cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-10-30 19:20:40 -04:00
Code Issues Packages Projects Releases Wiki Activity

Rename rsa_check_params->rsa_validate_params and change error codes

Browse Source
This commit is contained in:
Hanno Becker 2017-08-25 07:54:27 +01:00
parent fb81c0ec2e
commit 750e8b4596
4 changed files with 86 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
include/mbedtls/rsa.h
View File

@ -186,24 +186,17 @@ int mbedtls_rsa_deduce_crt( const mbedtls_mpi *P, const mbedtls_mpi *Q,
* if D,E,P,Q != NULL * if D,E,P,Q != NULL
* - P prime if f_rng, P != NULL * - P prime if f_rng, P != NULL
* - Q prime if f_rng, Q != NULL * - Q prime if f_rng, Q != NULL
* - A non-zero error code otherwise. In this case, the values * - A non-zero error code otherwise.
* of N, P, Q, D, E are undefined.
* *
* \note The function can be used with a restricted set of arguments * \note The function can be used with a restricted set of arguments
* to perform specific checks only. E.g., calling it with * to perform specific checks only. E.g., calling it with
* (-,P,-,-,-) and a PRNG amounts to a primality check for P. * (-,P,-,-,-) and a PRNG amounts to a primality check for P.
*
* \note The input MPI's are deliberately not declared as constant
* and may therefore be used for in-place calculations by
* the implementation. In particular, their values can be
* corrupted when the function fails. If the user cannot
* tolerate this, he has to make copies of the MPI's prior
* to calling this function. See \c mbedtls_mpi_copy for this.
*/ */
int mbedtls_rsa_check_params( mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q, int mbedtls_rsa_validate_params( const mbedtls_mpi *N, const mbedtls_mpi *P,
mbedtls_mpi *D, mbedtls_mpi *E, const mbedtls_mpi *Q, const mbedtls_mpi *D,
int (*f_rng)(void *, unsigned char *, size_t), const mbedtls_mpi *E,
void *p_rng ); int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
/** /**
* Implementation of RSA interface * Implementation of RSA interface
@ -374,7 +367,7 @@ int mbedtls_rsa_import_raw( mbedtls_rsa_context *ctx,
* \return - 0 if successful. In this case, all core parameters * \return - 0 if successful. In this case, all core parameters
* as well as other internally needed parameters have * as well as other internally needed parameters have
* been generated, and it is guaranteed that they are * been generated, and it is guaranteed that they are
* sane in the sense of \c mbedtls_rsa_check_params * sane in the sense of \c mbedtls_rsa_validate_params
* (with primality of P, Q checked if a PRNG is given). * (with primality of P, Q checked if a PRNG is given).
* - MBEDTLS_ERR_RSA_BAD_INPUT_DATA if the attempted * - MBEDTLS_ERR_RSA_BAD_INPUT_DATA if the attempted
* derivations failed. * derivations failed.

