa_pss_signature_example_7_2) 11588 { 11589 unsigned char message_str[1000]; 11590 unsigned char hash_result[1000]; 11591 unsigned char output[1000]; 11592 unsigned char output_str[1000]; 11593 unsigned char rnd_buf[1000]; 11594 rsa_context ctx; 11595 mpi P1, Q1, H, G; 11596 size_t msg_len; 11597 rnd_buf_info info; 11598 11599 info.length = unhexify( rnd_buf, "0c09582266df086310821ba7e18df64dfee6de09" ); 11600 info.buf = rnd_buf; 11601 11602 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 11603 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 11604 11605 memset( message_str, 0x00, 1000 ); 11606 memset( hash_result, 0x00, 1000 ); 11607 memset( output, 0x00, 1000 ); 11608 memset( output_str, 0x00, 1000 ); 11609 11610 ctx.len = 1030 / 8 + ( ( 1030 % 8 ) ? 1 : 0 ); 11611 fct_chk( mpi_read_string( &ctx.P, 16, "07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535" ) == 0 ); 11612 fct_chk( mpi_read_string( &ctx.Q, 16, "070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547" ) == 0 ); 11613 fct_chk( mpi_read_string( &ctx.N, 16, "37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3" ) == 0 ); 11614 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 11615 11616 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 11617 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 11618 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 11619 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 11620 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 11621 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 11622 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 11623 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 11624 11625 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 11626 11627 msg_len = unhexify( message_str, "8d80d2d08dbd19c154df3f14673a14bd03735231f24e86bf153d0e69e74cbff7b1836e664de83f680124370fc0f96c9b65c07a366b644c4ab3" ); 11628 11629 switch( SIG_RSA_SHA1 ) 11630 { 11631 #ifdef POLARSSL_MD2_C 11632 case SIG_RSA_MD2: 11633 md2( message_str, msg_len, hash_result ); 11634 break; 11635 #endif 11636 #ifdef POLARSSL_MD4_C 11637 case SIG_RSA_MD4: 11638 md4( message_str, msg_len, hash_result ); 11639 break; 11640 #endif 11641 #ifdef POLARSSL_MD5_C 11642 case SIG_RSA_MD5: 11643 md5( message_str, msg_len, hash_result ); 11644 break; 11645 #endif 11646 #ifdef POLARSSL_SHA1_C 11647 case SIG_RSA_SHA1: 11648 sha1( message_str, msg_len, hash_result ); 11649 break; 11650 #endif 11651 #ifdef POLARSSL_SHA2_C 11652 case SIG_RSA_SHA224: 11653 sha2( message_str, msg_len, hash_result, 1 ); 11654 break; 11655 case SIG_RSA_SHA256: 11656 sha2( message_str, msg_len, hash_result, 0 ); 11657 break; 11658 #endif 11659 #ifdef POLARSSL_SHA4_C 11660 case SIG_RSA_SHA384: 11661 sha4( message_str, msg_len, hash_result, 1 ); 11662 break; 11663 case SIG_RSA_SHA512: 11664 sha4( message_str, msg_len, hash_result, 0 ); 11665 break; 11666 #endif 11667 } 11668 11669 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 11670 if( 0 == 0 ) 11671 { 11672 hexify( output_str, output, ctx.len); 11673 11674 fct_chk( strcasecmp( (char *) output_str, "10fd89768a60a67788abb5856a787c8561f3edcf9a83e898f7dc87ab8cce79429b43e56906941a886194f137e591fe7c339555361fbbe1f24feb2d4bcdb80601f3096bc9132deea60ae13082f44f9ad41cd628936a4d51176e42fc59cb76db815ce5ab4db99a104aafea68f5d330329ebf258d4ede16064bd1d00393d5e1570eb8" ) == 0 ); 11675 } 11676 11677 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 11678 } 11679 FCT_TEST_END(); 11680 11681 11682 FCT_TEST_BGN(rsassa_pss_signature_example_7_2_verify) 11683 { 11684 unsigned char message_str[1000]; 11685 unsigned char hash_result[1000]; 11686 unsigned char result_str[1000]; 11687 rsa_context ctx; 11688 size_t msg_len; 11689 11690 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 11691 memset( message_str, 0x00, 1000 ); 11692 memset( hash_result, 0x00, 1000 ); 11693 memset( result_str, 0x00, 1000 ); 11694 11695 ctx.len = 1030 / 8 + ( ( 1030 % 8 ) ? 1 : 0 ); 11696 fct_chk( mpi_read_string( &ctx.N, 16, "37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3" ) == 0 ); 11697 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 11698 11699 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 11700 11701 msg_len = unhexify( message_str, "8d80d2d08dbd19c154df3f14673a14bd03735231f24e86bf153d0e69e74cbff7b1836e664de83f680124370fc0f96c9b65c07a366b644c4ab3" ); 11702 unhexify( result_str, "10fd89768a60a67788abb5856a787c8561f3edcf9a83e898f7dc87ab8cce79429b43e56906941a886194f137e591fe7c339555361fbbe1f24feb2d4bcdb80601f3096bc9132deea60ae13082f44f9ad41cd628936a4d51176e42fc59cb76db815ce5ab4db99a104aafea68f5d330329ebf258d4ede16064bd1d00393d5e1570eb8" ); 11703 11704 switch( SIG_RSA_SHA1 ) 11705 { 11706 #ifdef POLARSSL_MD2_C 11707 case SIG_RSA_MD2: 11708 md2( message_str, msg_len, hash_result ); 11709 break; 11710 #endif 11711 #ifdef POLARSSL_MD4_C 11712 case SIG_RSA_MD4: 11713 md4( message_str, msg_len, hash_result ); 11714 break; 11715 #endif 11716 #ifdef POLARSSL_MD5_C 11717 case SIG_RSA_MD5: 11718 md5( message_str, msg_len, hash_result ); 11719 break; 11720 #endif 11721 #ifdef POLARSSL_SHA1_C 11722 case SIG_RSA_SHA1: 11723 sha1( message_str, msg_len, hash_result ); 11724 break; 11725 #endif 11726 #ifdef POLARSSL_SHA2_C 11727 case SIG_RSA_SHA224: 11728 sha2( message_str, msg_len, hash_result, 1 ); 11729 break; 11730 case SIG_RSA_SHA256: 11731 sha2( message_str, msg_len, hash_result, 0 ); 11732 break; 11733 #endif 11734 #ifdef POLARSSL_SHA4_C 11735 case SIG_RSA_SHA384: 11736 sha4( message_str, msg_len, hash_result, 1 ); 11737 break; 11738 case SIG_RSA_SHA512: 11739 sha4( message_str, msg_len, hash_result, 0 ); 11740 break; 11741 #endif 11742 } 11743 11744 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 11745 } 11746 FCT_TEST_END(); 11747 11748 11749 FCT_TEST_BGN(rsassa_pss_signature_example_7_3) 11750 { 11751 unsigned char message_str[1000]; 11752 unsigned char hash_result[1000]; 11753 unsigned char output[1000]; 11754 unsigned char output_str[1000]; 11755 unsigned char rnd_buf[1000]; 11756 rsa_context ctx; 11757 mpi P1, Q1, H, G; 11758 size_t msg_len; 11759 rnd_buf_info info; 11760 11761 info.length = unhexify( rnd_buf, "28039dcfe106d3b8296611258c4a56651c9e92dd" ); 11762 info.buf = rnd_buf; 11763 11764 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 11765 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 11766 11767 memset( message_str, 0x00, 1000 ); 11768 memset( hash_result, 0x00, 1000 ); 11769 memset( output, 0x00, 1000 ); 11770 memset( output_str, 0x00, 1000 ); 11771 11772 ctx.len = 1030 / 8 + ( ( 1030 % 8 ) ? 1 : 0 ); 11773 fct_chk( mpi_read_string( &ctx.P, 16, "07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535" ) == 0 ); 11774 fct_chk( mpi_read_string( &ctx.Q, 16, "070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547" ) == 0 ); 11775 fct_chk( mpi_read_string( &ctx.N, 16, "37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3" ) == 0 ); 11776 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 11777 11778 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 11779 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 11780 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 11781 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 11782 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 11783 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 11784 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 11785 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 11786 11787 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 11788 11789 msg_len = unhexify( message_str, "808405cdfc1a58b9bb0397c720722a81fffb76278f335917ef9c473814b3e016ba2973cd2765f8f3f82d6cc38aa7f8551827fe8d1e3884b7e61c94683b8f82f1843bdae2257eeec9812ad4c2cf283c34e0b0ae0fe3cb990cf88f2ef9" ); 11790 11791 switch( SIG_RSA_SHA1 ) 11792 { 11793 #ifdef POLARSSL_MD2_C 11794 case SIG_RSA_MD2: 11795 md2( message_str, msg_len, hash_result ); 11796 break; 11797 #endif 11798 #ifdef POLARSSL_MD4_C 11799 case SIG_RSA_MD4: 11800 md4( message_str, msg_len, hash_result ); 11801 break; 11802 #endif 11803 #ifdef POLARSSL_MD5_C 11804 case SIG_RSA_MD5: 11805 md5( message_str, msg_len, hash_result ); 11806 break; 11807 #endif 11808 #ifdef POLARSSL_SHA1_C 11809 case SIG_RSA_SHA1: 11810 sha1( message_str, msg_len, hash_result ); 11811 break; 11812 #endif 11813 #ifdef POLARSSL_SHA2_C 11814 case SIG_RSA_SHA224: 11815 sha2( message_str, msg_len, hash_result, 1 ); 11816 break; 11817 case SIG_RSA_SHA256: 11818 sha2( message_str, msg_len, hash_result, 0 ); 11819 break; 11820 #endif 11821 #ifdef POLARSSL_SHA4_C 11822 case SIG_RSA_SHA384: 11823 sha4( message_str, msg_len, hash_result, 1 ); 11824 break; 11825 case SIG_RSA_SHA512: 11826 sha4( message_str, msg_len, hash_result, 0 ); 11827 break; 11828 #endif 11829 } 11830 11831 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 11832 if( 0 == 0 ) 11833 { 11834 hexify( output_str, output, ctx.len); 11835 11836 fct_chk( strcasecmp( (char *) output_str, "2b31fde99859b977aa09586d8e274662b25a2a640640b457f594051cb1e7f7a911865455242926cf88fe80dfa3a75ba9689844a11e634a82b075afbd69c12a0df9d25f84ad4945df3dc8fe90c3cefdf26e95f0534304b5bdba20d3e5640a2ebfb898aac35ae40f26fce5563c2f9f24f3042af76f3c7072d687bbfb959a88460af1" ) == 0 ); 11837 } 11838 11839 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 11840 } 11841 FCT_TEST_END(); 11842 11843 11844 FCT_TEST_BGN(rsassa_pss_signature_example_7_3_verify) 11845 { 11846 unsigned char message_str[1000]; 11847 unsigned char hash_result[1000]; 11848 unsigned char result_str[1000]; 11849 rsa_context ctx; 11850 size_t msg_len; 11851 11852 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 11853 memset( message_str, 0x00, 1000 ); 11854 memset( hash_result, 0x00, 1000 ); 11855 memset( result_str, 0x00, 1000 ); 11856 11857 ctx.len = 1030 / 8 + ( ( 1030 % 8 ) ? 1 : 0 ); 11858 fct_chk( mpi_read_string( &ctx.N, 16, "37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3" ) == 0 ); 11859 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 11860 11861 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 11862 11863 msg_len = unhexify( message_str, "808405cdfc1a58b9bb0397c720722a81fffb76278f335917ef9c473814b3e016ba2973cd2765f8f3f82d6cc38aa7f8551827fe8d1e3884b7e61c94683b8f82f1843bdae2257eeec9812ad4c2cf283c34e0b0ae0fe3cb990cf88f2ef9" ); 11864 unhexify( result_str, "2b31fde99859b977aa09586d8e274662b25a2a640640b457f594051cb1e7f7a911865455242926cf88fe80dfa3a75ba9689844a11e634a82b075afbd69c12a0df9d25f84ad4945df3dc8fe90c3cefdf26e95f0534304b5bdba20d3e5640a2ebfb898aac35ae40f26fce5563c2f9f24f3042af76f3c7072d687bbfb959a88460af1" ); 11865 11866 switch( SIG_RSA_SHA1 ) 11867 { 11868 #ifdef POLARSSL_MD2_C 11869 case SIG_RSA_MD2: 11870 md2( message_str, msg_len, hash_result ); 11871 break; 11872 #endif 11873 #ifdef POLARSSL_MD4_C 11874 case SIG_RSA_MD4: 11875 md4( message_str, msg_len, hash_result ); 11876 break; 11877 #endif 11878 #ifdef POLARSSL_MD5_C 11879 case SIG_RSA_MD5: 11880 md5( message_str, msg_len, hash_result ); 11881 break; 11882 #endif 11883 #ifdef POLARSSL_SHA1_C 11884 case SIG_RSA_SHA1: 11885 sha1( message_str, msg_len, hash_result ); 11886 break; 11887 #endif 11888 #ifdef POLARSSL_SHA2_C 11889 case SIG_RSA_SHA224: 11890 sha2( message_str, msg_len, hash_result, 1 ); 11891 break; 11892 case SIG_RSA_SHA256: 11893 sha2( message_str, msg_len, hash_result, 0 ); 11894 break; 11895 #endif 11896 #ifdef POLARSSL_SHA4_C 11897 case SIG_RSA_SHA384: 11898 sha4( message_str, msg_len, hash_result, 1 ); 11899 break; 11900 case SIG_RSA_SHA512: 11901 sha4( message_str, msg_len, hash_result, 0 ); 11902 break; 11903 #endif 11904 } 11905 11906 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 11907 } 11908 FCT_TEST_END(); 11909 11910 11911 FCT_TEST_BGN(rsassa_pss_signature_example_7_4) 11912 { 11913 unsigned char message_str[1000]; 11914 unsigned char hash_result[1000]; 11915 unsigned char output[1000]; 11916 unsigned char output_str[1000]; 11917 unsigned char rnd_buf[1000]; 11918 rsa_context ctx; 11919 mpi P1, Q1, H, G; 11920 size_t msg_len; 11921 rnd_buf_info info; 11922 11923 info.length = unhexify( rnd_buf, "a77821ebbbef24628e4e12e1d0ea96de398f7b0f" ); 11924 info.buf = rnd_buf; 11925 11926 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 11927 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 11928 11929 memset( message_str, 0x00, 1000 ); 11930 memset( hash_result, 0x00, 1000 ); 11931 memset( output, 0x00, 1000 ); 11932 memset( output_str, 0x00, 1000 ); 11933 11934 ctx.len = 1030 / 8 + ( ( 1030 % 8 ) ? 1 : 0 ); 11935 fct_chk( mpi_read_string( &ctx.P, 16, "07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535" ) == 0 ); 11936 fct_chk( mpi_read_string( &ctx.Q, 16, "070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547" ) == 0 ); 11937 fct_chk( mpi_read_string( &ctx.N, 16, "37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3" ) == 0 ); 11938 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 11939 11940 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 11941 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 11942 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 11943 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 11944 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 11945 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 11946 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 11947 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 11948 11949 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 11950 11951 msg_len = unhexify( message_str, "f337b9bad937de22a1a052dff11134a8ce26976202981939b91e0715ae5e609649da1adfcef3f4cca59b238360e7d1e496c7bf4b204b5acff9bbd6166a1d87a36ef2247373751039f8a800b8399807b3a85f44893497c0d05fb7017b82228152de6f25e6116dcc7503c786c875c28f3aa607e94ab0f19863ab1b5073770b0cd5f533acde30c6fb953cf3da680264e30fc11bff9a19bffab4779b6223c3fb3fe0f71abade4eb7c09c41e24c22d23fa148e6a173feb63984d1bc6ee3a02d915b752ceaf92a3015eceb38ca586c6801b37c34cefb2cff25ea23c08662dcab26a7a93a285d05d3044c" ); 11952 11953 switch( SIG_RSA_SHA1 ) 11954 { 11955 #ifdef POLARSSL_MD2_C 11956 case SIG_RSA_MD2: 11957 md2( message_str, msg_len, hash_result ); 11958 break; 11959 #endif 11960 #ifdef POLARSSL_MD4_C 11961 case SIG_RSA_MD4: 11962 md4( message_str, msg_len, hash_result ); 11963 break; 11964 #endif 11965 #ifdef POLARSSL_MD5_C 11966 case SIG_RSA_MD5: 11967 md5( message_str, msg_len, hash_result ); 11968 break; 11969 #endif 11970 #ifdef POLARSSL_SHA1_C 11971 case SIG_RSA_SHA1: 11972 sha1( message_str, msg_len, hash_result ); 11973 break; 11974 #endif 11975 #ifdef POLARSSL_SHA2_C 11976 case SIG_RSA_SHA224: 11977 sha2( message_str, msg_len, hash_result, 1 ); 11978 break; 11979 case SIG_RSA_SHA256: 11980 sha2( message_str, msg_len, hash_result, 0 ); 11981 break; 11982 #endif 11983 #ifdef POLARSSL_SHA4_C 11984 case SIG_RSA_SHA384: 11985 sha4( message_str, msg_len, hash_result, 1 ); 11986 break; 11987 case SIG_RSA_SHA512: 11988 sha4( message_str, msg_len, hash_result, 0 ); 11989 break; 11990 #endif 11991 } 11992 11993 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 11994 if( 0 == 0 ) 11995 { 11996 hexify( output_str, output, ctx.len); 11997 11998 fct_chk( strcasecmp( (char *) output_str, "32c7ca38ff26949a15000c4ba04b2b13b35a3810e568184d7ecabaa166b7ffabddf2b6cf4ba07124923790f2e5b1a5be040aea36fe132ec130e1f10567982d17ac3e89b8d26c3094034e762d2e031264f01170beecb3d1439e05846f25458367a7d9c02060444672671e64e877864559ca19b2074d588a281b5804d23772fbbe19" ) == 0 ); 11999 } 12000 12001 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 12002 } 12003 FCT_TEST_END(); 12004 12005 12006 FCT_TEST_BGN(rsassa_pss_signature_example_7_4_verify) 12007 { 12008 unsigned char message_str[1000]; 12009 unsigned char hash_result[1000]; 12010 unsigned char result_str[1000]; 12011 rsa_context ctx; 12012 size_t msg_len; 12013 12014 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 12015 memset( message_str, 0x00, 1000 ); 12016 memset( hash_result, 0x00, 1000 ); 12017 memset( result_str, 0x00, 1000 ); 12018 12019 ctx.len = 1030 / 8 + ( ( 1030 % 8 ) ? 1 : 0 ); 12020 fct_chk( mpi_read_string( &ctx.N, 16, "37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3" ) == 0 ); 12021 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 12022 12023 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 12024 12025 msg_len = unhexify( message_str, "f337b9bad937de22a1a052dff11134a8ce26976202981939b91e0715ae5e609649da1adfcef3f4cca59b238360e7d1e496c7bf4b204b5acff9bbd6166a1d87a36ef2247373751039f8a800b8399807b3a85f44893497c0d05fb7017b82228152de6f25e6116dcc7503c786c875c28f3aa607e94ab0f19863ab1b5073770b0cd5f533acde30c6fb953cf3da680264e30fc11bff9a19bffab4779b6223c3fb3fe0f71abade4eb7c09c41e24c22d23fa148e6a173feb63984d1bc6ee3a02d915b752ceaf92a3015eceb38ca586c6801b37c34cefb2cff25ea23c08662dcab26a7a93a285d05d3044c" ); 12026 unhexify( result_str, "32c7ca38ff26949a15000c4ba04b2b13b35a3810e568184d7ecabaa166b7ffabddf2b6cf4ba07124923790f2e5b1a5be040aea36fe132ec130e1f10567982d17ac3e89b8d26c3094034e762d2e031264f01170beecb3d1439e05846f25458367a7d9c02060444672671e64e877864559ca19b2074d588a281b5804d23772fbbe19" ); 12027 12028 switch( SIG_RSA_SHA1 ) 12029 { 12030 #ifdef POLARSSL_MD2_C 12031 case SIG_RSA_MD2: 12032 md2( message_str, msg_len, hash_result ); 12033 break; 12034 #endif 12035 #ifdef POLARSSL_MD4_C 12036 case SIG_RSA_MD4: 12037 md4( message_str, msg_len, hash_result ); 12038 break; 12039 #endif 12040 #ifdef POLARSSL_MD5_C 12041 case SIG_RSA_MD5: 12042 md5( message_str, msg_len, hash_result ); 12043 break; 12044 #endif 12045 #ifdef POLARSSL_SHA1_C 12046 case SIG_RSA_SHA1: 12047 sha1( message_str, msg_len, hash_result ); 12048 break; 12049 #endif 12050 #ifdef POLARSSL_SHA2_C 12051 case SIG_RSA_SHA224: 12052 sha2( message_str, msg_len, hash_result, 1 ); 12053 break; 12054 case SIG_RSA_SHA256: 12055 sha2( message_str, msg_len, hash_result, 0 ); 12056 break; 12057 #endif 12058 #ifdef POLARSSL_SHA4_C 12059 case SIG_RSA_SHA384: 12060 sha4( message_str, msg_len, hash_result, 1 ); 12061 break; 12062 case SIG_RSA_SHA512: 12063 sha4( message_str, msg_len, hash_result, 0 ); 12064 break; 12065 #endif 12066 } 12067 12068 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 12069 } 12070 FCT_TEST_END(); 12071 12072 12073 FCT_TEST_BGN(rsassa_pss_signature_example_7_5) 12074 { 12075 unsigned char message_str[1000]; 12076 unsigned char hash_result[1000]; 12077 unsigned char output[1000]; 12078 unsigned char output_str[1000]; 12079 unsigned char rnd_buf[1000]; 12080 rsa_context ctx; 12081 mpi P1, Q1, H, G; 12082 size_t msg_len; 12083 rnd_buf_info info; 12084 12085 info.length = unhexify( rnd_buf, "9d5ad8eb452134b65dc3a98b6a73b5f741609cd6" ); 12086 info.buf = rnd_buf; 12087 12088 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 12089 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 12090 12091 memset( message_str, 0x00, 1000 ); 12092 memset( hash_result, 0x00, 1000 ); 12093 memset( output, 0x00, 1000 ); 12094 memset( output_str, 0x00, 1000 ); 12095 12096 ctx.len = 1030 / 8 + ( ( 1030 % 8 ) ? 