PolarSSL v1.1.4
test_suite_rsa.c
Go to the documentation of this file.
1 #include "fct.h"
2 
3 #include <polarssl/rsa.h>
4 #include <polarssl/md2.h>
5 #include <polarssl/md4.h>
6 #include <polarssl/md5.h>
7 #include <polarssl/sha1.h>
8 #include <polarssl/sha2.h>
9 #include <polarssl/sha4.h>
10 #include <polarssl/entropy.h>
11 #include <polarssl/ctr_drbg.h>
12 
13 #include <polarssl/config.h>
14 
15 #ifdef _MSC_VER
16 #include <basetsd.h>
17 typedef UINT32 uint32_t;
18 #else
19 #include <inttypes.h>
20 #endif
21 
22 /*
23  * 32-bit integer manipulation macros (big endian)
24  */
25 #ifndef GET_ULONG_BE
26 #define GET_ULONG_BE(n,b,i) \
27 { \
28  (n) = ( (unsigned long) (b)[(i) ] << 24 ) \
29  | ( (unsigned long) (b)[(i) + 1] << 16 ) \
30  | ( (unsigned long) (b)[(i) + 2] << 8 ) \
31  | ( (unsigned long) (b)[(i) + 3] ); \
32 }
33 #endif
34 
35 #ifndef PUT_ULONG_BE
36 #define PUT_ULONG_BE(n,b,i) \
37 { \
38  (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
39  (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
40  (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
41  (b)[(i) + 3] = (unsigned char) ( (n) ); \
42 }
43 #endif
44 
45 int unhexify(unsigned char *obuf, const char *ibuf)
46 {
47  unsigned char c, c2;
48  int len = strlen(ibuf) / 2;
49  assert(!(strlen(ibuf) %1)); // must be even number of bytes
50 
51  while (*ibuf != 0)
52  {
53  c = *ibuf++;
54  if( c >= '0' && c <= '9' )
55  c -= '0';
56  else if( c >= 'a' && c <= 'f' )
57  c -= 'a' - 10;
58  else if( c >= 'A' && c <= 'F' )
59  c -= 'A' - 10;
60  else
61  assert( 0 );
62 
63  c2 = *ibuf++;
64  if( c2 >= '0' && c2 <= '9' )
65  c2 -= '0';
66  else if( c2 >= 'a' && c2 <= 'f' )
67  c2 -= 'a' - 10;
68  else if( c2 >= 'A' && c2 <= 'F' )
69  c2 -= 'A' - 10;
70  else
71  assert( 0 );
72 
73  *obuf++ = ( c << 4 ) | c2;
74  }
75 
76  return len;
77 }
78 
79 void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
80 {
81  unsigned char l, h;
82 
83  while (len != 0)
84  {
85  h = (*ibuf) / 16;
86  l = (*ibuf) % 16;
87 
88  if( h < 10 )
89  *obuf++ = '0' + h;
90  else
91  *obuf++ = 'a' + h - 10;
92 
93  if( l < 10 )
94  *obuf++ = '0' + l;
95  else
96  *obuf++ = 'a' + l - 10;
97 
98  ++ibuf;
99  len--;
100  }
101 }
102 
112 static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len )
113 {
114  size_t i;
115 
116  if( rng_state != NULL )
117  rng_state = NULL;
118 
119  for( i = 0; i < len; ++i )
120  output[i] = rand();
121 
122  return( 0 );
123 }
124 
130 static int rnd_zero_rand( void *rng_state, unsigned char *output, size_t len )
131 {
132  if( rng_state != NULL )
133  rng_state = NULL;
134 
135  memset( output, 0, len );
136 
137  return( 0 );
138 }
139 
140 typedef struct
141 {
142  unsigned char *buf;
143  size_t length;
144 } rnd_buf_info;
145 
157 static int rnd_buffer_rand( void *rng_state, unsigned char *output, size_t len )
158 {
159  rnd_buf_info *info = (rnd_buf_info *) rng_state;
160  size_t use_len;
161 
162  if( rng_state == NULL )
163  return( rnd_std_rand( NULL, output, len ) );
164 
165  use_len = len;
166  if( len > info->length )
167  use_len = info->length;
168 
169  if( use_len )
170  {
171  memcpy( output, info->buf, use_len );
172  info->buf += use_len;
173  info->length -= use_len;
174  }
175 
176  if( len - use_len > 0 )
177  return( rnd_std_rand( NULL, output + use_len, len - use_len ) );
178 
179  return( 0 );
180 }
181 
189 typedef struct
190 {
191  uint32_t key[16];
192  uint32_t v0, v1;
194 
203 static int rnd_pseudo_rand( void *rng_state, unsigned char *output, size_t len )
204 {
205  rnd_pseudo_info *info = (rnd_pseudo_info *) rng_state;
206  uint32_t i, *k, sum, delta=0x9E3779B9;
207  unsigned char result[4];
208 
209  if( rng_state == NULL )
210  return( rnd_std_rand( NULL, output, len ) );
211 
212  k = info->key;
213 
214  while( len > 0 )
215  {
216  size_t use_len = ( len > 4 ) ? 4 : len;
217  sum = 0;
218 
219  for( i = 0; i < 32; i++ )
220  {
221  info->v0 += (((info->v1 << 4) ^ (info->v1 >> 5)) + info->v1) ^ (sum + k[sum & 3]);
222  sum += delta;
223  info->v1 += (((info->v0 << 4) ^ (info->v0 >> 5)) + info->v0) ^ (sum + k[(sum>>11) & 3]);
224  }
225 
226  PUT_ULONG_BE( info->v0, result, 0 );
227  memcpy( output, result, use_len );
228  len -= use_len;
229  }
230 
231  return( 0 );
232 }
233 
234 
236 {
237 #ifdef POLARSSL_RSA_C
238 #ifdef POLARSSL_BIGNUM_C
239 #ifdef POLARSSL_GENPRIME
240 
241 
242  FCT_SUITE_BGN(test_suite_rsa)
243  {
244 #ifdef POLARSSL_SHA1_C
245 
246  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_1)
247  {
248  unsigned char message_str[1000];
249  unsigned char hash_result[1000];
250  unsigned char result_str[1000];
251  rsa_context ctx;
252  int msg_len;
253 
254  rsa_init( &ctx, RSA_PKCS_V15, 0 );
255  memset( message_str, 0x00, 1000 );
256  memset( hash_result, 0x00, 1000 );
257  memset( result_str, 0x00, 1000 );
258 
259  ctx.len = 1024 / 8;
260  fct_chk( mpi_read_string( &ctx.N, 16, "e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5" ) == 0 );
261  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
262 
263  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
264 
265  msg_len = unhexify( message_str, "d6248c3e96b1a7e5fea978870fcc4c9786b4e5156e16b7faef4557d667f730b8bc4c784ef00c624df5309513c3a5de8ca94c2152e0459618666d3148092562ebc256ffca45b27fd2d63c68bd5e0a0aefbe496e9e63838a361b1db6fc272464f191490bf9c029643c49d2d9cd08833b8a70b4b3431f56fb1eb55ccd39e77a9c92" );
266  unhexify( result_str, "3203b7647fb7e345aa457681e5131777f1adc371f2fba8534928c4e52ef6206a856425d6269352ecbf64db2f6ad82397768cafdd8cd272e512d617ad67992226da6bc291c31404c17fd4b7e2beb20eff284a44f4d7af47fd6629e2c95809fa7f2241a04f70ac70d3271bb13258af1ed5c5988c95df7fa26603515791075feccd" );
267 
268  switch( SIG_RSA_SHA1 )
269  {
270  #ifdef POLARSSL_MD2_C
271  case SIG_RSA_MD2:
272  md2( message_str, msg_len, hash_result );
273  break;
274  #endif
275  #ifdef POLARSSL_MD4_C
276  case SIG_RSA_MD4:
277  md4( message_str, msg_len, hash_result );
278  break;
279  #endif
280  #ifdef POLARSSL_MD5_C
281  case SIG_RSA_MD5:
282  md5( message_str, msg_len, hash_result );
283  break;
284  #endif
285  #ifdef POLARSSL_SHA1_C
286  case SIG_RSA_SHA1:
287  sha1( message_str, msg_len, hash_result );
288  break;
289  #endif
290  #ifdef POLARSSL_SHA2_C
291  case SIG_RSA_SHA224:
292  sha2( message_str, msg_len, hash_result, 1 );
293  break;
294  case SIG_RSA_SHA256:
295  sha2( message_str, msg_len, hash_result, 0 );
296  break;
297  #endif
298  #ifdef POLARSSL_SHA4_C
299  case SIG_RSA_SHA384:
300  sha4( message_str, msg_len, hash_result, 1 );
301  break;
302  case SIG_RSA_SHA512:
303  sha4( message_str, msg_len, hash_result, 0 );
304  break;
305  #endif
306  }
307 
308  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == POLARSSL_ERR_RSA_VERIFY_FAILED );
309  }
310  FCT_TEST_END();
311 #endif /* POLARSSL_SHA1_C */
312 
313 #ifdef POLARSSL_SHA1_C
314 
315  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_2)
316  {
317  unsigned char message_str[1000];
318  unsigned char hash_result[1000];
319  unsigned char result_str[1000];
320  rsa_context ctx;
321  int msg_len;
322 
323  rsa_init( &ctx, RSA_PKCS_V15, 0 );
324  memset( message_str, 0x00, 1000 );
325  memset( hash_result, 0x00, 1000 );
326  memset( result_str, 0x00, 1000 );
327 
328  ctx.len = 1024 / 8;
329  fct_chk( mpi_read_string( &ctx.N, 16, "e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5" ) == 0 );
330  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
331 
332  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
333 
334  msg_len = unhexify( message_str, "206ef4bf396c6087f8229ef196fd35f37ccb8de5efcdb238f20d556668f114257a11fbe038464a67830378e62ae9791453953dac1dbd7921837ba98e84e856eb80ed9487e656d0b20c28c8ba5e35db1abbed83ed1c7720a97701f709e3547a4bfcabca9c89c57ad15c3996577a0ae36d7c7b699035242f37954646c1cd5c08ac" );
335  unhexify( result_str, "5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7" );
336 
337  switch( SIG_RSA_SHA1 )
338  {
339  #ifdef POLARSSL_MD2_C
340  case SIG_RSA_MD2:
341  md2( message_str, msg_len, hash_result );
342  break;
343  #endif
344  #ifdef POLARSSL_MD4_C
345  case SIG_RSA_MD4:
346  md4( message_str, msg_len, hash_result );
347  break;
348  #endif
349  #ifdef POLARSSL_MD5_C
350  case SIG_RSA_MD5:
351  md5( message_str, msg_len, hash_result );
352  break;
353  #endif
354  #ifdef POLARSSL_SHA1_C
355  case SIG_RSA_SHA1:
356  sha1( message_str, msg_len, hash_result );
357  break;
358  #endif
359  #ifdef POLARSSL_SHA2_C
360  case SIG_RSA_SHA224:
361  sha2( message_str, msg_len, hash_result, 1 );
362  break;
363  case SIG_RSA_SHA256:
364  sha2( message_str, msg_len, hash_result, 0 );
365  break;
366  #endif
367  #ifdef POLARSSL_SHA4_C
368  case SIG_RSA_SHA384:
369  sha4( message_str, msg_len, hash_result, 1 );
370  break;
371  case SIG_RSA_SHA512:
372  sha4( message_str, msg_len, hash_result, 0 );
373  break;
374  #endif
375  }
376 
377  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 );
378  }
379  FCT_TEST_END();
380 #endif /* POLARSSL_SHA1_C */
381 
382 #ifdef POLARSSL_SHA1_C
383 
384  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_3)
385  {
386  unsigned char message_str[1000];
387  unsigned char hash_result[1000];
388  unsigned char result_str[1000];
389  rsa_context ctx;
390  int msg_len;
391 
392  rsa_init( &ctx, RSA_PKCS_V15, 0 );
393  memset( message_str, 0x00, 1000 );
394  memset( hash_result, 0x00, 1000 );
395  memset( result_str, 0x00, 1000 );
396 
397  ctx.len = 1024 / 8;
398  fct_chk( mpi_read_string( &ctx.N, 16, "e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5" ) == 0 );
399  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
400 
401  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
402 
403  msg_len = unhexify( message_str, "206ef4bf396c6087f8229ef196fd35f37ccb8de5efcdb238f20d556668f114257a11fbe038464a67830378e62ae9791453953dac1dbd7921837ba98e84e856eb80ed9487e656d0b20c28c8ba5e35db1abbed83ed1c7720a97701f709e3547a4bfcabca9c89c57ad15c3996577a0ae36d7c7b699035242f37954646c1cd5c08ac" );
404  unhexify( result_str, "5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7" );
405 
406  switch( SIG_RSA_SHA1 )
407  {
408  #ifdef POLARSSL_MD2_C
409  case SIG_RSA_MD2:
410  md2( message_str, msg_len, hash_result );
411  break;
412  #endif
413  #ifdef POLARSSL_MD4_C
414  case SIG_RSA_MD4:
415  md4( message_str, msg_len, hash_result );
416  break;
417  #endif
418  #ifdef POLARSSL_MD5_C
419  case SIG_RSA_MD5:
420  md5( message_str, msg_len, hash_result );
421  break;
422  #endif
423  #ifdef POLARSSL_SHA1_C
424  case SIG_RSA_SHA1:
425  sha1( message_str, msg_len, hash_result );
426  break;
427  #endif
428  #ifdef POLARSSL_SHA2_C
429  case SIG_RSA_SHA224:
430  sha2( message_str, msg_len, hash_result, 1 );
431  break;
432  case SIG_RSA_SHA256:
433  sha2( message_str, msg_len, hash_result, 0 );
434  break;
435  #endif
436  #ifdef POLARSSL_SHA4_C
437  case SIG_RSA_SHA384:
438  sha4( message_str, msg_len, hash_result, 1 );
439  break;
440  case SIG_RSA_SHA512:
441  sha4( message_str, msg_len, hash_result, 0 );
442  break;
443  #endif
444  }
445 
446  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 );
447  }
448  FCT_TEST_END();
449 #endif /* POLARSSL_SHA1_C */
450 
451 #ifdef POLARSSL_SHA2_C
452 
453  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_4)
454  {
455  unsigned char message_str[1000];
456  unsigned char hash_result[1000];
457  unsigned char result_str[1000];
458  rsa_context ctx;
459  int msg_len;
460 
461  rsa_init( &ctx, RSA_PKCS_V15, 0 );
462  memset( message_str, 0x00, 1000 );
463  memset( hash_result, 0x00, 1000 );
464  memset( result_str, 0x00, 1000 );
465 
466  ctx.len = 1024 / 8;
467  fct_chk( mpi_read_string( &ctx.N, 16, "e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5" ) == 0 );
468  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
469 
470  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
471 
472  msg_len = unhexify( message_str, "867ac26e11a13b7ac34a42a1e177648692861226effb55bb597fbde10f299bf7fffd6fc8ddb2a46a73b97b67387a461b23e1d65dc119366286979add615b926b9272832fc0c058b946fc752dcffceca12233f4c63f7897cbaa08aa7e07cf02b5e7e3e5ece252bf2fe61d163bce84c0e0368454a98e9fdebf6edbd70b290d549b" );
473  unhexify( result_str, "3bb7b1c5f3391de4549e2e96fd33afa4d647dd90e321d9d576f3808e32213e948b697ef4fd2dd12923de6ec3ffd625078a57f86af38dc07052bb50547c616ed51fa1352b3ab66788408168d21263ef2d3388d567d2ce8cf674f45491ab2b0319d47be1266bda39e343b2a38ea2d6aaaee6c4465aee1d7bb33e93a1c40a8e3ae4" );
474 
475  switch( SIG_RSA_SHA224 )
476  {
477  #ifdef POLARSSL_MD2_C
478  case SIG_RSA_MD2:
479  md2( message_str, msg_len, hash_result );
480  break;
481  #endif
482  #ifdef POLARSSL_MD4_C
483  case SIG_RSA_MD4:
484  md4( message_str, msg_len, hash_result );
485  break;
486  #endif
487  #ifdef POLARSSL_MD5_C
488  case SIG_RSA_MD5:
489  md5( message_str, msg_len, hash_result );
490  break;
491  #endif
492  #ifdef POLARSSL_SHA1_C
493  case SIG_RSA_SHA1:
494  sha1( message_str, msg_len, hash_result );
495  break;
496  #endif
497  #ifdef POLARSSL_SHA2_C
498  case SIG_RSA_SHA224:
499  sha2( message_str, msg_len, hash_result, 1 );
500  break;
501  case SIG_RSA_SHA256:
502  sha2( message_str, msg_len, hash_result, 0 );
503  break;
504  #endif
505  #ifdef POLARSSL_SHA4_C
506  case SIG_RSA_SHA384:
507  sha4( message_str, msg_len, hash_result, 1 );
508  break;
509  case SIG_RSA_SHA512:
510  sha4( message_str, msg_len, hash_result, 0 );
511  break;
512  #endif
513  }
514 
515  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA224, 0, hash_result, result_str ) == 0 );
516  }
517  FCT_TEST_END();
518 #endif /* POLARSSL_SHA2_C */
519 
520 #ifdef POLARSSL_SHA2_C
521 
522  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_5)
523  {
524  unsigned char message_str[1000];
525  unsigned char hash_result[1000];
526  unsigned char result_str[1000];
527  rsa_context ctx;
528  int msg_len;
529 
530  rsa_init( &ctx, RSA_PKCS_V15, 0 );
531  memset( message_str, 0x00, 1000 );
532  memset( hash_result, 0x00, 1000 );
533  memset( result_str, 0x00, 1000 );
534 
535  ctx.len = 1024 / 8;
536  fct_chk( mpi_read_string( &ctx.N, 16, "e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5" ) == 0 );
537  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
538 
539  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
540 
541  msg_len = unhexify( message_str, "cd810e97dc21095ea7a0238027a7bafd343e01444785ea9184a44a79f80438c41fc0b57aa95693407da38fe5ff0ec1398e03361e51a3dbe134b99cca2df0cef1c444ca54d2b7db2789455b6bb41918c24001fd82fc20ee089de3f34f053699c1c5f7954ce0aaabb9d26fce39d032894152229d98cf64ecafc7089530073c61d9" );
542  unhexify( result_str, "7b5fba70ec5b521638f182bcab39cec30b76e7bc017bdbd1059658a9a1db0969ab482dce32f3e9865952f0a0de0978272c951e3c015328ea3758f47029a379ab4200550fba58f11d51264878406fc717d5f7b72b3582946f16a7e5314a220881fc820f7d29949710273421533d8ac0a449dc6d0fd1a21c22444edd1c0d5b44d3" );
543 
544  switch( SIG_RSA_SHA256 )
545  {
546  #ifdef POLARSSL_MD2_C
547  case SIG_RSA_MD2:
548  md2( message_str, msg_len, hash_result );
549  break;
550  #endif
551  #ifdef POLARSSL_MD4_C
552  case SIG_RSA_MD4:
553  md4( message_str, msg_len, hash_result );
554  break;
555  #endif
556  #ifdef POLARSSL_MD5_C
557  case SIG_RSA_MD5:
558  md5( message_str, msg_len, hash_result );
559  break;
560  #endif
561  #ifdef POLARSSL_SHA1_C
562  case SIG_RSA_SHA1:
563  sha1( message_str, msg_len, hash_result );
564  break;
565  #endif
566  #ifdef POLARSSL_SHA2_C
567  case SIG_RSA_SHA224:
568  sha2( message_str, msg_len, hash_result, 1 );
569  break;
570  case SIG_RSA_SHA256:
571  sha2( message_str, msg_len, hash_result, 0 );
572  break;
573  #endif
574  #ifdef POLARSSL_SHA4_C
575  case SIG_RSA_SHA384:
576  sha4( message_str, msg_len, hash_result, 1 );
577  break;
578  case SIG_RSA_SHA512:
579  sha4( message_str, msg_len, hash_result, 0 );
580  break;