69
library/rsa.c
View File

@ -331,7 +331,7 @@ int mbedtls_rsa_deduce_private( mbedtls_mpi *P, mbedtls_mpi *Q,
MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( Q, Q, 1 ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( Q, Q, 1 ) );
/* Double-check result */ /* Double-check result */
MBEDTLS_MPI_CHK( mbedtls_rsa_check_params( NULL, P, Q, D, E, NULL, NULL ) ); MBEDTLS_MPI_CHK( mbedtls_rsa_validate_params( NULL, P, Q, D, E, NULL, NULL ) );
cleanup: cleanup:
@ -342,20 +342,19 @@ cleanup:
/* /*
* Check that core RSA parameters are sane. * Check that core RSA parameters are sane.
*
* Note that the inputs are not declared const and may be
* altered on an unsuccessful run.
*/ */
int mbedtls_rsa_check_params( mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q, int mbedtls_rsa_validate_params( const mbedtls_mpi *N, const mbedtls_mpi *P,
mbedtls_mpi *D, mbedtls_mpi *E, const mbedtls_mpi *Q, const mbedtls_mpi *D,
int (*f_rng)(void *, unsigned char *, size_t), const mbedtls_mpi *E,
void *p_rng ) int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
{ {
int ret = 0; int ret = 0;
mbedtls_mpi K; mbedtls_mpi K, L;
mbedtls_mpi_init( &K ); mbedtls_mpi_init( &K );
mbedtls_mpi_init( &L );
/* /*
* Step 1: If PRNG provided, check that P and Q are prime * Step 1: If PRNG provided, check that P and Q are prime
@ -365,12 +364,14 @@ int mbedtls_rsa_check_params( mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q,
if( f_rng != NULL && P != NULL && if( f_rng != NULL && P != NULL &&
( ret = mbedtls_mpi_is_prime( P, f_rng, p_rng ) ) != 0 ) ( ret = mbedtls_mpi_is_prime( P, f_rng, p_rng ) ) != 0 )
{ {
ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
goto cleanup; goto cleanup;
} }
if( f_rng != NULL && Q != NULL && if( f_rng != NULL && Q != NULL &&
( ret = mbedtls_mpi_is_prime( Q, f_rng, p_rng ) ) != 0 ) ( ret = mbedtls_mpi_is_prime( Q, f_rng, p_rng ) ) != 0 )
{ {
ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
goto cleanup; goto cleanup;
} }
#else #else
@ -385,9 +386,10 @@ int mbedtls_rsa_check_params( mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q,
if( P != NULL && Q != NULL && N != NULL ) if( P != NULL && Q != NULL && N != NULL )
{ {
MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &K, P, Q ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &K, P, Q ) );
if( mbedtls_mpi_cmp_mpi( &K, N ) != 0 ) if( mbedtls_mpi_cmp_int( N, 1 ) <= 0 ||
mbedtls_mpi_cmp_mpi( &K, N ) != 0 )
{ {
ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA; ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
goto cleanup; goto cleanup;
} }
} }
@ -398,37 +400,48 @@ int mbedtls_rsa_check_params( mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q,
if( P != NULL && Q != NULL && D != NULL && E != NULL ) if( P != NULL && Q != NULL && D != NULL && E != NULL )
{ {
/* Temporarily replace P, Q by P-1, Q-1. */ if( mbedtls_mpi_cmp_int( P, 1 ) <= 0 ||
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( P, P, 1 ) ); mbedtls_mpi_cmp_int( Q, 1 ) <= 0 ||
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( Q, Q, 1 ) ); mbedtls_mpi_cmp_int( D, 1 ) <= 0 ||
mbedtls_mpi_cmp_int( E, 1 ) <= 0 )
MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &K, D, E ) ); {
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, &K, 1 ) ); ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
goto cleanup;
}
/* Compute DE-1 mod P-1 */ /* Compute DE-1 mod P-1 */
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &K, &K, P ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &K, D, E ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, &K, 1 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &L, P, 1 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &K, &K, &L ) );
if( mbedtls_mpi_cmp_int( &K, 0 ) != 0 ) if( mbedtls_mpi_cmp_int( &K, 0 ) != 0 )
{ {
ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA; ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
goto cleanup; goto cleanup;
} }
/* Compute DE-1 mod Q-1 */ /* Compute DE-1 mod Q-1 */
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &K, &K, Q ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &K, D, E ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, &K, 1 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &L, Q, 1 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &K, &K, &L ) );
if( mbedtls_mpi_cmp_int( &K, 0 ) != 0 ) if( mbedtls_mpi_cmp_int( &K, 0 ) != 0 )
{ {
ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA; ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
goto cleanup; goto cleanup;
} }
/* Restore P, Q. */
MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( P, P, 1 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( Q, Q, 1 ) );
} }
cleanup: cleanup:
mbedtls_mpi_free( &K ); mbedtls_mpi_free( &K );
mbedtls_mpi_free( &L );
/* Wrap MPI error codes by RSA check failure error code */
if( ret != 0 && ret != MBEDTLS_ERR_RSA_KEY_CHECK_FAILED )
{
ret += MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
}
return( ret ); return( ret );
} }
@ -605,9 +618,9 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx,
else if( complete ) else if( complete )
{ {
/* Check complete set of imported core parameters. */ /* Check complete set of imported core parameters. */
if( ( ret = mbedtls_rsa_check_params( &ctx->N, &ctx->P, &ctx->Q, if( ( ret = mbedtls_rsa_validate_params( &ctx->N, &ctx->P, &ctx->Q,
&ctx->D, &ctx->E, &ctx->D, &ctx->E,
f_rng, p_rng ) ) != 0 ) f_rng, p_rng ) ) != 0 )
{ {
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret ); return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret );
} }