1 : 0 ); 12097 fct_chk( mpi_read_string( &ctx.P, 16, "07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535" ) == 0 ); 12098 fct_chk( mpi_read_string( &ctx.Q, 16, "070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547" ) == 0 ); 12099 fct_chk( mpi_read_string( &ctx.N, 16, "37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3" ) == 0 ); 12100 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 12101 12102 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 12103 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 12104 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 12105 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 12106 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 12107 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 12108 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 12109 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 12110 12111 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 12112 12113 msg_len = unhexify( message_str, "45013cebafd960b255476a8e2598b9aa32efbe6dc1f34f4a498d8cf5a2b4548d08c55d5f95f7bcc9619163056f2d58b52fa032" ); 12114 12115 switch( SIG_RSA_SHA1 ) 12116 { 12117 #ifdef POLARSSL_MD2_C 12118 case SIG_RSA_MD2: 12119 md2( message_str, msg_len, hash_result ); 12120 break; 12121 #endif 12122 #ifdef POLARSSL_MD4_C 12123 case SIG_RSA_MD4: 12124 md4( message_str, msg_len, hash_result ); 12125 break; 12126 #endif 12127 #ifdef POLARSSL_MD5_C 12128 case SIG_RSA_MD5: 12129 md5( message_str, msg_len, hash_result ); 12130 break; 12131 #endif 12132 #ifdef POLARSSL_SHA1_C 12133 case SIG_RSA_SHA1: 12134 sha1( message_str, msg_len, hash_result ); 12135 break; 12136 #endif 12137 #ifdef POLARSSL_SHA2_C 12138 case SIG_RSA_SHA224: 12139 sha2( message_str, msg_len, hash_result, 1 ); 12140 break; 12141 case SIG_RSA_SHA256: 12142 sha2( message_str, msg_len, hash_result, 0 ); 12143 break; 12144 #endif 12145 #ifdef POLARSSL_SHA4_C 12146 case SIG_RSA_SHA384: 12147 sha4( message_str, msg_len, hash_result, 1 ); 12148 break; 12149 case SIG_RSA_SHA512: 12150 sha4( message_str, msg_len, hash_result, 0 ); 12151 break; 12152 #endif 12153 } 12154 12155 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 12156 if( 0 == 0 ) 12157 { 12158 hexify( output_str, output, ctx.len); 12159 12160 fct_chk( strcasecmp( (char *) output_str, "07eb651d75f1b52bc263b2e198336e99fbebc4f332049a922a10815607ee2d989db3a4495b7dccd38f58a211fb7e193171a3d891132437ebca44f318b280509e52b5fa98fcce8205d9697c8ee4b7ff59d4c59c79038a1970bd2a0d451ecdc5ef11d9979c9d35f8c70a6163717607890d586a7c6dc01c79f86a8f28e85235f8c2f1" ) == 0 ); 12161 } 12162 12163 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 12164 } 12165 FCT_TEST_END(); 12166 12167 12168 FCT_TEST_BGN(rsassa_pss_signature_example_7_5_verify) 12169 { 12170 unsigned char message_str[1000]; 12171 unsigned char hash_result[1000]; 12172 unsigned char result_str[1000]; 12173 rsa_context ctx; 12174 size_t msg_len; 12175 12176 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 12177 memset( message_str, 0x00, 1000 ); 12178 memset( hash_result, 0x00, 1000 ); 12179 memset( result_str, 0x00, 1000 ); 12180 12181 ctx.len = 1030 / 8 + ( ( 1030 % 8 ) ? 1 : 0 ); 12182 fct_chk( mpi_read_string( &ctx.N, 16, "37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3" ) == 0 ); 12183 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 12184 12185 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 12186 12187 msg_len = unhexify( message_str, "45013cebafd960b255476a8e2598b9aa32efbe6dc1f34f4a498d8cf5a2b4548d08c55d5f95f7bcc9619163056f2d58b52fa032" ); 12188 unhexify( result_str, "07eb651d75f1b52bc263b2e198336e99fbebc4f332049a922a10815607ee2d989db3a4495b7dccd38f58a211fb7e193171a3d891132437ebca44f318b280509e52b5fa98fcce8205d9697c8ee4b7ff59d4c59c79038a1970bd2a0d451ecdc5ef11d9979c9d35f8c70a6163717607890d586a7c6dc01c79f86a8f28e85235f8c2f1" ); 12189 12190 switch( SIG_RSA_SHA1 ) 12191 { 12192 #ifdef POLARSSL_MD2_C 12193 case SIG_RSA_MD2: 12194 md2( message_str, msg_len, hash_result ); 12195 break; 12196 #endif 12197 #ifdef POLARSSL_MD4_C 12198 case SIG_RSA_MD4: 12199 md4( message_str, msg_len, hash_result ); 12200 break; 12201 #endif 12202 #ifdef POLARSSL_MD5_C 12203 case SIG_RSA_MD5: 12204 md5( message_str, msg_len, hash_result ); 12205 break; 12206 #endif 12207 #ifdef POLARSSL_SHA1_C 12208 case SIG_RSA_SHA1: 12209 sha1( message_str, msg_len, hash_result ); 12210 break; 12211 #endif 12212 #ifdef POLARSSL_SHA2_C 12213 case SIG_RSA_SHA224: 12214 sha2( message_str, msg_len, hash_result, 1 ); 12215 break; 12216 case SIG_RSA_SHA256: 12217 sha2( message_str, msg_len, hash_result, 0 ); 12218 break; 12219 #endif 12220 #ifdef POLARSSL_SHA4_C 12221 case SIG_RSA_SHA384: 12222 sha4( message_str, msg_len, hash_result, 1 ); 12223 break; 12224 case SIG_RSA_SHA512: 12225 sha4( message_str, msg_len, hash_result, 0 ); 12226 break; 12227 #endif 12228 } 12229 12230 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 12231 } 12232 FCT_TEST_END(); 12233 12234 12235 FCT_TEST_BGN(rsassa_pss_signature_example_7_6) 12236 { 12237 unsigned char message_str[1000]; 12238 unsigned char hash_result[1000]; 12239 unsigned char output[1000]; 12240 unsigned char output_str[1000]; 12241 unsigned char rnd_buf[1000]; 12242 rsa_context ctx; 12243 mpi P1, Q1, H, G; 12244 size_t msg_len; 12245 rnd_buf_info info; 12246 12247 info.length = unhexify( rnd_buf, "3f2efc595880a7d47fcf3cba04983ea54c4b73fb" ); 12248 info.buf = rnd_buf; 12249 12250 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 12251 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 12252 12253 memset( message_str, 0x00, 1000 ); 12254 memset( hash_result, 0x00, 1000 ); 12255 memset( output, 0x00, 1000 ); 12256 memset( output_str, 0x00, 1000 ); 12257 12258 ctx.len = 1030 / 8 + ( ( 1030 % 8 ) ? 1 : 0 ); 12259 fct_chk( mpi_read_string( &ctx.P, 16, "07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535" ) == 0 ); 12260 fct_chk( mpi_read_string( &ctx.Q, 16, "070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547" ) == 0 ); 12261 fct_chk( mpi_read_string( &ctx.N, 16, "37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3" ) == 0 ); 12262 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 12263 12264 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 12265 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 12266 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 12267 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 12268 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 12269 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 12270 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 12271 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 12272 12273 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 12274 12275 msg_len = unhexify( message_str, "2358097086c899323e75d9c90d0c09f12d9d54edfbdf70a9c2eb5a04d8f36b9b2bdf2aabe0a5bda1968937f9d6ebd3b6b257efb3136d4131f9acb59b85e2602c2a3fcdc835494a1f4e5ec18b226c80232b36a75a45fdf09a7ea9e98efbde1450d1194bf12e15a4c5f9eb5c0bce5269e0c3b28cfab655d81a61a20b4be2f54459bb25a0db94c52218be109a7426de83014424789aaa90e5056e632a698115e282c1a56410f26c2072f193481a9dcd880572005e64f4082ecf" ); 12276 12277 switch( SIG_RSA_SHA1 ) 12278 { 12279 #ifdef POLARSSL_MD2_C 12280 case SIG_RSA_MD2: 12281 md2( message_str, msg_len, hash_result ); 12282 break; 12283 #endif 12284 #ifdef POLARSSL_MD4_C 12285 case SIG_RSA_MD4: 12286 md4( message_str, msg_len, hash_result ); 12287 break; 12288 #endif 12289 #ifdef POLARSSL_MD5_C 12290 case SIG_RSA_MD5: 12291 md5( message_str, msg_len, hash_result ); 12292 break; 12293 #endif 12294 #ifdef POLARSSL_SHA1_C 12295 case SIG_RSA_SHA1: 12296 sha1( message_str, msg_len, hash_result ); 12297 break; 12298 #endif 12299 #ifdef POLARSSL_SHA2_C 12300 case SIG_RSA_SHA224: 12301 sha2( message_str, msg_len, hash_result, 1 ); 12302 break; 12303 case SIG_RSA_SHA256: 12304 sha2( message_str, msg_len, hash_result, 0 ); 12305 break; 12306 #endif 12307 #ifdef POLARSSL_SHA4_C 12308 case SIG_RSA_SHA384: 12309 sha4( message_str, msg_len, hash_result, 1 ); 12310 break; 12311 case SIG_RSA_SHA512: 12312 sha4( message_str, msg_len, hash_result, 0 ); 12313 break; 12314 #endif 12315 } 12316 12317 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 12318 if( 0 == 0 ) 12319 { 12320 hexify( output_str, output, ctx.len); 12321 12322 fct_chk( strcasecmp( (char *) output_str, "18da3cdcfe79bfb77fd9c32f377ad399146f0a8e810620233271a6e3ed3248903f5cdc92dc79b55d3e11615aa056a795853792a3998c349ca5c457e8ca7d29d796aa24f83491709befcfb1510ea513c92829a3f00b104f655634f320752e130ec0ccf6754ff893db302932bb025eb60e87822598fc619e0e981737a9a4c4152d33" ) == 0 ); 12323 } 12324 12325 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 12326 } 12327 FCT_TEST_END(); 12328 12329 12330 FCT_TEST_BGN(rsassa_pss_signature_example_7_6_verify) 12331 { 12332 unsigned char message_str[1000]; 12333 unsigned char hash_result[1000]; 12334 unsigned char result_str[1000]; 12335 rsa_context ctx; 12336 size_t msg_len; 12337 12338 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 12339 memset( message_str, 0x00, 1000 ); 12340 memset( hash_result, 0x00, 1000 ); 12341 memset( result_str, 0x00, 1000 ); 12342 12343 ctx.len = 1030 / 8 + ( ( 1030 % 8 ) ? 1 : 0 ); 12344 fct_chk( mpi_read_string( &ctx.N, 16, "37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3" ) == 0 ); 12345 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 12346 12347 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 12348 12349 msg_len = unhexify( message_str, "2358097086c899323e75d9c90d0c09f12d9d54edfbdf70a9c2eb5a04d8f36b9b2bdf2aabe0a5bda1968937f9d6ebd3b6b257efb3136d4131f9acb59b85e2602c2a3fcdc835494a1f4e5ec18b226c80232b36a75a45fdf09a7ea9e98efbde1450d1194bf12e15a4c5f9eb5c0bce5269e0c3b28cfab655d81a61a20b4be2f54459bb25a0db94c52218be109a7426de83014424789aaa90e5056e632a698115e282c1a56410f26c2072f193481a9dcd880572005e64f4082ecf" ); 12350 unhexify( result_str, "18da3cdcfe79bfb77fd9c32f377ad399146f0a8e810620233271a6e3ed3248903f5cdc92dc79b55d3e11615aa056a795853792a3998c349ca5c457e8ca7d29d796aa24f83491709befcfb1510ea513c92829a3f00b104f655634f320752e130ec0ccf6754ff893db302932bb025eb60e87822598fc619e0e981737a9a4c4152d33" ); 12351 12352 switch( SIG_RSA_SHA1 ) 12353 { 12354 #ifdef POLARSSL_MD2_C 12355 case SIG_RSA_MD2: 12356 md2( message_str, msg_len, hash_result ); 12357 break; 12358 #endif 12359 #ifdef POLARSSL_MD4_C 12360 case SIG_RSA_MD4: 12361 md4( message_str, msg_len, hash_result ); 12362 break; 12363 #endif 12364 #ifdef POLARSSL_MD5_C 12365 case SIG_RSA_MD5: 12366 md5( message_str, msg_len, hash_result ); 12367 break; 12368 #endif 12369 #ifdef POLARSSL_SHA1_C 12370 case SIG_RSA_SHA1: 12371 sha1( message_str, msg_len, hash_result ); 12372 break; 12373 #endif 12374 #ifdef POLARSSL_SHA2_C 12375 case SIG_RSA_SHA224: 12376 sha2( message_str, msg_len, hash_result, 1 ); 12377 break; 12378 case SIG_RSA_SHA256: 12379 sha2( message_str, msg_len, hash_result, 0 ); 12380 break; 12381 #endif 12382 #ifdef POLARSSL_SHA4_C 12383 case SIG_RSA_SHA384: 12384 sha4( message_str, msg_len, hash_result, 1 ); 12385 break; 12386 case SIG_RSA_SHA512: 12387 sha4( message_str, msg_len, hash_result, 0 ); 12388 break; 12389 #endif 12390 } 12391 12392 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 12393 } 12394 FCT_TEST_END(); 12395 12396 12397 FCT_TEST_BGN(rsassa_pss_signature_example_8_1) 12398 { 12399 unsigned char message_str[1000]; 12400 unsigned char hash_result[1000]; 12401 unsigned char output[1000]; 12402 unsigned char output_str[1000]; 12403 unsigned char rnd_buf[1000]; 12404 rsa_context ctx; 12405 mpi P1, Q1, H, G; 12406 size_t msg_len; 12407 rnd_buf_info info; 12408 12409 info.length = unhexify( rnd_buf, "1d65491d79c864b373009be6f6f2467bac4c78fa" ); 12410 info.buf = rnd_buf; 12411 12412 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 12413 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 12414 12415 memset( message_str, 0x00, 1000 ); 12416 memset( hash_result, 0x00, 1000 ); 12417 memset( output, 0x00, 1000 ); 12418 memset( output_str, 0x00, 1000 ); 12419 12420 ctx.len = 1031 / 8 + ( ( 1031 % 8 ) ? 1 : 0 ); 12421 fct_chk( mpi_read_string( &ctx.P, 16, "08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb" ) == 0 ); 12422 fct_chk( mpi_read_string( &ctx.Q, 16, "0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d" ) == 0 ); 12423 fct_chk( mpi_read_string( &ctx.N, 16, "495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f" ) == 0 ); 12424 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 12425 12426 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 12427 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 12428 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 12429 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 12430 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 12431 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 12432 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 12433 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 12434 12435 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 12436 12437 msg_len = unhexify( message_str, "81332f4be62948415ea1d899792eeacf6c6e1db1da8be13b5cea41db2fed467092e1ff398914c714259775f595f8547f735692a575e6923af78f22c6997ddb90fb6f72d7bb0dd5744a31decd3dc3685849836ed34aec596304ad11843c4f88489f209735f5fb7fdaf7cec8addc5818168f880acbf490d51005b7a8e84e43e54287977571dd99eea4b161eb2df1f5108f12a4142a83322edb05a75487a3435c9a78ce53ed93bc550857d7a9fb" ); 12438 12439 switch( SIG_RSA_SHA1 ) 12440 { 12441 #ifdef POLARSSL_MD2_C 12442 case SIG_RSA_MD2: 12443 md2( message_str, msg_len, hash_result ); 12444 break; 12445 #endif 12446 #ifdef POLARSSL_MD4_C 12447 case SIG_RSA_MD4: 12448 md4( message_str, msg_len, hash_result ); 12449 break; 12450 #endif 12451 #ifdef POLARSSL_MD5_C 12452 case SIG_RSA_MD5: 12453 md5( message_str, msg_len, hash_result ); 12454 break; 12455 #endif 12456 #ifdef POLARSSL_SHA1_C 12457 case SIG_RSA_SHA1: 12458 sha1( message_str, msg_len, hash_result ); 12459 break; 12460 #endif 12461 #ifdef POLARSSL_SHA2_C 12462 case SIG_RSA_SHA224: 12463 sha2( message_str, msg_len, hash_result, 1 ); 12464 break; 12465 case SIG_RSA_SHA256: 12466 sha2( message_str, msg_len, hash_result, 0 ); 12467 break; 12468 #endif 12469 #ifdef POLARSSL_SHA4_C 12470 case SIG_RSA_SHA384: 12471 sha4( message_str, msg_len, hash_result, 1 ); 12472 break; 12473 case SIG_RSA_SHA512: 12474 sha4( message_str, msg_len, hash_result, 0 ); 12475 break; 12476 #endif 12477 } 12478 12479 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 12480 if( 0 == 0 ) 12481 { 12482 hexify( output_str, output, ctx.len); 12483 12484 fct_chk( strcasecmp( (char *) output_str, "0262ac254bfa77f3c1aca22c5179f8f040422b3c5bafd40a8f21cf0fa5a667ccd5993d42dbafb409c520e25fce2b1ee1e716577f1efa17f3da28052f40f0419b23106d7845aaf01125b698e7a4dfe92d3967bb00c4d0d35ba3552ab9a8b3eef07c7fecdbc5424ac4db1e20cb37d0b2744769940ea907e17fbbca673b20522380c5" ) == 0 ); 12485 } 12486 12487 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 12488 } 12489 FCT_TEST_END(); 12490 12491 12492 FCT_TEST_BGN(rsassa_pss_signature_example_8_1_verify) 12493 { 12494 unsigned char message_str[1000]; 12495 unsigned char hash_result[1000]; 12496 unsigned char result_str[1000]; 12497 rsa_context ctx; 12498 size_t msg_len; 12499 12500 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 12501 memset( message_str, 0x00, 1000 ); 12502 memset( hash_result, 0x00, 1000 ); 12503 memset( result_str, 0x00, 1000 ); 12504 12505 ctx.len = 1031 / 8 + ( ( 1031 % 8 ) ? 1 : 0 ); 12506 fct_chk( mpi_read_string( &ctx.N, 16, "495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f" ) == 0 ); 12507 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 12508 12509 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 12510 12511 msg_len = unhexify( message_str, "81332f4be62948415ea1d899792eeacf6c6e1db1da8be13b5cea41db2fed467092e1ff398914c714259775f595f8547f735692a575e6923af78f22c6997ddb90fb6f72d7bb0dd5744a31decd3dc3685849836ed34aec596304ad11843c4f88489f209735f5fb7fdaf7cec8addc5818168f880acbf490d51005b7a8e84e43e54287977571dd99eea4b161eb2df1f5108f12a4142a83322edb05a75487a3435c9a78ce53ed93bc550857d7a9fb" ); 12512 unhexify( result_str, "0262ac254bfa77f3c1aca22c5179f8f040422b3c5bafd40a8f21cf0fa5a667ccd5993d42dbafb409c520e25fce2b1ee1e716577f1efa17f3da28052f40f0419b23106d7845aaf01125b698e7a4dfe92d3967bb00c4d0d35ba3552ab9a8b3eef07c7fecdbc5424ac4db1e20cb37d0b2744769940ea907e17fbbca673b20522380c5" ); 12513 12514 switch( SIG_RSA_SHA1 ) 12515 { 12516 #ifdef POLARSSL_MD2_C 12517 case SIG_RSA_MD2: 12518 md2( message_str, msg_len, hash_result ); 12519 break; 12520 #endif 12521 #ifdef POLARSSL_MD4_C 12522 case SIG_RSA_MD4: 12523 md4( message_str, msg_len, hash_result ); 12524 break; 12525 #endif 12526 #ifdef POLARSSL_MD5_C 12527 case SIG_RSA_MD5: 12528 md5( message_str, msg_len, hash_result ); 12529 break; 12530 #endif 12531 #ifdef POLARSSL_SHA1_C 12532 case SIG_RSA_SHA1: 12533 sha1( message_str, msg_len, hash_result ); 12534 break; 12535 #endif 12536 #ifdef POLARSSL_SHA2_C 12537 case SIG_RSA_SHA224: 12538 sha2( message_str, msg_len, hash_result, 1 ); 12539 break; 12540 case SIG_RSA_SHA256: 12541 sha2( message_str, msg_len, hash_result, 0 ); 12542 break; 12543 #endif 12544 #ifdef POLARSSL_SHA4_C 12545 case SIG_RSA_SHA384: 12546 sha4( message_str, msg_len, hash_result, 1 ); 12547 break; 12548 case SIG_RSA_SHA512: 12549 sha4( message_str, msg_len, hash_result, 0 ); 12550 break; 12551 #endif 12552 } 12553 12554 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 12555 } 12556 FCT_TEST_END(); 12557 12558 12559 FCT_TEST_BGN(rsassa_pss_signature_example_8_2) 12560 { 12561 unsigned char message_str[1000]; 12562 unsigned char hash_result[1000]; 12563 unsigned char output[1000]; 12564 unsigned char output_str[1000]; 12565 unsigned char rnd_buf[1000]; 12566 rsa_context ctx; 12567 mpi P1, Q1, H, G; 12568 size_t msg_len; 12569 rnd_buf_info info; 12570 12571 info.length = unhexify( rnd_buf, "435c098aa9909eb2377f1248b091b68987ff1838" ); 12572 info.buf = rnd_buf; 12573 12574 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 12575 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 12576 12577 memset( message_str, 0x00, 1000 ); 12578 memset( hash_result, 0x00, 1000 ); 12579 memset( output, 0x00, 1000 ); 12580 memset( output_str, 0x00, 1000 ); 12581 12582 ctx.len = 1031 / 8 + ( ( 1031 % 8 ) ? 