581  #endif
582  }
583 
584  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA256, 0, hash_result, result_str ) == 0 );
585  }
586  FCT_TEST_END();
587 #endif /* POLARSSL_SHA2_C */
588 
589 #ifdef POLARSSL_SHA4_C
590 
591  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_6)
592  {
593  unsigned char message_str[1000];
594  unsigned char hash_result[1000];
595  unsigned char result_str[1000];
596  rsa_context ctx;
597  int msg_len;
598 
599  rsa_init( &ctx, RSA_PKCS_V15, 0 );
600  memset( message_str, 0x00, 1000 );
601  memset( hash_result, 0x00, 1000 );
602  memset( result_str, 0x00, 1000 );
603 
604  ctx.len = 1024 / 8;
605  fct_chk( mpi_read_string( &ctx.N, 16, "e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5" ) == 0 );
606  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
607 
608  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
609 
610  msg_len = unhexify( message_str, "44637d3b8de525fd589237bc81229c8966d3af24540850c24036330db8007e6d19a19486018b2b02074da590aaba9d2c8848c0a2d1b6de4dfaf24025b6393df9228008f83f13cc76a67cfbed77a6e3429342824a0b6a9b8dd884094acc6a54bbc8c8829930c52fe39ce5e0dcd02d9553ef899d26eb6cae0940b63584e2daeb3b" );
611  unhexify( result_str, "38fc4f6f0430bb3ea9f470a4c0f5cebdabac4dbeb3b9c99d4168e7b00f5eb294ec0ece1908eded1f3e14f1e69d10f9feb425bda0c998af945ef864298a60a675f0bb5c540a7be3f534d5faddff974eea8bffe182a44e2ee1f4f653e71967a11869ee1a850edb03cb44a340378cb7a1bc9616d3649b78002b390a05a7e54edec6" );
612 
613  switch( SIG_RSA_SHA384 )
614  {
615  #ifdef POLARSSL_MD2_C
616  case SIG_RSA_MD2:
617  md2( message_str, msg_len, hash_result );
618  break;
619  #endif
620  #ifdef POLARSSL_MD4_C
621  case SIG_RSA_MD4:
622  md4( message_str, msg_len, hash_result );
623  break;
624  #endif
625  #ifdef POLARSSL_MD5_C
626  case SIG_RSA_MD5:
627  md5( message_str, msg_len, hash_result );
628  break;
629  #endif
630  #ifdef POLARSSL_SHA1_C
631  case SIG_RSA_SHA1:
632  sha1( message_str, msg_len, hash_result );
633  break;
634  #endif
635  #ifdef POLARSSL_SHA2_C
636  case SIG_RSA_SHA224:
637  sha2( message_str, msg_len, hash_result, 1 );
638  break;
639  case SIG_RSA_SHA256:
640  sha2( message_str, msg_len, hash_result, 0 );
641  break;
642  #endif
643  #ifdef POLARSSL_SHA4_C
644  case SIG_RSA_SHA384:
645  sha4( message_str, msg_len, hash_result, 1 );
646  break;
647  case SIG_RSA_SHA512:
648  sha4( message_str, msg_len, hash_result, 0 );
649  break;
650  #endif
651  }
652 
653  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA384, 0, hash_result, result_str ) == 0 );
654  }
655  FCT_TEST_END();
656 #endif /* POLARSSL_SHA4_C */
657 
658 #ifdef POLARSSL_SHA4_C
659 
660  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_7)
661  {
662  unsigned char message_str[1000];
663  unsigned char hash_result[1000];
664  unsigned char result_str[1000];
665  rsa_context ctx;
666  int msg_len;
667 
668  rsa_init( &ctx, RSA_PKCS_V15, 0 );
669  memset( message_str, 0x00, 1000 );
670  memset( hash_result, 0x00, 1000 );
671  memset( result_str, 0x00, 1000 );
672 
673  ctx.len = 1024 / 8;
674  fct_chk( mpi_read_string( &ctx.N, 16, "e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5" ) == 0 );
675  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
676 
677  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
678 
679  msg_len = unhexify( message_str, "d03f12276f6ba7545b8fce719471bd253791878809694e8754f3b389f26c9253a758ed28b4c62535a8d5702d7a778731d5759ff2b3b39b192db680e791632918b6093c0e8ca25c2bf756a07fde4144a37f769fe4054455a45cb8cefe4462e7a9a45ce71f2189b4fef01b47aee8585d44dc9d6fa627a3e5f08801871731f234cd" );
680  unhexify( result_str, "d93a878c1ce86571590b0e43794b3edb23552797c4b8c9e3da4fe1cc4ac0566acd3b10541fe9a7a79f5ea4892d3069ca6903efb5c40c47eb8a9c781eb4249281d40c3d96aae16da1bb4daaece6a26eca5f41c062b4124a64fc9d340cba5ab0d1f5affff6515a87f0933774fd4322d2fa497cd6f708a429ca56dcb1fd3db623d0" );
681 
682  switch( SIG_RSA_SHA384 )
683  {
684  #ifdef POLARSSL_MD2_C
685  case SIG_RSA_MD2:
686  md2( message_str, msg_len, hash_result );
687  break;
688  #endif
689  #ifdef POLARSSL_MD4_C
690  case SIG_RSA_MD4:
691  md4( message_str, msg_len, hash_result );
692  break;
693  #endif
694  #ifdef POLARSSL_MD5_C
695  case SIG_RSA_MD5:
696  md5( message_str, msg_len, hash_result );
697  break;
698  #endif
699  #ifdef POLARSSL_SHA1_C
700  case SIG_RSA_SHA1:
701  sha1( message_str, msg_len, hash_result );
702  break;
703  #endif
704  #ifdef POLARSSL_SHA2_C
705  case SIG_RSA_SHA224:
706  sha2( message_str, msg_len, hash_result, 1 );
707  break;
708  case SIG_RSA_SHA256:
709  sha2( message_str, msg_len, hash_result, 0 );
710  break;
711  #endif
712  #ifdef POLARSSL_SHA4_C
713  case SIG_RSA_SHA384:
714  sha4( message_str, msg_len, hash_result, 1 );
715  break;
716  case SIG_RSA_SHA512:
717  sha4( message_str, msg_len, hash_result, 0 );
718  break;
719  #endif
720  }
721 
722  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA384, 0, hash_result, result_str ) == POLARSSL_ERR_RSA_INVALID_PADDING );
723  }
724  FCT_TEST_END();
725 #endif /* POLARSSL_SHA4_C */
726 
727 #ifdef POLARSSL_SHA4_C
728 
729  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_8)
730  {
731  unsigned char message_str[1000];
732  unsigned char hash_result[1000];
733  unsigned char result_str[1000];
734  rsa_context ctx;
735  int msg_len;
736 
737  rsa_init( &ctx, RSA_PKCS_V15, 0 );
738  memset( message_str, 0x00, 1000 );
739  memset( hash_result, 0x00, 1000 );
740  memset( result_str, 0x00, 1000 );
741 
742  ctx.len = 1024 / 8;
743  fct_chk( mpi_read_string( &ctx.N, 16, "e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5" ) == 0 );
744  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
745 
746  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
747 
748  msg_len = unhexify( message_str, "b2f2e6e09fd19b0a8c06447554d6a236c69e2b334017488881d8c02ab81d74cae0c64efd50a374998eeec162651975e637cb2ba594250c750a4943253f1db0613e4ce1d50f8e3e968a2a83bd6cb97455ab2ccc77071076b3e211ffb251bd4c1a738b88b2021c61c727c074ce933c054acbcbf4f0c362ec09af38de191686aebe" );
749  unhexify( result_str, "a853e67f928281d11506c9d39e5ea9b2d742782c663c37d0a7c9e9fe15379cde1e75d94adbfb1ca08691f320af4ff2b0a29a4d2ea10a20cb95d85f3dabac3d56cca9039c851d0181408c00b385fc82cafa4cfa7380d0c2c024fb83fec59d5ee591d63806dcb18b21ea440c3d3f12c1e7795eb15b7ce4c4b288d646cf1d34bdf1" );
750 
751  switch( SIG_RSA_SHA512 )
752  {
753  #ifdef POLARSSL_MD2_C
754  case SIG_RSA_MD2:
755  md2( message_str, msg_len, hash_result );
756  break;
757  #endif
758  #ifdef POLARSSL_MD4_C
759  case SIG_RSA_MD4:
760  md4( message_str, msg_len, hash_result );
761  break;
762  #endif
763  #ifdef POLARSSL_MD5_C
764  case SIG_RSA_MD5:
765  md5( message_str, msg_len, hash_result );
766  break;
767  #endif
768  #ifdef POLARSSL_SHA1_C
769  case SIG_RSA_SHA1:
770  sha1( message_str, msg_len, hash_result );
771  break;
772  #endif
773  #ifdef POLARSSL_SHA2_C
774  case SIG_RSA_SHA224:
775  sha2( message_str, msg_len, hash_result, 1 );
776  break;
777  case SIG_RSA_SHA256:
778  sha2( message_str, msg_len, hash_result, 0 );
779  break;
780  #endif
781  #ifdef POLARSSL_SHA4_C
782  case SIG_RSA_SHA384:
783  sha4( message_str, msg_len, hash_result, 1 );
784  break;
785  case SIG_RSA_SHA512:
786  sha4( message_str, msg_len, hash_result, 0 );
787  break;
788  #endif
789  }
790 
791  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA512, 0, hash_result, result_str ) == 0 );
792  }
793  FCT_TEST_END();
794 #endif /* POLARSSL_SHA4_C */
795 
796 #ifdef POLARSSL_SHA1_C
797 
798  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_9)
799  {
800  unsigned char message_str[1000];
801  unsigned char hash_result[1000];
802  unsigned char result_str[1000];
803  rsa_context ctx;
804  int msg_len;
805 
806  rsa_init( &ctx, RSA_PKCS_V15, 0 );
807  memset( message_str, 0x00, 1000 );
808  memset( hash_result, 0x00, 1000 );
809  memset( result_str, 0x00, 1000 );
810 
811  ctx.len = 1024 / 8;
812  fct_chk( mpi_read_string( &ctx.N, 16, "e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5" ) == 0 );
813  fct_chk( mpi_read_string( &ctx.E, 16, "10001" ) == 0 );
814 
815  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
816 
817  msg_len = unhexify( message_str, "647586ba587b09aa555d1b8da4cdf5c6e777e08859379ca45789019f2041e708d97c4408d4d6943b11dd7ebe05c6b48a9b5f1b0079452cc484579acfa66a34c0cf3f0e7339b2dbd5f1339ef7937a8261547705a846885c43d8ef139a9c83f5604ea52b231176a821fb48c45ed45226f31ba7e8a94a69f6c65c39b7278bf3f08f" );
818  unhexify( result_str, "e27a90b644c3a11f234132d6727ada397774cd7fdf5eb0160a665ffccedabb8ae9e357966939a71c973e75e5ff771fb01a6483fcaf82f16dee65e6826121e2ae9c69d2c92387b33a641f397676776cde501e7314a9a4e76c0f4538edeea163e8de7bd21c93c298df748c6f5c26b7d03bfa3671f2a7488fe311309e8218a71171" );
819 
820  switch( SIG_RSA_SHA1 )
821  {
822  #ifdef POLARSSL_MD2_C
823  case SIG_RSA_MD2:
824  md2( message_str, msg_len, hash_result );
825  break;
826  #endif
827  #ifdef POLARSSL_MD4_C
828  case SIG_RSA_MD4:
829  md4( message_str, msg_len, hash_result );
830  break;
831  #endif
832  #ifdef POLARSSL_MD5_C
833  case SIG_RSA_MD5:
834  md5( message_str, msg_len, hash_result );
835  break;
836  #endif
837  #ifdef POLARSSL_SHA1_C
838  case SIG_RSA_SHA1:
839  sha1( message_str, msg_len, hash_result );
840  break;
841  #endif
842  #ifdef POLARSSL_SHA2_C
843  case SIG_RSA_SHA224:
844  sha2( message_str, msg_len, hash_result, 1 );
845  break;
846  case SIG_RSA_SHA256:
847  sha2( message_str, msg_len, hash_result, 0 );
848  break;
849  #endif
850  #ifdef POLARSSL_SHA4_C
851  case SIG_RSA_SHA384:
852  sha4( message_str, msg_len, hash_result, 1 );
853  break;
854  case SIG_RSA_SHA512:
855  sha4( message_str, msg_len, hash_result, 0 );
856  break;
857  #endif
858  }
859 
860  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 );
861  }
862  FCT_TEST_END();
863 #endif /* POLARSSL_SHA1_C */
864 
865 #ifdef POLARSSL_SHA1_C
866 
867  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_10)
868  {
869  unsigned char message_str[1000];
870  unsigned char hash_result[1000];
871  unsigned char result_str[1000];
872  rsa_context ctx;
873  int msg_len;
874 
875  rsa_init( &ctx, RSA_PKCS_V15, 0 );
876  memset( message_str, 0x00, 1000 );
877  memset( hash_result, 0x00, 1000 );
878  memset( result_str, 0x00, 1000 );
879 
880  ctx.len = 1024 / 8;
881  fct_chk( mpi_read_string( &ctx.N, 16, "e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5" ) == 0 );
882  fct_chk( mpi_read_string( &ctx.E, 16, "10001" ) == 0 );
883 
884  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
885 
886  msg_len = unhexify( message_str, "55013a489e09b6553262aab59fb041b49437b86d52876f8e5d5e405b77ca0ff6ce8ea2dd75c7b3b411cf4445d56233c5b0ff0e58c49128d81b4fedd295e172d225c451e13defb34b87b7aea6d6f0d20f5c55feb71d2a789fa31f3d9ff47896adc16bec5ce0c9dda3fde190e08ca2451c01ff3091449887695f96dac97ad6a30e" );
887  unhexify( result_str, "dd82b7be791c454fbbf6f1de47cbe585a687e4e8bbae0b6e2a77f8ca4efd06d71498f9a74b931bd59c377e71daf708a624c51303f377006c676487bad57f7067b09b7bb94a6189119ab8cf7321c321b2dc7df565bfbec833a28b86625fb5fd6a035d4ed79ff0f9aee9fa78935eec65069439ee449d7f5249cdae6fdd6d8c2a63" );
888 
889  switch( SIG_RSA_SHA1 )
890  {
891  #ifdef POLARSSL_MD2_C
892  case SIG_RSA_MD2:
893  md2( message_str, msg_len, hash_result );
894  break;
895  #endif
896  #ifdef POLARSSL_MD4_C
897  case SIG_RSA_MD4:
898  md4( message_str, msg_len, hash_result );
899  break;
900  #endif
901  #ifdef POLARSSL_MD5_C
902  case SIG_RSA_MD5:
903  md5( message_str, msg_len, hash_result );
904  break;
905  #endif
906  #ifdef POLARSSL_SHA1_C
907  case SIG_RSA_SHA1:
908  sha1( message_str, msg_len, hash_result );
909  break;
910  #endif
911  #ifdef POLARSSL_SHA2_C
912  case SIG_RSA_SHA224:
913  sha2( message_str, msg_len, hash_result, 1 );
914  break;
915  case SIG_RSA_SHA256:
916  sha2( message_str, msg_len, hash_result, 0 );
917  break;
918  #endif
919  #ifdef POLARSSL_SHA4_C
920  case SIG_RSA_SHA384:
921  sha4( message_str, msg_len, hash_result, 1 );
922  break;
923  case SIG_RSA_SHA512:
924  sha4( message_str, msg_len, hash_result, 0 );
925  break;
926  #endif
927  }
928 
929  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == POLARSSL_ERR_RSA_INVALID_PADDING );
930  }
931  FCT_TEST_END();
932 #endif /* POLARSSL_SHA1_C */
933 
934 #ifdef POLARSSL_SHA2_C
935 
936  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_11)
937  {
938  unsigned char message_str[1000];
939  unsigned char hash_result[1000];
940  unsigned char result_str[1000];
941  rsa_context ctx;
942  int msg_len;
943 
944  rsa_init( &ctx, RSA_PKCS_V15, 0 );
945  memset( message_str, 0x00, 1000 );
946  memset( hash_result, 0x00, 1000 );
947  memset( result_str, 0x00, 1000 );
948 
949  ctx.len = 1024 / 8;
950  fct_chk( mpi_read_string( &ctx.N, 16, "e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5" ) == 0 );
951  fct_chk( mpi_read_string( &ctx.E, 16, "10001" ) == 0 );
952 
953  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
954 
955  msg_len = unhexify( message_str, "f4a990b8d434a5914340c0ca3ca4e4a70856c55e13e938c1f854e91cdef54c6107d6d682a62e6c1ff12b1c6178ee0b26b5d8ae5ee4043db4151465727f313e9e174d7c6961abe9cb86a21367a89e41b47267ac5ef3a6eceaaca5b19ae756b3904b97ec35aeb404dc2a2d0da373ba709a678d2728e7d72daae68d335cbf6c957d" );
956  unhexify( result_str, "d8ef7bdc0f111b1249d5ad6515b6fe37f2ff327f493832f1385c10e975c07b0266497716fcb84f5039cd60f5a050614fde27f354a6c45e8a7d74f9821e2f301500ac1953feafeb9d98cf88d2c928413f337813135c66abfc3dc7a4d80655d925bf96f21872ca2b3a2684b976ca768fe37feae20a69eeec3cc8f1de0db34b3462" );
957 
958  switch( SIG_RSA_SHA224 )
959  {
960  #ifdef POLARSSL_MD2_C
961  case SIG_RSA_MD2:
962  md2( message_str, msg_len, hash_result );
963  break;
964  #endif
965  #ifdef POLARSSL_MD4_C
966  case SIG_RSA_MD4:
967  md4( message_str, msg_len, hash_result );
968  break;
969  #endif
970  #ifdef POLARSSL_MD5_C
971  case SIG_RSA_MD5:
972  md5( message_str, msg_len, hash_result );
973  break;
974  #endif
975  #ifdef POLARSSL_SHA1_C
976  case SIG_RSA_SHA1:
977  sha1( message_str, msg_len, hash_result );
978  break;
979  #endif
980  #ifdef POLARSSL_SHA2_C
981  case SIG_RSA_SHA224:
982  sha2( message_str, msg_len, hash_result, 1 );
983  break;
984  case SIG_RSA_SHA256:
985  sha2( message_str, msg_len, hash_result, 0 );
986  break;
987  #endif
988  #ifdef POLARSSL_SHA4_C
989  case SIG_RSA_SHA384:
990  sha4( message_str, msg_len, hash_result, 1 );
991  break;
992  case SIG_RSA_SHA512:
993  sha4( message_str, msg_len, hash_result, 0 );
994  break;
995  #endif
996  }
997 
998  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA224, 0, hash_result, result_str ) == 0 );
999  }
1000  FCT_TEST_END();
1001 #endif /* POLARSSL_SHA2_C */
1002 
1003 #ifdef POLARSSL_SHA2_C
1004 
1005  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_12)
1006  {
1007  unsigned char message_str[1000];
1008  unsigned char hash_result[1000];
1009  unsigned char result_str[1000];
1010  rsa_context ctx;
1011  int msg_len;
1012 
1013  rsa_init( &ctx, RSA_PKCS_V15, 0 );
1014  memset( message_str, 0x00, 1000 );
1015  memset( hash_result, 0x00, 1000 );
1016  memset( result_str, 0x00, 1000 );
1017 
1018  ctx.len = 1024 / 8;
1019  fct_chk( mpi_read_string( &ctx.N, 16, "e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5" ) == 0 );
1020  fct_chk( mpi_read_string( &ctx.E, 16, "10001" ) == 0 );
1021 
1022  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
1023 
1024  msg_len = unhexify( message_str, "c81f04c79982971fa176d64e8f7f8812f86a94c49e84672ff10996a2d6dfc444a884c7a87c4606a1aab22558894ee59b798b457827f5ee0b0cadcd94371902cc4ddaf97acefed641997717bcb3cc74cd440f0a31e20fb95812cecb740c36d6d1bf07e3641514cfa678aff2a39562ff4d60e02b17583a92bf0c56d66bde9e09f8" );