46
tests/suites/test_suite_rsa.data
View File

@ -1,4 +1,4 @@
RSA PKCS1 Verify v1.5 CAVS #1 <sRSA PKCS1 Verify v1.5 CAVS #1
depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15 depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
mbedtls_rsa_pkcs1_verify:"d6248c3e96b1a7e5fea978870fcc4c9786b4e5156e16b7faef4557d667f730b8bc4c784ef00c624df5309513c3a5de8ca94c2152e0459618666d3148092562ebc256ffca45b27fd2d63c68bd5e0a0aefbe496e9e63838a361b1db6fc272464f191490bf9c029643c49d2d9cd08833b8a70b4b3431f56fb1eb55ccd39e77a9c92":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"3203b7647fb7e345aa457681e5131777f1adc371f2fba8534928c4e52ef6206a856425d6269352ecbf64db2f6ad82397768cafdd8cd272e512d617ad67992226da6bc291c31404c17fd4b7e2beb20eff284a44f4d7af47fd6629e2c95809fa7f2241a04f70ac70d3271bb13258af1ed5c5988c95df7fa26603515791075feccd":MBEDTLS_ERR_RSA_VERIFY_FAILED mbedtls_rsa_pkcs1_verify:"d6248c3e96b1a7e5fea978870fcc4c9786b4e5156e16b7faef4557d667f730b8bc4c784ef00c624df5309513c3a5de8ca94c2152e0459618666d3148092562ebc256ffca45b27fd2d63c68bd5e0a0aefbe496e9e63838a361b1db6fc272464f191490bf9c029643c49d2d9cd08833b8a70b4b3431f56fb1eb55ccd39e77a9c92":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"3203b7647fb7e345aa457681e5131777f1adc371f2fba8534928c4e52ef6206a856425d6269352ecbf64db2f6ad82397768cafdd8cd272e512d617ad67992226da6bc291c31404c17fd4b7e2beb20eff284a44f4d7af47fd6629e2c95809fa7f2241a04f70ac70d3271bb13258af1ed5c5988c95df7fa26603515791075feccd":MBEDTLS_ERR_RSA_VERIFY_FAILED
@ -370,38 +370,38 @@ mbedtls_rsa_gen_key:2048:3:0
RSA Generate Key - 1025 bit key RSA Generate Key - 1025 bit key
mbedtls_rsa_gen_key:1025:3:MBEDTLS_ERR_RSA_BAD_INPUT_DATA mbedtls_rsa_gen_key:1025:3:MBEDTLS_ERR_RSA_BAD_INPUT_DATA
RSA Check Params, toy example RSA Validate Params, toy example
mbedtls_rsa_check_params:10:"15":10:"3":10:"5":10:"3":10:"3":0:0 mbedtls_rsa_validate_params:10:"15":10:"3":10:"5":10:"3":10:"3":0:0
RSA Check Params, toy example, N missing RSA Validate Params, toy example, N missing
mbedtls_rsa_check_params:10:"":10:"3":10:"5":10:"3":10:"3":0:0 mbedtls_rsa_validate_params:10:"":10:"3":10:"5":10:"3":10:"3":0:0
RSA Check Params, toy example, E missing RSA Validate Params, toy example, E missing
mbedtls_rsa_check_params:10:"15":10:"3":10:"5":10:"3":10:"":0:0 mbedtls_rsa_validate_params:10:"15":10:"3":10:"5":10:"3":10:"":0:0
RSA Check Params, toy example, corrupted RSA Validate Params, toy example, corrupted
mbedtls_rsa_check_params:10:"16":10:"3":10:"5":10:"3":10:"3":0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA mbedtls_rsa_validate_params:10:"16":10:"3":10:"5":10:"3":10:"3":0:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
RSA Check Params, toy example, non-primes, no PRNG RSA Validate Params, toy example, non-primes, no PRNG
mbedtls_rsa_check_params:10:"45":10:"9":10:"5":10:"7":10:"23":0:0 mbedtls_rsa_validate_params:10:"45":10:"9":10:"5":10:"7":10:"23":0:0
RSA Check Params, toy example, non-primes, PRNG RSA Validate Params, toy example, non-primes, PRNG
mbedtls_rsa_check_params:10:"45":10:"9":10:"5":10:"7":10:"23":1:MBEDTLS_ERR_MPI_NOT_ACCEPTABLE mbedtls_rsa_validate_params:10:"45":10:"9":10:"5":10:"7":10:"23":1:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
RSA Check Params RSA Validate Params
mbedtls_rsa_check_params:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":0:0 mbedtls_rsa_validate_params:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":0:0
RSA Check Params, N missing RSA Validate Params, N missing
mbedtls_rsa_check_params:16:"":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":0:0 mbedtls_rsa_validate_params:16:"":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":0:0
RSA Check Params, bad N RSA Validate Params, bad N
mbedtls_rsa_check_params:16:"b38bc65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA mbedtls_rsa_validate_params:16:"b38bc65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB":16:"3":0:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
RSA Check Params, non-prime, no PRNG RSA Validate Params, non-prime, no PRNG
mbedtls_rsa_check_params:16:"":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd18":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"":16:"":0:0 mbedtls_rsa_validate_params:16:"":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd18":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"":16:"":0:0
RSA Check Params, non-prime, PRNG RSA Validate Params, non-prime, PRNG
mbedtls_rsa_check_params:16:"":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd18":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"":16:"":1:MBEDTLS_ERR_MPI_NOT_ACCEPTABLE mbedtls_rsa_validate_params:16:"":16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd18":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"":16:"":1:MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
RSA Deduce Private, toy example RSA Deduce Private, toy example
mbedtls_rsa_deduce_private:10:"7":10:"11":10:"7":10:"13":0:0 mbedtls_rsa_deduce_private:10:"7":10:"11":10:"7":10:"13":0:0