1 : 0 ); 12583 fct_chk( mpi_read_string( &ctx.P, 16, "08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb" ) == 0 ); 12584 fct_chk( mpi_read_string( &ctx.Q, 16, "0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d" ) == 0 ); 12585 fct_chk( mpi_read_string( &ctx.N, 16, "495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f" ) == 0 ); 12586 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 12587 12588 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 12589 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 12590 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 12591 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 12592 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 12593 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 12594 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 12595 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 12596 12597 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 12598 12599 msg_len = unhexify( message_str, "e2f96eaf0e05e7ba326ecca0ba7fd2f7c02356f3cede9d0faabf4fcc8e60a973e5595fd9ea08" ); 12600 12601 switch( SIG_RSA_SHA1 ) 12602 { 12603 #ifdef POLARSSL_MD2_C 12604 case SIG_RSA_MD2: 12605 md2( message_str, msg_len, hash_result ); 12606 break; 12607 #endif 12608 #ifdef POLARSSL_MD4_C 12609 case SIG_RSA_MD4: 12610 md4( message_str, msg_len, hash_result ); 12611 break; 12612 #endif 12613 #ifdef POLARSSL_MD5_C 12614 case SIG_RSA_MD5: 12615 md5( message_str, msg_len, hash_result ); 12616 break; 12617 #endif 12618 #ifdef POLARSSL_SHA1_C 12619 case SIG_RSA_SHA1: 12620 sha1( message_str, msg_len, hash_result ); 12621 break; 12622 #endif 12623 #ifdef POLARSSL_SHA2_C 12624 case SIG_RSA_SHA224: 12625 sha2( message_str, msg_len, hash_result, 1 ); 12626 break; 12627 case SIG_RSA_SHA256: 12628 sha2( message_str, msg_len, hash_result, 0 ); 12629 break; 12630 #endif 12631 #ifdef POLARSSL_SHA4_C 12632 case SIG_RSA_SHA384: 12633 sha4( message_str, msg_len, hash_result, 1 ); 12634 break; 12635 case SIG_RSA_SHA512: 12636 sha4( message_str, msg_len, hash_result, 0 ); 12637 break; 12638 #endif 12639 } 12640 12641 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 12642 if( 0 == 0 ) 12643 { 12644 hexify( output_str, output, ctx.len); 12645 12646 fct_chk( strcasecmp( (char *) output_str, "2707b9ad5115c58c94e932e8ec0a280f56339e44a1b58d4ddcff2f312e5f34dcfe39e89c6a94dcee86dbbdae5b79ba4e0819a9e7bfd9d982e7ee6c86ee68396e8b3a14c9c8f34b178eb741f9d3f121109bf5c8172fada2e768f9ea1433032c004a8aa07eb990000a48dc94c8bac8aabe2b09b1aa46c0a2aa0e12f63fbba775ba7e" ) == 0 ); 12647 } 12648 12649 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 12650 } 12651 FCT_TEST_END(); 12652 12653 12654 FCT_TEST_BGN(rsassa_pss_signature_example_8_2_verify) 12655 { 12656 unsigned char message_str[1000]; 12657 unsigned char hash_result[1000]; 12658 unsigned char result_str[1000]; 12659 rsa_context ctx; 12660 size_t msg_len; 12661 12662 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 12663 memset( message_str, 0x00, 1000 ); 12664 memset( hash_result, 0x00, 1000 ); 12665 memset( result_str, 0x00, 1000 ); 12666 12667 ctx.len = 1031 / 8 + ( ( 1031 % 8 ) ? 1 : 0 ); 12668 fct_chk( mpi_read_string( &ctx.N, 16, "495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f" ) == 0 ); 12669 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 12670 12671 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 12672 12673 msg_len = unhexify( message_str, "e2f96eaf0e05e7ba326ecca0ba7fd2f7c02356f3cede9d0faabf4fcc8e60a973e5595fd9ea08" ); 12674 unhexify( result_str, "2707b9ad5115c58c94e932e8ec0a280f56339e44a1b58d4ddcff2f312e5f34dcfe39e89c6a94dcee86dbbdae5b79ba4e0819a9e7bfd9d982e7ee6c86ee68396e8b3a14c9c8f34b178eb741f9d3f121109bf5c8172fada2e768f9ea1433032c004a8aa07eb990000a48dc94c8bac8aabe2b09b1aa46c0a2aa0e12f63fbba775ba7e" ); 12675 12676 switch( SIG_RSA_SHA1 ) 12677 { 12678 #ifdef POLARSSL_MD2_C 12679 case SIG_RSA_MD2: 12680 md2( message_str, msg_len, hash_result ); 12681 break; 12682 #endif 12683 #ifdef POLARSSL_MD4_C 12684 case SIG_RSA_MD4: 12685 md4( message_str, msg_len, hash_result ); 12686 break; 12687 #endif 12688 #ifdef POLARSSL_MD5_C 12689 case SIG_RSA_MD5: 12690 md5( message_str, msg_len, hash_result ); 12691 break; 12692 #endif 12693 #ifdef POLARSSL_SHA1_C 12694 case SIG_RSA_SHA1: 12695 sha1( message_str, msg_len, hash_result ); 12696 break; 12697 #endif 12698 #ifdef POLARSSL_SHA2_C 12699 case SIG_RSA_SHA224: 12700 sha2( message_str, msg_len, hash_result, 1 ); 12701 break; 12702 case SIG_RSA_SHA256: 12703 sha2( message_str, msg_len, hash_result, 0 ); 12704 break; 12705 #endif 12706 #ifdef POLARSSL_SHA4_C 12707 case SIG_RSA_SHA384: 12708 sha4( message_str, msg_len, hash_result, 1 ); 12709 break; 12710 case SIG_RSA_SHA512: 12711 sha4( message_str, msg_len, hash_result, 0 ); 12712 break; 12713 #endif 12714 } 12715 12716 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 12717 } 12718 FCT_TEST_END(); 12719 12720 12721 FCT_TEST_BGN(rsassa_pss_signature_example_8_3) 12722 { 12723 unsigned char message_str[1000]; 12724 unsigned char hash_result[1000]; 12725 unsigned char output[1000]; 12726 unsigned char output_str[1000]; 12727 unsigned char rnd_buf[1000]; 12728 rsa_context ctx; 12729 mpi P1, Q1, H, G; 12730 size_t msg_len; 12731 rnd_buf_info info; 12732 12733 info.length = unhexify( rnd_buf, "c6ebbe76df0c4aea32c474175b2f136862d04529" ); 12734 info.buf = rnd_buf; 12735 12736 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 12737 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 12738 12739 memset( message_str, 0x00, 1000 ); 12740 memset( hash_result, 0x00, 1000 ); 12741 memset( output, 0x00, 1000 ); 12742 memset( output_str, 0x00, 1000 ); 12743 12744 ctx.len = 1031 / 8 + ( ( 1031 % 8 ) ? 1 : 0 ); 12745 fct_chk( mpi_read_string( &ctx.P, 16, "08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb" ) == 0 ); 12746 fct_chk( mpi_read_string( &ctx.Q, 16, "0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d" ) == 0 ); 12747 fct_chk( mpi_read_string( &ctx.N, 16, "495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f" ) == 0 ); 12748 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 12749 12750 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 12751 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 12752 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 12753 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 12754 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 12755 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 12756 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 12757 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 12758 12759 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 12760 12761 msg_len = unhexify( message_str, "e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7" ); 12762 12763 switch( SIG_RSA_SHA1 ) 12764 { 12765 #ifdef POLARSSL_MD2_C 12766 case SIG_RSA_MD2: 12767 md2( message_str, msg_len, hash_result ); 12768 break; 12769 #endif 12770 #ifdef POLARSSL_MD4_C 12771 case SIG_RSA_MD4: 12772 md4( message_str, msg_len, hash_result ); 12773 break; 12774 #endif 12775 #ifdef POLARSSL_MD5_C 12776 case SIG_RSA_MD5: 12777 md5( message_str, msg_len, hash_result ); 12778 break; 12779 #endif 12780 #ifdef POLARSSL_SHA1_C 12781 case SIG_RSA_SHA1: 12782 sha1( message_str, msg_len, hash_result ); 12783 break; 12784 #endif 12785 #ifdef POLARSSL_SHA2_C 12786 case SIG_RSA_SHA224: 12787 sha2( message_str, msg_len, hash_result, 1 ); 12788 break; 12789 case SIG_RSA_SHA256: 12790 sha2( message_str, msg_len, hash_result, 0 ); 12791 break; 12792 #endif 12793 #ifdef POLARSSL_SHA4_C 12794 case SIG_RSA_SHA384: 12795 sha4( message_str, msg_len, hash_result, 1 ); 12796 break; 12797 case SIG_RSA_SHA512: 12798 sha4( message_str, msg_len, hash_result, 0 ); 12799 break; 12800 #endif 12801 } 12802 12803 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 12804 if( 0 == 0 ) 12805 { 12806 hexify( output_str, output, ctx.len); 12807 12808 fct_chk( strcasecmp( (char *) output_str, "2ad20509d78cf26d1b6c406146086e4b0c91a91c2bd164c87b966b8faa42aa0ca446022323ba4b1a1b89706d7f4c3be57d7b69702d168ab5955ee290356b8c4a29ed467d547ec23cbadf286ccb5863c6679da467fc9324a151c7ec55aac6db4084f82726825cfe1aa421bc64049fb42f23148f9c25b2dc300437c38d428aa75f96" ) == 0 ); 12809 } 12810 12811 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 12812 } 12813 FCT_TEST_END(); 12814 12815 12816 FCT_TEST_BGN(rsassa_pss_signature_example_8_3_verify) 12817 { 12818 unsigned char message_str[1000]; 12819 unsigned char hash_result[1000]; 12820 unsigned char result_str[1000]; 12821 rsa_context ctx; 12822 size_t msg_len; 12823 12824 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 12825 memset( message_str, 0x00, 1000 ); 12826 memset( hash_result, 0x00, 1000 ); 12827 memset( result_str, 0x00, 1000 ); 12828 12829 ctx.len = 1031 / 8 + ( ( 1031 % 8 ) ? 1 : 0 ); 12830 fct_chk( mpi_read_string( &ctx.N, 16, "495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f" ) == 0 ); 12831 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 12832 12833 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 12834 12835 msg_len = unhexify( message_str, "e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7" ); 12836 unhexify( result_str, "2ad20509d78cf26d1b6c406146086e4b0c91a91c2bd164c87b966b8faa42aa0ca446022323ba4b1a1b89706d7f4c3be57d7b69702d168ab5955ee290356b8c4a29ed467d547ec23cbadf286ccb5863c6679da467fc9324a151c7ec55aac6db4084f82726825cfe1aa421bc64049fb42f23148f9c25b2dc300437c38d428aa75f96" ); 12837 12838 switch( SIG_RSA_SHA1 ) 12839 { 12840 #ifdef POLARSSL_MD2_C 12841 case SIG_RSA_MD2: 12842 md2( message_str, msg_len, hash_result ); 12843 break; 12844 #endif 12845 #ifdef POLARSSL_MD4_C 12846 case SIG_RSA_MD4: 12847 md4( message_str, msg_len, hash_result ); 12848 break; 12849 #endif 12850 #ifdef POLARSSL_MD5_C 12851 case SIG_RSA_MD5: 12852 md5( message_str, msg_len, hash_result ); 12853 break; 12854 #endif 12855 #ifdef POLARSSL_SHA1_C 12856 case SIG_RSA_SHA1: 12857 sha1( message_str, msg_len, hash_result ); 12858 break; 12859 #endif 12860 #ifdef POLARSSL_SHA2_C 12861 case SIG_RSA_SHA224: 12862 sha2( message_str, msg_len, hash_result, 1 ); 12863 break; 12864 case SIG_RSA_SHA256: 12865 sha2( message_str, msg_len, hash_result, 0 ); 12866 break; 12867 #endif 12868 #ifdef POLARSSL_SHA4_C 12869 case SIG_RSA_SHA384: 12870 sha4( message_str, msg_len, hash_result, 1 ); 12871 break; 12872 case SIG_RSA_SHA512: 12873 sha4( message_str, msg_len, hash_result, 0 ); 12874 break; 12875 #endif 12876 } 12877 12878 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 12879 } 12880 FCT_TEST_END(); 12881 12882 12883 FCT_TEST_BGN(rsassa_pss_signature_example_8_4) 12884 { 12885 unsigned char message_str[1000]; 12886 unsigned char hash_result[1000]; 12887 unsigned char output[1000]; 12888 unsigned char output_str[1000]; 12889 unsigned char rnd_buf[1000]; 12890 rsa_context ctx; 12891 mpi P1, Q1, H, G; 12892 size_t msg_len; 12893 rnd_buf_info info; 12894 12895 info.length = unhexify( rnd_buf, "021fdcc6ebb5e19b1cb16e9c67f27681657fe20a" ); 12896 info.buf = rnd_buf; 12897 12898 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 12899 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 12900 12901 memset( message_str, 0x00, 1000 ); 12902 memset( hash_result, 0x00, 1000 ); 12903 memset( output, 0x00, 1000 ); 12904 memset( output_str, 0x00, 1000 ); 12905 12906 ctx.len = 1031 / 8 + ( ( 1031 % 8 ) ? 1 : 0 ); 12907 fct_chk( mpi_read_string( &ctx.P, 16, "08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb" ) == 0 ); 12908 fct_chk( mpi_read_string( &ctx.Q, 16, "0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d" ) == 0 ); 12909 fct_chk( mpi_read_string( &ctx.N, 16, "495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f" ) == 0 ); 12910 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 12911 12912 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 12913 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 12914 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 12915 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 12916 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 12917 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 12918 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 12919 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 12920 12921 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 12922 12923 msg_len = unhexify( message_str, "dbc5f750a7a14be2b93e838d18d14a8695e52e8add9c0ac733b8f56d2747e529a0cca532dd49b902aefed514447f9e81d16195c2853868cb9b30f7d0d495c69d01b5c5d50b27045db3866c2324a44a110b1717746de457d1c8c45c3cd2a92970c3d59632055d4c98a41d6e99e2a3ddd5f7f9979ab3cd18f37505d25141de2a1bff17b3a7dce9419ecc385cf11d72840f19953fd0509251f6cafde2893d0e75c781ba7a5012ca401a4fa99e04b3c3249f926d5afe82cc87dab22c3c1b105de48e34ace9c9124e59597ac7ebf8" ); 12924 12925 switch( SIG_RSA_SHA1 ) 12926 { 12927 #ifdef POLARSSL_MD2_C 12928 case SIG_RSA_MD2: 12929 md2( message_str, msg_len, hash_result ); 12930 break; 12931 #endif 12932 #ifdef POLARSSL_MD4_C 12933 case SIG_RSA_MD4: 12934 md4( message_str, msg_len, hash_result ); 12935 break; 12936 #endif 12937 #ifdef POLARSSL_MD5_C 12938 case SIG_RSA_MD5: 12939 md5( message_str, msg_len, hash_result ); 12940 break; 12941 #endif 12942 #ifdef POLARSSL_SHA1_C 12943 case SIG_RSA_SHA1: 12944 sha1( message_str, msg_len, hash_result ); 12945 break; 12946 #endif 12947 #ifdef POLARSSL_SHA2_C 12948 case SIG_RSA_SHA224: 12949 sha2( message_str, msg_len, hash_result, 1 ); 12950 break; 12951 case SIG_RSA_SHA256: 12952 sha2( message_str, msg_len, hash_result, 0 ); 12953 break; 12954 #endif 12955 #ifdef POLARSSL_SHA4_C 12956 case SIG_RSA_SHA384: 12957 sha4( message_str, msg_len, hash_result, 1 ); 12958 break; 12959 case SIG_RSA_SHA512: 12960 sha4( message_str, msg_len, hash_result, 0 ); 12961 break; 12962 #endif 12963 } 12964 12965 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 12966 if( 0 == 0 ) 12967 { 12968 hexify( output_str, output, ctx.len); 12969 12970 fct_chk( strcasecmp( (char *) output_str, "1e24e6e58628e5175044a9eb6d837d48af1260b0520e87327de7897ee4d5b9f0df0be3e09ed4dea8c1454ff3423bb08e1793245a9df8bf6ab3968c8eddc3b5328571c77f091cc578576912dfebd164b9de5454fe0be1c1f6385b328360ce67ec7a05f6e30eb45c17c48ac70041d2cab67f0a2ae7aafdcc8d245ea3442a6300ccc7" ) == 0 ); 12971 } 12972 12973 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 12974 } 12975 FCT_TEST_END(); 12976 12977 12978 FCT_TEST_BGN(rsassa_pss_signature_example_8_4_verify) 12979 { 12980 unsigned char message_str[1000]; 12981 unsigned char hash_result[1000]; 12982 unsigned char result_str[1000]; 12983 rsa_context ctx; 12984 size_t msg_len; 12985 12986 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 12987 memset( message_str, 0x00, 1000 ); 12988 memset( hash_result, 0x00, 1000 ); 12989 memset( result_str, 0x00, 1000 ); 12990 12991 ctx.len = 1031 / 8 + ( ( 1031 % 8 ) ? 1 : 0 ); 12992 fct_chk( mpi_read_string( &ctx.N, 16, "495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f" ) == 0 ); 12993 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 12994 12995 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 12996 12997 msg_len = unhexify( message_str, "dbc5f750a7a14be2b93e838d18d14a8695e52e8add9c0ac733b8f56d2747e529a0cca532dd49b902aefed514447f9e81d16195c2853868cb9b30f7d0d495c69d01b5c5d50b27045db3866c2324a44a110b1717746de457d1c8c45c3cd2a92970c3d59632055d4c98a41d6e99e2a3ddd5f7f9979ab3cd18f37505d25141de2a1bff17b3a7dce9419ecc385cf11d72840f19953fd0509251f6cafde2893d0e75c781ba7a5012ca401a4fa99e04b3c3249f926d5afe82cc87dab22c3c1b105de48e34ace9c9124e59597ac7ebf8" ); 12998 unhexify( result_str, "1e24e6e58628e5175044a9eb6d837d48af1260b0520e87327de7897ee4d5b9f0df0be3e09ed4dea8c1454ff3423bb08e1793245a9df8bf6ab3968c8eddc3b5328571c77f091cc578576912dfebd164b9de5454fe0be1c1f6385b328360ce67ec7a05f6e30eb45c17c48ac70041d2cab67f0a2ae7aafdcc8d245ea3442a6300ccc7" ); 12999 13000 switch( SIG_RSA_SHA1 ) 13001 { 13002 #ifdef POLARSSL_MD2_C 13003 case SIG_RSA_MD2: 13004 md2( message_str, msg_len, hash_result ); 13005 break; 13006 #endif 13007 #ifdef POLARSSL_MD4_C 13008 case SIG_RSA_MD4: 13009 md4( message_str, msg_len, hash_result ); 13010 break; 13011 #endif 13012 #ifdef POLARSSL_MD5_C 13013 case SIG_RSA_MD5: 13014 md5( message_str, msg_len, hash_result ); 13015 break; 13016 #endif 13017 #ifdef POLARSSL_SHA1_C 13018 case SIG_RSA_SHA1: 13019 sha1( message_str, msg_len, hash_result ); 13020 break; 13021 #endif 13022 #ifdef POLARSSL_SHA2_C 13023 case SIG_RSA_SHA224: 13024 sha2( message_str, msg_len, hash_result, 1 ); 13025 break; 13026 case SIG_RSA_SHA256: 13027 sha2( message_str, msg_len, hash_result, 0 ); 13028 break; 13029 #endif 13030 #ifdef POLARSSL_SHA4_C 13031 case SIG_RSA_SHA384: 13032 sha4( message_str, msg_len, hash_result, 1 ); 13033 break; 13034 case SIG_RSA_SHA512: 13035 sha4( message_str, msg_len, hash_result, 0 ); 13036 break; 13037 #endif 13038 } 13039 13040 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 13041 } 13042 FCT_TEST_END(); 13043 13044 13045 FCT_TEST_BGN(rsassa_pss_signature_example_8_5) 13046 { 13047 unsigned char message_str[1000]; 13048 unsigned char hash_result[1000]; 13049 unsigned char output[1000]; 13050 unsigned char output_str[1000]; 13051 unsigned char rnd_buf[1000]; 13052 rsa_context ctx; 13053 mpi P1, Q1, H, G; 13054 size_t msg_len; 13055 rnd_buf_info info; 13056 13057 info.length = unhexify( rnd_buf, "c558d7167cbb4508ada042971e71b1377eea4269" ); 13058 info.buf = rnd_buf; 13059 13060 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 13061 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 13062 13063 memset( message_str, 0x00, 1000 ); 13064 memset( hash_result, 0x00, 1000 ); 13065 memset( output, 0x00, 1000 ); 13066 memset( output_str, 0x00, 1000 ); 13067 13068 ctx.len = 1031 / 8 + ( ( 1031 % 8 ) ? 