1025  unhexify( result_str, "52111f4798da3c11b3c74394358348ab0fc797bde99080f238d33a69b04b08ac2bd767b33872473943e23af27ca32fd568a43a8c7d6cc55b4fbb380212fdfcb60487e20694d4287e233efdf7b04737c0037a592d03077801828b051998c42b9f9e2420063331d5b2349918a64d8b65b21a2011ee7318fcef48aced95b8ddf501" );
1026 
1027  switch( SIG_RSA_SHA256 )
1028  {
1029  #ifdef POLARSSL_MD2_C
1030  case SIG_RSA_MD2:
1031  md2( message_str, msg_len, hash_result );
1032  break;
1033  #endif
1034  #ifdef POLARSSL_MD4_C
1035  case SIG_RSA_MD4:
1036  md4( message_str, msg_len, hash_result );
1037  break;
1038  #endif
1039  #ifdef POLARSSL_MD5_C
1040  case SIG_RSA_MD5:
1041  md5( message_str, msg_len, hash_result );
1042  break;
1043  #endif
1044  #ifdef POLARSSL_SHA1_C
1045  case SIG_RSA_SHA1:
1046  sha1( message_str, msg_len, hash_result );
1047  break;
1048  #endif
1049  #ifdef POLARSSL_SHA2_C
1050  case SIG_RSA_SHA224:
1051  sha2( message_str, msg_len, hash_result, 1 );
1052  break;
1053  case SIG_RSA_SHA256:
1054  sha2( message_str, msg_len, hash_result, 0 );
1055  break;
1056  #endif
1057  #ifdef POLARSSL_SHA4_C
1058  case SIG_RSA_SHA384:
1059  sha4( message_str, msg_len, hash_result, 1 );
1060  break;
1061  case SIG_RSA_SHA512:
1062  sha4( message_str, msg_len, hash_result, 0 );
1063  break;
1064  #endif
1065  }
1066 
1067  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA256, 0, hash_result, result_str ) == 0 );
1068  }
1069  FCT_TEST_END();
1070 #endif /* POLARSSL_SHA2_C */
1071 
1072 #ifdef POLARSSL_SHA4_C
1073 
1074  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_13)
1075  {
1076  unsigned char message_str[1000];
1077  unsigned char hash_result[1000];
1078  unsigned char result_str[1000];
1079  rsa_context ctx;
1080  int msg_len;
1081 
1082  rsa_init( &ctx, RSA_PKCS_V15, 0 );
1083  memset( message_str, 0x00, 1000 );
1084  memset( hash_result, 0x00, 1000 );
1085  memset( result_str, 0x00, 1000 );
1086 
1087  ctx.len = 1024 / 8;
1088  fct_chk( mpi_read_string( &ctx.N, 16, "e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5" ) == 0 );
1089  fct_chk( mpi_read_string( &ctx.E, 16, "10001" ) == 0 );
1090 
1091  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
1092 
1093  msg_len = unhexify( message_str, "a97824871770b79da979a111f6decfb1dd11bd946cfa800b008f0ad5aea5aa92e205d27a46c31d4fe6cb909091bd21f082fb75074000ee46c2f3e530d77b34c7c5d6f8453025950d3e0afae1f9752655f5bbea8432e9f1014357ff11b08076179a101e4f9d3f25bffb5e656bf6afe6c97d7aa4740b5d9224cde4dede035a7768" );
1094  unhexify( result_str, "d5dcd27c74e040ea86f106b63d3275fa7b7e98d2dd701f38ec15fc7301b72df127f6d3bd5571253a0b9e0e719d7d522893896941a1aeccc697912282b5308d829b91905b5dd7b7e1b8fe27e2bd4003b09dfe7fe295f8a43c076c0cb52f2aac067e87de7ffe3a275d21a870c3dfc9b1d06d7f018667de9eb187bdf53d282e5d8b" );
1095 
1096  switch( SIG_RSA_SHA384 )
1097  {
1098  #ifdef POLARSSL_MD2_C
1099  case SIG_RSA_MD2:
1100  md2( message_str, msg_len, hash_result );
1101  break;
1102  #endif
1103  #ifdef POLARSSL_MD4_C
1104  case SIG_RSA_MD4:
1105  md4( message_str, msg_len, hash_result );
1106  break;
1107  #endif
1108  #ifdef POLARSSL_MD5_C
1109  case SIG_RSA_MD5:
1110  md5( message_str, msg_len, hash_result );
1111  break;
1112  #endif
1113  #ifdef POLARSSL_SHA1_C
1114  case SIG_RSA_SHA1:
1115  sha1( message_str, msg_len, hash_result );
1116  break;
1117  #endif
1118  #ifdef POLARSSL_SHA2_C
1119  case SIG_RSA_SHA224:
1120  sha2( message_str, msg_len, hash_result, 1 );
1121  break;
1122  case SIG_RSA_SHA256:
1123  sha2( message_str, msg_len, hash_result, 0 );
1124  break;
1125  #endif
1126  #ifdef POLARSSL_SHA4_C
1127  case SIG_RSA_SHA384:
1128  sha4( message_str, msg_len, hash_result, 1 );
1129  break;
1130  case SIG_RSA_SHA512:
1131  sha4( message_str, msg_len, hash_result, 0 );
1132  break;
1133  #endif
1134  }
1135 
1136  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA384, 0, hash_result, result_str ) == 0 );
1137  }
1138  FCT_TEST_END();
1139 #endif /* POLARSSL_SHA4_C */
1140 
1141 #ifdef POLARSSL_SHA4_C
1142 
1143  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_14)
1144  {
1145  unsigned char message_str[1000];
1146  unsigned char hash_result[1000];
1147  unsigned char result_str[1000];
1148  rsa_context ctx;
1149  int msg_len;
1150 
1151  rsa_init( &ctx, RSA_PKCS_V15, 0 );
1152  memset( message_str, 0x00, 1000 );
1153  memset( hash_result, 0x00, 1000 );
1154  memset( result_str, 0x00, 1000 );
1155 
1156  ctx.len = 1024 / 8;
1157  fct_chk( mpi_read_string( &ctx.N, 16, "e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5" ) == 0 );
1158  fct_chk( mpi_read_string( &ctx.E, 16, "10001" ) == 0 );
1159 
1160  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
1161 
1162  msg_len = unhexify( message_str, "4ce61930c79dc017c2dea0c5085d73a3b0e4a6f341e9a5061a6658af11e5edf95bdad915ac3619969e39bee15788a8de667f92f4efc84f35082d52d562aa74e12cc7f22d3425b58f5056d74afcf162cd44e65b9ee510ff91af094c3d2d42c3b088536d62a98f1c689edcf3ea3fc228d711c109d76ae83d82d6a34dcfbad563cf" );
1163  unhexify( result_str, "27280b92eab5cbf0d787ff6fa6b0151d6610adfd25116113f2f186f3f8d39736d91ae510ec2bd96f2de135aefda79178138696dcc6d302e4a79ddabbe16e39ab96075776afce863e84a2e6013cb457e4047e22d43f67bf64ae5e1d844a7c12ac696efbb3cda7c0e0aca71f8a7ada9a0547bfaefe1ba2e04058c672c803720dd9" );
1164 
1165  switch( SIG_RSA_SHA512 )
1166  {
1167  #ifdef POLARSSL_MD2_C
1168  case SIG_RSA_MD2:
1169  md2( message_str, msg_len, hash_result );
1170  break;
1171  #endif
1172  #ifdef POLARSSL_MD4_C
1173  case SIG_RSA_MD4:
1174  md4( message_str, msg_len, hash_result );
1175  break;
1176  #endif
1177  #ifdef POLARSSL_MD5_C
1178  case SIG_RSA_MD5:
1179  md5( message_str, msg_len, hash_result );
1180  break;
1181  #endif
1182  #ifdef POLARSSL_SHA1_C
1183  case SIG_RSA_SHA1:
1184  sha1( message_str, msg_len, hash_result );
1185  break;
1186  #endif
1187  #ifdef POLARSSL_SHA2_C
1188  case SIG_RSA_SHA224:
1189  sha2( message_str, msg_len, hash_result, 1 );
1190  break;
1191  case SIG_RSA_SHA256:
1192  sha2( message_str, msg_len, hash_result, 0 );
1193  break;
1194  #endif
1195  #ifdef POLARSSL_SHA4_C
1196  case SIG_RSA_SHA384:
1197  sha4( message_str, msg_len, hash_result, 1 );
1198  break;
1199  case SIG_RSA_SHA512:
1200  sha4( message_str, msg_len, hash_result, 0 );
1201  break;
1202  #endif
1203  }
1204 
1205  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA512, 0, hash_result, result_str ) == 0 );
1206  }
1207  FCT_TEST_END();
1208 #endif /* POLARSSL_SHA4_C */
1209 
1210 #ifdef POLARSSL_SHA1_C
1211 
1212  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_15)
1213  {
1214  unsigned char message_str[1000];
1215  unsigned char hash_result[1000];
1216  unsigned char result_str[1000];
1217  rsa_context ctx;
1218  int msg_len;
1219 
1220  rsa_init( &ctx, RSA_PKCS_V15, 0 );
1221  memset( message_str, 0x00, 1000 );
1222  memset( hash_result, 0x00, 1000 );
1223  memset( result_str, 0x00, 1000 );
1224 
1225  ctx.len = 1536 / 8;
1226  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
1227  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
1228 
1229  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
1230 
1231  msg_len = unhexify( message_str, "224ecd3b630581da948216366c741015a9723c5ea43de67e28454d0a846f54a6df167a25cc500cf21f729aaefed6a71a3bdba438e12e20ad0c48396afe38568b70a3187f26098d6ac649a7c7ea68ed52748e7125225102216236a28f67753b077cfd8d9198b86b0b331027cb59b24b85fd92896e8f2ff5a1d11872c2e6af6ae2" );
1232  unhexify( result_str, "1f7938b20a9cd8bb8ca26bad9e79ea92373174203f3ab212a06de34a9a3e14e102d19a8878c28a2fc8083a97c06b19c1ae62678289d5d071a904aed1d364655d9e2d16480a6fd18f4c8edf204844a34d573b1b988b82d495caefd9298c1635083e196a11f4a7df6a7e3cc4db7b9642e7682d22ec7038c3bad791e1365fe8836976092460e6df749dc032baf1e026684f55936beb9369845c53c3d217941c1f8d8f54a32333a4c049c3f2d527125778032f5d390040d1d4cce83dc353ce250152" );
1233 
1234  switch( SIG_RSA_SHA1 )
1235  {
1236  #ifdef POLARSSL_MD2_C
1237  case SIG_RSA_MD2:
1238  md2( message_str, msg_len, hash_result );
1239  break;
1240  #endif
1241  #ifdef POLARSSL_MD4_C
1242  case SIG_RSA_MD4:
1243  md4( message_str, msg_len, hash_result );
1244  break;
1245  #endif
1246  #ifdef POLARSSL_MD5_C
1247  case SIG_RSA_MD5:
1248  md5( message_str, msg_len, hash_result );
1249  break;
1250  #endif
1251  #ifdef POLARSSL_SHA1_C
1252  case SIG_RSA_SHA1:
1253  sha1( message_str, msg_len, hash_result );
1254  break;
1255  #endif
1256  #ifdef POLARSSL_SHA2_C
1257  case SIG_RSA_SHA224:
1258  sha2( message_str, msg_len, hash_result, 1 );
1259  break;
1260  case SIG_RSA_SHA256:
1261  sha2( message_str, msg_len, hash_result, 0 );
1262  break;
1263  #endif
1264  #ifdef POLARSSL_SHA4_C
1265  case SIG_RSA_SHA384:
1266  sha4( message_str, msg_len, hash_result, 1 );
1267  break;
1268  case SIG_RSA_SHA512:
1269  sha4( message_str, msg_len, hash_result, 0 );
1270  break;
1271  #endif
1272  }
1273 
1274  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 );
1275  }
1276  FCT_TEST_END();
1277 #endif /* POLARSSL_SHA1_C */
1278 
1279 #ifdef POLARSSL_SHA2_C
1280 
1281  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_16)
1282  {
1283  unsigned char message_str[1000];
1284  unsigned char hash_result[1000];
1285  unsigned char result_str[1000];
1286  rsa_context ctx;
1287  int msg_len;
1288 
1289  rsa_init( &ctx, RSA_PKCS_V15, 0 );
1290  memset( message_str, 0x00, 1000 );
1291  memset( hash_result, 0x00, 1000 );
1292  memset( result_str, 0x00, 1000 );
1293 
1294  ctx.len = 1536 / 8;
1295  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
1296  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
1297 
1298  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
1299 
1300  msg_len = unhexify( message_str, "6ecc722d233dad1aca45e6bc3e1a0b99fb1f89c0ec63bc657e6aaacbf931f267106cff42b712819f341b1ede798964a0b1a5032c198b391111e88d0d7303c02e23fa0137e74e604579a285b2dbc0a23aebdda65c371eb403125bd366e822e72dceffe0d55dfa3155c16283020dc9abb0d150da1aef251484aa49e49e00974dac" );
1301  unhexify( result_str, "339dce3a1937669d9fb14c4f652378861fd5adc4da88eaf833b16020b55a24ddc83b7ae3395a9a49b426bb9a4170cb765b02652faa9594b457aeefdae4f802e93d8e65c687ddc723701465a5ef19249ed5d2617b5121c58557b34eb99a663bbcf4453a6e1db5d88723de449fcf58ca8ef514daf08cfdc71be155bb3d0724df0c0a6fd5aa7737433cc376640b9b8b4c7ddd09776bae0245729cddb56e36f28edad6aecaed0821ec8d843a96348e722bf0a84cf060a793a2179f054138f907d0c3" );
1302 
1303  switch( SIG_RSA_SHA224 )
1304  {
1305  #ifdef POLARSSL_MD2_C
1306  case SIG_RSA_MD2:
1307  md2( message_str, msg_len, hash_result );
1308  break;
1309  #endif
1310  #ifdef POLARSSL_MD4_C
1311  case SIG_RSA_MD4:
1312  md4( message_str, msg_len, hash_result );
1313  break;
1314  #endif
1315  #ifdef POLARSSL_MD5_C
1316  case SIG_RSA_MD5:
1317  md5( message_str, msg_len, hash_result );
1318  break;
1319  #endif
1320  #ifdef POLARSSL_SHA1_C
1321  case SIG_RSA_SHA1:
1322  sha1( message_str, msg_len, hash_result );
1323  break;
1324  #endif
1325  #ifdef POLARSSL_SHA2_C
1326  case SIG_RSA_SHA224:
1327  sha2( message_str, msg_len, hash_result, 1 );
1328  break;
1329  case SIG_RSA_SHA256:
1330  sha2( message_str, msg_len, hash_result, 0 );
1331  break;
1332  #endif
1333  #ifdef POLARSSL_SHA4_C
1334  case SIG_RSA_SHA384:
1335  sha4( message_str, msg_len, hash_result, 1 );
1336  break;
1337  case SIG_RSA_SHA512:
1338  sha4( message_str, msg_len, hash_result, 0 );
1339  break;
1340  #endif
1341  }
1342 
1343  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA224, 0, hash_result, result_str ) == 0 );
1344  }
1345  FCT_TEST_END();
1346 #endif /* POLARSSL_SHA2_C */
1347 
1348 #ifdef POLARSSL_SHA2_C
1349 
1350  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_17)
1351  {
1352  unsigned char message_str[1000];
1353  unsigned char hash_result[1000];
1354  unsigned char result_str[1000];
1355  rsa_context ctx;
1356  int msg_len;
1357 
1358  rsa_init( &ctx, RSA_PKCS_V15, 0 );
1359  memset( message_str, 0x00, 1000 );
1360  memset( hash_result, 0x00, 1000 );
1361  memset( result_str, 0x00, 1000 );
1362 
1363  ctx.len = 1536 / 8;
1364  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
1365  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
1366 
1367  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
1368 
1369  msg_len = unhexify( message_str, "72f0b1ae27e1f5e5bfa15ded204c2c54b47b2420750a3eb5471f9ff98b67c8b5f1a30d3f8d6448562e12ce4deb33a26cfeeae993d6be9e20679d8713c5216870f11276e5f22b0ead2821a7b4dee106fc1e19b13fc9fba5d6e73e4bd93b65a9881a43d5e97ebfb0b357d5d06b21ddbecdbb10626d7748bb9e6e07d49316bbf3c4" );
1370  unhexify( result_str, "8117a6897e14c183737661cf5741350a84ae00495cd9ee8fb033582e559f79701ab424706660515ee5821a69a6850647ec641676a625d1a3899932aaa52161fbc0c0a825db82fde0585b3c9b9c16de43e26da6a30fe5a601dae68bded1e29ec34557b5f6962efb10b9450d6f096655f68e8499cfa16a0adeb9075e7b91851fef84243132d08273d35d01ad89c17e1e6e4deaf1cb233050b275fa9d2cae57e9e1a0e23139267040aa39b6abd8f10fa1cec38ce2183573ddc11626fc262e1a0ced" );
1371 
1372  switch( SIG_RSA_SHA256 )
1373  {
1374  #ifdef POLARSSL_MD2_C
1375  case SIG_RSA_MD2:
1376  md2( message_str, msg_len, hash_result );
1377  break;
1378  #endif
1379  #ifdef POLARSSL_MD4_C
1380  case SIG_RSA_MD4:
1381  md4( message_str, msg_len, hash_result );
1382  break;
1383  #endif
1384  #ifdef POLARSSL_MD5_C
1385  case SIG_RSA_MD5:
1386  md5( message_str, msg_len, hash_result );
1387  break;
1388  #endif
1389  #ifdef POLARSSL_SHA1_C
1390  case SIG_RSA_SHA1:
1391  sha1( message_str, msg_len, hash_result );
1392  break;
1393  #endif
1394  #ifdef POLARSSL_SHA2_C
1395  case SIG_RSA_SHA224:
1396  sha2( message_str, msg_len, hash_result, 1 );
1397  break;
1398  case SIG_RSA_SHA256:
1399  sha2( message_str, msg_len, hash_result, 0 );
1400  break;
1401  #endif
1402  #ifdef POLARSSL_SHA4_C
1403  case SIG_RSA_SHA384:
1404  sha4( message_str, msg_len, hash_result, 1 );
1405  break;
1406  case SIG_RSA_SHA512:
1407  sha4( message_str, msg_len, hash_result, 0 );
1408  break;
1409  #endif
1410  }
1411 
1412  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA256, 0, hash_result, result_str ) == 0 );
1413  }
1414  FCT_TEST_END();
1415 #endif /* POLARSSL_SHA2_C */
1416 
1417 #ifdef POLARSSL_SHA4_C
1418 
1419  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_18)
1420  {
1421  unsigned char message_str[1000];
1422  unsigned char hash_result[1000];
1423  unsigned char result_str[1000];
1424  rsa_context ctx;
1425  int msg_len;
1426 
1427  rsa_init( &ctx, RSA_PKCS_V15, 0 );
1428  memset( message_str, 0x00, 1000 );
1429  memset( hash_result, 0x00, 1000 );
1430  memset( result_str, 0x00, 1000 );
1431 
1432  ctx.len = 1536 / 8;
1433  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
1434  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
1435 
1436  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
1437 
1438  msg_len = unhexify( message_str, "f80c94a2b53736978adf041886ad97ab2aeb9e91c08bd4eeef6b2f2b8dd75a99b4506657188bbd7597bd5759121630627c8bf9cc30d90dd488c7a81cabab5350a62fa30abf5523f305b98f2c2c1743ec980cf26ab8219bfd9505b981ab1abbfef733b384519d5259fc5c14577cb6b88fa7f6f332ff6a65b23faecc24342c78e9" );
1439  unhexify( result_str, "6b49553ed964ae196a41ea281f4d2a250ce7d1e7434e45cf6a82f7bed17554f39c3f0241e0364702fcb87475eb0c0839ffd2180890fa05b4bbf31bbfa4bf5119dea0c9f88e1e9617fcdadabc6fa1945136cc66e039b905d78ed365c5806d38aec88b3edfb86c05ff446dbfd51d7cd75cbf8d3b85154c783765386f51637532221f52429db5612dcc034968bb8feab7dc6f5ed1f2feb557f6dd49c980296117be2c4195ec7b6101ea767df9d16a56fc9709b49308a54dab63dbc4d609f959ce17" );
1440 
1441  switch( SIG_RSA_SHA384 )
1442  {
1443  #ifdef POLARSSL_MD2_C
1444  case SIG_RSA_MD2:
1445  md2( message_str, msg_len, hash_result );
1446  break;
1447  #endif
1448  #ifdef POLARSSL_MD4_C
1449  case SIG_RSA_MD4:
1450  md4( message_str, msg_len, hash_result );
1451  break;
1452  #endif
1453  #ifdef POLARSSL_MD5_C
1454  case SIG_RSA_MD5:
1455  md5( message_str, msg_len, hash_result );
1456  break;
1457  #endif
1458  #ifdef POLARSSL_SHA1_C
1459  case SIG_RSA_SHA1:
1460  sha1( message_str, msg_len, hash_result );
1461  break;
1462  #endif
1463  #ifdef POLARSSL_SHA2_C
1464  case SIG_RSA_SHA224:
1465  sha2( message_str, msg_len, hash_result, 1 );
1466  break;
1467  case SIG_RSA_SHA256:
1468  sha2( message_str, msg_len, hash_result, 0 );
1469  break;
1470  #endif
1471  #ifdef POLARSSL_SHA4_C
1472  case SIG_RSA_SHA384:
1473  sha4( message_str, msg_len, hash_result, 1 );
1474  break;
1475  case SIG_RSA_SHA512:
1476  sha4( message_str, msg_len, hash_result, 0 );
1477  break;
1478  #endif
1479  }
1480 
1481  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA384, 0, hash_result, result_str ) == 0 );
1482  }
1483  FCT_TEST_END();
1484 #endif /* POLARSSL_SHA4_C */
1485 
1486 #ifdef POLARSSL_SHA4_C
1487 
1488  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_19)
1489  {
1490  unsigned char message_str[1000];
1491  unsigned char hash_result[1000];
1492  unsigned char result_str[1000];
1493  rsa_context ctx;
1494  int msg_len;
1495 
1496  rsa_init( &ctx, RSA_PKCS_V15, 0 );
1497  memset( message_str, 0x00, 1000 );
1498  memset( hash_result, 0x00, 1000 );
1499  memset( result_str, 0x00, 1000 );
1500 
1501  ctx.len = 1536 / 8;
1502  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
1503  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
1504 
1505  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
1506 
1507  msg_len = unhexify( message_str, "4eb97094bb42aaa58b040bd06a8f324396b9eca9e39359b7039c4a010434ee131a53aebd9f7a55ae58ea7444fa1505a3ec524e054fd408513cddc1ee4c2f7fd95ec4a6f594be1ba39fa1aa933dc0a5dafff5ce44509577ebb3a3e8084c44010aa27321e5a3f646ade99175633b795c0f570b360eeebeefaef15788f80b5cbecd" );
1508  unhexify( result_str, "2b8b794a8621d492eec18a4efd239e0e077c89340a34b0fdbf467f2bf3112c7f33d00ee736f2988af8569c1a74891efbefa839e295fffdf4d908c1ede61a861a4d24b154a09d1b3f923fd2bb7906994cf82a97da285bf48e61f90cc3596f9350ab9b66a216ffca323195bb213f5a77fe8c697475595a1857dbee58128cbf1be7cb220229ce52766fefd88cc129ad5cbbdcd31fb4eede6c4fdd3193a9aaaa54362bcea4082981d9b7c40483814828f3297d95ad933c76f31c47e37a93ffaf0d4a" );
1509 
1510  switch( SIG_RSA_SHA512 )
1511  {
1512  #ifdef POLARSSL_MD2_C
1513  case SIG_RSA_MD2:
1514  md2( message_str, msg_len, hash_result );
1515  break;
1516  #endif
1517  #ifdef POLARSSL_MD4_C
1518  case SIG_RSA_MD4:
1519  md4( message_str, msg_len, hash_result );
1520  break;
1521  #endif
1522  #ifdef POLARSSL_MD5_C
1523  case SIG_RSA_MD5:
1524  md5( message_str, msg_len, hash_result );
1525  break;
1526  #endif
1527  #ifdef POLARSSL_SHA1_C
1528  case SIG_RSA_SHA1:
1529  sha1( message_str, msg_len, hash_result );
1530  break;
1531  #endif
1532  #ifdef POLARSSL_SHA2_C
1533  case SIG_RSA_SHA224:
1534  sha2( message_str, msg_len, hash_result, 1 );
1535  break;
1536  case SIG_RSA_SHA256:
1537  sha2( message_str, msg_len, hash_result, 0 );
1538  break;
1539  #endif
1540  #ifdef POLARSSL_SHA4_C
1541  case SIG_RSA_SHA384:
1542  sha4( message_str, msg_len, hash_result, 1 );
1543  break;
1544  case SIG_RSA_SHA512:
1545  sha4( message_str, msg_len, hash_result, 0 );
1546  break;
1547  #endif
1548  }
1549 
1550  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA512, 0, hash_result, result_str ) == 0 );
1551  }
1552  FCT_TEST_END();
1553 #endif /* POLARSSL_SHA4_C */
1554 
1555 #ifdef POLARSSL_SHA1_C
1556 
1557  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_20)
1558  {
1559  unsigned char message_str[1000];
1560  unsigned char hash_result[1000];
1561  unsigned char result_str[1000];
1562  rsa_context ctx;
1563  int msg_len;
1564 
1565  rsa_init( &ctx, RSA_PKCS_V15, 0 );
1566  memset( message_str, 0x00, 1000 );
1567  memset( hash_result, 0x00, 1000 );
1568  memset( result_str, 0x00, 1000 );
1569 
1570  ctx.len = 1536 / 8;
1571  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
1572  fct_chk( mpi_read_string( &ctx.E, 16, "10001" ) == 0 );
1573 
1574  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
1575 
1576  msg_len = unhexify( message_str, "a3edb0f52c6166d7b76e71634761f402337c3e9667549d00cd7877e6055396b35c54c4dffc4c987060178fc10b7e5e827a5c870057002ba6efd31fc4e63a429029be0d6b256b6b653775cb026322743f48e319d053c4aeac34077acb8e0c6c2ef375b2210f8788bd23d24eb0b614de41875b1c8ec56acf18825eaf826691be96" );
1577  unhexify( result_str, "180630d2f4dc91ddb1159978e278cda7ac4b178e82477f9770c4d2e1c5017d2f222348658044c1be4cda24ce3c9ba3d423536a39bf60324c1b30eabdad700b0982e58072f7e18216e7e4c07e17674ec3eabcfbafce317d2f539f129902d80031ca201a8b325629a96ca4a70b51294c2fddd1d0aca1537d7d8b780e1e62d34be2f98104d876a4990396c8628e6498d9651f468bdf1139664eabe9166efbe909bf87d7305d5f60f1acc3599ed339fcf4e009fbad4059af1a50264cb0a4ec1d23f3" );
1578 
1579  switch( SIG_RSA_SHA1 )
1580  {
1581  #ifdef POLARSSL_MD2_C
1582  case SIG_RSA_MD2:
1583  md2( message_str, msg_len, hash_result );
1584  break;
1585  #endif
1586  #ifdef POLARSSL_MD4_C
1587  case SIG_RSA_MD4:
1588  md4( message_str, msg_len, hash_result );
1589  break;
1590  #endif
1591  #ifdef POLARSSL_MD5_C
1592  case SIG_RSA_MD5:
1593  md5( message_str, msg_len, hash_result );
1594  break;
1595  #endif
1596  #ifdef POLARSSL_SHA1_C
1597  case SIG_RSA_SHA1:
1598  sha1( message_str, msg_len, hash_result );
1599  break;
1600  #endif
1601  #ifdef POLARSSL_SHA2_C
1602  case SIG_RSA_SHA224:
1603  sha2( message_str, msg_len, hash_result, 1 );
1604  break;
1605  case SIG_RSA_SHA256:
1606  sha2( message_str, msg_len, hash_result, 0 );
1607  break;
1608  #endif
1609  #ifdef POLARSSL_SHA4_C
1610  case SIG_RSA_SHA384:
1611  sha4( message_str, msg_len, hash_result, 1 );
1612  break;
1613  case SIG_RSA_SHA512:
1614  sha4( message_str, msg_len, hash_result, 0 );
1615  break;
1616  #endif
1617  }
1618 
1619  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 );
1620  }
1621  FCT_TEST_END();
1622 #endif /* POLARSSL_SHA1_C */
1623 
1624 #ifdef POLARSSL_SHA1_C
1625 
1626  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_21)
1627  {
1628  unsigned char message_str[1000];
1629  unsigned char hash_result[1000];
1630  unsigned char result_str[1000];
1631  rsa_context ctx;
1632  int msg_len;
1633 
1634  rsa_init( &ctx, RSA_PKCS_V15, 0 );
1635  memset( message_str, 0x00, 1000 );
1636  memset( hash_result, 0x00, 1000 );
1637  memset( result_str, 0x00, 1000 );
1638 
1639  ctx.len = 1536 / 8;
1640  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
1641  fct_chk( mpi_read_string( &ctx.E, 16, "10001" ) == 0 );
1642 
1643  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
1644 
1645  msg_len = unhexify( message_str, "ac58fd024208d7f045d81a56cd55aad40ab86b0d216ab55136c7027aca23ea13480a52c0dacce0d98139b25965aa4ff76a41dd92037195d24bc0750d52cb3467b48b7b3e71d852c5f82bd9ee85a8388ead5cd8bc38c3d4792e8daa9734a137d31963e245ad3217fad235f7dfd5584de0fe91c4526568588e08b60bdf1badd99f" );
1646  unhexify( result_str, "a142b0d9456f8f4772675265a08613a66c416bd1ae712975c69d9ca5fb8c1be9c24359a04fd15460bf6136a8a11f13e3ce2de2171524f10cb715f0d71e3db15281ab99eadbe86cf8c5c518162c638ef27a4f7bfb4a1a3873f3c384a5b1c3b4966c837b9d8d192ac34e03943b7ae191355aa1ff3b9cd041bb2668f1f81cf0d015b3d3608cd9ac79398212c0f132f1bd45d47768b999fcf3c05fe2069593ceecedc851a7fc465abcfef0fabba9b9460153f6ba8723a5c6e766c83a446aef3ee327" );
1647 
1648  switch( SIG_RSA_SHA1 )
1649  {
1650  #ifdef POLARSSL_MD2_C
1651  case SIG_RSA_MD2:
1652  md2( message_str, msg_len, hash_result );
1653  break;
1654  #endif
1655  #ifdef POLARSSL_MD4_C
1656  case SIG_RSA_MD4:
1657  md4( message_str, msg_len, hash_result );
1658  break;
1659  #endif
1660  #ifdef POLARSSL_MD5_C
1661  case SIG_RSA_MD5:
1662  md5( message_str, msg_len, hash_result );
1663  break;
1664  #endif
1665  #ifdef POLARSSL_SHA1_C
1666  case SIG_RSA_SHA1:
1667  sha1( message_str, msg_len, hash_result );
1668  break;
1669  #endif
1670  #ifdef POLARSSL_SHA2_C
1671  case SIG_RSA_SHA224:
1672  sha2( message_str, msg_len, hash_result, 1 );
1673  break;
1674  case SIG_RSA_SHA256:
1675  sha2( message_str, msg_len, hash_result, 0 );
1676  break;
1677  #endif
1678  #ifdef POLARSSL_SHA4_C
1679  case SIG_RSA_SHA384:
1680  sha4( message_str, msg_len, hash_result, 1 );
1681  break;
1682  case SIG_RSA_SHA512:
1683  sha4( message_str, msg_len, hash_result, 0 );
1684  break;
1685  #endif
1686  }
1687 
1688  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == POLARSSL_ERR_RSA_INVALID_PADDING );
1689  }
1690  FCT_TEST_END();
1691 #endif /* POLARSSL_SHA1_C */
1692 
1693 #ifdef POLARSSL_SHA2_C
1694 
1695  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_22)
1696  {
1697  unsigned char message_str[1000];
1698  unsigned char hash_result[1000];
1699  unsigned char result_str[1000];
1700  rsa_context ctx;
1701  int msg_len;
1702 
1703  rsa_init( &ctx, RSA_PKCS_V15, 0 );
1704  memset( message_str, 0x00, 1000 );
1705  memset( hash_result, 0x00, 1000 );
1706  memset( result_str, 0x00, 1000 );
1707 
1708  ctx.len = 1536 / 8;
1709  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
1710  fct_chk( mpi_read_string( &ctx.E, 16, "10001" ) == 0 );
1711 
1712  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
1713 
1714  msg_len = unhexify( message_str, "027f767928a5821e2723d6f36c43e6b498b6f0b381852571794a096bd49f1c36a4d7bacec7ec402c24b970163169173bb930ec7fdc39bc9457dfc4ca051f5f28a64de1bbe007c22e8368ff9b117dbda17efd2fb73434bbbf5a4158df56813b8c904bb2e779de504dcd974a291568210d6f85810291606a1c0cd88d51ceadf98a" );
1715  unhexify( result_str, "0676e64daaa18f4af46e9dfbe234db389b8a527b0fe1db97eb7f404e3155226cba70d318800f83160fa1aa19916e5c09f079331079f18cb8ab1a4b884cb28501824974f683ed2b9babae9f8c15bea30802805c6b2152119764811bbf5f3994d2e97fa2fe8c5ab15a23c14d7ae56be00eaa8bc26678481ff5ba59b0acfb0e43341bff9fc638e5625480a73dbc5d8d13bd2b9e64037c6b79df0c60869980c6a22ec46f80fb859cb4ee5d2032ac1fe538cfd85c70a7f33b4af50a93395917c2cfb6" );
1716 
1717  switch( SIG_RSA_SHA224 )
1718  {
1719  #ifdef POLARSSL_MD2_C
1720  case SIG_RSA_MD2:
1721  md2( message_str, msg_len, hash_result );
1722  break;
1723  #endif
1724  #ifdef POLARSSL_MD4_C
1725  case SIG_RSA_MD4:
1726  md4( message_str, msg_len, hash_result );
1727  break;
1728  #endif
1729  #ifdef POLARSSL_MD5_C
1730  case SIG_RSA_MD5:
1731  md5( message_str, msg_len, hash_result );
1732  break;
1733  #endif
1734  #ifdef POLARSSL_SHA1_C
1735  case SIG_RSA_SHA1:
1736  sha1( message_str, msg_len, hash_result );
1737  break;
1738  #endif
1739  #ifdef POLARSSL_SHA2_C
1740  case SIG_RSA_SHA224:
1741  sha2( message_str, msg_len, hash_result, 1 );
1742  break;
1743  case SIG_RSA_SHA256:
1744  sha2( message_str, msg_len, hash_result, 0 );
1745  break;
1746  #endif
1747  #ifdef POLARSSL_SHA4_C
1748  case SIG_RSA_SHA384:
1749  sha4( message_str, msg_len, hash_result, 1 );
1750  break;
1751  case SIG_RSA_SHA512:
1752  sha4( message_str, msg_len, hash_result, 0 );
1753  break;
1754  #endif
1755  }
1756 
1757  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA224, 0, hash_result, result_str ) == POLARSSL_ERR_RSA_INVALID_PADDING );
1758  }
1759  FCT_TEST_END();
1760 #endif /* POLARSSL_SHA2_C */
1761 
1762 #ifdef POLARSSL_SHA2_C
1763 
1764  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_23)
1765  {
1766  unsigned char message_str[1000];
1767  unsigned char hash_result[1000];
1768  unsigned char result_str[1000];
1769  rsa_context ctx;
1770  int msg_len;
1771 
1772  rsa_init( &ctx, RSA_PKCS_V15, 0 );
1773  memset( message_str, 0x00, 1000 );
1774  memset( hash_result, 0x00, 1000 );
1775  memset( result_str, 0x00, 1000 );
1776 
1777  ctx.len = 1536 / 8;
1778  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
1779  fct_chk( mpi_read_string( &ctx.E, 16, "10001" ) == 0 );
1780 
1781  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
1782 
1783  msg_len = unhexify( message_str, "06dcd9d4c056b6a45b9ed2ae5f6c1cfa43aae06fe01ee098264aa7a80e901abbcf9a505e55f9a352ef0c078d48249b8298e57ea21bf0e423c3bf69002acfa541ca05007c704bc79cee7a80e1107c7b28d2b2aa6dd093b28efe9642519952a4a95ee49235f9924a0ac0aee5b2a1bce47459d70cd6e75074614199dca44561407c" );
1784  unhexify( result_str, "5e08f399258e6de075b67a0a6a822ceb21b1eb7a0342eca6a4295739f644547dee3456243cf32bd6ea6f357c88632508457130f3dae04f7806efaed43d1d501e16c961dfbd6c71a42b480e95c7027f8275063d05a9aac3eef0520867b9896ebe8ec358f7d121beb4e61ddfdc3dcd835dfe265f2ba68d300ef566ed1284f9f3d7b1af363ed47bfa2e5f0492925444df7e5fcb1e79e690c746117650b543a5e82c39553552f0f44e617b5cf773c533050f4129e893ac22af69b1eb9afb4b5ba5f5" );
1785 
1786  switch( SIG_RSA_SHA224 )
1787  {
1788  #ifdef POLARSSL_MD2_C
1789  case SIG_RSA_MD2:
1790  md2( message_str, msg_len, hash_result );
1791  break;
1792  #endif
1793  #ifdef POLARSSL_MD4_C
1794  case SIG_RSA_MD4:
1795  md4( message_str, msg_len, hash_result );
1796  break;
1797  #endif
1798  #ifdef POLARSSL_MD5_C
1799  case SIG_RSA_MD5:
1800  md5( message_str, msg_len, hash_result );
1801  break;
1802  #endif
1803  #ifdef POLARSSL_SHA1_C
1804  case SIG_RSA_SHA1:
1805  sha1( message_str, msg_len, hash_result );
1806  break;
1807  #endif
1808  #ifdef POLARSSL_SHA2_C
1809  case SIG_RSA_SHA224:
1810  sha2( message_str, msg_len, hash_result, 1 );
1811  break;
1812  case SIG_RSA_SHA256:
1813  sha2( message_str, msg_len, hash_result, 0 );
1814  break;
1815  #endif
1816  #ifdef POLARSSL_SHA4_C
1817  case SIG_RSA_SHA384:
1818  sha4( message_str, msg_len, hash_result, 1 );
1819  break;
1820  case SIG_RSA_SHA512:
1821  sha4( message_str, msg_len, hash_result, 0 );
1822  break;
1823  #endif
1824  }
1825 
1826  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA224, 0, hash_result, result_str ) == 0 );
1827  }
1828  FCT_TEST_END();
1829 #endif /* POLARSSL_SHA2_C */
1830 
1831 #ifdef POLARSSL_SHA2_C
1832 
1833  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_24)
1834  {
1835  unsigned char message_str[1000];
1836  unsigned char hash_result[1000];
1837  unsigned char result_str[1000];
1838  rsa_context ctx;
1839  int msg_len;
1840 
1841  rsa_init( &ctx, RSA_PKCS_V15, 0 );
1842  memset( message_str, 0x00, 1000 );
1843  memset( hash_result, 0x00, 1000 );
1844  memset( result_str, 0x00, 1000 );
1845 
1846  ctx.len = 1536 / 8;
1847  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
1848  fct_chk( mpi_read_string( &ctx.E, 16, "10001" ) == 0 );
1849 
1850  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
1851 
1852  msg_len = unhexify( message_str, "1240028c6d7ab3992ada0e5ca55ee4f3d62f8de575302d5861d73685423c2e6a6d6fb3be090fbc2a701821b6d8fd5e8233f794b6549cd0bb52b390ac31478307bffa91a9bd9c1bf93ffc846356fef008ebee4bb3ee148e0fb1893d188e4934d0d088a433d14a596c5f2e3e49648a22edc6bdbcc58dc1edbd440046b3a169ca2b" );
1853  unhexify( result_str, "a003ae9cf0704d58763b214f20446ecc4099c566f25384e28d0dd6540c58705fc8d0bfe1ceaa06096ed1e230146edb82056e39e6727abec09f25e44079b6ce1ca2c6a540dec7aa34444d7d435f41e5fca9b0bba62759ae2780638e5160e031bb60409c2e85674ac7a776b444b37b9d7f4dbaa557e88b8562a584f2dbe90729b241aede95dfcc7e05b10deef06255cb89f0e7ccff23354818756a1f8bb9f00fd18f6cd22ca1b4bfc38027562bb37562c77c7883b5d735170d75521195fd3f2bd3" );
1854 
1855  switch( SIG_RSA_SHA256 )
1856  {
1857  #ifdef POLARSSL_MD2_C
1858  case SIG_RSA_MD2:
1859  md2( message_str, msg_len, hash_result );
1860  break;
1861  #endif
1862  #ifdef POLARSSL_MD4_C
1863  case SIG_RSA_MD4:
1864  md4( message_str, msg_len, hash_result );
1865  break;
1866  #endif
1867  #ifdef POLARSSL_MD5_C
1868  case SIG_RSA_MD5:
1869  md5( message_str, msg_len, hash_result );
1870  break;
1871  #endif
1872  #ifdef POLARSSL_SHA1_C
1873  case SIG_RSA_SHA1:
1874  sha1( message_str, msg_len, hash_result );
1875  break;
1876  #endif
1877  #ifdef POLARSSL_SHA2_C
1878  case SIG_RSA_SHA224:
1879  sha2( message_str, msg_len, hash_result, 1 );
1880  break;
1881  case SIG_RSA_SHA256:
1882  sha2( message_str, msg_len, hash_result, 0 );
1883  break;
1884  #endif
1885  #ifdef POLARSSL_SHA4_C
1886  case SIG_RSA_SHA384:
1887  sha4( message_str, msg_len, hash_result, 1 );
1888  break;
1889  case SIG_RSA_SHA512:
1890  sha4( message_str, msg_len, hash_result, 0 );