30
tests/suites/test_suite_rsa.function
View File

@ -1041,8 +1041,8 @@ void mbedtls_rsa_export( int radix_N, char *input_N,
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &D, &De ) == 0 ); TEST_ASSERT( mbedtls_mpi_cmp_mpi( &D, &De ) == 0 );
/* While at it, perform a sanity check */ /* While at it, perform a sanity check */
TEST_ASSERT( mbedtls_rsa_check_params( &Ne, &Pe, &Qe, &De, &Ee, TEST_ASSERT( mbedtls_rsa_validate_params( &Ne, &Pe, &Qe, &De, &Ee,
NULL, NULL ) == 0 ); NULL, NULL ) == 0 );
} }
exit: exit:
@ -1060,12 +1060,12 @@ exit:
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE */ /* BEGIN_CASE */
void mbedtls_rsa_check_params( int radix_N, char *input_N, void mbedtls_rsa_validate_params( int radix_N, char *input_N,
int radix_P, char *input_P, int radix_P, char *input_P,
int radix_Q, char *input_Q, int radix_Q, char *input_Q,
int radix_D, char *input_D, int radix_D, char *input_D,
int radix_E, char *input_E, int radix_E, char *input_E,
int prng, int result ) int prng, int result )
{ {
/* Original MPI's with which we set up the RSA context */ /* Original MPI's with which we set up the RSA context */
mbedtls_mpi N, P, Q, D, E; mbedtls_mpi N, P, Q, D, E;
@ -1105,13 +1105,13 @@ void mbedtls_rsa_check_params( int radix_N, char *input_N,
if( have_E ) if( have_E )
TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 ); TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_check_params( have_N ? &N : NULL, TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL,
have_P ? &P : NULL, have_P ? &P : NULL,
have_Q ? &Q : NULL, have_Q ? &Q : NULL,
have_D ? &D : NULL, have_D ? &D : NULL,
have_E ? &E : NULL, have_E ? &E : NULL,
prng ? mbedtls_ctr_drbg_random : NULL, prng ? mbedtls_ctr_drbg_random : NULL,
prng ? &ctr_drbg : NULL ) == result ); prng ? &ctr_drbg : NULL ) == result );
exit: exit:
mbedtls_ctr_drbg_free( &ctr_drbg ); mbedtls_ctr_drbg_free( &ctr_drbg );