1 : 0 ); 13069 fct_chk( mpi_read_string( &ctx.P, 16, "08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb" ) == 0 ); 13070 fct_chk( mpi_read_string( &ctx.Q, 16, "0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d" ) == 0 ); 13071 fct_chk( mpi_read_string( &ctx.N, 16, "495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f" ) == 0 ); 13072 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 13073 13074 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 13075 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 13076 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 13077 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 13078 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 13079 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 13080 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 13081 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 13082 13083 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 13084 13085 msg_len = unhexify( message_str, "04dc251be72e88e5723485b6383a637e2fefe07660c519a560b8bc18bdedb86eae2364ea53ba9dca6eb3d2e7d6b806af42b3e87f291b4a8881d5bf572cc9a85e19c86acb28f098f9da0383c566d3c0f58cfd8f395dcf602e5cd40e8c7183f714996e2297ef" ); 13086 13087 switch( SIG_RSA_SHA1 ) 13088 { 13089 #ifdef POLARSSL_MD2_C 13090 case SIG_RSA_MD2: 13091 md2( message_str, msg_len, hash_result ); 13092 break; 13093 #endif 13094 #ifdef POLARSSL_MD4_C 13095 case SIG_RSA_MD4: 13096 md4( message_str, msg_len, hash_result ); 13097 break; 13098 #endif 13099 #ifdef POLARSSL_MD5_C 13100 case SIG_RSA_MD5: 13101 md5( message_str, msg_len, hash_result ); 13102 break; 13103 #endif 13104 #ifdef POLARSSL_SHA1_C 13105 case SIG_RSA_SHA1: 13106 sha1( message_str, msg_len, hash_result ); 13107 break; 13108 #endif 13109 #ifdef POLARSSL_SHA2_C 13110 case SIG_RSA_SHA224: 13111 sha2( message_str, msg_len, hash_result, 1 ); 13112 break; 13113 case SIG_RSA_SHA256: 13114 sha2( message_str, msg_len, hash_result, 0 ); 13115 break; 13116 #endif 13117 #ifdef POLARSSL_SHA4_C 13118 case SIG_RSA_SHA384: 13119 sha4( message_str, msg_len, hash_result, 1 ); 13120 break; 13121 case SIG_RSA_SHA512: 13122 sha4( message_str, msg_len, hash_result, 0 ); 13123 break; 13124 #endif 13125 } 13126 13127 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 13128 if( 0 == 0 ) 13129 { 13130 hexify( output_str, output, ctx.len); 13131 13132 fct_chk( strcasecmp( (char *) output_str, "33341ba3576a130a50e2a5cf8679224388d5693f5accc235ac95add68e5eb1eec31666d0ca7a1cda6f70a1aa762c05752a51950cdb8af3c5379f18cfe6b5bc55a4648226a15e912ef19ad77adeea911d67cfefd69ba43fa4119135ff642117ba985a7e0100325e9519f1ca6a9216bda055b5785015291125e90dcd07a2ca9673ee" ) == 0 ); 13133 } 13134 13135 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 13136 } 13137 FCT_TEST_END(); 13138 13139 13140 FCT_TEST_BGN(rsassa_pss_signature_example_8_5_verify) 13141 { 13142 unsigned char message_str[1000]; 13143 unsigned char hash_result[1000]; 13144 unsigned char result_str[1000]; 13145 rsa_context ctx; 13146 size_t msg_len; 13147 13148 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 13149 memset( message_str, 0x00, 1000 ); 13150 memset( hash_result, 0x00, 1000 ); 13151 memset( result_str, 0x00, 1000 ); 13152 13153 ctx.len = 1031 / 8 + ( ( 1031 % 8 ) ? 1 : 0 ); 13154 fct_chk( mpi_read_string( &ctx.N, 16, "495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f" ) == 0 ); 13155 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 13156 13157 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 13158 13159 msg_len = unhexify( message_str, "04dc251be72e88e5723485b6383a637e2fefe07660c519a560b8bc18bdedb86eae2364ea53ba9dca6eb3d2e7d6b806af42b3e87f291b4a8881d5bf572cc9a85e19c86acb28f098f9da0383c566d3c0f58cfd8f395dcf602e5cd40e8c7183f714996e2297ef" ); 13160 unhexify( result_str, "33341ba3576a130a50e2a5cf8679224388d5693f5accc235ac95add68e5eb1eec31666d0ca7a1cda6f70a1aa762c05752a51950cdb8af3c5379f18cfe6b5bc55a4648226a15e912ef19ad77adeea911d67cfefd69ba43fa4119135ff642117ba985a7e0100325e9519f1ca6a9216bda055b5785015291125e90dcd07a2ca9673ee" ); 13161 13162 switch( SIG_RSA_SHA1 ) 13163 { 13164 #ifdef POLARSSL_MD2_C 13165 case SIG_RSA_MD2: 13166 md2( message_str, msg_len, hash_result ); 13167 break; 13168 #endif 13169 #ifdef POLARSSL_MD4_C 13170 case SIG_RSA_MD4: 13171 md4( message_str, msg_len, hash_result ); 13172 break; 13173 #endif 13174 #ifdef POLARSSL_MD5_C 13175 case SIG_RSA_MD5: 13176 md5( message_str, msg_len, hash_result ); 13177 break; 13178 #endif 13179 #ifdef POLARSSL_SHA1_C 13180 case SIG_RSA_SHA1: 13181 sha1( message_str, msg_len, hash_result ); 13182 break; 13183 #endif 13184 #ifdef POLARSSL_SHA2_C 13185 case SIG_RSA_SHA224: 13186 sha2( message_str, msg_len, hash_result, 1 ); 13187 break; 13188 case SIG_RSA_SHA256: 13189 sha2( message_str, msg_len, hash_result, 0 ); 13190 break; 13191 #endif 13192 #ifdef POLARSSL_SHA4_C 13193 case SIG_RSA_SHA384: 13194 sha4( message_str, msg_len, hash_result, 1 ); 13195 break; 13196 case SIG_RSA_SHA512: 13197 sha4( message_str, msg_len, hash_result, 0 ); 13198 break; 13199 #endif 13200 } 13201 13202 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 13203 } 13204 FCT_TEST_END(); 13205 13206 13207 FCT_TEST_BGN(rsassa_pss_signature_example_8_6) 13208 { 13209 unsigned char message_str[1000]; 13210 unsigned char hash_result[1000]; 13211 unsigned char output[1000]; 13212 unsigned char output_str[1000]; 13213 unsigned char rnd_buf[1000]; 13214 rsa_context ctx; 13215 mpi P1, Q1, H, G; 13216 size_t msg_len; 13217 rnd_buf_info info; 13218 13219 info.length = unhexify( rnd_buf, "76fd4e64fdc98eb927a0403e35a084e76ba9f92a" ); 13220 info.buf = rnd_buf; 13221 13222 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 13223 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 13224 13225 memset( message_str, 0x00, 1000 ); 13226 memset( hash_result, 0x00, 1000 ); 13227 memset( output, 0x00, 1000 ); 13228 memset( output_str, 0x00, 1000 ); 13229 13230 ctx.len = 1031 / 8 + ( ( 1031 % 8 ) ? 1 : 0 ); 13231 fct_chk( mpi_read_string( &ctx.P, 16, "08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb" ) == 0 ); 13232 fct_chk( mpi_read_string( &ctx.Q, 16, "0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d" ) == 0 ); 13233 fct_chk( mpi_read_string( &ctx.N, 16, "495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f" ) == 0 ); 13234 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 13235 13236 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 13237 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 13238 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 13239 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 13240 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 13241 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 13242 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 13243 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 13244 13245 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 13246 13247 msg_len = unhexify( message_str, "0ea37df9a6fea4a8b610373c24cf390c20fa6e2135c400c8a34f5c183a7e8ea4c9ae090ed31759f42dc77719cca400ecdcc517acfc7ac6902675b2ef30c509665f3321482fc69a9fb570d15e01c845d0d8e50d2a24cbf1cf0e714975a5db7b18d9e9e9cb91b5cb16869060ed18b7b56245503f0caf90352b8de81cb5a1d9c6336092f0cd" ); 13248 13249 switch( SIG_RSA_SHA1 ) 13250 { 13251 #ifdef POLARSSL_MD2_C 13252 case SIG_RSA_MD2: 13253 md2( message_str, msg_len, hash_result ); 13254 break; 13255 #endif 13256 #ifdef POLARSSL_MD4_C 13257 case SIG_RSA_MD4: 13258 md4( message_str, msg_len, hash_result ); 13259 break; 13260 #endif 13261 #ifdef POLARSSL_MD5_C 13262 case SIG_RSA_MD5: 13263 md5( message_str, msg_len, hash_result ); 13264 break; 13265 #endif 13266 #ifdef POLARSSL_SHA1_C 13267 case SIG_RSA_SHA1: 13268 sha1( message_str, msg_len, hash_result ); 13269 break; 13270 #endif 13271 #ifdef POLARSSL_SHA2_C 13272 case SIG_RSA_SHA224: 13273 sha2( message_str, msg_len, hash_result, 1 ); 13274 break; 13275 case SIG_RSA_SHA256: 13276 sha2( message_str, msg_len, hash_result, 0 ); 13277 break; 13278 #endif 13279 #ifdef POLARSSL_SHA4_C 13280 case SIG_RSA_SHA384: 13281 sha4( message_str, msg_len, hash_result, 1 ); 13282 break; 13283 case SIG_RSA_SHA512: 13284 sha4( message_str, msg_len, hash_result, 0 ); 13285 break; 13286 #endif 13287 } 13288 13289 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 13290 if( 0 == 0 ) 13291 { 13292 hexify( output_str, output, ctx.len); 13293 13294 fct_chk( strcasecmp( (char *) output_str, "1ed1d848fb1edb44129bd9b354795af97a069a7a00d0151048593e0c72c3517ff9ff2a41d0cb5a0ac860d736a199704f7cb6a53986a88bbd8abcc0076a2ce847880031525d449da2ac78356374c536e343faa7cba42a5aaa6506087791c06a8e989335aed19bfab2d5e67e27fb0c2875af896c21b6e8e7309d04e4f6727e69463e" ) == 0 ); 13295 } 13296 13297 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 13298 } 13299 FCT_TEST_END(); 13300 13301 13302 FCT_TEST_BGN(rsassa_pss_signature_example_8_6_verify) 13303 { 13304 unsigned char message_str[1000]; 13305 unsigned char hash_result[1000]; 13306 unsigned char result_str[1000]; 13307 rsa_context ctx; 13308 size_t msg_len; 13309 13310 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 13311 memset( message_str, 0x00, 1000 ); 13312 memset( hash_result, 0x00, 1000 ); 13313 memset( result_str, 0x00, 1000 ); 13314 13315 ctx.len = 1031 / 8 + ( ( 1031 % 8 ) ? 1 : 0 ); 13316 fct_chk( mpi_read_string( &ctx.N, 16, "495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f" ) == 0 ); 13317 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 13318 13319 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 13320 13321 msg_len = unhexify( message_str, "0ea37df9a6fea4a8b610373c24cf390c20fa6e2135c400c8a34f5c183a7e8ea4c9ae090ed31759f42dc77719cca400ecdcc517acfc7ac6902675b2ef30c509665f3321482fc69a9fb570d15e01c845d0d8e50d2a24cbf1cf0e714975a5db7b18d9e9e9cb91b5cb16869060ed18b7b56245503f0caf90352b8de81cb5a1d9c6336092f0cd" ); 13322 unhexify( result_str, "1ed1d848fb1edb44129bd9b354795af97a069a7a00d0151048593e0c72c3517ff9ff2a41d0cb5a0ac860d736a199704f7cb6a53986a88bbd8abcc0076a2ce847880031525d449da2ac78356374c536e343faa7cba42a5aaa6506087791c06a8e989335aed19bfab2d5e67e27fb0c2875af896c21b6e8e7309d04e4f6727e69463e" ); 13323 13324 switch( SIG_RSA_SHA1 ) 13325 { 13326 #ifdef POLARSSL_MD2_C 13327 case SIG_RSA_MD2: 13328 md2( message_str, msg_len, hash_result ); 13329 break; 13330 #endif 13331 #ifdef POLARSSL_MD4_C 13332 case SIG_RSA_MD4: 13333 md4( message_str, msg_len, hash_result ); 13334 break; 13335 #endif 13336 #ifdef POLARSSL_MD5_C 13337 case SIG_RSA_MD5: 13338 md5( message_str, msg_len, hash_result ); 13339 break; 13340 #endif 13341 #ifdef POLARSSL_SHA1_C 13342 case SIG_RSA_SHA1: 13343 sha1( message_str, msg_len, hash_result ); 13344 break; 13345 #endif 13346 #ifdef POLARSSL_SHA2_C 13347 case SIG_RSA_SHA224: 13348 sha2( message_str, msg_len, hash_result, 1 ); 13349 break; 13350 case SIG_RSA_SHA256: 13351 sha2( message_str, msg_len, hash_result, 0 ); 13352 break; 13353 #endif 13354 #ifdef POLARSSL_SHA4_C 13355 case SIG_RSA_SHA384: 13356 sha4( message_str, msg_len, hash_result, 1 ); 13357 break; 13358 case SIG_RSA_SHA512: 13359 sha4( message_str, msg_len, hash_result, 0 ); 13360 break; 13361 #endif 13362 } 13363 13364 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 13365 } 13366 FCT_TEST_END(); 13367 13368 13369 FCT_TEST_BGN(rsassa_pss_signature_example_9_1) 13370 { 13371 unsigned char message_str[1000]; 13372 unsigned char hash_result[1000]; 13373 unsigned char output[1000]; 13374 unsigned char output_str[1000]; 13375 unsigned char rnd_buf[1000]; 13376 rsa_context ctx; 13377 mpi P1, Q1, H, G; 13378 size_t msg_len; 13379 rnd_buf_info info; 13380 13381 info.length = unhexify( rnd_buf, "c0a425313df8d7564bd2434d311523d5257eed80" ); 13382 info.buf = rnd_buf; 13383 13384 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 13385 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 13386 13387 memset( message_str, 0x00, 1000 ); 13388 memset( hash_result, 0x00, 1000 ); 13389 memset( output, 0x00, 1000 ); 13390 memset( output_str, 0x00, 1000 ); 13391 13392 ctx.len = 1536 / 8 + ( ( 1536 % 8 ) ? 1 : 0 ); 13393 fct_chk( mpi_read_string( &ctx.P, 16, "f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367" ) == 0 ); 13394 fct_chk( mpi_read_string( &ctx.Q, 16, "ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d" ) == 0 ); 13395 fct_chk( mpi_read_string( &ctx.N, 16, "e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b" ) == 0 ); 13396 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 13397 13398 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 13399 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 13400 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 13401 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 13402 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 13403 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 13404 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 13405 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 13406 13407 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 13408 13409 msg_len = unhexify( message_str, "a88e265855e9d7ca36c68795f0b31b591cd6587c71d060a0b3f7f3eaef43795922028bc2b6ad467cfc2d7f659c5385aa70ba3672cdde4cfe4970cc7904601b278872bf51321c4a972f3c95570f3445d4f57980e0f20df54846e6a52c668f1288c03f95006ea32f562d40d52af9feb32f0fa06db65b588a237b34e592d55cf979f903a642ef64d2ed542aa8c77dc1dd762f45a59303ed75e541ca271e2b60ca709e44fa0661131e8d5d4163fd8d398566ce26de8730e72f9cca737641c244159420637028df0a18079d6208ea8b4711a2c750f5" ); 13410 13411 switch( SIG_RSA_SHA1 ) 13412 { 13413 #ifdef POLARSSL_MD2_C 13414 case SIG_RSA_MD2: 13415 md2( message_str, msg_len, hash_result ); 13416 break; 13417 #endif 13418 #ifdef POLARSSL_MD4_C 13419 case SIG_RSA_MD4: 13420 md4( message_str, msg_len, hash_result ); 13421 break; 13422 #endif 13423 #ifdef POLARSSL_MD5_C 13424 case SIG_RSA_MD5: 13425 md5( message_str, msg_len, hash_result ); 13426 break; 13427 #endif 13428 #ifdef POLARSSL_SHA1_C 13429 case SIG_RSA_SHA1: 13430 sha1( message_str, msg_len, hash_result ); 13431 break; 13432 #endif 13433 #ifdef POLARSSL_SHA2_C 13434 case SIG_RSA_SHA224: 13435 sha2( message_str, msg_len, hash_result, 1 ); 13436 break; 13437 case SIG_RSA_SHA256: 13438 sha2( message_str, msg_len, hash_result, 0 ); 13439 break; 13440 #endif 13441 #ifdef POLARSSL_SHA4_C 13442 case SIG_RSA_SHA384: 13443 sha4( message_str, msg_len, hash_result, 1 ); 13444 break; 13445 case SIG_RSA_SHA512: 13446 sha4( message_str, msg_len, hash_result, 0 ); 13447 break; 13448 #endif 13449 } 13450 13451 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 13452 if( 0 == 0 ) 13453 { 13454 hexify( output_str, output, ctx.len); 13455 13456 fct_chk( strcasecmp( (char *) output_str, "586107226c3ce013a7c8f04d1a6a2959bb4b8e205ba43a27b50f124111bc35ef589b039f5932187cb696d7d9a32c0c38300a5cdda4834b62d2eb240af33f79d13dfbf095bf599e0d9686948c1964747b67e89c9aba5cd85016236f566cc5802cb13ead51bc7ca6bef3b94dcbdbb1d570469771df0e00b1a8a06777472d2316279edae86474668d4e1efff95f1de61c6020da32ae92bbf16520fef3cf4d88f61121f24bbd9fe91b59caf1235b2a93ff81fc403addf4ebdea84934a9cdaf8e1a9e" ) == 0 ); 13457 } 13458 13459 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 13460 } 13461 FCT_TEST_END(); 13462 13463 13464 FCT_TEST_BGN(rsassa_pss_signature_example_9_1_verify) 13465 { 13466 unsigned char message_str[1000]; 13467 unsigned char hash_result[1000]; 13468 unsigned char result_str[1000]; 13469 rsa_context ctx; 13470 size_t msg_len; 13471 13472 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 13473 memset( message_str, 0x00, 1000 ); 13474 memset( hash_result, 0x00, 1000 ); 13475 memset( result_str, 0x00, 1000 ); 13476 13477 ctx.len = 1536 / 8 + ( ( 1536 % 8 ) ? 