1891  break;
1892  #endif
1893  }
1894 
1895  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA256, 0, hash_result, result_str ) == 0 );
1896  }
1897  FCT_TEST_END();
1898 #endif /* POLARSSL_SHA2_C */
1899 
1900 #ifdef POLARSSL_SHA4_C
1901 
1902  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_25)
1903  {
1904  unsigned char message_str[1000];
1905  unsigned char hash_result[1000];
1906  unsigned char result_str[1000];
1907  rsa_context ctx;
1908  int msg_len;
1909 
1910  rsa_init( &ctx, RSA_PKCS_V15, 0 );
1911  memset( message_str, 0x00, 1000 );
1912  memset( hash_result, 0x00, 1000 );
1913  memset( result_str, 0x00, 1000 );
1914 
1915  ctx.len = 1536 / 8;
1916  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
1917  fct_chk( mpi_read_string( &ctx.E, 16, "10001" ) == 0 );
1918 
1919  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
1920 
1921  msg_len = unhexify( message_str, "67922a8b9cbc95cf7c555ff2d73cfc62ee04c3f0df9bfc8f64293a58bd3bebd2eb212d711f94e35c729d0873d6b244914d21bd0e59b23089b38740e43f480e8f407d090ac93b08a57403968b55e78cfe31eee6e4ecbacf834168fe89b6b8454fce6e675e80f82b33e850ae3f3d24fd320335e37981fd000576941b4f08d4ba99" );
1922  unhexify( result_str, "2c6b301852cc55a993a933e2c080eb9dabfe19e9dc3571066caeabed1492d3501cd838de1c01784932df7a5ad5bbfb48c78f53a45f76e9812d046f23bd968495ef7e981e5add4acfc538fe33a5205de74bb37d3d9b6b87b2d174e85a73f216fd67d5738fc469dff7ea6b852e8dd08bc8df036597372d4d51185e6f47a45fbe1b9bdb06a4018783425ec95294de41f27235ad3b3263a890b8b62b17410a9bb08673393ff205a866ee2057e99c6517c6bbc84f8d87717b83d6f64de7ee215e1e8d" );
1923 
1924  switch( SIG_RSA_SHA384 )
1925  {
1926  #ifdef POLARSSL_MD2_C
1927  case SIG_RSA_MD2:
1928  md2( message_str, msg_len, hash_result );
1929  break;
1930  #endif
1931  #ifdef POLARSSL_MD4_C
1932  case SIG_RSA_MD4:
1933  md4( message_str, msg_len, hash_result );
1934  break;
1935  #endif
1936  #ifdef POLARSSL_MD5_C
1937  case SIG_RSA_MD5:
1938  md5( message_str, msg_len, hash_result );
1939  break;
1940  #endif
1941  #ifdef POLARSSL_SHA1_C
1942  case SIG_RSA_SHA1:
1943  sha1( message_str, msg_len, hash_result );
1944  break;
1945  #endif
1946  #ifdef POLARSSL_SHA2_C
1947  case SIG_RSA_SHA224:
1948  sha2( message_str, msg_len, hash_result, 1 );
1949  break;
1950  case SIG_RSA_SHA256:
1951  sha2( message_str, msg_len, hash_result, 0 );
1952  break;
1953  #endif
1954  #ifdef POLARSSL_SHA4_C
1955  case SIG_RSA_SHA384:
1956  sha4( message_str, msg_len, hash_result, 1 );
1957  break;
1958  case SIG_RSA_SHA512:
1959  sha4( message_str, msg_len, hash_result, 0 );
1960  break;
1961  #endif
1962  }
1963 
1964  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA384, 0, hash_result, result_str ) == 0 );
1965  }
1966  FCT_TEST_END();
1967 #endif /* POLARSSL_SHA4_C */
1968 
1969 #ifdef POLARSSL_SHA4_C
1970 
1971  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_26)
1972  {
1973  unsigned char message_str[1000];
1974  unsigned char hash_result[1000];
1975  unsigned char result_str[1000];
1976  rsa_context ctx;
1977  int msg_len;
1978 
1979  rsa_init( &ctx, RSA_PKCS_V15, 0 );
1980  memset( message_str, 0x00, 1000 );
1981  memset( hash_result, 0x00, 1000 );
1982  memset( result_str, 0x00, 1000 );
1983 
1984  ctx.len = 1536 / 8;
1985  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
1986  fct_chk( mpi_read_string( &ctx.E, 16, "10001" ) == 0 );
1987 
1988  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
1989 
1990  msg_len = unhexify( message_str, "1428b4a449698a994ef84c46a517c3aa6359c48e4264ef65f1f69d77ae26133e17edfc103de416fffb4f2bfe865b434544a418f6e2faca00a165d443f0663ff64080154614f7194057d8b5f1f33934cc9fc2314cf86d4fdad4892bf0d3058f7f37ebe98ef52bfb240b9ad369153afe081bbcf9d7ae43e8ba336b8ac57e8a6da0" );
1991  unhexify( result_str, "8e10a1ae470e6e57a8d234185f78fdb600cc636c41565a9f3694a84ae102f6251984f54d11a7785fdcfdfaf80a821e05d57ef6b8edc03d9076755779322fd53eb98c805da77dc9316744e393c2fecd291a7e6043b1ca89fd8248f661e1d53110211b91edb41b31e848cde1115d8afd9963ebcc36aff5a27085949f0781bc69167c140ecfe71c44aacaf4123e557eaf2b528c6d0ea875b4ceefa942fe338af8df10562c438af04cd7521da912b3e3899cef0d75722161be6abed5e4e9009dbf40" );
1992 
1993  switch( SIG_RSA_SHA512 )
1994  {
1995  #ifdef POLARSSL_MD2_C
1996  case SIG_RSA_MD2:
1997  md2( message_str, msg_len, hash_result );
1998  break;
1999  #endif
2000  #ifdef POLARSSL_MD4_C
2001  case SIG_RSA_MD4:
2002  md4( message_str, msg_len, hash_result );
2003  break;
2004  #endif
2005  #ifdef POLARSSL_MD5_C
2006  case SIG_RSA_MD5:
2007  md5( message_str, msg_len, hash_result );
2008  break;
2009  #endif
2010  #ifdef POLARSSL_SHA1_C
2011  case SIG_RSA_SHA1:
2012  sha1( message_str, msg_len, hash_result );
2013  break;
2014  #endif
2015  #ifdef POLARSSL_SHA2_C
2016  case SIG_RSA_SHA224:
2017  sha2( message_str, msg_len, hash_result, 1 );
2018  break;
2019  case SIG_RSA_SHA256:
2020  sha2( message_str, msg_len, hash_result, 0 );
2021  break;
2022  #endif
2023  #ifdef POLARSSL_SHA4_C
2024  case SIG_RSA_SHA384:
2025  sha4( message_str, msg_len, hash_result, 1 );
2026  break;
2027  case SIG_RSA_SHA512:
2028  sha4( message_str, msg_len, hash_result, 0 );
2029  break;
2030  #endif
2031  }
2032 
2033  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA512, 0, hash_result, result_str ) == 0 );
2034  }
2035  FCT_TEST_END();
2036 #endif /* POLARSSL_SHA4_C */
2037 
2038 #ifdef POLARSSL_SHA1_C
2039 
2040  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_27)
2041  {
2042  unsigned char message_str[1000];
2043  unsigned char hash_result[1000];
2044  unsigned char result_str[1000];
2045  rsa_context ctx;
2046  int msg_len;
2047 
2048  rsa_init( &ctx, RSA_PKCS_V15, 0 );
2049  memset( message_str, 0x00, 1000 );
2050  memset( hash_result, 0x00, 1000 );
2051  memset( result_str, 0x00, 1000 );
2052 
2053  ctx.len = 1536 / 8;
2054  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
2055  fct_chk( mpi_read_string( &ctx.E, 16, "11" ) == 0 );
2056 
2057  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
2058 
2059  msg_len = unhexify( message_str, "4871adc05f6b3ecf296680b0dd8d86715b0d5264c064008037dc410512520b5f193c8f4d21eb6c42e10d220c0275c9b3751f03a4096e2f0e3db9df8d52068c06a51589d23ca1361e9fe27691e95663301ec1407fbf73aee99cc92362eaf6994b95038396d815052a0aef6489bbb7bcb0fffdf13f0af9e7d9fd14f6ce00ab98f7" );
2060  unhexify( result_str, "180caf03781b391aacebe5b3f5e1d3b01c68a00df4ecfb6c4bf14217aed7cfca0adac099ec1d6e1f0b43b09b86788533fee6691d773807af0df6cc3bbdde3cf34bf5b848fa59c8bc10227cc3eba3452a85e0520fccdb2d8d32dd99672d302756a2d7f7f2693db3a48be17bd34d9d891f4ba44449c5bad1de91b788f524500a7703cccbaa77b9fe8791f5c8aa7b8f055336f28fcfc01733712e33cfb3d33fe71ddb9ced2a31931ec38007f5ad4a0d19acc428124b0e5ee6e0746fb33c1a4d90c8" );
2061 
2062  switch( SIG_RSA_SHA1 )
2063  {
2064  #ifdef POLARSSL_MD2_C
2065  case SIG_RSA_MD2:
2066  md2( message_str, msg_len, hash_result );
2067  break;
2068  #endif
2069  #ifdef POLARSSL_MD4_C
2070  case SIG_RSA_MD4:
2071  md4( message_str, msg_len, hash_result );
2072  break;
2073  #endif
2074  #ifdef POLARSSL_MD5_C
2075  case SIG_RSA_MD5:
2076  md5( message_str, msg_len, hash_result );
2077  break;
2078  #endif
2079  #ifdef POLARSSL_SHA1_C
2080  case SIG_RSA_SHA1:
2081  sha1( message_str, msg_len, hash_result );
2082  break;
2083  #endif
2084  #ifdef POLARSSL_SHA2_C
2085  case SIG_RSA_SHA224:
2086  sha2( message_str, msg_len, hash_result, 1 );
2087  break;
2088  case SIG_RSA_SHA256:
2089  sha2( message_str, msg_len, hash_result, 0 );
2090  break;
2091  #endif
2092  #ifdef POLARSSL_SHA4_C
2093  case SIG_RSA_SHA384:
2094  sha4( message_str, msg_len, hash_result, 1 );
2095  break;
2096  case SIG_RSA_SHA512:
2097  sha4( message_str, msg_len, hash_result, 0 );
2098  break;
2099  #endif
2100  }
2101 
2102  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 );
2103  }
2104  FCT_TEST_END();
2105 #endif /* POLARSSL_SHA1_C */
2106 
2107 #ifdef POLARSSL_SHA2_C
2108 
2109  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_28)
2110  {
2111  unsigned char message_str[1000];
2112  unsigned char hash_result[1000];
2113  unsigned char result_str[1000];
2114  rsa_context ctx;
2115  int msg_len;
2116 
2117  rsa_init( &ctx, RSA_PKCS_V15, 0 );
2118  memset( message_str, 0x00, 1000 );
2119  memset( hash_result, 0x00, 1000 );
2120  memset( result_str, 0x00, 1000 );
2121 
2122  ctx.len = 1536 / 8;
2123  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
2124  fct_chk( mpi_read_string( &ctx.E, 16, "11" ) == 0 );
2125 
2126  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
2127 
2128  msg_len = unhexify( message_str, "3bba64de38438a71b95ab9c94539d5870c1fb08d7a9937600c00e9d063438edc97e625d0cd4b1eb00c31c9d94c7a0fe6d03160d1b6cbec5acdad16ada6ef253fee603df9faca8f98a477cc5456f3dfbf6414dbf19f3832e227ce291780188881e82e96a2e84744f12a34a9808a2daedc6fd00b345c6772bec26a095719451e6a" );
2129  unhexify( result_str, "8c846e75e32ce5f9964bdd8f6dcf1d2996a646b233bcf1bd6394e13e856691b89bedd18290a0f9f7c90dca307271b3108e795340490513b25e6789e93722c65ec064b4c43457295a31d1f07dd605e133fd6eaafc58cda132df2939f5f693e0205af34550afaa137f3e482885e50dfb48333a15c0821e7a19642acdddc6fea3c7487c691246a2b083dac439889d5ae741b7e08c47937530b4b069f1a260cd07fe4a0ddd530ab11534fb805e9b562118ee0e97932966008aadfc83f3b8a10de8ee" );
2130 
2131  switch( SIG_RSA_SHA224 )
2132  {
2133  #ifdef POLARSSL_MD2_C
2134  case SIG_RSA_MD2:
2135  md2( message_str, msg_len, hash_result );
2136  break;
2137  #endif
2138  #ifdef POLARSSL_MD4_C
2139  case SIG_RSA_MD4:
2140  md4( message_str, msg_len, hash_result );
2141  break;
2142  #endif
2143  #ifdef POLARSSL_MD5_C
2144  case SIG_RSA_MD5:
2145  md5( message_str, msg_len, hash_result );
2146  break;
2147  #endif
2148  #ifdef POLARSSL_SHA1_C
2149  case SIG_RSA_SHA1:
2150  sha1( message_str, msg_len, hash_result );
2151  break;
2152  #endif
2153  #ifdef POLARSSL_SHA2_C
2154  case SIG_RSA_SHA224:
2155  sha2( message_str, msg_len, hash_result, 1 );
2156  break;
2157  case SIG_RSA_SHA256:
2158  sha2( message_str, msg_len, hash_result, 0 );
2159  break;
2160  #endif
2161  #ifdef POLARSSL_SHA4_C
2162  case SIG_RSA_SHA384:
2163  sha4( message_str, msg_len, hash_result, 1 );
2164  break;
2165  case SIG_RSA_SHA512:
2166  sha4( message_str, msg_len, hash_result, 0 );
2167  break;
2168  #endif
2169  }
2170 
2171  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA224, 0, hash_result, result_str ) == 0 );
2172  }
2173  FCT_TEST_END();
2174 #endif /* POLARSSL_SHA2_C */
2175 
2176 #ifdef POLARSSL_SHA2_C
2177 
2178  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_29)
2179  {
2180  unsigned char message_str[1000];
2181  unsigned char hash_result[1000];
2182  unsigned char result_str[1000];
2183  rsa_context ctx;
2184  int msg_len;
2185 
2186  rsa_init( &ctx, RSA_PKCS_V15, 0 );
2187  memset( message_str, 0x00, 1000 );
2188  memset( hash_result, 0x00, 1000 );
2189  memset( result_str, 0x00, 1000 );
2190 
2191  ctx.len = 1536 / 8;
2192  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
2193  fct_chk( mpi_read_string( &ctx.E, 16, "11" ) == 0 );
2194 
2195  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
2196 
2197  msg_len = unhexify( message_str, "f7857ce04bf4292ea1755f9e587822372f4dcdf10bddfc0ff498a8af60ae94a0b482e873085c1cd52a5d181ce6b99a1f8520d74b947d65f3e7e358e8ddc4ac4ae465e39d408eee1f09865159733f83f553cd93cfde1c114fb3e32cf51cd418359016b3867df467b645d752808671a4609f3c49a67023c9ca617e6cffa544a10a" );
2198  unhexify( result_str, "9677300bbee003be3c445634f8ed5beb152b63f46f84cf5a8e721e0fafe8f3f7e99a6d50741f23f449d3026da3e8a7ac36be99ab44831803486ae552f7aa01f075287829b231d2d0840908e09081ae177ed888fe46a9d937a0871eb5d52ec541c8411c4cbf7efea6ca213b12cea513b0739eedca7c9473e10a7796936f4eaa0c5d3a9013ca5536781ac68eb2ca5779144de23da2e9875114aca885b3219dfc292d73940c5992ea3c4882889e7543430652860e441a01a45d9f4005a012421493" );
2199 
2200  switch( SIG_RSA_SHA256 )
2201  {
2202  #ifdef POLARSSL_MD2_C
2203  case SIG_RSA_MD2:
2204  md2( message_str, msg_len, hash_result );
2205  break;
2206  #endif
2207  #ifdef POLARSSL_MD4_C
2208  case SIG_RSA_MD4:
2209  md4( message_str, msg_len, hash_result );
2210  break;
2211  #endif
2212  #ifdef POLARSSL_MD5_C
2213  case SIG_RSA_MD5:
2214  md5( message_str, msg_len, hash_result );
2215  break;
2216  #endif
2217  #ifdef POLARSSL_SHA1_C
2218  case SIG_RSA_SHA1:
2219  sha1( message_str, msg_len, hash_result );
2220  break;
2221  #endif
2222  #ifdef POLARSSL_SHA2_C
2223  case SIG_RSA_SHA224:
2224  sha2( message_str, msg_len, hash_result, 1 );
2225  break;
2226  case SIG_RSA_SHA256:
2227  sha2( message_str, msg_len, hash_result, 0 );
2228  break;
2229  #endif
2230  #ifdef POLARSSL_SHA4_C
2231  case SIG_RSA_SHA384:
2232  sha4( message_str, msg_len, hash_result, 1 );
2233  break;
2234  case SIG_RSA_SHA512:
2235  sha4( message_str, msg_len, hash_result, 0 );
2236  break;
2237  #endif
2238  }
2239 
2240  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA256, 0, hash_result, result_str ) == 0 );
2241  }
2242  FCT_TEST_END();
2243 #endif /* POLARSSL_SHA2_C */
2244 
2245 #ifdef POLARSSL_SHA2_C
2246 
2247  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_30)
2248  {
2249  unsigned char message_str[1000];
2250  unsigned char hash_result[1000];
2251  unsigned char result_str[1000];
2252  rsa_context ctx;
2253  int msg_len;
2254 
2255  rsa_init( &ctx, RSA_PKCS_V15, 0 );
2256  memset( message_str, 0x00, 1000 );
2257  memset( hash_result, 0x00, 1000 );
2258  memset( result_str, 0x00, 1000 );
2259 
2260  ctx.len = 1536 / 8;
2261  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
2262  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
2263 
2264  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
2265 
2266  msg_len = unhexify( message_str, "ca312774f2756ac2019f213a01a63c9a0b4a49ccafecf25e97a4c632668e3c77e664f4d7635241f25205e50c37061b02c546db8346fa597c3da8cfd44a827c5a4ff4ecfcd1797b39a1b215d9bbb93fdb6eb35bafbda427a5068888a6e19f86224b0897490491207e35ce39085668b10b4fb851b7dd9465c03869790ef38a61b5" );
2267  unhexify( result_str, "a202c33eb831b9d8e818b6c3bcdb42818e1d9c22a06ddd73a17a21e49d18cda44df349a066477cae068e1a5d2b518b0885e889ef796ca9e6f42a69ac755b8a6405fbaef93fe0130d98de35d689addfee3eecd26658903f774bda481c3f40ee0e9569a3c3e2da7ad576c7de82159d933e36fa29cfef99367005e34ab5082d80f48276d37dabc88dbb023bd01585329d2ccf417f78ec508aaa29751007d31f1669296b981d44c8fa99130c5df7a071725b496859314aaf9baf0ebc780355914249" );
2268 
2269  switch( SIG_RSA_SHA256 )
2270  {
2271  #ifdef POLARSSL_MD2_C
2272  case SIG_RSA_MD2:
2273  md2( message_str, msg_len, hash_result );
2274  break;
2275  #endif
2276  #ifdef POLARSSL_MD4_C
2277  case SIG_RSA_MD4:
2278  md4( message_str, msg_len, hash_result );
2279  break;
2280  #endif
2281  #ifdef POLARSSL_MD5_C
2282  case SIG_RSA_MD5:
2283  md5( message_str, msg_len, hash_result );
2284  break;
2285  #endif
2286  #ifdef POLARSSL_SHA1_C
2287  case SIG_RSA_SHA1:
2288  sha1( message_str, msg_len, hash_result );
2289  break;
2290  #endif
2291  #ifdef POLARSSL_SHA2_C
2292  case SIG_RSA_SHA224:
2293  sha2( message_str, msg_len, hash_result, 1 );
2294  break;
2295  case SIG_RSA_SHA256:
2296  sha2( message_str, msg_len, hash_result, 0 );
2297  break;
2298  #endif
2299  #ifdef POLARSSL_SHA4_C
2300  case SIG_RSA_SHA384:
2301  sha4( message_str, msg_len, hash_result, 1 );
2302  break;
2303  case SIG_RSA_SHA512:
2304  sha4( message_str, msg_len, hash_result, 0 );
2305  break;
2306  #endif
2307  }
2308 
2309  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA256, 0, hash_result, result_str ) == POLARSSL_ERR_RSA_INVALID_PADDING );
2310  }
2311  FCT_TEST_END();
2312 #endif /* POLARSSL_SHA2_C */
2313 
2314 #ifdef POLARSSL_SHA4_C
2315 
2316  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_31)
2317  {
2318  unsigned char message_str[1000];
2319  unsigned char hash_result[1000];
2320  unsigned char result_str[1000];