1 : 0 ); 13478 fct_chk( mpi_read_string( &ctx.N, 16, "e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b" ) == 0 ); 13479 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 13480 13481 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 13482 13483 msg_len = unhexify( message_str, "a88e265855e9d7ca36c68795f0b31b591cd6587c71d060a0b3f7f3eaef43795922028bc2b6ad467cfc2d7f659c5385aa70ba3672cdde4cfe4970cc7904601b278872bf51321c4a972f3c95570f3445d4f57980e0f20df54846e6a52c668f1288c03f95006ea32f562d40d52af9feb32f0fa06db65b588a237b34e592d55cf979f903a642ef64d2ed542aa8c77dc1dd762f45a59303ed75e541ca271e2b60ca709e44fa0661131e8d5d4163fd8d398566ce26de8730e72f9cca737641c244159420637028df0a18079d6208ea8b4711a2c750f5" ); 13484 unhexify( result_str, "586107226c3ce013a7c8f04d1a6a2959bb4b8e205ba43a27b50f124111bc35ef589b039f5932187cb696d7d9a32c0c38300a5cdda4834b62d2eb240af33f79d13dfbf095bf599e0d9686948c1964747b67e89c9aba5cd85016236f566cc5802cb13ead51bc7ca6bef3b94dcbdbb1d570469771df0e00b1a8a06777472d2316279edae86474668d4e1efff95f1de61c6020da32ae92bbf16520fef3cf4d88f61121f24bbd9fe91b59caf1235b2a93ff81fc403addf4ebdea84934a9cdaf8e1a9e" ); 13485 13486 switch( SIG_RSA_SHA1 ) 13487 { 13488 #ifdef POLARSSL_MD2_C 13489 case SIG_RSA_MD2: 13490 md2( message_str, msg_len, hash_result ); 13491 break; 13492 #endif 13493 #ifdef POLARSSL_MD4_C 13494 case SIG_RSA_MD4: 13495 md4( message_str, msg_len, hash_result ); 13496 break; 13497 #endif 13498 #ifdef POLARSSL_MD5_C 13499 case SIG_RSA_MD5: 13500 md5( message_str, msg_len, hash_result ); 13501 break; 13502 #endif 13503 #ifdef POLARSSL_SHA1_C 13504 case SIG_RSA_SHA1: 13505 sha1( message_str, msg_len, hash_result ); 13506 break; 13507 #endif 13508 #ifdef POLARSSL_SHA2_C 13509 case SIG_RSA_SHA224: 13510 sha2( message_str, msg_len, hash_result, 1 ); 13511 break; 13512 case SIG_RSA_SHA256: 13513 sha2( message_str, msg_len, hash_result, 0 ); 13514 break; 13515 #endif 13516 #ifdef POLARSSL_SHA4_C 13517 case SIG_RSA_SHA384: 13518 sha4( message_str, msg_len, hash_result, 1 ); 13519 break; 13520 case SIG_RSA_SHA512: 13521 sha4( message_str, msg_len, hash_result, 0 ); 13522 break; 13523 #endif 13524 } 13525 13526 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 13527 } 13528 FCT_TEST_END(); 13529 13530 13531 FCT_TEST_BGN(rsassa_pss_signature_example_9_2) 13532 { 13533 unsigned char message_str[1000]; 13534 unsigned char hash_result[1000]; 13535 unsigned char output[1000]; 13536 unsigned char output_str[1000]; 13537 unsigned char rnd_buf[1000]; 13538 rsa_context ctx; 13539 mpi P1, Q1, H, G; 13540 size_t msg_len; 13541 rnd_buf_info info; 13542 13543 info.length = unhexify( rnd_buf, "b307c43b4850a8dac2f15f32e37839ef8c5c0e91" ); 13544 info.buf = rnd_buf; 13545 13546 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 13547 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 13548 13549 memset( message_str, 0x00, 1000 ); 13550 memset( hash_result, 0x00, 1000 ); 13551 memset( output, 0x00, 1000 ); 13552 memset( output_str, 0x00, 1000 ); 13553 13554 ctx.len = 1536 / 8 + ( ( 1536 % 8 ) ? 1 : 0 ); 13555 fct_chk( mpi_read_string( &ctx.P, 16, "f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367" ) == 0 ); 13556 fct_chk( mpi_read_string( &ctx.Q, 16, "ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d" ) == 0 ); 13557 fct_chk( mpi_read_string( &ctx.N, 16, "e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b" ) == 0 ); 13558 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 13559 13560 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 13561 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 13562 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 13563 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 13564 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 13565 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 13566 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 13567 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 13568 13569 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 13570 13571 msg_len = unhexify( message_str, "c8c9c6af04acda414d227ef23e0820c3732c500dc87275e95b0d095413993c2658bc1d988581ba879c2d201f14cb88ced153a01969a7bf0a7be79c84c1486bc12b3fa6c59871b6827c8ce253ca5fefa8a8c690bf326e8e37cdb96d90a82ebab69f86350e1822e8bd536a2e" ); 13572 13573 switch( SIG_RSA_SHA1 ) 13574 { 13575 #ifdef POLARSSL_MD2_C 13576 case SIG_RSA_MD2: 13577 md2( message_str, msg_len, hash_result ); 13578 break; 13579 #endif 13580 #ifdef POLARSSL_MD4_C 13581 case SIG_RSA_MD4: 13582 md4( message_str, msg_len, hash_result ); 13583 break; 13584 #endif 13585 #ifdef POLARSSL_MD5_C 13586 case SIG_RSA_MD5: 13587 md5( message_str, msg_len, hash_result ); 13588 break; 13589 #endif 13590 #ifdef POLARSSL_SHA1_C 13591 case SIG_RSA_SHA1: 13592 sha1( message_str, msg_len, hash_result ); 13593 break; 13594 #endif 13595 #ifdef POLARSSL_SHA2_C 13596 case SIG_RSA_SHA224: 13597 sha2( message_str, msg_len, hash_result, 1 ); 13598 break; 13599 case SIG_RSA_SHA256: 13600 sha2( message_str, msg_len, hash_result, 0 ); 13601 break; 13602 #endif 13603 #ifdef POLARSSL_SHA4_C 13604 case SIG_RSA_SHA384: 13605 sha4( message_str, msg_len, hash_result, 1 ); 13606 break; 13607 case SIG_RSA_SHA512: 13608 sha4( message_str, msg_len, hash_result, 0 ); 13609 break; 13610 #endif 13611 } 13612 13613 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 13614 if( 0 == 0 ) 13615 { 13616 hexify( output_str, output, ctx.len); 13617 13618 fct_chk( strcasecmp( (char *) output_str, "80b6d643255209f0a456763897ac9ed259d459b49c2887e5882ecb4434cfd66dd7e1699375381e51cd7f554f2c271704b399d42b4be2540a0eca61951f55267f7c2878c122842dadb28b01bd5f8c025f7e228418a673c03d6bc0c736d0a29546bd67f786d9d692ccea778d71d98c2063b7a71092187a4d35af108111d83e83eae46c46aa34277e06044589903788f1d5e7cee25fb485e92949118814d6f2c3ee361489016f327fb5bc517eb50470bffa1afa5f4ce9aa0ce5b8ee19bf5501b958" ) == 0 ); 13619 } 13620 13621 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 13622 } 13623 FCT_TEST_END(); 13624 13625 13626 FCT_TEST_BGN(rsassa_pss_signature_example_9_2_verify) 13627 { 13628 unsigned char message_str[1000]; 13629 unsigned char hash_result[1000]; 13630 unsigned char result_str[1000]; 13631 rsa_context ctx; 13632 size_t msg_len; 13633 13634 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 13635 memset( message_str, 0x00, 1000 ); 13636 memset( hash_result, 0x00, 1000 ); 13637 memset( result_str, 0x00, 1000 ); 13638 13639 ctx.len = 1536 / 8 + ( ( 1536 % 8 ) ? 1 : 0 ); 13640 fct_chk( mpi_read_string( &ctx.N, 16, "e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b" ) == 0 ); 13641 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 13642 13643 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 13644 13645 msg_len = unhexify( message_str, "c8c9c6af04acda414d227ef23e0820c3732c500dc87275e95b0d095413993c2658bc1d988581ba879c2d201f14cb88ced153a01969a7bf0a7be79c84c1486bc12b3fa6c59871b6827c8ce253ca5fefa8a8c690bf326e8e37cdb96d90a82ebab69f86350e1822e8bd536a2e" ); 13646 unhexify( result_str, "80b6d643255209f0a456763897ac9ed259d459b49c2887e5882ecb4434cfd66dd7e1699375381e51cd7f554f2c271704b399d42b4be2540a0eca61951f55267f7c2878c122842dadb28b01bd5f8c025f7e228418a673c03d6bc0c736d0a29546bd67f786d9d692ccea778d71d98c2063b7a71092187a4d35af108111d83e83eae46c46aa34277e06044589903788f1d5e7cee25fb485e92949118814d6f2c3ee361489016f327fb5bc517eb50470bffa1afa5f4ce9aa0ce5b8ee19bf5501b958" ); 13647 13648 switch( SIG_RSA_SHA1 ) 13649 { 13650 #ifdef POLARSSL_MD2_C 13651 case SIG_RSA_MD2: 13652 md2( message_str, msg_len, hash_result ); 13653 break; 13654 #endif 13655 #ifdef POLARSSL_MD4_C 13656 case SIG_RSA_MD4: 13657 md4( message_str, msg_len, hash_result ); 13658 break; 13659 #endif 13660 #ifdef POLARSSL_MD5_C 13661 case SIG_RSA_MD5: 13662 md5( message_str, msg_len, hash_result ); 13663 break; 13664 #endif 13665 #ifdef POLARSSL_SHA1_C 13666 case SIG_RSA_SHA1: 13667 sha1( message_str, msg_len, hash_result ); 13668 break; 13669 #endif 13670 #ifdef POLARSSL_SHA2_C 13671 case SIG_RSA_SHA224: 13672 sha2( message_str, msg_len, hash_result, 1 ); 13673 break; 13674 case SIG_RSA_SHA256: 13675 sha2( message_str, msg_len, hash_result, 0 ); 13676 break; 13677 #endif 13678 #ifdef POLARSSL_SHA4_C 13679 case SIG_RSA_SHA384: 13680 sha4( message_str, msg_len, hash_result, 1 ); 13681 break; 13682 case SIG_RSA_SHA512: 13683 sha4( message_str, msg_len, hash_result, 0 ); 13684 break; 13685 #endif 13686 } 13687 13688 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 13689 } 13690 FCT_TEST_END(); 13691 13692 13693 FCT_TEST_BGN(rsassa_pss_signature_example_9_3) 13694 { 13695 unsigned char message_str[1000]; 13696 unsigned char hash_result[1000]; 13697 unsigned char output[1000]; 13698 unsigned char output_str[1000]; 13699 unsigned char rnd_buf[1000]; 13700 rsa_context ctx; 13701 mpi P1, Q1, H, G; 13702 size_t msg_len; 13703 rnd_buf_info info; 13704 13705 info.length = unhexify( rnd_buf, "9a2b007e80978bbb192c354eb7da9aedfc74dbf5" ); 13706 info.buf = rnd_buf; 13707 13708 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 13709 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 13710 13711 memset( message_str, 0x00, 1000 ); 13712 memset( hash_result, 0x00, 1000 ); 13713 memset( output, 0x00, 1000 ); 13714 memset( output_str, 0x00, 1000 ); 13715 13716 ctx.len = 1536 / 8 + ( ( 1536 % 8 ) ? 1 : 0 ); 13717 fct_chk( mpi_read_string( &ctx.P, 16, "f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367" ) == 0 ); 13718 fct_chk( mpi_read_string( &ctx.Q, 16, "ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d" ) == 0 ); 13719 fct_chk( mpi_read_string( &ctx.N, 16, "e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b" ) == 0 ); 13720 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 13721 13722 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 13723 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 13724 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 13725 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 13726 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 13727 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 13728 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 13729 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 13730 13731 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 13732 13733 msg_len = unhexify( message_str, "0afad42ccd4fc60654a55002d228f52a4a5fe03b8bbb08ca82daca558b44dbe1266e50c0e745a36d9d2904e3408abcd1fd569994063f4a75cc72f2fee2a0cd893a43af1c5b8b487df0a71610024e4f6ddf9f28ad0813c1aab91bcb3c9064d5ff742deffea657094139369e5ea6f4a96319a5cc8224145b545062758fefd1fe3409ae169259c6cdfd6b5f2958e314faecbe69d2cace58ee55179ab9b3e6d1ecc14a557c5febe988595264fc5da1c571462eca798a18a1a4940cdab4a3e92009ccd42e1e947b1314e32238a2dece7d23a89b5b30c751fd0a4a430d2c548594" ); 13734 13735 switch( SIG_RSA_SHA1 ) 13736 { 13737 #ifdef POLARSSL_MD2_C 13738 case SIG_RSA_MD2: 13739 md2( message_str, msg_len, hash_result ); 13740 break; 13741 #endif 13742 #ifdef POLARSSL_MD4_C 13743 case SIG_RSA_MD4: 13744 md4( message_str, msg_len, hash_result ); 13745 break; 13746 #endif 13747 #ifdef POLARSSL_MD5_C 13748 case SIG_RSA_MD5: 13749 md5( message_str, msg_len, hash_result ); 13750 break; 13751 #endif 13752 #ifdef POLARSSL_SHA1_C 13753 case SIG_RSA_SHA1: 13754 sha1( message_str, msg_len, hash_result ); 13755 break; 13756 #endif 13757 #ifdef POLARSSL_SHA2_C 13758 case SIG_RSA_SHA224: 13759 sha2( message_str, msg_len, hash_result, 1 ); 13760 break; 13761 case SIG_RSA_SHA256: 13762 sha2( message_str, msg_len, hash_result, 0 ); 13763 break; 13764 #endif 13765 #ifdef POLARSSL_SHA4_C 13766 case SIG_RSA_SHA384: 13767 sha4( message_str, msg_len, hash_result, 1 ); 13768 break; 13769 case SIG_RSA_SHA512: 13770 sha4( message_str, msg_len, hash_result, 0 ); 13771 break; 13772 #endif 13773 } 13774 13775 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 13776 if( 0 == 0 ) 13777 { 13778 hexify( output_str, output, ctx.len); 13779 13780 fct_chk( strcasecmp( (char *) output_str, "484408f3898cd5f53483f80819efbf2708c34d27a8b2a6fae8b322f9240237f981817aca1846f1084daa6d7c0795f6e5bf1af59c38e1858437ce1f7ec419b98c8736adf6dd9a00b1806d2bd3ad0a73775e05f52dfef3a59ab4b08143f0df05cd1ad9d04bececa6daa4a2129803e200cbc77787caf4c1d0663a6c5987b605952019782caf2ec1426d68fb94ed1d4be816a7ed081b77e6ab330b3ffc073820fecde3727fcbe295ee61a050a343658637c3fd659cfb63736de32d9f90d3c2f63eca" ) == 0 ); 13781 } 13782 13783 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 13784 } 13785 FCT_TEST_END(); 13786 13787 13788 FCT_TEST_BGN(rsassa_pss_signature_example_9_3_verify) 13789 { 13790 unsigned char message_str[1000]; 13791 unsigned char hash_result[1000]; 13792 unsigned char result_str[1000]; 13793 rsa_context ctx; 13794 size_t msg_len; 13795 13796 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 13797 memset( message_str, 0x00, 1000 ); 13798 memset( hash_result, 0x00, 1000 ); 13799 memset( result_str, 0x00, 1000 ); 13800 13801 ctx.len = 1536 / 8 + ( ( 1536 % 8 ) ? 1 : 0 ); 13802 fct_chk( mpi_read_string( &ctx.N, 16, "e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b" ) == 0 ); 13803 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 13804 13805 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 13806 13807 msg_len = unhexify( message_str, "0afad42ccd4fc60654a55002d228f52a4a5fe03b8bbb08ca82daca558b44dbe1266e50c0e745a36d9d2904e3408abcd1fd569994063f4a75cc72f2fee2a0cd893a43af1c5b8b487df0a71610024e4f6ddf9f28ad0813c1aab91bcb3c9064d5ff742deffea657094139369e5ea6f4a96319a5cc8224145b545062758fefd1fe3409ae169259c6cdfd6b5f2958e314faecbe69d2cace58ee55179ab9b3e6d1ecc14a557c5febe988595264fc5da1c571462eca798a18a1a4940cdab4a3e92009ccd42e1e947b1314e32238a2dece7d23a89b5b30c751fd0a4a430d2c548594" ); 13808 unhexify( result_str, "484408f3898cd5f53483f80819efbf2708c34d27a8b2a6fae8b322f9240237f981817aca1846f1084daa6d7c0795f6e5bf1af59c38e1858437ce1f7ec419b98c8736adf6dd9a00b1806d2bd3ad0a73775e05f52dfef3a59ab4b08143f0df05cd1ad9d04bececa6daa4a2129803e200cbc77787caf4c1d0663a6c5987b605952019782caf2ec1426d68fb94ed1d4be816a7ed081b77e6ab330b3ffc073820fecde3727fcbe295ee61a050a343658637c3fd659cfb63736de32d9f90d3c2f63eca" ); 13809 13810 switch( SIG_RSA_SHA1 ) 13811 { 13812 #ifdef POLARSSL_MD2_C 13813 case SIG_RSA_MD2: 13814 md2( message_str, msg_len, hash_result ); 13815 break; 13816 #endif 13817 #ifdef POLARSSL_MD4_C 13818 case SIG_RSA_MD4: 13819 md4( message_str, msg_len, hash_result ); 13820 break; 13821 #endif 13822 #ifdef POLARSSL_MD5_C 13823 case SIG_RSA_MD5: 13824 md5( message_str, msg_len, hash_result ); 13825 break; 13826 #endif 13827 #ifdef POLARSSL_SHA1_C 13828 case SIG_RSA_SHA1: 13829 sha1( message_str, msg_len, hash_result ); 13830 break; 13831 #endif 13832 #ifdef POLARSSL_SHA2_C 13833 case SIG_RSA_SHA224: 13834 sha2( message_str, msg_len, hash_result, 1 ); 13835 break; 13836 case SIG_RSA_SHA256: 13837 sha2( message_str, msg_len, hash_result, 0 ); 13838 break; 13839 #endif 13840 #ifdef POLARSSL_SHA4_C 13841 case SIG_RSA_SHA384: 13842 sha4( message_str, msg_len, hash_result, 1 ); 13843 break; 13844 case SIG_RSA_SHA512: 13845 sha4( message_str, msg_len, hash_result, 0 ); 13846 break; 13847 #endif 13848 } 13849 13850 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 13851 } 13852 FCT_TEST_END(); 13853 13854 13855 FCT_TEST_BGN(rsassa_pss_signature_example_9_4) 13856 { 13857 unsigned char message_str[1000]; 13858 unsigned char hash_result[1000]; 13859 unsigned char output[1000]; 13860 unsigned char output_str[1000]; 13861 unsigned char rnd_buf[1000]; 13862 rsa_context ctx; 13863 mpi P1, Q1, H, G; 13864 size_t msg_len; 13865 rnd_buf_info info; 13866 13867 info.length = unhexify( rnd_buf, "70f382bddf4d5d2dd88b3bc7b7308be632b84045" ); 13868 info.buf = rnd_buf; 13869 13870 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 13871 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 13872 13873 memset( message_str, 0x00, 1000 ); 13874 memset( hash_result, 0x00, 1000 ); 13875 memset( output, 0x00, 1000 ); 13876 memset( output_str, 0x00, 1000 ); 13877 13878 ctx.len = 1536 / 8 + ( ( 1536 % 8 ) ? 1 : 0 ); 13879 fct_chk( mpi_read_string( &ctx.P, 16, "f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367" ) == 0 ); 13880 fct_chk( mpi_read_string( &ctx.Q, 16, "ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d" ) == 0 ); 13881 fct_chk( mpi_read_string( &ctx.N, 16, "e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b" ) == 0 ); 13882 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 13883 13884 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 13885 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 13886 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 13887 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 13888 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 13889 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 13890 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 13891 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 13892 13893 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 13894 13895 msg_len = unhexify( message_str, "1dfd43b46c93db82629bdae2bd0a12b882ea04c3b465f5cf93023f01059626dbbe99f26bb1be949dddd16dc7f3debb19a194627f0b224434df7d8700e9e98b06e360c12fdbe3d19f51c9684eb9089ecbb0a2f0450399d3f59eac7294085d044f5393c6ce737423d8b86c415370d389e30b9f0a3c02d25d0082e8ad6f3f1ef24a45c3cf82b383367063a4d4613e4264f01b2dac2e5aa42043f8fb5f69fa871d14fb273e767a531c40f02f343bc2fb45a0c7e0f6be2561923a77211d66a6e2dbb43c366350beae22da3ac2c1f5077096fcb5c4bf255f7574351ae0b1e1f03632817c0856d4a8ba97afbdc8b85855402bc56926fcec209f9ea8" ); 13896 13897 switch( SIG_RSA_SHA1 ) 13898 { 13899 #ifdef POLARSSL_MD2_C 13900 case SIG_RSA_MD2: 13901 md2( message_str, msg_len, hash_result ); 13902 break; 13903 #endif 13904 #ifdef POLARSSL_MD4_C 13905 case SIG_RSA_MD4: 13906 md4( message_str, msg_len, hash_result ); 13907 break; 13908 #endif 13909 #ifdef POLARSSL_MD5_C 13910 case SIG_RSA_MD5: 13911 md5( message_str, msg_len, hash_result ); 13912 break; 13913 #endif 13914 #ifdef POLARSSL_SHA1_C 13915 case SIG_RSA_SHA1: 13916 sha1( message_str, msg_len, hash_result ); 13917 break; 13918 #endif 13919 #ifdef POLARSSL_SHA2_C 13920 case SIG_RSA_SHA224: 13921 sha2( message_str, msg_len, hash_result, 1 ); 13922 break; 13923 case SIG_RSA_SHA256: 13924 sha2( message_str, msg_len, hash_result, 0 ); 13925 break; 13926 #endif 13927 #ifdef POLARSSL_SHA4_C 13928 case SIG_RSA_SHA384: 13929 sha4( message_str, msg_len, hash_result, 1 ); 13930 break; 13931 case SIG_RSA_SHA512: 13932 sha4( message_str, msg_len, hash_result, 0 ); 13933 break; 13934 #endif 13935 } 13936 13937 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 13938 if( 0 == 0 ) 13939 { 13940 hexify( output_str, output, ctx.len); 13941 13942 fct_chk( strcasecmp( (char *) output_str, "84ebeb481be59845b46468bafb471c0112e02b235d84b5d911cbd1926ee5074ae0424495cb20e82308b8ebb65f419a03fb40e72b78981d88aad143053685172c97b29c8b7bf0ae73b5b2263c403da0ed2f80ff7450af7828eb8b86f0028bd2a8b176a4d228cccea18394f238b09ff758cc00bc04301152355742f282b54e663a919e709d8da24ade5500a7b9aa50226e0ca52923e6c2d860ec50ff480fa57477e82b0565f4379f79c772d5c2da80af9fbf325ece6fc20b00961614bee89a183e" ) == 0 ); 13943 } 13944 13945 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 13946 } 13947 FCT_TEST_END(); 13948 13949 13950 FCT_TEST_BGN(rsassa_pss_signature_example_9_4_verify) 13951 { 13952 unsigned char message_str[1000]; 13953 unsigned char hash_result[1000]; 13954 unsigned char result_str[1000]; 13955 rsa_context ctx; 13956 size_t msg_len; 13957 13958 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 13959 memset( message_str, 0x00, 1000 ); 13960 memset( hash_result, 0x00, 1000 ); 13961 memset( result_str, 0x00, 1000 ); 13962 13963 ctx.len = 1536 / 8 + ( ( 1536 % 8 ) ? 1 : 0 ); 13964 fct_chk( mpi_read_string( &ctx.N, 16, "e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b" ) == 0 ); 13965 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 13966 13967 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 13968 13969 msg_len = unhexify( message_str, "1dfd43b46c93db82629bdae2bd0a12b882ea04c3b465f5cf93023f01059626dbbe99f26bb1be949dddd16dc7f3debb19a194627f0b224434df7d8700e9e98b06e360c12fdbe3d19f51c9684eb9089ecbb0a2f0450399d3f59eac7294085d044f5393c6ce737423d8b86c415370d389e30b9f0a3c02d25d0082e8ad6f3f1ef24a45c3cf82b383367063a4d4613e4264f01b2dac2e5aa42043f8fb5f69fa871d14fb273e767a531c40f02f343bc2fb45a0c7e0f6be2561923a77211d66a6e2dbb43c366350beae22da3ac2c1f5077096fcb5c4bf255f7574351ae0b1e1f03632817c0856d4a8ba97afbdc8b85855402bc56926fcec209f9ea8" ); 13970 unhexify( result_str, "84ebeb481be59845b46468bafb471c0112e02b235d84b5d911cbd1926ee5074ae0424495cb20e82308b8ebb65f419a03fb40e72b78981d88aad143053685172c97b29c8b7bf0ae73b5b2263c403da0ed2f80ff7450af7828eb8b86f0028bd2a8b176a4d228cccea18394f238b09ff758cc00bc04301152355742f282b54e663a919e709d8da24ade5500a7b9aa50226e0ca52923e6c2d860ec50ff480fa57477e82b0565f4379f79c772d5c2da80af9fbf325ece6fc20b00961614bee89a183e" ); 13971 13972 switch( SIG_RSA_SHA1 ) 13973 { 13974 #ifdef POLARSSL_MD2_C 13975 case SIG_RSA_MD2: 13976 md2( message_str, msg_len, hash_result ); 13977 break; 13978 #endif 13979 #ifdef POLARSSL_MD4_C 13980 case SIG_RSA_MD4: 13981 md4( message_str, msg_len, hash_result ); 13982 break; 13983 #endif 13984 #ifdef POLARSSL_MD5_C 13985 case SIG_RSA_MD5: 13986 md5( message_str, msg_len, hash_result ); 13987 break; 13988 #endif 13989 #ifdef POLARSSL_SHA1_C 13990 case SIG_RSA_SHA1: 13991 sha1( message_str, msg_len, hash_result ); 13992 break; 13993 #endif 13994 #ifdef POLARSSL_SHA2_C 13995 case SIG_RSA_SHA224: 13996 sha2( message_str, msg_len, hash_result, 1 ); 13997 break; 13998 case SIG_RSA_SHA256: 13999 sha2( message_str, msg_len, hash_result, 0 ); 14000 break; 14001 #endif 14002 #ifdef POLARSSL_SHA4_C 14003 case SIG_RSA_SHA384: 14004 sha4( message_str, msg_len, hash_result, 1 ); 14005 break; 14006 case SIG_RSA_SHA512: 14007 sha4( message_str, msg_len, hash_result, 0 ); 14008 break; 14009 #endif 14010 } 14011 14012 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 14013 } 14014 FCT_TEST_END(); 14015 14016 14017 FCT_TEST_BGN(rsassa_pss_signature_example_9_5) 14018 { 14019 unsigned char message_str[1000]; 14020 unsigned char hash_result[1000]; 14021 unsigned char output[1000]; 14022 unsigned char output_str[1000]; 14023 unsigned char rnd_buf[1000]; 14024 rsa_context ctx; 14025 mpi P1, Q1, H, G; 14026 size_t msg_len; 14027 rnd_buf_info info; 14028 14029 info.length = unhexify( rnd_buf, "d689257a86effa68212c5e0c619eca295fb91b67" ); 14030 info.buf = rnd_buf; 14031 14032 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 14033 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 14034 14035 memset( message_str, 0x00, 1000 ); 14036 memset( hash_result, 0x00, 1000 ); 14037 memset( output, 0x00, 1000 ); 14038 memset( output_str, 0x00, 1000 ); 14039 14040 ctx.len = 1536 / 8 + ( ( 1536 % 8 ) ? 1 : 0 ); 14041 fct_chk( mpi_read_string( &ctx.P, 16, "f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367" ) == 0 ); 14042 fct_chk( mpi_read_string( &ctx.Q, 16, "ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d" ) == 0 ); 14043 fct_chk( mpi_read_string( &ctx.N, 16, "e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b" ) == 0 ); 14044 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 14045 14046 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 14047 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 14048 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 14049 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 14050 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 14051 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 14052 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 14053 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 14054 14055 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 14056 14057 msg_len = unhexify( message_str, "1bdc6e7c98fb8cf54e9b097b66a831e9cfe52d9d4888448ee4b0978093ba1d7d73ae78b3a62ba4ad95cd289ccb9e005226bb3d178bccaa821fb044a4e21ee97696c14d0678c94c2dae93b0ad73922218553daa7e44ebe57725a7a45cc72b9b2138a6b17c8db411ce8279ee1241aff0a8bec6f77f87edb0c69cb27236e3435a800b192e4f11e519e3fe30fc30eaccca4fbb41769029bf708e817a9e683805be67fa100984683b74838e3bcffa79366eed1d481c76729118838f31ba8a048a93c1be4424598e8df6328b7a77880a3f9c7e2e8dfca8eb5a26fb86bdc556d42bbe01d9fa6ed80646491c9341" ); 14058 14059 switch( SIG_RSA_SHA1 ) 14060 { 14061 #ifdef POLARSSL_MD2_C 14062 case SIG_RSA_MD2: 14063 md2( message_str, msg_len, hash_result ); 14064 break; 14065 #endif 14066 #ifdef POLARSSL_MD4_C 14067 case SIG_RSA_MD4: 14068 md4( message_str, msg_len, hash_result ); 14069 break; 14070 #endif 14071 #ifdef POLARSSL_MD5_C 14072 case SIG_RSA_MD5: 14073 md5( message_str, msg_len, hash_result ); 14074 break; 14075 #endif 14076 #ifdef POLARSSL_SHA1_C 14077 case SIG_RSA_SHA1: 14078 sha1( message_str, msg_len, hash_result ); 14079 break; 14080 #endif 14081 #ifdef POLARSSL_SHA2_C 14082 case SIG_RSA_SHA224: 14083 sha2( message_str, msg_len, hash_result, 1 ); 14084 break; 14085 case SIG_RSA_SHA256: 14086 sha2( message_str, msg_len, hash_result, 0 ); 14087 break; 14088 #endif 14089 #ifdef POLARSSL_SHA4_C 14090 case SIG_RSA_SHA384: 14091 sha4( message_str, msg_len, hash_result, 1 ); 14092 break; 14093 case SIG_RSA_SHA512: 14094 sha4( message_str, msg_len, hash_result, 0 ); 14095 break; 14096 #endif 14097 } 14098 14099 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 14100 if( 0 == 0 ) 14101 { 14102 hexify( output_str, output, ctx.len); 14103 14104 fct_chk( strcasecmp( (char *) output_str, "82102df8cb91e7179919a04d26d335d64fbc2f872c44833943241de8454810274cdf3db5f42d423db152af7135f701420e39b494a67cbfd19f9119da233a23da5c6439b5ba0d2bc373eee3507001378d4a4073856b7fe2aba0b5ee93b27f4afec7d4d120921c83f606765b02c19e4d6a1a3b95fa4c422951be4f52131077ef17179729cddfbdb56950dbaceefe78cb16640a099ea56d24389eef10f8fecb31ba3ea3b227c0a86698bb89e3e9363905bf22777b2a3aa521b65b4cef76d83bde4c" ) == 0 ); 14105 } 14106 14107 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 14108 } 14109 FCT_TEST_END(); 14110 14111 14112 FCT_TEST_BGN(rsassa_pss_signature_example_9_5_verify) 14113 { 14114 unsigned char message_str[1000]; 14115 unsigned char hash_result[1000]; 14116 unsigned char result_str[1000]; 14117 rsa_context ctx; 14118 size_t msg_len; 14119 14120 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 14121 memset( message_str, 0x00, 1000 ); 14122 memset( hash_result, 0x00, 1000 ); 14123 memset( result_str, 0x00, 1000 ); 14124 14125 ctx.len = 1536 / 8 + ( ( 1536 % 8 ) ? 1 : 0 ); 14126 fct_chk( mpi_read_string( &ctx.N, 16, "e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b" ) == 0 ); 14127 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 14128 14129 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 14130 14131 msg_len = unhexify( message_str, "1bdc6e7c98fb8cf54e9b097b66a831e9cfe52d9d4888448ee4b0978093ba1d7d73ae78b3a62ba4ad95cd289ccb9e005226bb3d178bccaa821fb044a4e21ee97696c14d0678c94c2dae93b0ad73922218553daa7e44ebe57725a7a45cc72b9b2138a6b17c8db411ce8279ee1241aff0a8bec6f77f87edb0c69cb27236e3435a800b192e4f11e519e3fe30fc30eaccca4fbb41769029bf708e817a9e683805be67fa100984683b74838e3bcffa79366eed1d481c76729118838f31ba8a048a93c1be4424598e8df6328b7a77880a3f9c7e2e8dfca8eb5a26fb86bdc556d42bbe01d9fa6ed80646491c9341" ); 14132 unhexify( result_str, "82102df8cb91e7179919a04d26d335d64fbc2f872c44833943241de8454810274cdf3db5f42d423db152af7135f701420e39b494a67cbfd19f9119da233a23da5c6439b5ba0d2bc373eee3507001378d4a4073856b7fe2aba0b5ee93b27f4afec7d4d120921c83f606765b02c19e4d6a1a3b95fa4c422951be4f52131077ef17179729cddfbdb56950dbaceefe78cb16640a099ea56d24389eef10f8fecb31ba3ea3b227c0a86698bb89e3e9363905bf22777b2a3aa521b65b4cef76d83bde4c" ); 14133 14134 switch( SIG_RSA_SHA1 ) 14135 { 14136 #ifdef POLARSSL_MD2_C 14137 case SIG_RSA_MD2: 14138 md2( message_str, msg_len, hash_result ); 14139 break; 14140 #endif 14141 #ifdef POLARSSL_MD4_C 14142 case SIG_RSA_MD4: 14143 md4( message_str, msg_len, hash_result ); 14144 break; 14145 #endif 14146 #ifdef POLARSSL_MD5_C 14147 case SIG_RSA_MD5: 14148 md5( message_str, msg_len, hash_result ); 14149 break; 14150 #endif 14151 #ifdef POLARSSL_SHA1_C 14152 case SIG_RSA_SHA1: 14153 sha1( message_str, msg_len, hash_result ); 14154 break; 14155 #endif 14156 #ifdef POLARSSL_SHA2_C 14157 case SIG_RSA_SHA224: 14158 sha2( message_str, msg_len, hash_result, 1 ); 14159 break; 14160 case SIG_RSA_SHA256: 14161 sha2( message_str, msg_len, hash_result, 0 ); 14162 break; 14163 #endif 14164 #ifdef POLARSSL_SHA4_C 14165 case SIG_RSA_SHA384: 14166 sha4( message_str, msg_len, hash_result, 1 ); 14167 break; 14168 case SIG_RSA_SHA512: 14169 sha4( message_str, msg_len, hash_result, 0 ); 14170 break; 14171 #endif 14172 } 14173 14174 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 14175 } 14176 FCT_TEST_END(); 14177 14178 14179 FCT_TEST_BGN(rsassa_pss_signature_example_9_6) 14180 { 14181 unsigned char message_str[1000]; 14182 unsigned char hash_result[1000]; 14183 unsigned char output[1000]; 14184 unsigned char output_str[1000]; 14185 unsigned char rnd_buf[1000]; 14186 rsa_context ctx; 14187 mpi P1, Q1, H, G; 14188 size_t msg_len; 14189 rnd_buf_info info; 14190 14191 info.length = unhexify( rnd_buf, "c25f13bf67d081671a0481a1f1820d613bba2276" ); 14192 info.buf = rnd_buf; 14193 14194 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 14195 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 14196 14197 memset( message_str, 0x00, 1000 ); 14198 memset( hash_result, 0x00, 1000 ); 14199 memset( output, 0x00, 1000 ); 14200 memset( output_str, 0x00, 1000 ); 14201 14202 ctx.len = 1536 / 8 + ( ( 1536 % 8 ) ? 1 : 0 ); 14203 fct_chk( mpi_read_string( &ctx.P, 16, "f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367" ) == 0 ); 14204 fct_chk( mpi_read_string( &ctx.Q, 16, "ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d" ) == 0 ); 14205 fct_chk( mpi_read_string( &ctx.N, 16, "e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b" ) == 0 ); 14206 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 14207 14208 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 14209 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 14210 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 14211 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 14212 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 14213 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 14214 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 14215 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 14216 14217 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 14218 14219 msg_len = unhexify( message_str, "88c7a9f1360401d90e53b101b61c5325c3c75db1b411fbeb8e830b75e96b56670ad245404e16793544ee354bc613a90cc9848715a73db5893e7f6d279815c0c1de83ef8e2956e3a56ed26a888d7a9cdcd042f4b16b7fa51ef1a0573662d16a302d0ec5b285d2e03ad96529c87b3d374db372d95b2443d061b6b1a350ba87807ed083afd1eb05c3f52f4eba5ed2227714fdb50b9d9d9dd6814f62f6272fcd5cdbce7a9ef797" ); 14220 14221 switch( SIG_RSA_SHA1 ) 14222 { 14223 #ifdef POLARSSL_MD2_C 14224 case SIG_RSA_MD2: 14225 md2( message_str, msg_len, hash_result ); 14226 break; 14227 #endif 14228 #ifdef POLARSSL_MD4_C 14229 case SIG_RSA_MD4: 14230 md4( message_str, msg_len, hash_result ); 14231 break; 14232 #endif 14233 #ifdef POLARSSL_MD5_C 14234 case SIG_RSA_MD5: 14235 md5( message_str, msg_len, hash_result ); 14236 break; 14237 #endif 14238 #ifdef POLARSSL_SHA1_C 14239 case SIG_RSA_SHA1: 14240 sha1( message_str, msg_len, hash_result ); 14241 break; 14242 #endif 14243 #ifdef POLARSSL_SHA2_C 14244 case SIG_RSA_SHA224: 14245 sha2( message_str, msg_len, hash_result, 1 ); 14246 break; 14247 case SIG_RSA_SHA256: 14248 sha2( message_str, msg_len, hash_result, 0 ); 14249 break; 14250 #endif 14251 #ifdef POLARSSL_SHA4_C 14252 case SIG_RSA_SHA384: 14253 sha4( message_str, msg_len, hash_result, 1 ); 14254 break; 14255 case SIG_RSA_SHA512: 14256 sha4( message_str, msg_len, hash_result, 0 ); 14257 break; 14258 #endif 14259 } 14260 14261 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 14262 if( 0 == 0 ) 14263 { 14264 hexify( output_str, output, ctx.len); 14265 14266 fct_chk( strcasecmp( (char *) output_str, "a7fdb0d259165ca2c88d00bbf1028a867d337699d061193b17a9648e14ccbbaadeacaacdec815e7571294ebb8a117af205fa078b47b0712c199e3ad05135c504c24b81705115740802487992ffd511d4afc6b854491eb3f0dd523139542ff15c3101ee85543517c6a3c79417c67e2dd9aa741e9a29b06dcb593c2336b3670ae3afbac7c3e76e215473e866e338ca244de00b62624d6b9426822ceae9f8cc460895f41250073fd45c5a1e7b425c204a423a699159f6903e710b37a7bb2bc8049f" ) == 0 ); 14267 } 14268 14269 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 14270 } 14271 FCT_TEST_END(); 14272 14273 14274 FCT_TEST_BGN(rsassa_pss_signature_example_9_6_verify) 14275 { 14276 unsigned char message_str[1000]; 14277 unsigned char hash_result[1000]; 14278 unsigned char result_str[1000]; 14279 rsa_context ctx; 14280 size_t msg_len; 14281 14282 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 14283 memset( message_str, 0x00, 1000 ); 14284 memset( hash_result, 0x00, 1000 ); 14285 memset( result_str, 0x00, 1000 ); 14286 14287 ctx.len = 1536 / 8 + ( ( 1536 % 8 ) ? 1 : 0 ); 14288 fct_chk( mpi_read_string( &ctx.N, 16, "e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b" ) == 0 ); 14289 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 14290 14291 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 14292 14293 msg_len = unhexify( message_str, "88c7a9f1360401d90e53b101b61c5325c3c75db1b411fbeb8e830b75e96b56670ad245404e16793544ee354bc613a90cc9848715a73db5893e7f6d279815c0c1de83ef8e2956e3a56ed26a888d7a9cdcd042f4b16b7fa51ef1a0573662d16a302d0ec5b285d2e03ad96529c87b3d374db372d95b2443d061b6b1a350ba87807ed083afd1eb05c3f52f4eba5ed2227714fdb50b9d9d9dd6814f62f6272fcd5cdbce7a9ef797" ); 14294 unhexify( result_str, "a7fdb0d259165ca2c88d00bbf1028a867d337699d061193b17a9648e14ccbbaadeacaacdec815e7571294ebb8a117af205fa078b47b0712c199e3ad05135c504c24b81705115740802487992ffd511d4afc6b854491eb3f0dd523139542ff15c3101ee85543517c6a3c79417c67e2dd9aa741e9a29b06dcb593c2336b3670ae3afbac7c3e76e215473e866e338ca244de00b62624d6b9426822ceae9f8cc460895f41250073fd45c5a1e7b425c204a423a699159f6903e710b37a7bb2bc8049f" ); 14295 14296 switch( SIG_RSA_SHA1 ) 14297 { 14298 #ifdef POLARSSL_MD2_C 14299 case SIG_RSA_MD2: 14300 md2( message_str, msg_len, hash_result ); 14301 break; 14302 #endif 14303 #ifdef POLARSSL_MD4_C 14304 case SIG_RSA_MD4: 14305 md4( message_str, msg_len, hash_result ); 14306 break; 14307 #endif 14308 #ifdef POLARSSL_MD5_C 14309 case SIG_RSA_MD5: 14310 md5( message_str, msg_len, hash_result ); 14311 break; 14312 #endif 14313 #ifdef POLARSSL_SHA1_C 14314 case SIG_RSA_SHA1: 14315 sha1( message_str, msg_len, hash_result ); 14316 break; 14317 #endif 14318 #ifdef POLARSSL_SHA2_C 14319 case SIG_RSA_SHA224: 14320 sha2( message_str, msg_len, hash_result, 1 ); 14321 break; 14322 case SIG_RSA_SHA256: 14323 sha2( message_str, msg_len, hash_result, 0 ); 14324 break; 14325 #endif 14326 #ifdef POLARSSL_SHA4_C 14327 case SIG_RSA_SHA384: 14328 sha4( message_str, msg_len, hash_result, 1 ); 14329 break; 14330 case SIG_RSA_SHA512: 14331 sha4( message_str, msg_len, hash_result, 0 ); 14332 break; 14333 #endif 14334 } 14335 14336 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 14337 } 14338 FCT_TEST_END(); 14339 14340 14341 FCT_TEST_BGN(rsassa_pss_signature_example_10_1) 14342 { 14343 unsigned char message_str[1000]; 14344 unsigned char hash_result[1000]; 14345 unsigned char output[1000]; 14346 unsigned char output_str[1000]; 14347 unsigned char rnd_buf[1000]; 14348 rsa_context ctx; 14349 mpi P1, Q1, H, G; 14350 size_t msg_len; 14351 rnd_buf_info info; 14352 14353 info.length = unhexify( rnd_buf, "04e215ee6ff934b9da70d7730c8734abfcecde89" ); 14354 info.buf = rnd_buf; 14355 14356 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 14357 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 14358 14359 memset( message_str, 0x00, 1000 ); 14360 memset( hash_result, 0x00, 1000 ); 14361 memset( output, 0x00, 1000 ); 14362 memset( output_str, 0x00, 1000 ); 14363 14364 ctx.len = 2048 / 8 + ( ( 2048 % 8 ) ? 