2321  rsa_context ctx;
2322  int msg_len;
2323 
2324  rsa_init( &ctx, RSA_PKCS_V15, 0 );
2325  memset( message_str, 0x00, 1000 );
2326  memset( hash_result, 0x00, 1000 );
2327  memset( result_str, 0x00, 1000 );
2328 
2329  ctx.len = 1536 / 8;
2330  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
2331  fct_chk( mpi_read_string( &ctx.E, 16, "10001" ) == 0 );
2332 
2333  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
2334 
2335  msg_len = unhexify( message_str, "2abe079077290ceb6c80ac5c61062ce8da814b1fb99a1a9fb2860ed900e6541856ec64bf19c0d9d1cc2280b7cc50af3e3d2ad8e044945d44761ca60891dd72bd6aa26a33274ffcf7ae7d661b5e651135fcff21aaf06b4a2db18fe5827e0243884f2841760b9f1c65fbda870f7f0cfbd6ff484f0825e688614928f2d12d1e7080" );
2336  unhexify( result_str, "402631f3cddfb02cc4d9cb58ef1ab6726bd787a50e12e98567c9702bfdf47af85904aec5a2f6c5df9a10f08f90f93728eb090ae2ac21ded9f38faecd8195f3eb3d4107521b1cee956e7a214245b038adae912fa35ec97cb3bdc41352e8aaff80173561284cb740f999a3cd6653a6c3d5a3f911a416f41e2155083982c99eb5998a0a74d77f1ae999d901ee24a7f2c424179a3f92b07dc0b3498c1884e60677bee0175e810b426c4ad008d2743cd19b00b33177bf8be3fed7f7406e1bce0c2ea3" );
2337 
2338  switch( SIG_RSA_SHA384 )
2339  {
2340  #ifdef POLARSSL_MD2_C
2341  case SIG_RSA_MD2:
2342  md2( message_str, msg_len, hash_result );
2343  break;
2344  #endif
2345  #ifdef POLARSSL_MD4_C
2346  case SIG_RSA_MD4:
2347  md4( message_str, msg_len, hash_result );
2348  break;
2349  #endif
2350  #ifdef POLARSSL_MD5_C
2351  case SIG_RSA_MD5:
2352  md5( message_str, msg_len, hash_result );
2353  break;
2354  #endif
2355  #ifdef POLARSSL_SHA1_C
2356  case SIG_RSA_SHA1:
2357  sha1( message_str, msg_len, hash_result );
2358  break;
2359  #endif
2360  #ifdef POLARSSL_SHA2_C
2361  case SIG_RSA_SHA224:
2362  sha2( message_str, msg_len, hash_result, 1 );
2363  break;
2364  case SIG_RSA_SHA256:
2365  sha2( message_str, msg_len, hash_result, 0 );
2366  break;
2367  #endif
2368  #ifdef POLARSSL_SHA4_C
2369  case SIG_RSA_SHA384:
2370  sha4( message_str, msg_len, hash_result, 1 );
2371  break;
2372  case SIG_RSA_SHA512:
2373  sha4( message_str, msg_len, hash_result, 0 );
2374  break;
2375  #endif
2376  }
2377 
2378  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA384, 0, hash_result, result_str ) == POLARSSL_ERR_RSA_INVALID_PADDING );
2379  }
2380  FCT_TEST_END();
2381 #endif /* POLARSSL_SHA4_C */
2382 
2383 #ifdef POLARSSL_SHA4_C
2384 
2385  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_32)
2386  {
2387  unsigned char message_str[1000];
2388  unsigned char hash_result[1000];
2389  unsigned char result_str[1000];
2390  rsa_context ctx;
2391  int msg_len;
2392 
2393  rsa_init( &ctx, RSA_PKCS_V15, 0 );
2394  memset( message_str, 0x00, 1000 );
2395  memset( hash_result, 0x00, 1000 );
2396  memset( result_str, 0x00, 1000 );
2397 
2398  ctx.len = 1536 / 8;
2399  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
2400  fct_chk( mpi_read_string( &ctx.E, 16, "11" ) == 0 );
2401 
2402  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
2403 
2404  msg_len = unhexify( message_str, "da9505809dc92cfd8e01a1857dde52df6677c40d98f4577c1659ca7d3e9f01f9a809065f51b54fe2f9723fe2c9d1eea7397f2d5531d1c51c6ea100b028596bf9f24dd90be14eab58f07b4f24a35b073aeb29ecde4a6f320237d7adbdc43d94f87e08866b95bbcac83dc7db3553a42400441f088e2bf6259539a2da8b5a74065f" );
2405  unhexify( result_str, "57edd0560df9840a25c28ff6d254e432395a5cd2d92248b3b44d7eab0fc65b3c4e545a916a8e90ce89745119db9ec9799aa8890f5250fb589cfc12dac1b6e406a39bc3b3663892da5354ba453cbd5e4c89bdce82d0ffe97052a03a5c3308819c1139ebc780c13cf6dc1477faf734abcb1db3fafaed6f22885c9c0222ff5deacb8cc6d027f2e959c3075011b382e88c4b27b83b4f2e6fda022e331c3602d19f5ac7bccfe95ea1e93d736dbd918ae5b1f468cd0b5b536a2f918d5e27a0757e75b7" );
2406 
2407  switch( SIG_RSA_SHA384 )
2408  {
2409  #ifdef POLARSSL_MD2_C
2410  case SIG_RSA_MD2:
2411  md2( message_str, msg_len, hash_result );
2412  break;
2413  #endif
2414  #ifdef POLARSSL_MD4_C
2415  case SIG_RSA_MD4:
2416  md4( message_str, msg_len, hash_result );
2417  break;
2418  #endif
2419  #ifdef POLARSSL_MD5_C
2420  case SIG_RSA_MD5:
2421  md5( message_str, msg_len, hash_result );
2422  break;
2423  #endif
2424  #ifdef POLARSSL_SHA1_C
2425  case SIG_RSA_SHA1:
2426  sha1( message_str, msg_len, hash_result );
2427  break;
2428  #endif
2429  #ifdef POLARSSL_SHA2_C
2430  case SIG_RSA_SHA224:
2431  sha2( message_str, msg_len, hash_result, 1 );
2432  break;
2433  case SIG_RSA_SHA256:
2434  sha2( message_str, msg_len, hash_result, 0 );
2435  break;
2436  #endif
2437  #ifdef POLARSSL_SHA4_C
2438  case SIG_RSA_SHA384:
2439  sha4( message_str, msg_len, hash_result, 1 );
2440  break;
2441  case SIG_RSA_SHA512:
2442  sha4( message_str, msg_len, hash_result, 0 );
2443  break;
2444  #endif
2445  }
2446 
2447  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA384, 0, hash_result, result_str ) == 0 );
2448  }
2449  FCT_TEST_END();
2450 #endif /* POLARSSL_SHA4_C */
2451 
2452 #ifdef POLARSSL_SHA4_C
2453 
2454  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_33)
2455  {
2456  unsigned char message_str[1000];
2457  unsigned char hash_result[1000];
2458  unsigned char result_str[1000];
2459  rsa_context ctx;
2460  int msg_len;
2461 
2462  rsa_init( &ctx, RSA_PKCS_V15, 0 );
2463  memset( message_str, 0x00, 1000 );
2464  memset( hash_result, 0x00, 1000 );
2465  memset( result_str, 0x00, 1000 );
2466 
2467  ctx.len = 1536 / 8;
2468  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
2469  fct_chk( mpi_read_string( &ctx.E, 16, "11" ) == 0 );
2470 
2471  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
2472 
2473  msg_len = unhexify( message_str, "d0cd038c65b3acca45822eaf91ea5176e82043268876dec0b62e2abd619023b7023abc67c6b823cfef5447b8772f985ff7910d6cc87e6c23688ac6de1fee40bbe2da1a92770de92adaa427ace02fee571a0a0176fceb0c8f3eb72dde839ab201395625f5c0db8641ce19d7711212dec61733262c6ce4476c025e67a3d5bc01f3" );
2474  unhexify( result_str, "2f30629c1117d013bb36e6099dee931dcaf0a1032b07ec23e2b262898a8945e569c9573d81e22bb0a5f8a28b0d7b8ff01367dd7f089c68ed1daa11cf53a96ee91b38e6b839b6e90bea34d14b78f5d2c7629b68c5b4f2ecfff66b483b2233cb14f95df533c867a2b610aebcdbb7ea3109aaf2f5762ab3edc2571deccc7da0c9a5b443ca2b924c0f18de7bbb736a08fed3916795018a436a3ae62c85d554a53a6d48623908e06e7d275f4251d3b3bd530bd11e155dcf2b5c2adf030cdf931ae749" );
2475 
2476  switch( SIG_RSA_SHA512 )
2477  {
2478  #ifdef POLARSSL_MD2_C
2479  case SIG_RSA_MD2:
2480  md2( message_str, msg_len, hash_result );
2481  break;
2482  #endif
2483  #ifdef POLARSSL_MD4_C
2484  case SIG_RSA_MD4:
2485  md4( message_str, msg_len, hash_result );
2486  break;
2487  #endif
2488  #ifdef POLARSSL_MD5_C
2489  case SIG_RSA_MD5:
2490  md5( message_str, msg_len, hash_result );
2491  break;
2492  #endif
2493  #ifdef POLARSSL_SHA1_C
2494  case SIG_RSA_SHA1:
2495  sha1( message_str, msg_len, hash_result );
2496  break;
2497  #endif
2498  #ifdef POLARSSL_SHA2_C
2499  case SIG_RSA_SHA224:
2500  sha2( message_str, msg_len, hash_result, 1 );
2501  break;
2502  case SIG_RSA_SHA256:
2503  sha2( message_str, msg_len, hash_result, 0 );
2504  break;
2505  #endif
2506  #ifdef POLARSSL_SHA4_C
2507  case SIG_RSA_SHA384:
2508  sha4( message_str, msg_len, hash_result, 1 );
2509  break;
2510  case SIG_RSA_SHA512:
2511  sha4( message_str, msg_len, hash_result, 0 );
2512  break;
2513  #endif
2514  }
2515 
2516  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA512, 0, hash_result, result_str ) == POLARSSL_ERR_RSA_INVALID_PADDING );
2517  }
2518  FCT_TEST_END();
2519 #endif /* POLARSSL_SHA4_C */
2520 
2521 #ifdef POLARSSL_SHA4_C
2522 
2523  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_34)
2524  {
2525  unsigned char message_str[1000];
2526  unsigned char hash_result[1000];
2527  unsigned char result_str[1000];
2528  rsa_context ctx;
2529  int msg_len;
2530 
2531  rsa_init( &ctx, RSA_PKCS_V15, 0 );
2532  memset( message_str, 0x00, 1000 );
2533  memset( hash_result, 0x00, 1000 );
2534  memset( result_str, 0x00, 1000 );
2535 
2536  ctx.len = 1536 / 8;
2537  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
2538  fct_chk( mpi_read_string( &ctx.E, 16, "11" ) == 0 );
2539 
2540  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
2541 
2542  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
2543  unhexify( result_str, "0b4d96f411c727a262d6d0ade34195b78603551061917d060f89add47b09dfe8715f4f9147d327dc25e91fe457e5d1a2f22cd8fe6fe8e29d2060658307c87a40640650fef3d4b289a6c3febc5a100b29a8b56623afb29fd3c13ea372bf3c638c1db25f8bd8c74c821beec7b5affcace1d05d056a6c2d3035926c7a268df4751a54bc20a6b8cfd729a7cba309ae817daccbef9950a482cf23950a8ca1d3a13ddb7d8d0f87ad5587d4d9ebe19fe93457597a7bdd056c2fd4cea7d31e4a0e595a7b" );
2544 
2545  switch( SIG_RSA_SHA512 )
2546  {
2547  #ifdef POLARSSL_MD2_C
2548  case SIG_RSA_MD2:
2549  md2( message_str, msg_len, hash_result );
2550  break;
2551  #endif
2552  #ifdef POLARSSL_MD4_C
2553  case SIG_RSA_MD4:
2554  md4( message_str, msg_len, hash_result );
2555  break;
2556  #endif
2557  #ifdef POLARSSL_MD5_C
2558  case SIG_RSA_MD5:
2559  md5( message_str, msg_len, hash_result );
2560  break;
2561  #endif
2562  #ifdef POLARSSL_SHA1_C
2563  case SIG_RSA_SHA1:
2564  sha1( message_str, msg_len, hash_result );
2565  break;
2566  #endif
2567  #ifdef POLARSSL_SHA2_C
2568  case SIG_RSA_SHA224:
2569  sha2( message_str, msg_len, hash_result, 1 );
2570  break;
2571  case SIG_RSA_SHA256:
2572  sha2( message_str, msg_len, hash_result, 0 );
2573  break;
2574  #endif
2575  #ifdef POLARSSL_SHA4_C
2576  case SIG_RSA_SHA384:
2577  sha4( message_str, msg_len, hash_result, 1 );
2578  break;
2579  case SIG_RSA_SHA512:
2580  sha4( message_str, msg_len, hash_result, 0 );
2581  break;
2582  #endif
2583  }
2584 
2585  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA512, 0, hash_result, result_str ) == 0 );
2586  }
2587  FCT_TEST_END();
2588 #endif /* POLARSSL_SHA4_C */
2589 
2590 #ifdef POLARSSL_SHA4_C
2591 
2592  FCT_TEST_BGN(rsa_pkcs1_sign_1_sha512_1536_bits_rsa)
2593  {
2594  unsigned char message_str[1000];
2595  unsigned char hash_result[1000];
2596  unsigned char output[1000];
2597  unsigned char output_str[1000];
2598  rsa_context ctx;
2599  mpi P1, Q1, H, G;
2600  int msg_len;
2601 
2602  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
2603  rsa_init( &ctx, RSA_PKCS_V15, 0 );
2604 
2605  memset( message_str, 0x00, 1000 );
2606  memset( hash_result, 0x00, 1000 );
2607  memset( output, 0x00, 1000 );
2608  memset( output_str, 0x00, 1000 );
2609 
2610  ctx.len = 1536 / 8;
2611  fct_chk( mpi_read_string( &ctx.P, 16, "c8c67df894c882045ede26a9008ab09ea0672077d7bc71d412511cd93981ddde8f91b967da404056c39f105f7f239abdaff92923859920f6299e82b95bd5b8c959948f4a035cbd693ad83014294d349813d1ad57911a6355d0731fe3a034e9db" ) == 0 );
2612  fct_chk( mpi_read_string( &ctx.Q, 16, "f15147d0e7c04a1e3f37adde802cdc610999bf7ab0088434aaeda0c0ab3910b14d2ce56cb66bffd97552195fae8b061077e03920814d8b9cfb5a3958b3a82c2a7fc97e55db5978b47a922156eb8a3e55c06a54a45d1670abdfb995489c4d0051" ) == 0 );
2613  fct_chk( mpi_read_string( &ctx.N, 16, "bd429bb7c3b00bbea19ba664c0f8172d1a73c3cfa05e2ed656d570c1590918bb7e372ed25e2cd71395ba0a9b1a30f3ee012ffb0546cab8e3581fe3e23f44ab57a8aee9717e71a936a580fa8572d450fb00339a6f6704b717df0c149a465bab768c61500cd93b61113ff3e4389167f7b2c8e3c0da2d4765286bee555b0bcb4998f59b14fad03180a17c8b4f69bcd1234f4ae85950137665ac2ba80b55cc9b1aafb454b83771aa755acd2a00e93ddb65e696dbed8bdca69fb5e0c5c2097b9cfe4b" ) == 0 );
2614  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
2615 
2616  fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
2617  fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
2618  fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
2619  fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 );
2620  fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
2621  fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
2622  fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
2623  fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
2624 
2625  fct_chk( rsa_check_privkey( &ctx ) == 0 );
2626 
2627  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
2628 
2629  switch( SIG_RSA_SHA512 )
2630  {
2631  #ifdef POLARSSL_MD2_C
2632  case SIG_RSA_MD2:
2633  md2( message_str, msg_len, hash_result );
2634  break;
2635  #endif
2636  #ifdef POLARSSL_MD4_C
2637  case SIG_RSA_MD4:
2638  md4( message_str, msg_len, hash_result );
2639  break;
2640  #endif
2641  #ifdef POLARSSL_MD5_C
2642  case SIG_RSA_MD5:
2643  md5( message_str, msg_len, hash_result );
2644  break;
2645  #endif
2646  #ifdef POLARSSL_SHA1_C
2647  case SIG_RSA_SHA1:
2648  sha1( message_str, msg_len, hash_result );
2649  break;
2650  #endif
2651  #ifdef POLARSSL_SHA2_C
2652  case SIG_RSA_SHA224:
2653  sha2( message_str, msg_len, hash_result, 1 );
2654  break;
2655  case SIG_RSA_SHA256:
2656  sha2( message_str, msg_len, hash_result, 0 );
2657  break;
2658  #endif
2659  #ifdef POLARSSL_SHA4_C
2660  case SIG_RSA_SHA384:
2661  sha4( message_str, msg_len, hash_result, 1 );
2662  break;
2663  case SIG_RSA_SHA512:
2664  sha4( message_str, msg_len, hash_result, 0 );
2665  break;
2666  #endif
2667  }
2668 
2669  fct_chk( rsa_pkcs1_sign( &ctx, NULL, NULL, RSA_PRIVATE, SIG_RSA_SHA512, 0, hash_result, output ) == 0 );
2670  if( 0 == 0 )
2671  {
2672  hexify( output_str, output, ctx.len );
2673 
2674  fct_chk( strcasecmp( (char *) output_str, "93b6fa99485c116ca6efdd4202ea1cf49f4c6345fae692584413743ce5b65510e8e4690aee9a19ea1ff10d57f22aa3548d839f28a8525a34354e9e58e0f3947e056ce2554e21bf287e220b98db3b551258cd42b495e5d1a3bbc83c9d1a02f2a300ef6d866ea75108e44ebb3e16b47df2f6de28feb2be3874dbbf21599451082d86e9f2f462575a8185c69aa1f1fcb6a363c5d71aeba2103449eaf3845285291148d5f78d1646b8dc95cbcc4082f987d948b0e7d4e80b60595f8a7517584e1643" ) == 0 );
2675  }
2676 
2677  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
2678  }
2679  FCT_TEST_END();
2680 #endif /* POLARSSL_SHA4_C */
2681 
2682 #ifdef POLARSSL_SHA4_C
2683 
2684  FCT_TEST_BGN(rsa_pkcs1_sign_1_verify)
2685  {
2686  unsigned char message_str[1000];
2687  unsigned char hash_result[1000];
2688  unsigned char result_str[1000];
2689  rsa_context ctx;
2690  int msg_len;
2691 
2692  rsa_init( &ctx, RSA_PKCS_V15, 0 );
2693  memset( message_str, 0x00, 1000 );
2694  memset( hash_result, 0x00, 1000 );
2695  memset( result_str, 0x00, 1000 );
2696 
2697  ctx.len = 1536 / 8;
2698  fct_chk( mpi_read_string( &ctx.N, 16, "bd429bb7c3b00bbea19ba664c0f8172d1a73c3cfa05e2ed656d570c1590918bb7e372ed25e2cd71395ba0a9b1a30f3ee012ffb0546cab8e3581fe3e23f44ab57a8aee9717e71a936a580fa8572d450fb00339a6f6704b717df0c149a465bab768c61500cd93b61113ff3e4389167f7b2c8e3c0da2d4765286bee555b0bcb4998f59b14fad03180a17c8b4f69bcd1234f4ae85950137665ac2ba80b55cc9b1aafb454b83771aa755acd2a00e93ddb65e696dbed8bdca69fb5e0c5c2097b9cfe4b" ) == 0 );
2699  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
2700 
2701  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
2702 
2703  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
2704  unhexify( result_str, "93b6fa99485c116ca6efdd4202ea1cf49f4c6345fae692584413743ce5b65510e8e4690aee9a19ea1ff10d57f22aa3548d839f28a8525a34354e9e58e0f3947e056ce2554e21bf287e220b98db3b551258cd42b495e5d1a3bbc83c9d1a02f2a300ef6d866ea75108e44ebb3e16b47df2f6de28feb2be3874dbbf21599451082d86e9f2f462575a8185c69aa1f1fcb6a363c5d71aeba2103449eaf3845285291148d5f78d1646b8dc95cbcc4082f987d948b0e7d4e80b60595f8a7517584e1643" );
2705 
2706  switch( SIG_RSA_SHA512 )
2707  {
2708  #ifdef POLARSSL_MD2_C
2709  case SIG_RSA_MD2:
2710  md2( message_str, msg_len, hash_result );
2711  break;
2712  #endif
2713  #ifdef POLARSSL_MD4_C
2714  case SIG_RSA_MD4:
2715  md4( message_str, msg_len, hash_result );
2716  break;
2717  #endif
2718  #ifdef POLARSSL_MD5_C
2719  case SIG_RSA_MD5:
2720  md5( message_str, msg_len, hash_result );
2721  break;
2722  #endif
2723  #ifdef POLARSSL_SHA1_C
2724  case SIG_RSA_SHA1:
2725  sha1( message_str, msg_len, hash_result );
2726  break;
2727  #endif
2728  #ifdef POLARSSL_SHA2_C
2729  case SIG_RSA_SHA224:
2730  sha2( message_str, msg_len, hash_result, 1 );
2731  break;
2732  case SIG_RSA_SHA256:
2733  sha2( message_str, msg_len, hash_result, 0 );
2734  break;
2735  #endif
2736  #ifdef POLARSSL_SHA4_C
2737  case SIG_RSA_SHA384:
2738  sha4( message_str, msg_len, hash_result, 1 );
2739  break;
2740  case SIG_RSA_SHA512:
2741  sha4( message_str, msg_len, hash_result, 0 );
2742  break;
2743  #endif
2744  }
2745 
2746  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA512, 0, hash_result, result_str ) == 0 );
2747  }
2748  FCT_TEST_END();
2749 #endif /* POLARSSL_SHA4_C */
2750 
2751 #ifdef POLARSSL_SHA2_C
2752 
2753  FCT_TEST_BGN(rsa_pkcs1_sign_2_sha256_2048_bits_rsa)
2754  {
2755  unsigned char message_str[1000];
2756  unsigned char hash_result[1000];
2757  unsigned char output[1000];
2758  unsigned char output_str[1000];
2759  rsa_context ctx;
2760  mpi P1, Q1, H, G;
2761  int msg_len;
2762 
2763  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
2764  rsa_init( &ctx, RSA_PKCS_V15, 0 );
2765 
2766  memset( message_str, 0x00, 1000 );
2767  memset( hash_result, 0x00, 1000 );
2768  memset( output, 0x00, 1000 );
2769  memset( output_str, 0x00, 1000 );
2770 
2771  ctx.len = 2048 / 8;
2772  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
2773  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
2774  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
2775  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
2776 
2777  fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
2778  fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
2779  fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
2780  fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 );
2781  fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
2782  fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
2783  fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
2784  fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
2785 
2786  fct_chk( rsa_check_privkey( &ctx ) == 0 );
2787 
2788  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
2789 
2790  switch( SIG_RSA_SHA256 )
2791  {
2792  #ifdef POLARSSL_MD2_C
2793  case SIG_RSA_MD2:
2794  md2( message_str, msg_len, hash_result );
2795  break;
2796  #endif
2797  #ifdef POLARSSL_MD4_C
2798  case SIG_RSA_MD4:
2799  md4( message_str, msg_len, hash_result );
2800  break;
2801  #endif
2802  #ifdef POLARSSL_MD5_C
2803  case SIG_RSA_MD5:
2804  md5( message_str, msg_len, hash_result );
2805  break;
2806  #endif
2807  #ifdef POLARSSL_SHA1_C
2808  case SIG_RSA_SHA1:
2809  sha1( message_str, msg_len, hash_result );
2810  break;
2811  #endif
2812  #ifdef POLARSSL_SHA2_C
2813  case SIG_RSA_SHA224:
2814  sha2( message_str, msg_len, hash_result, 1 );
2815  break;
2816  case SIG_RSA_SHA256:
2817  sha2( message_str, msg_len, hash_result, 0 );
2818  break;
2819  #endif
2820  #ifdef POLARSSL_SHA4_C
2821  case SIG_RSA_SHA384:
2822  sha4( message_str, msg_len, hash_result, 1 );
2823  break;
2824  case SIG_RSA_SHA512:
2825  sha4( message_str, msg_len, hash_result, 0 );
2826  break;
2827  #endif
2828  }
2829 
2830  fct_chk( rsa_pkcs1_sign( &ctx, NULL, NULL, RSA_PRIVATE, SIG_RSA_SHA256, 0, hash_result, output ) == 0 );
2831  if( 0 == 0 )
2832  {
2833  hexify( output_str, output, ctx.len );
2834 
2835  fct_chk( strcasecmp( (char *) output_str, "5aee2b9dbc02a6a2d87ff64a64165dc0b9ce70c79bab2d287939e2601c3223e0493988d5468731ae4edc7d5f5d449335c204fdb0e192c1915c9d694d3a61c3be14df79c4b34d6ac73707829024d263c94f9107fa93f3783de3965522336e18d1e01a142b5103451bb97839eaf2f44703a63050a36b78aef4072ea1a8daaaf1a2918fc03ee957a9c09efdc7287bcb4d6aec4723290294b249b3e3dc63157b560ad9c867323a73ebeb360cc9e482111643b0d86c4e33dcf170155590f0eba7d170789e84de336b7fe2f6cf485ddca94607a4ff379fc49d375c730249dd1a210e7dccd762d1c23c7532e769c6aa88e38e8654ff90f7b34df4c07ba90e89099ec1ed" ) == 0 );
2836  }
2837 
2838  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
2839  }
2840  FCT_TEST_END();
2841 #endif /* POLARSSL_SHA2_C */
2842 
2843 #ifdef POLARSSL_SHA2_C
2844 
2845  FCT_TEST_BGN(rsa_pkcs1_sign_2_verify)
2846  {
2847  unsigned char message_str[1000];
2848  unsigned char hash_result[1000];
2849  unsigned char result_str[1000];
2850  rsa_context ctx;
2851  int msg_len;
2852 
2853  rsa_init( &ctx, RSA_PKCS_V15, 0 );
2854  memset( message_str, 0x00, 1000 );
2855  memset( hash_result, 0x00, 1000 );
2856  memset( result_str, 0x00, 1000 );
2857 
2858  ctx.len = 2048 / 8;
2859  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
2860  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
2861 
2862  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
2863 
2864  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
2865  unhexify( result_str, "5aee2b9dbc02a6a2d87ff64a64165dc0b9ce70c79bab2d287939e2601c3223e0493988d5468731ae4edc7d5f5d449335c204fdb0e192c1915c9d694d3a61c3be14df79c4b34d6ac73707829024d263c94f9107fa93f3783de3965522336e18d1e01a142b5103451bb97839eaf2f44703a63050a36b78aef4072ea1a8daaaf1a2918fc03ee957a9c09efdc7287bcb4d6aec4723290294b249b3e3dc63157b560ad9c867323a73ebeb360cc9e482111643b0d86c4e33dcf170155590f0eba7d170789e84de336b7fe2f6cf485ddca94607a4ff379fc49d375c730249dd1a210e7dccd762d1c23c7532e769c6aa88e38e8654ff90f7b34df4c07ba90e89099ec1ed" );
2866 
2867  switch( SIG_RSA_SHA256 )
2868  {
2869  #ifdef POLARSSL_MD2_C
2870  case SIG_RSA_MD2:
2871  md2( message_str, msg_len, hash_result );
2872  break;
2873  #endif
2874  #ifdef POLARSSL_MD4_C
2875  case SIG_RSA_MD4:
2876  md4( message_str, msg_len, hash_result );
2877  break;
2878  #endif
2879  #ifdef POLARSSL_MD5_C
2880  case SIG_RSA_MD5:
2881  md5( message_str, msg_len, hash_result );
2882  break;
2883  #endif
2884  #ifdef POLARSSL_SHA1_C
2885  case SIG_RSA_SHA1:
2886  sha1( message_str, msg_len, hash_result );
2887  break;
2888  #endif
2889  #ifdef POLARSSL_SHA2_C
2890  case SIG_RSA_SHA224:
2891  sha2( message_str, msg_len, hash_result, 1 );
2892  break;
2893  case SIG_RSA_SHA256:
2894  sha2( message_str, msg_len, hash_result, 0 );
2895  break;
2896  #endif
2897  #ifdef POLARSSL_SHA4_C
2898  case SIG_RSA_SHA384:
2899  sha4( message_str, msg_len, hash_result, 1 );
2900  break;
2901  case SIG_RSA_SHA512:
2902  sha4( message_str, msg_len, hash_result, 0 );
2903  break;
2904  #endif
2905  }
2906 
2907  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA256, 0, hash_result, result_str ) == 0 );
2908  }
2909  FCT_TEST_END();
2910 #endif /* POLARSSL_SHA2_C */
2911 
2912 #ifdef POLARSSL_SHA2_C
2913 
2914  FCT_TEST_BGN(rsa_pkcs1_sign_2_verify_fail)
2915  {
2916  unsigned char message_str[1000];
2917  unsigned char hash_result[1000];
2918  unsigned char result_str[1000];
2919  rsa_context ctx;
2920  int msg_len;
2921 
2922  rsa_init( &ctx, RSA_PKCS_V15, 0 );
2923  memset( message_str, 0x00, 1000 );
2924  memset( hash_result, 0x00, 1000 );
2925  memset( result_str, 0x00, 1000 );
2926 
2927  ctx.len = 2048 / 8;
2928  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
2929  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
2930 
2931  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
2932 
2933  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
2934  unhexify( result_str, "5aee2b9dbc02a6a2d87ff64a64165dc0b9ce70c79bab2d287939e2601c3223e0493988d5468731ae4edc7d5f5d449335c204fdb0e192c1915c9d694d3a61c3be14df79c4b34d6ac73707829024d263c94f9107fa93f3783de3965522336e18d1e01a142b5103451bb97839eaf2f44703a63050a36b78aef4072ea1a8daaaf1a2918fc03ee957a9c09efdc6287bcb4d6aec4723290294b249b3e3dc63157b560ad9c867323a73ebeb360cc9e482111643b0d86c4e33dcf170155590f0eba7d170789e84de336b7fe2f6cf485ddca94607a4ff379fc49d375c730249dd1a210e7dccd763d1c23c7532e769c6aa88e38e8654ff90f7b34df4c07ba90e89099ec1ed" );
2935 
2936  switch( SIG_RSA_SHA256 )
2937  {
2938  #ifdef POLARSSL_MD2_C
2939  case SIG_RSA_MD2:
2940  md2( message_str, msg_len, hash_result );
2941  break;
2942  #endif
2943  #ifdef POLARSSL_MD4_C
2944  case SIG_RSA_MD4:
2945  md4( message_str, msg_len, hash_result );
2946  break;
2947  #endif
2948  #ifdef POLARSSL_MD5_C
2949  case SIG_RSA_MD5:
2950  md5( message_str, msg_len, hash_result );
2951  break;
2952  #endif
2953  #ifdef POLARSSL_SHA1_C
2954  case SIG_RSA_SHA1:
2955  sha1( message_str, msg_len, hash_result );
2956  break;
2957  #endif
2958  #ifdef POLARSSL_SHA2_C
2959  case SIG_RSA_SHA224:
2960  sha2( message_str, msg_len, hash_result, 1 );
2961  break;
2962  case SIG_RSA_SHA256:
2963  sha2( message_str, msg_len, hash_result, 0 );
2964  break;
2965  #endif
2966  #ifdef POLARSSL_SHA4_C
2967  case SIG_RSA_SHA384:
2968  sha4( message_str, msg_len, hash_result, 1 );
2969  break;
2970  case SIG_RSA_SHA512:
2971  sha4( message_str, msg_len, hash_result, 0 );
2972  break;
2973  #endif
2974  }
2975 
2976  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA256, 0, hash_result, result_str ) == POLARSSL_ERR_RSA_INVALID_PADDING );
2977  }
2978  FCT_TEST_END();
2979 #endif /* POLARSSL_SHA2_C */
2980 
2981 #ifdef POLARSSL_SHA2_C
2982 
2983  FCT_TEST_BGN(rsa_pkcs1_sign_3_sha224_2048_bits_rsa)
2984  {
2985  unsigned char message_str[1000];
2986  unsigned char hash_result[1000];
2987  unsigned char output[1000];
2988  unsigned char output_str[1000];
2989  rsa_context ctx;
2990  mpi P1, Q1, H, G;
2991  int msg_len;
2992 
2993  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
2994  rsa_init( &ctx, RSA_PKCS_V15, 0 );
2995 
2996  memset( message_str, 0x00, 1000 );
2997  memset( hash_result, 0x00, 1000 );
2998  memset( output, 0x00, 1000 );
2999  memset( output_str, 0x00, 1000 );
3000 
3001  ctx.len = 2048 / 8;
3002  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
3003  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
3004  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
3005  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
3006 
3007  fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
3008  fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
3009  fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
3010  fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 );
3011  fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
3012  fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
3013  fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
3014  fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
3015 
3016  fct_chk( rsa_check_privkey( &ctx ) == 0 );
3017 
3018  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
3019 
3020  switch( SIG_RSA_SHA224 )
3021  {
3022  #ifdef POLARSSL_MD2_C
3023  case SIG_RSA_MD2:
3024  md2( message_str, msg_len, hash_result );
3025  break;
3026  #endif
3027  #ifdef POLARSSL_MD4_C
3028  case SIG_RSA_MD4:
3029  md4( message_str, msg_len, hash_result );
3030  break;
3031  #endif
3032  #ifdef POLARSSL_MD5_C
3033  case SIG_RSA_MD5:
3034  md5( message_str, msg_len, hash_result );
3035  break;
3036  #endif
3037  #ifdef POLARSSL_SHA1_C
3038  case SIG_RSA_SHA1:
3039  sha1( message_str, msg_len, hash_result );
3040  break;
3041  #endif
3042  #ifdef POLARSSL_SHA2_C
3043  case SIG_RSA_SHA224:
3044  sha2( message_str, msg_len, hash_result, 1 );
3045  break;
3046  case SIG_RSA_SHA256:
3047  sha2( message_str, msg_len, hash_result, 0 );
3048  break;
3049  #endif
3050  #ifdef POLARSSL_SHA4_C
3051  case SIG_RSA_SHA384:
3052  sha4( message_str, msg_len, hash_result, 1 );
3053  break;
3054  case SIG_RSA_SHA512:
3055  sha4( message_str, msg_len, hash_result, 0 );
3056  break;
3057  #endif
3058  }
3059 
3060  fct_chk( rsa_pkcs1_sign( &ctx, NULL, NULL, RSA_PRIVATE, SIG_RSA_SHA224, 0, hash_result, output ) == 0 );
3061  if( 0 == 0 )
3062  {
3063  hexify( output_str, output, ctx.len );
3064 
3065  fct_chk( strcasecmp( (char *) output_str, "9d768b8b31421f9d9ced890aafaf8b3468656419049ed268f6e1992066f45dc3e4cd349e8c5ed5a06e4ef5badaba064ba94907dfedf3d708becaf44ae9b27c3866d329311ba93e8ddc7fc284fba05d1bb84fb1e060a5b76b7fa515cfcd2c8144474623672703cac1e15ff4fdf8ef19d365c51ba86e60f4cbbcd07f956060625751bfbecc47945646459cadaddd900603a8149a93b31a6d432e1da1a67eb765f5b2f0bd1adb9af12d731c7b02931b42dbbfd8c7cecde76b817e96f664147a2c5091c6ce4dc562c5f57159d6f9dc9ba2daa212db56677839621bd4805dde62955fb2d0cc2c448109d10ecc6206ea81f0a02e1646471358f3ec146cd3c75f2d390b" ) == 0 );
3066  }
3067 
3068  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
3069  }
3070  FCT_TEST_END();
3071 #endif /* POLARSSL_SHA2_C */
3072 
3073 #ifdef POLARSSL_SHA2_C
3074 
3075  FCT_TEST_BGN(rsa_pkcs1_sign_3_verify)
3076  {
3077  unsigned char message_str[1000];
3078  unsigned char hash_result[1000];
3079  unsigned char result_str[1000];
3080  rsa_context ctx;
3081  int msg_len;
3082 
3083  rsa_init( &ctx, RSA_PKCS_V15, 0 );
3084  memset( message_str, 0x00, 1000 );
3085  memset( hash_result, 0x00, 1000 );
3086  memset( result_str, 0x00, 1000 );
3087 
3088  ctx.len = 2048 / 8;
3089  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
3090  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
3091 
3092  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
3093 
3094  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
3095  unhexify( result_str, "9d768b8b31421f9d9ced890aafaf8b3468656419049ed268f6e1992066f45dc3e4cd349e8c5ed5a06e4ef5badaba064ba94907dfedf3d708becaf44ae9b27c3866d329311ba93e8ddc7fc284fba05d1bb84fb1e060a5b76b7fa515cfcd2c8144474623672703cac1e15ff4fdf8ef19d365c51ba86e60f4cbbcd07f956060625751bfbecc47945646459cadaddd900603a8149a93b31a6d432e1da1a67eb765f5b2f0bd1adb9af12d731c7b02931b42dbbfd8c7cecde76b817e96f664147a2c5091c6ce4dc562c5f57159d6f9dc9ba2daa212db56677839621bd4805dde62955fb2d0cc2c448109d10ecc6206ea81f0a02e1646471358f3ec146cd3c75f2d390b" );
3096 
3097  switch( SIG_RSA_SHA224 )
3098  {
3099  #ifdef POLARSSL_MD2_C
3100  case SIG_RSA_MD2:
3101  md2( message_str, msg_len, hash_result );
3102  break;
3103  #endif
3104  #ifdef POLARSSL_MD4_C
3105  case SIG_RSA_MD4:
3106  md4( message_str, msg_len, hash_result );
3107  break;
3108  #endif
3109  #ifdef POLARSSL_MD5_C
3110  case SIG_RSA_MD5:
3111  md5( message_str, msg_len, hash_result );
3112  break;
3113  #endif
3114  #ifdef POLARSSL_SHA1_C
3115  case SIG_RSA_SHA1:
3116  sha1( message_str, msg_len, hash_result );
3117  break;
3118  #endif
3119  #ifdef POLARSSL_SHA2_C
3120  case SIG_RSA_SHA224:
3121  sha2( message_str, msg_len, hash_result, 1 );
3122  break;
3123  case SIG_RSA_SHA256:
3124  sha2( message_str, msg_len, hash_result, 0 );
3125  break;
3126  #endif
3127  #ifdef POLARSSL_SHA4_C
3128  case SIG_RSA_SHA384:
3129  sha4( message_str, msg_len, hash_result, 1 );
3130  break;
3131  case SIG_RSA_SHA512:
3132  sha4( message_str, msg_len, hash_result, 0 );
3133  break;
3134  #endif
3135  }
3136 
3137  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA224, 0, hash_result, result_str ) == 0 );
3138  }
3139  FCT_TEST_END();
3140 #endif /* POLARSSL_SHA2_C */
3141 
3142 #ifdef POLARSSL_SHA4_C
3143 
3144  FCT_TEST_BGN(rsa_pkcs1_sign_4_sha384_2048_bits_rsa)
3145  {
3146  unsigned char message_str[1000];
3147  unsigned char hash_result[1000];
3148  unsigned char output[1000];
3149  unsigned char output_str[1000];
3150  rsa_context ctx;
3151  mpi P1, Q1, H, G;
3152  int msg_len;
3153 
3154  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
3155  rsa_init( &ctx, RSA_PKCS_V15, 0 );
3156 
3157  memset( message_str, 0x00, 1000 );
3158  memset( hash_result, 0x00, 1000 );
3159  memset( output, 0x00, 1000 );
3160  memset( output_str, 0x00, 1000 );
3161 
3162  ctx.len = 2048 / 8;
3163  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
3164  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
3165  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
3166  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
3167 
3168  fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
3169  fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