1 : 0 ); 14365 fct_chk( mpi_read_string( &ctx.P, 16, "cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb" ) == 0 ); 14366 fct_chk( mpi_read_string( &ctx.Q, 16, "cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf" ) == 0 ); 14367 fct_chk( mpi_read_string( &ctx.N, 16, "a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05" ) == 0 ); 14368 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 14369 14370 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 14371 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 14372 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 14373 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 14374 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 14375 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 14376 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 14377 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 14378 14379 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 14380 14381 msg_len = unhexify( message_str, "883177e5126b9be2d9a9680327d5370c6f26861f5820c43da67a3ad609" ); 14382 14383 switch( SIG_RSA_SHA1 ) 14384 { 14385 #ifdef POLARSSL_MD2_C 14386 case SIG_RSA_MD2: 14387 md2( message_str, msg_len, hash_result ); 14388 break; 14389 #endif 14390 #ifdef POLARSSL_MD4_C 14391 case SIG_RSA_MD4: 14392 md4( message_str, msg_len, hash_result ); 14393 break; 14394 #endif 14395 #ifdef POLARSSL_MD5_C 14396 case SIG_RSA_MD5: 14397 md5( message_str, msg_len, hash_result ); 14398 break; 14399 #endif 14400 #ifdef POLARSSL_SHA1_C 14401 case SIG_RSA_SHA1: 14402 sha1( message_str, msg_len, hash_result ); 14403 break; 14404 #endif 14405 #ifdef POLARSSL_SHA2_C 14406 case SIG_RSA_SHA224: 14407 sha2( message_str, msg_len, hash_result, 1 ); 14408 break; 14409 case SIG_RSA_SHA256: 14410 sha2( message_str, msg_len, hash_result, 0 ); 14411 break; 14412 #endif 14413 #ifdef POLARSSL_SHA4_C 14414 case SIG_RSA_SHA384: 14415 sha4( message_str, msg_len, hash_result, 1 ); 14416 break; 14417 case SIG_RSA_SHA512: 14418 sha4( message_str, msg_len, hash_result, 0 ); 14419 break; 14420 #endif 14421 } 14422 14423 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 14424 if( 0 == 0 ) 14425 { 14426 hexify( output_str, output, ctx.len); 14427 14428 fct_chk( strcasecmp( (char *) output_str, "82c2b160093b8aa3c0f7522b19f87354066c77847abf2a9fce542d0e84e920c5afb49ffdfdace16560ee94a1369601148ebad7a0e151cf16331791a5727d05f21e74e7eb811440206935d744765a15e79f015cb66c532c87a6a05961c8bfad741a9a6657022894393e7223739796c02a77455d0f555b0ec01ddf259b6207fd0fd57614cef1a5573baaff4ec00069951659b85f24300a25160ca8522dc6e6727e57d019d7e63629b8fe5e89e25cc15beb3a647577559299280b9b28f79b0409000be25bbd96408ba3b43cc486184dd1c8e62553fa1af4040f60663de7f5e49c04388e257f1ce89c95dab48a315d9b66b1b7628233876ff2385230d070d07e1666" ) == 0 ); 14429 } 14430 14431 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 14432 } 14433 FCT_TEST_END(); 14434 14435 14436 FCT_TEST_BGN(rsassa_pss_signature_example_10_1_verify) 14437 { 14438 unsigned char message_str[1000]; 14439 unsigned char hash_result[1000]; 14440 unsigned char result_str[1000]; 14441 rsa_context ctx; 14442 size_t msg_len; 14443 14444 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 14445 memset( message_str, 0x00, 1000 ); 14446 memset( hash_result, 0x00, 1000 ); 14447 memset( result_str, 0x00, 1000 ); 14448 14449 ctx.len = 2048 / 8 + ( ( 2048 % 8 ) ? 1 : 0 ); 14450 fct_chk( mpi_read_string( &ctx.N, 16, "a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05" ) == 0 ); 14451 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 14452 14453 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 14454 14455 msg_len = unhexify( message_str, "883177e5126b9be2d9a9680327d5370c6f26861f5820c43da67a3ad609" ); 14456 unhexify( result_str, "82c2b160093b8aa3c0f7522b19f87354066c77847abf2a9fce542d0e84e920c5afb49ffdfdace16560ee94a1369601148ebad7a0e151cf16331791a5727d05f21e74e7eb811440206935d744765a15e79f015cb66c532c87a6a05961c8bfad741a9a6657022894393e7223739796c02a77455d0f555b0ec01ddf259b6207fd0fd57614cef1a5573baaff4ec00069951659b85f24300a25160ca8522dc6e6727e57d019d7e63629b8fe5e89e25cc15beb3a647577559299280b9b28f79b0409000be25bbd96408ba3b43cc486184dd1c8e62553fa1af4040f60663de7f5e49c04388e257f1ce89c95dab48a315d9b66b1b7628233876ff2385230d070d07e1666" ); 14457 14458 switch( SIG_RSA_SHA1 ) 14459 { 14460 #ifdef POLARSSL_MD2_C 14461 case SIG_RSA_MD2: 14462 md2( message_str, msg_len, hash_result ); 14463 break; 14464 #endif 14465 #ifdef POLARSSL_MD4_C 14466 case SIG_RSA_MD4: 14467 md4( message_str, msg_len, hash_result ); 14468 break; 14469 #endif 14470 #ifdef POLARSSL_MD5_C 14471 case SIG_RSA_MD5: 14472 md5( message_str, msg_len, hash_result ); 14473 break; 14474 #endif 14475 #ifdef POLARSSL_SHA1_C 14476 case SIG_RSA_SHA1: 14477 sha1( message_str, msg_len, hash_result ); 14478 break; 14479 #endif 14480 #ifdef POLARSSL_SHA2_C 14481 case SIG_RSA_SHA224: 14482 sha2( message_str, msg_len, hash_result, 1 ); 14483 break; 14484 case SIG_RSA_SHA256: 14485 sha2( message_str, msg_len, hash_result, 0 ); 14486 break; 14487 #endif 14488 #ifdef POLARSSL_SHA4_C 14489 case SIG_RSA_SHA384: 14490 sha4( message_str, msg_len, hash_result, 1 ); 14491 break; 14492 case SIG_RSA_SHA512: 14493 sha4( message_str, msg_len, hash_result, 0 ); 14494 break; 14495 #endif 14496 } 14497 14498 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 14499 } 14500 FCT_TEST_END(); 14501 14502 14503 FCT_TEST_BGN(rsassa_pss_signature_example_10_2) 14504 { 14505 unsigned char message_str[1000]; 14506 unsigned char hash_result[1000]; 14507 unsigned char output[1000]; 14508 unsigned char output_str[1000]; 14509 unsigned char rnd_buf[1000]; 14510 rsa_context ctx; 14511 mpi P1, Q1, H, G; 14512 size_t msg_len; 14513 rnd_buf_info info; 14514 14515 info.length = unhexify( rnd_buf, "8b2bdd4b40faf545c778ddf9bc1a49cb57f9b71b" ); 14516 info.buf = rnd_buf; 14517 14518 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 14519 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 14520 14521 memset( message_str, 0x00, 1000 ); 14522 memset( hash_result, 0x00, 1000 ); 14523 memset( output, 0x00, 1000 ); 14524 memset( output_str, 0x00, 1000 ); 14525 14526 ctx.len = 2048 / 8 + ( ( 2048 % 8 ) ? 1 : 0 ); 14527 fct_chk( mpi_read_string( &ctx.P, 16, "cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb" ) == 0 ); 14528 fct_chk( mpi_read_string( &ctx.Q, 16, "cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf" ) == 0 ); 14529 fct_chk( mpi_read_string( &ctx.N, 16, "a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05" ) == 0 ); 14530 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 14531 14532 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 14533 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 14534 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 14535 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 14536 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 14537 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 14538 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 14539 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 14540 14541 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 14542 14543 msg_len = unhexify( message_str, "dd670a01465868adc93f26131957a50c52fb777cdbaa30892c9e12361164ec13979d43048118e4445db87bee58dd987b3425d02071d8dbae80708b039dbb64dbd1de5657d9fed0c118a54143742e0ff3c87f74e45857647af3f79eb0a14c9d75ea9a1a04b7cf478a897a708fd988f48e801edb0b7039df8c23bb3c56f4e821ac" ); 14544 14545 switch( SIG_RSA_SHA1 ) 14546 { 14547 #ifdef POLARSSL_MD2_C 14548 case SIG_RSA_MD2: 14549 md2( message_str, msg_len, hash_result ); 14550 break; 14551 #endif 14552 #ifdef POLARSSL_MD4_C 14553 case SIG_RSA_MD4: 14554 md4( message_str, msg_len, hash_result ); 14555 break; 14556 #endif 14557 #ifdef POLARSSL_MD5_C 14558 case SIG_RSA_MD5: 14559 md5( message_str, msg_len, hash_result ); 14560 break; 14561 #endif 14562 #ifdef POLARSSL_SHA1_C 14563 case SIG_RSA_SHA1: 14564 sha1( message_str, msg_len, hash_result ); 14565 break; 14566 #endif 14567 #ifdef POLARSSL_SHA2_C 14568 case SIG_RSA_SHA224: 14569 sha2( message_str, msg_len, hash_result, 1 ); 14570 break; 14571 case SIG_RSA_SHA256: 14572 sha2( message_str, msg_len, hash_result, 0 ); 14573 break; 14574 #endif 14575 #ifdef POLARSSL_SHA4_C 14576 case SIG_RSA_SHA384: 14577 sha4( message_str, msg_len, hash_result, 1 ); 14578 break; 14579 case SIG_RSA_SHA512: 14580 sha4( message_str, msg_len, hash_result, 0 ); 14581 break; 14582 #endif 14583 } 14584 14585 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 14586 if( 0 == 0 ) 14587 { 14588 hexify( output_str, output, ctx.len); 14589 14590 fct_chk( strcasecmp( (char *) output_str, "14ae35d9dd06ba92f7f3b897978aed7cd4bf5ff0b585a40bd46ce1b42cd2703053bb9044d64e813d8f96db2dd7007d10118f6f8f8496097ad75e1ff692341b2892ad55a633a1c55e7f0a0ad59a0e203a5b8278aec54dd8622e2831d87174f8caff43ee6c46445345d84a59659bfb92ecd4c818668695f34706f66828a89959637f2bf3e3251c24bdba4d4b7649da0022218b119c84e79a6527ec5b8a5f861c159952e23ec05e1e717346faefe8b1686825bd2b262fb2531066c0de09acde2e4231690728b5d85e115a2f6b92b79c25abc9bd9399ff8bcf825a52ea1f56ea76dd26f43baafa18bfa92a504cbd35699e26d1dcc5a2887385f3c63232f06f3244c3" ) == 0 ); 14591 } 14592 14593 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 14594 } 14595 FCT_TEST_END(); 14596 14597 14598 FCT_TEST_BGN(rsassa_pss_signature_example_10_2_verify) 14599 { 14600 unsigned char message_str[1000]; 14601 unsigned char hash_result[1000]; 14602 unsigned char result_str[1000]; 14603 rsa_context ctx; 14604 size_t msg_len; 14605 14606 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 14607 memset( message_str, 0x00, 1000 ); 14608 memset( hash_result, 0x00, 1000 ); 14609 memset( result_str, 0x00, 1000 ); 14610 14611 ctx.len = 2048 / 8 + ( ( 2048 % 8 ) ? 1 : 0 ); 14612 fct_chk( mpi_read_string( &ctx.N, 16, "a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05" ) == 0 ); 14613 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 14614 14615 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 14616 14617 msg_len = unhexify( message_str, "dd670a01465868adc93f26131957a50c52fb777cdbaa30892c9e12361164ec13979d43048118e4445db87bee58dd987b3425d02071d8dbae80708b039dbb64dbd1de5657d9fed0c118a54143742e0ff3c87f74e45857647af3f79eb0a14c9d75ea9a1a04b7cf478a897a708fd988f48e801edb0b7039df8c23bb3c56f4e821ac" ); 14618 unhexify( result_str, "14ae35d9dd06ba92f7f3b897978aed7cd4bf5ff0b585a40bd46ce1b42cd2703053bb9044d64e813d8f96db2dd7007d10118f6f8f8496097ad75e1ff692341b2892ad55a633a1c55e7f0a0ad59a0e203a5b8278aec54dd8622e2831d87174f8caff43ee6c46445345d84a59659bfb92ecd4c818668695f34706f66828a89959637f2bf3e3251c24bdba4d4b7649da0022218b119c84e79a6527ec5b8a5f861c159952e23ec05e1e717346faefe8b1686825bd2b262fb2531066c0de09acde2e4231690728b5d85e115a2f6b92b79c25abc9bd9399ff8bcf825a52ea1f56ea76dd26f43baafa18bfa92a504cbd35699e26d1dcc5a2887385f3c63232f06f3244c3" ); 14619 14620 switch( SIG_RSA_SHA1 ) 14621 { 14622 #ifdef POLARSSL_MD2_C 14623 case SIG_RSA_MD2: 14624 md2( message_str, msg_len, hash_result ); 14625 break; 14626 #endif 14627 #ifdef POLARSSL_MD4_C 14628 case SIG_RSA_MD4: 14629 md4( message_str, msg_len, hash_result ); 14630 break; 14631 #endif 14632 #ifdef POLARSSL_MD5_C 14633 case SIG_RSA_MD5: 14634 md5( message_str, msg_len, hash_result ); 14635 break; 14636 #endif 14637 #ifdef POLARSSL_SHA1_C 14638 case SIG_RSA_SHA1: 14639 sha1( message_str, msg_len, hash_result ); 14640 break; 14641 #endif 14642 #ifdef POLARSSL_SHA2_C 14643 case SIG_RSA_SHA224: 14644 sha2( message_str, msg_len, hash_result, 1 ); 14645 break; 14646 case SIG_RSA_SHA256: 14647 sha2( message_str, msg_len, hash_result, 0 ); 14648 break; 14649 #endif 14650 #ifdef POLARSSL_SHA4_C 14651 case SIG_RSA_SHA384: 14652 sha4( message_str, msg_len, hash_result, 1 ); 14653 break; 14654 case SIG_RSA_SHA512: 14655 sha4( message_str, msg_len, hash_result, 0 ); 14656 break; 14657 #endif 14658 } 14659 14660 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 14661 } 14662 FCT_TEST_END(); 14663 14664 14665 FCT_TEST_BGN(rsassa_pss_signature_example_10_3) 14666 { 14667 unsigned char message_str[1000]; 14668 unsigned char hash_result[1000]; 14669 unsigned char output[1000]; 14670 unsigned char output_str[1000]; 14671 unsigned char rnd_buf[1000]; 14672 rsa_context ctx; 14673 mpi P1, Q1, H, G; 14674 size_t msg_len; 14675 rnd_buf_info info; 14676 14677 info.length = unhexify( rnd_buf, "4e96fc1b398f92b44671010c0dc3efd6e20c2d73" ); 14678 info.buf = rnd_buf; 14679 14680 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 14681 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 14682 14683 memset( message_str, 0x00, 1000 ); 14684 memset( hash_result, 0x00, 1000 ); 14685 memset( output, 0x00, 1000 ); 14686 memset( output_str, 0x00, 1000 ); 14687 14688 ctx.len = 2048 / 8 + ( ( 2048 % 8 ) ? 1 : 0 ); 14689 fct_chk( mpi_read_string( &ctx.P, 16, "cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb" ) == 0 ); 14690 fct_chk( mpi_read_string( &ctx.Q, 16, "cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf" ) == 0 ); 14691 fct_chk( mpi_read_string( &ctx.N, 16, "a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05" ) == 0 ); 14692 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 14693 14694 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 14695 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 14696 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 14697 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 14698 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 14699 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 14700 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 14701 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 14702 14703 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 14704 14705 msg_len = unhexify( message_str, "48b2b6a57a63c84cea859d65c668284b08d96bdcaabe252db0e4a96cb1bac6019341db6fbefb8d106b0e90eda6bcc6c6262f37e7ea9c7e5d226bd7df85ec5e71efff2f54c5db577ff729ff91b842491de2741d0c631607df586b905b23b91af13da12304bf83eca8a73e871ff9db" ); 14706 14707 switch( SIG_RSA_SHA1 ) 14708 { 14709 #ifdef POLARSSL_MD2_C 14710 case SIG_RSA_MD2: 14711 md2( message_str, msg_len, hash_result ); 14712 break; 14713 #endif 14714 #ifdef POLARSSL_MD4_C 14715 case SIG_RSA_MD4: 14716 md4( message_str, msg_len, hash_result ); 14717 break; 14718 #endif 14719 #ifdef POLARSSL_MD5_C 14720 case SIG_RSA_MD5: 14721 md5( message_str, msg_len, hash_result ); 14722 break; 14723 #endif 14724 #ifdef POLARSSL_SHA1_C 14725 case SIG_RSA_SHA1: 14726 sha1( message_str, msg_len, hash_result ); 14727 break; 14728 #endif 14729 #ifdef POLARSSL_SHA2_C 14730 case SIG_RSA_SHA224: 14731 sha2( message_str, msg_len, hash_result, 1 ); 14732 break; 14733 case SIG_RSA_SHA256: 14734 sha2( message_str, msg_len, hash_result, 0 ); 14735 break; 14736 #endif 14737 #ifdef POLARSSL_SHA4_C 14738 case SIG_RSA_SHA384: 14739 sha4( message_str, msg_len, hash_result, 1 ); 14740 break; 14741 case SIG_RSA_SHA512: 14742 sha4( message_str, msg_len, hash_result, 0 ); 14743 break; 14744 #endif 14745 } 14746 14747 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 14748 if( 0 == 0 ) 14749 { 14750 hexify( output_str, output, ctx.len); 14751 14752 fct_chk( strcasecmp( (char *) output_str, "6e3e4d7b6b15d2fb46013b8900aa5bbb3939cf2c095717987042026ee62c74c54cffd5d7d57efbbf950a0f5c574fa09d3fc1c9f513b05b4ff50dd8df7edfa20102854c35e592180119a70ce5b085182aa02d9ea2aa90d1df03f2daae885ba2f5d05afdac97476f06b93b5bc94a1a80aa9116c4d615f333b098892b25fface266f5db5a5a3bcc10a824ed55aad35b727834fb8c07da28fcf416a5d9b2224f1f8b442b36f91e456fdea2d7cfe3367268de0307a4c74e924159ed33393d5e0655531c77327b89821bdedf880161c78cd4196b5419f7acc3f13e5ebf161b6e7c6724716ca33b85c2e25640192ac2859651d50bde7eb976e51cec828b98b6563b86bb" ) == 0 ); 14753 } 14754 14755 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 14756 } 14757 FCT_TEST_END(); 14758 14759 14760 FCT_TEST_BGN(rsassa_pss_signature_example_10_3_verify) 14761 { 14762 unsigned char message_str[1000]; 14763 unsigned char hash_result[1000]; 14764 unsigned char result_str[1000]; 14765 rsa_context ctx; 14766 size_t msg_len; 14767 14768 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 14769 memset( message_str, 0x00, 1000 ); 14770 memset( hash_result, 0x00, 1000 ); 14771 memset( result_str, 0x00, 1000 ); 14772 14773 ctx.len = 2048 / 8 + ( ( 2048 % 8 ) ? 1 : 0 ); 14774 fct_chk( mpi_read_string( &ctx.N, 16, "a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05" ) == 0 ); 14775 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 14776 14777 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 14778 14779 msg_len = unhexify( message_str, "48b2b6a57a63c84cea859d65c668284b08d96bdcaabe252db0e4a96cb1bac6019341db6fbefb8d106b0e90eda6bcc6c6262f37e7ea9c7e5d226bd7df85ec5e71efff2f54c5db577ff729ff91b842491de2741d0c631607df586b905b23b91af13da12304bf83eca8a73e871ff9db" ); 14780 unhexify( result_str, "6e3e4d7b6b15d2fb46013b8900aa5bbb3939cf2c095717987042026ee62c74c54cffd5d7d57efbbf950a0f5c574fa09d3fc1c9f513b05b4ff50dd8df7edfa20102854c35e592180119a70ce5b085182aa02d9ea2aa90d1df03f2daae885ba2f5d05afdac97476f06b93b5bc94a1a80aa9116c4d615f333b098892b25fface266f5db5a5a3bcc10a824ed55aad35b727834fb8c07da28fcf416a5d9b2224f1f8b442b36f91e456fdea2d7cfe3367268de0307a4c74e924159ed33393d5e0655531c77327b89821bdedf880161c78cd4196b5419f7acc3f13e5ebf161b6e7c6724716ca33b85c2e25640192ac2859651d50bde7eb976e51cec828b98b6563b86bb" ); 14781 14782 switch( SIG_RSA_SHA1 ) 14783 { 14784 #ifdef POLARSSL_MD2_C 14785 case SIG_RSA_MD2: 14786 md2( message_str, msg_len, hash_result ); 14787 break; 14788 #endif 14789 #ifdef POLARSSL_MD4_C 14790 case SIG_RSA_MD4: 14791 md4( message_str, msg_len, hash_result ); 14792 break; 14793 #endif 14794 #ifdef POLARSSL_MD5_C 14795 case SIG_RSA_MD5: 14796 md5( message_str, msg_len, hash_result ); 14797 break; 14798 #endif 14799 #ifdef POLARSSL_SHA1_C 14800 case SIG_RSA_SHA1: 14801 sha1( message_str, msg_len, hash_result ); 14802 break; 14803 #endif 14804 #ifdef POLARSSL_SHA2_C 14805 case SIG_RSA_SHA224: 14806 sha2( message_str, msg_len, hash_result, 1 ); 14807 break; 14808 case SIG_RSA_SHA256: 14809 sha2( message_str, msg_len, hash_result, 0 ); 14810 break; 14811 #endif 14812 #ifdef POLARSSL_SHA4_C 14813 case SIG_RSA_SHA384: 14814 sha4( message_str, msg_len, hash_result, 1 ); 14815 break; 14816 case SIG_RSA_SHA512: 14817 sha4( message_str, msg_len, hash_result, 0 ); 14818 break; 14819 #endif 14820 } 14821 14822 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 14823 } 14824 FCT_TEST_END(); 14825 14826 14827 FCT_TEST_BGN(rsassa_pss_signature_example_10_4) 14828 { 14829 unsigned char message_str[1000]; 14830 unsigned char hash_result[1000]; 14831 unsigned char output[1000]; 14832 unsigned char output_str[1000]; 14833 unsigned char rnd_buf[1000]; 14834 rsa_context ctx; 14835 mpi P1, Q1, H, G; 14836 size_t msg_len; 14837 rnd_buf_info info; 14838 14839 info.length = unhexify( rnd_buf, "c7cd698d84b65128d8835e3a8b1eb0e01cb541ec" ); 14840 info.buf = rnd_buf; 14841 14842 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 14843 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 14844 14845 memset( message_str, 0x00, 1000 ); 14846 memset( hash_result, 0x00, 1000 ); 14847 memset( output, 0x00, 1000 ); 14848 memset( output_str, 0x00, 1000 ); 14849 14850 ctx.len = 2048 / 8 + ( ( 2048 % 8 ) ? 1 : 0 ); 14851 fct_chk( mpi_read_string( &ctx.P, 16, "cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb" ) == 0 ); 14852 fct_chk( mpi_read_string( &ctx.Q, 16, "cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf" ) == 0 ); 14853 fct_chk( mpi_read_string( &ctx.N, 16, "a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05" ) == 0 ); 14854 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 14855 14856 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 14857 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 14858 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 14859 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 14860 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 14861 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 14862 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 14863 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 14864 14865 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 14866 14867 msg_len = unhexify( message_str, "0b8777c7f839baf0a64bbbdbc5ce79755c57a205b845c174e2d2e90546a089c4e6ec8adffa23a7ea97bae6b65d782b82db5d2b5a56d22a29a05e7c4433e2b82a621abba90add05ce393fc48a840542451a" ); 14868 14869 switch( SIG_RSA_SHA1 ) 14870 { 14871 #ifdef POLARSSL_MD2_C 14872 case SIG_RSA_MD2: 14873 md2( message_str, msg_len, hash_result ); 14874 break; 14875 #endif 14876 #ifdef POLARSSL_MD4_C 14877 case SIG_RSA_MD4: 14878 md4( message_str, msg_len, hash_result ); 14879 break; 14880 #endif 14881 #ifdef POLARSSL_MD5_C 14882 case SIG_RSA_MD5: 14883 md5( message_str, msg_len, hash_result ); 14884 break; 14885 #endif 14886 #ifdef POLARSSL_SHA1_C 14887 case SIG_RSA_SHA1: 14888 sha1( message_str, msg_len, hash_result ); 14889 break; 14890 #endif 14891 #ifdef POLARSSL_SHA2_C 14892 case SIG_RSA_SHA224: 14893 sha2( message_str, msg_len, hash_result, 1 ); 14894 break; 14895 case SIG_RSA_SHA256: 14896 sha2( message_str, msg_len, hash_result, 0 ); 14897 break; 14898 #endif 14899 #ifdef POLARSSL_SHA4_C 14900 case SIG_RSA_SHA384: 14901 sha4( message_str, msg_len, hash_result, 1 ); 14902 break; 14903 case SIG_RSA_SHA512: 14904 sha4( message_str, msg_len, hash_result, 0 ); 14905 break; 14906 #endif 14907 } 14908 14909 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 14910 if( 0 == 0 ) 14911 { 14912 hexify( output_str, output, ctx.len); 14913 14914 fct_chk( strcasecmp( (char *) output_str, "34047ff96c4dc0dc90b2d4ff59a1a361a4754b255d2ee0af7d8bf87c9bc9e7ddeede33934c63ca1c0e3d262cb145ef932a1f2c0a997aa6a34f8eaee7477d82ccf09095a6b8acad38d4eec9fb7eab7ad02da1d11d8e54c1825e55bf58c2a23234b902be124f9e9038a8f68fa45dab72f66e0945bf1d8bacc9044c6f07098c9fcec58a3aab100c805178155f030a124c450e5acbda47d0e4f10b80a23f803e774d023b0015c20b9f9bbe7c91296338d5ecb471cafb032007b67a60be5f69504a9f01abb3cb467b260e2bce860be8d95bf92c0c8e1496ed1e528593a4abb6df462dde8a0968dffe4683116857a232f5ebf6c85be238745ad0f38f767a5fdbf486fb" ) == 0 ); 14915 } 14916 14917 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 14918 } 14919 FCT_TEST_END(); 14920 14921 14922 FCT_TEST_BGN(rsassa_pss_signature_example_10_4_verify) 14923 { 14924 unsigned char message_str[1000]; 14925 unsigned char hash_result[1000]; 14926 unsigned char result_str[1000]; 14927 rsa_context ctx; 14928 size_t msg_len; 14929 14930 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 14931 memset( message_str, 0x00, 1000 ); 14932 memset( hash_result, 0x00, 1000 ); 14933 memset( result_str, 0x00, 1000 ); 14934 14935 ctx.len = 2048 / 8 + ( ( 2048 % 8 ) ? 1 : 0 ); 14936 fct_chk( mpi_read_string( &ctx.N, 16, "a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05" ) == 0 ); 14937 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 14938 14939 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 14940 14941 msg_len = unhexify( message_str, "0b8777c7f839baf0a64bbbdbc5ce79755c57a205b845c174e2d2e90546a089c4e6ec8adffa23a7ea97bae6b65d782b82db5d2b5a56d22a29a05e7c4433e2b82a621abba90add05ce393fc48a840542451a" ); 14942 unhexify( result_str, "34047ff96c4dc0dc90b2d4ff59a1a361a4754b255d2ee0af7d8bf87c9bc9e7ddeede33934c63ca1c0e3d262cb145ef932a1f2c0a997aa6a34f8eaee7477d82ccf09095a6b8acad38d4eec9fb7eab7ad02da1d11d8e54c1825e55bf58c2a23234b902be124f9e9038a8f68fa45dab72f66e0945bf1d8bacc9044c6f07098c9fcec58a3aab100c805178155f030a124c450e5acbda47d0e4f10b80a23f803e774d023b0015c20b9f9bbe7c91296338d5ecb471cafb032007b67a60be5f69504a9f01abb3cb467b260e2bce860be8d95bf92c0c8e1496ed1e528593a4abb6df462dde8a0968dffe4683116857a232f5ebf6c85be238745ad0f38f767a5fdbf486fb" ); 14943 14944 switch( SIG_RSA_SHA1 ) 14945 { 14946 #ifdef POLARSSL_MD2_C 14947 case SIG_RSA_MD2: 14948 md2( message_str, msg_len, hash_result ); 14949 break; 14950 #endif 14951 #ifdef POLARSSL_MD4_C 14952 case SIG_RSA_MD4: 14953 md4( message_str, msg_len, hash_result ); 14954 break; 14955 #endif 14956 #ifdef POLARSSL_MD5_C 14957 case SIG_RSA_MD5: 14958 md5( message_str, msg_len, hash_result ); 14959 break; 14960 #endif 14961 #ifdef POLARSSL_SHA1_C 14962 case SIG_RSA_SHA1: 14963 sha1( message_str, msg_len, hash_result ); 14964 break; 14965 #endif 14966 #ifdef POLARSSL_SHA2_C 14967 case SIG_RSA_SHA224: 14968 sha2( message_str, msg_len, hash_result, 1 ); 14969 break; 14970 case SIG_RSA_SHA256: 14971 sha2( message_str, msg_len, hash_result, 0 ); 14972 break; 14973 #endif 14974 #ifdef POLARSSL_SHA4_C 14975 case SIG_RSA_SHA384: 14976 sha4( message_str, msg_len, hash_result, 1 ); 14977 break; 14978 case SIG_RSA_SHA512: 14979 sha4( message_str, msg_len, hash_result, 0 ); 14980 break; 14981 #endif 14982 } 14983 14984 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 14985 } 14986 FCT_TEST_END(); 14987 14988 14989 FCT_TEST_BGN(rsassa_pss_signature_example_10_5) 14990 { 14991 unsigned char message_str[1000]; 14992 unsigned char hash_result[1000]; 14993 unsigned char output[1000]; 14994 unsigned char output_str[1000]; 14995 unsigned char rnd_buf[1000]; 14996 rsa_context ctx; 14997 mpi P1, Q1, H, G; 14998 size_t msg_len; 14999 rnd_buf_info info; 15000 15001 info.length = unhexify( rnd_buf, "efa8bff96212b2f4a3f371a10d574152655f5dfb" ); 15002 info.buf = rnd_buf; 15003 15004 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 15005 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 15006 15007 memset( message_str, 0x00, 1000 ); 15008 memset( hash_result, 0x00, 1000 ); 15009 memset( output, 0x00, 1000 ); 15010 memset( output_str, 0x00, 1000 ); 15011 15012 ctx.len = 2048 / 8 + ( ( 2048 % 8 ) ? 1 : 0 ); 15013 fct_chk( mpi_read_string( &ctx.P, 16, "cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb" ) == 0 ); 15014 fct_chk( mpi_read_string( &ctx.Q, 16, "cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf" ) == 0 ); 15015 fct_chk( mpi_read_string( &ctx.N, 16, "a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05" ) == 0 ); 15016 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 15017 15018 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 15019 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 15020 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 15021 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 15022 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 15023 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 15024 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 15025 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 15026 15027 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 15028 15029 msg_len = unhexify( message_str, "f1036e008e71e964dadc9219ed30e17f06b4b68a955c16b312b1eddf028b74976bed6b3f6a63d4e77859243c9cccdc98016523abb02483b35591c33aad81213bb7c7bb1a470aabc10d44256c4d4559d916" ); 15030 15031 switch( SIG_RSA_SHA1 ) 15032 { 15033 #ifdef POLARSSL_MD2_C 15034 case SIG_RSA_MD2: 15035 md2( message_str, msg_len, hash_result ); 15036 break; 15037 #endif 15038 #ifdef POLARSSL_MD4_C 15039 case SIG_RSA_MD4: 15040 md4( message_str, msg_len, hash_result ); 15041 break; 15042 #endif 15043 #ifdef POLARSSL_MD5_C 15044 case SIG_RSA_MD5: 15045 md5( message_str, msg_len, hash_result ); 15046 break; 15047 #endif 15048 #ifdef POLARSSL_SHA1_C 15049 case SIG_RSA_SHA1: 15050 sha1( message_str, msg_len, hash_result ); 15051 break; 15052 #endif 15053 #ifdef POLARSSL_SHA2_C 15054 case SIG_RSA_SHA224: 15055 sha2( message_str, msg_len, hash_result, 1 ); 15056 break; 15057 case SIG_RSA_SHA256: 15058 sha2( message_str, msg_len, hash_result, 0 ); 15059 break; 15060 #endif 15061 #ifdef POLARSSL_SHA4_C 15062 case SIG_RSA_SHA384: 15063 sha4( message_str, msg_len, hash_result, 1 ); 15064 break; 15065 case SIG_RSA_SHA512: 15066 sha4( message_str, msg_len, hash_result, 0 ); 15067 break; 15068 #endif 15069 } 15070 15071 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 15072 if( 0 == 0 ) 15073 { 15074 hexify( output_str, output, ctx.len); 15075 15076 fct_chk( strcasecmp( (char *) output_str, "7e0935ea18f4d6c1d17ce82eb2b3836c55b384589ce19dfe743363ac9948d1f346b7bfddfe92efd78adb21faefc89ade42b10f374003fe122e67429a1cb8cbd1f8d9014564c44d120116f4990f1a6e38774c194bd1b8213286b077b0499d2e7b3f434ab12289c556684deed78131934bb3dd6537236f7c6f3dcb09d476be07721e37e1ceed9b2f7b406887bd53157305e1c8b4f84d733bc1e186fe06cc59b6edb8f4bd7ffefdf4f7ba9cfb9d570689b5a1a4109a746a690893db3799255a0cb9215d2d1cd490590e952e8c8786aa0011265252470c041dfbc3eec7c3cbf71c24869d115c0cb4a956f56d530b80ab589acfefc690751ddf36e8d383f83cedd2cc" ) == 0 ); 15077 } 15078 15079 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 15080 } 15081 FCT_TEST_END(); 15082 15083 15084 FCT_TEST_BGN(rsassa_pss_signature_example_10_5_verify) 15085 { 15086 unsigned char message_str[1000]; 15087 unsigned char hash_result[1000]; 15088 unsigned char result_str[1000]; 15089 rsa_context ctx; 15090 size_t msg_len; 15091 15092 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 15093 memset( message_str, 0x00, 1000 ); 15094 memset( hash_result, 0x00, 1000 ); 15095 memset( result_str, 0x00, 1000 ); 15096 15097 ctx.len = 2048 / 8 + ( ( 2048 % 8 ) ? 1 : 0 ); 15098 fct_chk( mpi_read_string( &ctx.N, 16, "a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05" ) == 0 ); 15099 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 15100 15101 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 15102 15103 msg_len = unhexify( message_str, "f1036e008e71e964dadc9219ed30e17f06b4b68a955c16b312b1eddf028b74976bed6b3f6a63d4e77859243c9cccdc98016523abb02483b35591c33aad81213bb7c7bb1a470aabc10d44256c4d4559d916" ); 15104 unhexify( result_str, "7e0935ea18f4d6c1d17ce82eb2b3836c55b384589ce19dfe743363ac9948d1f346b7bfddfe92efd78adb21faefc89ade42b10f374003fe122e67429a1cb8cbd1f8d9014564c44d120116f4990f1a6e38774c194bd1b8213286b077b0499d2e7b3f434ab12289c556684deed78131934bb3dd6537236f7c6f3dcb09d476be07721e37e1ceed9b2f7b406887bd53157305e1c8b4f84d733bc1e186fe06cc59b6edb8f4bd7ffefdf4f7ba9cfb9d570689b5a1a4109a746a690893db3799255a0cb9215d2d1cd490590e952e8c8786aa0011265252470c041dfbc3eec7c3cbf71c24869d115c0cb4a956f56d530b80ab589acfefc690751ddf36e8d383f83cedd2cc" ); 15105 15106 switch( SIG_RSA_SHA1 ) 15107 { 15108 #ifdef POLARSSL_MD2_C 15109 case SIG_RSA_MD2: 15110 md2( message_str, msg_len, hash_result ); 15111 break; 15112 #endif 15113 #ifdef POLARSSL_MD4_C 15114 case SIG_RSA_MD4: 15115 md4( message_str, msg_len, hash_result ); 15116 break; 15117 #endif 15118 #ifdef POLARSSL_MD5_C 15119 case SIG_RSA_MD5: 15120 md5( message_str, msg_len, hash_result ); 15121 break; 15122 #endif 15123 #ifdef POLARSSL_SHA1_C 15124 case SIG_RSA_SHA1: 15125 sha1( message_str, msg_len, hash_result ); 15126 break; 15127 #endif 15128 #ifdef POLARSSL_SHA2_C 15129 case SIG_RSA_SHA224: 15130 sha2( message_str, msg_len, hash_result, 1 ); 15131 break; 15132 case SIG_RSA_SHA256: 15133 sha2( message_str, msg_len, hash_result, 0 ); 15134 break; 15135 #endif 15136 #ifdef POLARSSL_SHA4_C 15137 case SIG_RSA_SHA384: 15138 sha4( message_str, msg_len, hash_result, 1 ); 15139 break; 15140 case SIG_RSA_SHA512: 15141 sha4( message_str, msg_len, hash_result, 0 ); 15142 break; 15143 #endif 15144 } 15145 15146 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 15147 } 15148 FCT_TEST_END(); 15149 15150 15151 FCT_TEST_BGN(rsassa_pss_signature_example_10_6) 15152 { 15153 unsigned char message_str[1000]; 15154 unsigned char hash_result[1000]; 15155 unsigned char output[1000]; 15156 unsigned char output_str[1000]; 15157 unsigned char rnd_buf[1000]; 15158 rsa_context ctx; 15159 mpi P1, Q1, H, G; 15160 size_t msg_len; 15161 rnd_buf_info info; 15162 15163 info.length = unhexify( rnd_buf, "ad8b1523703646224b660b550885917ca2d1df28" ); 15164 info.buf = rnd_buf; 15165 15166 mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); 15167 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 15168 15169 memset( message_str, 0x00, 1000 ); 15170 memset( hash_result, 0x00, 1000 ); 15171 memset( output, 0x00, 1000 ); 15172 memset( output_str, 0x00, 1000 ); 15173 15174 ctx.len = 2048 / 8 + ( ( 2048 % 8 ) ? 1 : 0 ); 15175 fct_chk( mpi_read_string( &ctx.P, 16, "cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb" ) == 0 ); 15176 fct_chk( mpi_read_string( &ctx.Q, 16, "cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf" ) == 0 ); 15177 fct_chk( mpi_read_string( &ctx.N, 16, "a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05" ) == 0 ); 15178 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 15179 15180 fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 ); 15181 fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 ); 15182 fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 ); 15183 fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 ); 15184 fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 ); 15185 fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 ); 15186 fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 ); 15187 fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 ); 15188 15189 fct_chk( rsa_check_privkey( &ctx ) == 0 ); 15190 15191 msg_len = unhexify( message_str, "25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7" ); 15192 15193 switch( SIG_RSA_SHA1 ) 15194 { 15195 #ifdef POLARSSL_MD2_C 15196 case SIG_RSA_MD2: 15197 md2( message_str, msg_len, hash_result ); 15198 break; 15199 #endif 15200 #ifdef POLARSSL_MD4_C 15201 case SIG_RSA_MD4: 15202 md4( message_str, msg_len, hash_result ); 15203 break; 15204 #endif 15205 #ifdef POLARSSL_MD5_C 15206 case SIG_RSA_MD5: 15207 md5( message_str, msg_len, hash_result ); 15208 break; 15209 #endif 15210 #ifdef POLARSSL_SHA1_C 15211 case SIG_RSA_SHA1: 15212 sha1( message_str, msg_len, hash_result ); 15213 break; 15214 #endif 15215 #ifdef POLARSSL_SHA2_C 15216 case SIG_RSA_SHA224: 15217 sha2( message_str, msg_len, hash_result, 1 ); 15218 break; 15219 case SIG_RSA_SHA256: 15220 sha2( message_str, msg_len, hash_result, 0 ); 15221 break; 15222 #endif 15223 #ifdef POLARSSL_SHA4_C 15224 case SIG_RSA_SHA384: 15225 sha4( message_str, msg_len, hash_result, 1 ); 15226 break; 15227 case SIG_RSA_SHA512: 15228 sha4( message_str, msg_len, hash_result, 0 ); 15229 break; 15230 #endif 15231 } 15232 15233 fct_chk( rsa_pkcs1_sign( &ctx, &rnd_buffer_rand, &info, RSA_PRIVATE, SIG_RSA_SHA1, 0, hash_result, output ) == 0 ); 15234 if( 0 == 0 ) 15235 { 15236 hexify( output_str, output, ctx.len); 15237 15238 fct_chk( strcasecmp( (char *) output_str, "6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f" ) == 0 ); 15239 } 15240 15241 mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); 15242 } 15243 FCT_TEST_END(); 15244 15245 15246 FCT_TEST_BGN(rsassa_pss_signature_example_10_6_verify) 15247 { 15248 unsigned char message_str[1000]; 15249 unsigned char hash_result[1000]; 15250 unsigned char result_str[1000]; 15251 rsa_context ctx; 15252 size_t msg_len; 15253 15254 rsa_init( &ctx, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); 15255 memset( message_str, 0x00, 1000 ); 15256 memset( hash_result, 0x00, 1000 ); 15257 memset( result_str, 0x00, 1000 ); 15258 15259 ctx.len = 2048 / 8 + ( ( 2048 % 8 ) ? 1 : 0 ); 15260 fct_chk( mpi_read_string( &ctx.N, 16, "a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05" ) == 0 ); 15261 fct_chk( mpi_read_string( &ctx.E, 16, "010001" ) == 0 ); 15262 15263 fct_chk( rsa_check_pubkey( &ctx ) == 0 ); 15264 15265 msg_len = unhexify( message_str, "25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7" ); 15266 unhexify( result_str, "6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f" ); 15267 15268 switch( SIG_RSA_SHA1 ) 15269 { 15270 #ifdef POLARSSL_MD2_C 15271 case SIG_RSA_MD2: 15272 md2( message_str, msg_len, hash_result ); 15273 break; 15274 #endif 15275 #ifdef POLARSSL_MD4_C 15276 case SIG_RSA_MD4: 15277 md4( message_str, msg_len, hash_result ); 15278 break; 15279 #endif 15280 #ifdef POLARSSL_MD5_C 15281 case SIG_RSA_MD5: 15282 md5( message_str, msg_len, hash_result ); 15283 break; 15284 #endif 15285 #ifdef POLARSSL_SHA1_C 15286 case SIG_RSA_SHA1: 15287 sha1( message_str, msg_len, hash_result ); 15288 break; 15289 #endif 15290 #ifdef POLARSSL_SHA2_C 15291 case SIG_RSA_SHA224: 15292 sha2( message_str, msg_len, hash_result, 1 ); 15293 break; 15294 case SIG_RSA_SHA256: 15295 sha2( message_str, msg_len, hash_result, 0 ); 15296 break; 15297 #endif 15298 #ifdef POLARSSL_SHA4_C 15299 case SIG_RSA_SHA384: 15300 sha4( message_str, msg_len, hash_result, 1 ); 15301 break; 15302 case SIG_RSA_SHA512: 15303 sha4( message_str, msg_len, hash_result, 0 ); 15304 break; 15305 #endif 15306 } 15307 15308 fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 ); 15309 } 15310 FCT_TEST_END(); 15311 15312 } 15313 FCT_SUITE_END(); 15314 15315 #endif /* POLARSSL_PKCS1_V21 */ 15316 #endif /* POLARSSL_RSA_C */ 15317 #endif /* POLARSSL_BIGNUM_C */ 15318 #endif /* POLARSSL_SHA1_C */ 15319 #endif /* POLARSSL_GENPRIME */ 15320 15321 } 15322 FCT_END(); 15323