3170  fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
3171  fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 );
3172  fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
3173  fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
3174  fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
3175  fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
3176 
3177  fct_chk( rsa_check_privkey( &ctx ) == 0 );
3178 
3179  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
3180 
3181  switch( SIG_RSA_SHA384 )
3182  {
3183  #ifdef POLARSSL_MD2_C
3184  case SIG_RSA_MD2:
3185  md2( message_str, msg_len, hash_result );
3186  break;
3187  #endif
3188  #ifdef POLARSSL_MD4_C
3189  case SIG_RSA_MD4:
3190  md4( message_str, msg_len, hash_result );
3191  break;
3192  #endif
3193  #ifdef POLARSSL_MD5_C
3194  case SIG_RSA_MD5:
3195  md5( message_str, msg_len, hash_result );
3196  break;
3197  #endif
3198  #ifdef POLARSSL_SHA1_C
3199  case SIG_RSA_SHA1:
3200  sha1( message_str, msg_len, hash_result );
3201  break;
3202  #endif
3203  #ifdef POLARSSL_SHA2_C
3204  case SIG_RSA_SHA224:
3205  sha2( message_str, msg_len, hash_result, 1 );
3206  break;
3207  case SIG_RSA_SHA256:
3208  sha2( message_str, msg_len, hash_result, 0 );
3209  break;
3210  #endif
3211  #ifdef POLARSSL_SHA4_C
3212  case SIG_RSA_SHA384:
3213  sha4( message_str, msg_len, hash_result, 1 );
3214  break;
3215  case SIG_RSA_SHA512:
3216  sha4( message_str, msg_len, hash_result, 0 );
3217  break;
3218  #endif
3219  }
3220 
3221  fct_chk( rsa_pkcs1_sign( &ctx, NULL, NULL, RSA_PRIVATE, SIG_RSA_SHA384, 0, hash_result, output ) == 0 );
3222  if( 0 == 0 )
3223  {
3224  hexify( output_str, output, ctx.len );
3225 
3226  fct_chk( strcasecmp( (char *) output_str, "40dcc96822e5612eb33f1dca247a35109ba3845c7a3d556a60e656624bf1c103d94686ca7379e9e329ccd1b19b52bfd48b608df9f59a96a82d3feb0101096dbcb80e46da543b4c982ac6bb1717f24f9fe3f76b7154492b47525be1ddcaf4631d33481531be8f3e685837b40bdf4a02827d79f6a32374147174680f51c8e0d8eed9d5c445a563a7bce9ef4236e7cfdc12b2223ef457c3e8ccc6dd65cc23e977a1f03f5ef584feb9af00efc71a701f9d413b0290af17692cb821a1e863d5778e174b1130659f30583f434f09cb1212471a41dd65c102de64a194b6ae3e43cd75928049db78042c58e980aff3ea2774e42845bcf217410a118cf5deeaa64224dbc8" ) == 0 );
3227  }
3228 
3229  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
3230  }
3231  FCT_TEST_END();
3232 #endif /* POLARSSL_SHA4_C */
3233 
3234 #ifdef POLARSSL_SHA4_C
3235 
3236  FCT_TEST_BGN(rsa_pkcs1_sign_4_verify)
3237  {
3238  unsigned char message_str[1000];
3239  unsigned char hash_result[1000];
3240  unsigned char result_str[1000];
3241  rsa_context ctx;
3242  int msg_len;
3243 
3244  rsa_init( &ctx, RSA_PKCS_V15, 0 );
3245  memset( message_str, 0x00, 1000 );
3246  memset( hash_result, 0x00, 1000 );
3247  memset( result_str, 0x00, 1000 );
3248 
3249  ctx.len = 2048 / 8;
3250  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
3251  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
3252 
3253  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
3254 
3255  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
3256  unhexify( result_str, "40dcc96822e5612eb33f1dca247a35109ba3845c7a3d556a60e656624bf1c103d94686ca7379e9e329ccd1b19b52bfd48b608df9f59a96a82d3feb0101096dbcb80e46da543b4c982ac6bb1717f24f9fe3f76b7154492b47525be1ddcaf4631d33481531be8f3e685837b40bdf4a02827d79f6a32374147174680f51c8e0d8eed9d5c445a563a7bce9ef4236e7cfdc12b2223ef457c3e8ccc6dd65cc23e977a1f03f5ef584feb9af00efc71a701f9d413b0290af17692cb821a1e863d5778e174b1130659f30583f434f09cb1212471a41dd65c102de64a194b6ae3e43cd75928049db78042c58e980aff3ea2774e42845bcf217410a118cf5deeaa64224dbc8" );
3257 
3258  switch( SIG_RSA_SHA384 )
3259  {
3260  #ifdef POLARSSL_MD2_C
3261  case SIG_RSA_MD2:
3262  md2( message_str, msg_len, hash_result );
3263  break;
3264  #endif
3265  #ifdef POLARSSL_MD4_C
3266  case SIG_RSA_MD4:
3267  md4( message_str, msg_len, hash_result );
3268  break;
3269  #endif
3270  #ifdef POLARSSL_MD5_C
3271  case SIG_RSA_MD5:
3272  md5( message_str, msg_len, hash_result );
3273  break;
3274  #endif
3275  #ifdef POLARSSL_SHA1_C
3276  case SIG_RSA_SHA1:
3277  sha1( message_str, msg_len, hash_result );
3278  break;
3279  #endif
3280  #ifdef POLARSSL_SHA2_C
3281  case SIG_RSA_SHA224:
3282  sha2( message_str, msg_len, hash_result, 1 );
3283  break;
3284  case SIG_RSA_SHA256:
3285  sha2( message_str, msg_len, hash_result, 0 );
3286  break;
3287  #endif
3288  #ifdef POLARSSL_SHA4_C
3289  case SIG_RSA_SHA384:
3290  sha4( message_str, msg_len, hash_result, 1 );
3291  break;
3292  case SIG_RSA_SHA512:
3293  sha4( message_str, msg_len, hash_result, 0 );
3294  break;
3295  #endif
3296  }
3297 
3298  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA384, 0, hash_result, result_str ) == 0 );
3299  }
3300  FCT_TEST_END();
3301 #endif /* POLARSSL_SHA4_C */
3302 
3303 #ifdef POLARSSL_MD2_C
3304 
3305  FCT_TEST_BGN(rsa_pkcs1_sign_5_md2_2048_bits_rsa)
3306  {
3307  unsigned char message_str[1000];
3308  unsigned char hash_result[1000];
3309  unsigned char output[1000];
3310  unsigned char output_str[1000];
3311  rsa_context ctx;
3312  mpi P1, Q1, H, G;
3313  int msg_len;
3314 
3315  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
3316  rsa_init( &ctx, RSA_PKCS_V15, 0 );
3317 
3318  memset( message_str, 0x00, 1000 );
3319  memset( hash_result, 0x00, 1000 );
3320  memset( output, 0x00, 1000 );
3321  memset( output_str, 0x00, 1000 );
3322 
3323  ctx.len = 2048 / 8;
3324  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
3325  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
3326  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
3327  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
3328 
3329  fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
3330  fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
3331  fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
3332  fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 );
3333  fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
3334  fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
3335  fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
3336  fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
3337 
3338  fct_chk( rsa_check_privkey( &ctx ) == 0 );
3339 
3340  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
3341 
3342  switch( SIG_RSA_MD2 )
3343  {
3344  #ifdef POLARSSL_MD2_C
3345  case SIG_RSA_MD2:
3346  md2( message_str, msg_len, hash_result );
3347  break;
3348  #endif
3349  #ifdef POLARSSL_MD4_C
3350  case SIG_RSA_MD4:
3351  md4( message_str, msg_len, hash_result );
3352  break;
3353  #endif
3354  #ifdef POLARSSL_MD5_C
3355  case SIG_RSA_MD5:
3356  md5( message_str, msg_len, hash_result );
3357  break;
3358  #endif
3359  #ifdef POLARSSL_SHA1_C
3360  case SIG_RSA_SHA1:
3361  sha1( message_str, msg_len, hash_result );
3362  break;
3363  #endif
3364  #ifdef POLARSSL_SHA2_C
3365  case SIG_RSA_SHA224:
3366  sha2( message_str, msg_len, hash_result, 1 );
3367  break;
3368  case SIG_RSA_SHA256:
3369  sha2( message_str, msg_len, hash_result, 0 );
3370  break;
3371  #endif
3372  #ifdef POLARSSL_SHA4_C
3373  case SIG_RSA_SHA384:
3374  sha4( message_str, msg_len, hash_result, 1 );
3375  break;
3376  case SIG_RSA_SHA512:
3377  sha4( message_str, msg_len, hash_result, 0 );
3378  break;
3379  #endif
3380  }
3381 
3382  fct_chk( rsa_pkcs1_sign( &ctx, NULL, NULL, RSA_PRIVATE, SIG_RSA_MD2, 0, hash_result, output ) == 0 );
3383  if( 0 == 0 )
3384  {
3385  hexify( output_str, output, ctx.len );
3386 
3387  fct_chk( strcasecmp( (char *) output_str, "6cbb0e4019d64dd5cd2d48fa43446e5cba1a7edbb79d91b199be75c7d3e7ae0820c44d3a120cd2910f73cbb315e15963a60ea7da3452015d9d6beb5ac998fddbd1fa3e5908abc9151f3ffb70365aaee6fb0cd440d3f5591868fc136fae38ac7bcdb3bde3c6a0362dd8b814f7edadd4a51b2edf2227a40d1e34c29f608add7746731425858eb93661c633b7a90942fca3cd594ab4ec170052d44105643518020782e76235def34d014135bad8daed590200482325c3416c3d66417e80d9f9c6322a54683638247b577445ecd0be2765ce96c4ee45213204026dfba24d5ee89e1ea75538ba39f7149a5ac0fc12d7c53cbc12481d4a8e2d410ec633d800ad4b4304" ) == 0 );
3388  }
3389 
3390  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
3391  }
3392  FCT_TEST_END();
3393 #endif /* POLARSSL_MD2_C */
3394 
3395 #ifdef POLARSSL_MD2_C
3396 
3397  FCT_TEST_BGN(rsa_pkcs1_sign_5_verify)
3398  {
3399  unsigned char message_str[1000];
3400  unsigned char hash_result[1000];
3401  unsigned char result_str[1000];
3402  rsa_context ctx;
3403  int msg_len;
3404 
3405  rsa_init( &ctx, RSA_PKCS_V15, 0 );
3406  memset( message_str, 0x00, 1000 );
3407  memset( hash_result, 0x00, 1000 );
3408  memset( result_str, 0x00, 1000 );
3409 
3410  ctx.len = 2048 / 8;
3411  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
3412  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
3413 
3414  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
3415 
3416  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
3417  unhexify( result_str, "6cbb0e4019d64dd5cd2d48fa43446e5cba1a7edbb79d91b199be75c7d3e7ae0820c44d3a120cd2910f73cbb315e15963a60ea7da3452015d9d6beb5ac998fddbd1fa3e5908abc9151f3ffb70365aaee6fb0cd440d3f5591868fc136fae38ac7bcdb3bde3c6a0362dd8b814f7edadd4a51b2edf2227a40d1e34c29f608add7746731425858eb93661c633b7a90942fca3cd594ab4ec170052d44105643518020782e76235def34d014135bad8daed590200482325c3416c3d66417e80d9f9c6322a54683638247b577445ecd0be2765ce96c4ee45213204026dfba24d5ee89e1ea75538ba39f7149a5ac0fc12d7c53cbc12481d4a8e2d410ec633d800ad4b4304" );
3418 
3419  switch( SIG_RSA_MD2 )
3420  {
3421  #ifdef POLARSSL_MD2_C
3422  case SIG_RSA_MD2:
3423  md2( message_str, msg_len, hash_result );
3424  break;
3425  #endif
3426  #ifdef POLARSSL_MD4_C
3427  case SIG_RSA_MD4:
3428  md4( message_str, msg_len, hash_result );
3429  break;
3430  #endif
3431  #ifdef POLARSSL_MD5_C
3432  case SIG_RSA_MD5:
3433  md5( message_str, msg_len, hash_result );
3434  break;
3435  #endif
3436  #ifdef POLARSSL_SHA1_C
3437  case SIG_RSA_SHA1:
3438  sha1( message_str, msg_len, hash_result );
3439  break;
3440  #endif
3441  #ifdef POLARSSL_SHA2_C
3442  case SIG_RSA_SHA224:
3443  sha2( message_str, msg_len, hash_result, 1 );
3444  break;
3445  case SIG_RSA_SHA256:
3446  sha2( message_str, msg_len, hash_result, 0 );
3447  break;
3448  #endif
3449  #ifdef POLARSSL_SHA4_C
3450  case SIG_RSA_SHA384:
3451  sha4( message_str, msg_len, hash_result, 1 );
3452  break;
3453  case SIG_RSA_SHA512:
3454  sha4( message_str, msg_len, hash_result, 0 );
3455  break;
3456  #endif
3457  }
3458 
3459  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_MD2, 0, hash_result, result_str ) == 0 );
3460  }
3461  FCT_TEST_END();
3462 #endif /* POLARSSL_MD2_C */
3463 
3464 #ifdef POLARSSL_MD4_C
3465 
3466  FCT_TEST_BGN(rsa_pkcs1_sign_6_md4_2048_bits_rsa)
3467  {
3468  unsigned char message_str[1000];
3469  unsigned char hash_result[1000];
3470  unsigned char output[1000];
3471  unsigned char output_str[1000];
3472  rsa_context ctx;
3473  mpi P1, Q1, H, G;
3474  int msg_len;
3475 
3476  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
3477  rsa_init( &ctx, RSA_PKCS_V15, 0 );
3478 
3479  memset( message_str, 0x00, 1000 );
3480  memset( hash_result, 0x00, 1000 );
3481  memset( output, 0x00, 1000 );
3482  memset( output_str, 0x00, 1000 );
3483 
3484  ctx.len = 2048 / 8;
3485  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
3486  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
3487  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
3488  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
3489 
3490  fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
3491  fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
3492  fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
3493  fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 );
3494  fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
3495  fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
3496  fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
3497  fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
3498 
3499  fct_chk( rsa_check_privkey( &ctx ) == 0 );
3500 
3501  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
3502 
3503  switch( SIG_RSA_MD4 )
3504  {
3505  #ifdef POLARSSL_MD2_C
3506  case SIG_RSA_MD2:
3507  md2( message_str, msg_len, hash_result );
3508  break;
3509  #endif
3510  #ifdef POLARSSL_MD4_C
3511  case SIG_RSA_MD4:
3512  md4( message_str, msg_len, hash_result );
3513  break;
3514  #endif
3515  #ifdef POLARSSL_MD5_C
3516  case SIG_RSA_MD5:
3517  md5( message_str, msg_len, hash_result );
3518  break;
3519  #endif
3520  #ifdef POLARSSL_SHA1_C
3521  case SIG_RSA_SHA1:
3522  sha1( message_str, msg_len, hash_result );
3523  break;
3524  #endif
3525  #ifdef POLARSSL_SHA2_C
3526  case SIG_RSA_SHA224:
3527  sha2( message_str, msg_len, hash_result, 1 );
3528  break;
3529  case SIG_RSA_SHA256:
3530  sha2( message_str, msg_len, hash_result, 0 );
3531  break;
3532  #endif
3533  #ifdef POLARSSL_SHA4_C
3534  case SIG_RSA_SHA384:
3535  sha4( message_str, msg_len, hash_result, 1 );
3536  break;
3537  case SIG_RSA_SHA512:
3538  sha4( message_str, msg_len, hash_result, 0 );
3539  break;
3540  #endif
3541  }
3542 
3543  fct_chk( rsa_pkcs1_sign( &ctx, NULL, NULL, RSA_PRIVATE, SIG_RSA_MD4, 0, hash_result, output ) == 0 );
3544  if( 0 == 0 )
3545  {
3546  hexify( output_str, output, ctx.len );
3547 
3548  fct_chk( strcasecmp( (char *) output_str, "b0e60dc4dfaf0f636a3a4414eae2d7bce7c3ce505a46e38f3f654d8769b31b7891ba18f89672fce204bbac6e3764355e65447c087994731cd44f086710e79e8c3ebc6e2cb61edc5d3e05848ab733d95efe2d0252a691e810c17fa57fd2dd296374c9ba17fea704685677f45d668a386c8ca433fbbb56d3bbfb43a489ed9518b1c9ab13ce497a1cec91467453bfe533145a31a095c2de541255141768ccc6fdff3fc790b5050f1122c93c3044a9346947e1b23e8125bf7edbf38c64a4286dfc1b829e983db3117959a2559a8ef97687ab673e231be213d88edc632637b58cdb2d69c51fbf6bf894cff319216718b1e696f75cd4366f53dc2e28b2a00017984207" ) == 0 );
3549  }
3550 
3551  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
3552  }
3553  FCT_TEST_END();
3554 #endif /* POLARSSL_MD4_C */
3555 
3556 #ifdef POLARSSL_MD4_C
3557 
3558  FCT_TEST_BGN(rsa_pkcs1_sign_6_verify)
3559  {
3560  unsigned char message_str[1000];
3561  unsigned char hash_result[1000];
3562  unsigned char result_str[1000];
3563  rsa_context ctx;
3564  int msg_len;
3565 
3566  rsa_init( &ctx, RSA_PKCS_V15, 0 );
3567  memset( message_str, 0x00, 1000 );
3568  memset( hash_result, 0x00, 1000 );
3569  memset( result_str, 0x00, 1000 );
3570 
3571  ctx.len = 2048 / 8;
3572  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
3573  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
3574 
3575  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
3576 
3577  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
3578  unhexify( result_str, "b0e60dc4dfaf0f636a3a4414eae2d7bce7c3ce505a46e38f3f654d8769b31b7891ba18f89672fce204bbac6e3764355e65447c087994731cd44f086710e79e8c3ebc6e2cb61edc5d3e05848ab733d95efe2d0252a691e810c17fa57fd2dd296374c9ba17fea704685677f45d668a386c8ca433fbbb56d3bbfb43a489ed9518b1c9ab13ce497a1cec91467453bfe533145a31a095c2de541255141768ccc6fdff3fc790b5050f1122c93c3044a9346947e1b23e8125bf7edbf38c64a4286dfc1b829e983db3117959a2559a8ef97687ab673e231be213d88edc632637b58cdb2d69c51fbf6bf894cff319216718b1e696f75cd4366f53dc2e28b2a00017984207" );
3579 
3580  switch( SIG_RSA_MD4 )
3581  {
3582  #ifdef POLARSSL_MD2_C
3583  case SIG_RSA_MD2:
3584  md2( message_str, msg_len, hash_result );
3585  break;
3586  #endif
3587  #ifdef POLARSSL_MD4_C
3588  case SIG_RSA_MD4:
3589  md4( message_str, msg_len, hash_result );
3590  break;
3591  #endif
3592  #ifdef POLARSSL_MD5_C
3593  case SIG_RSA_MD5:
3594  md5( message_str, msg_len, hash_result );
3595  break;
3596  #endif
3597  #ifdef POLARSSL_SHA1_C
3598  case SIG_RSA_SHA1:
3599  sha1( message_str, msg_len, hash_result );
3600  break;
3601  #endif
3602  #ifdef POLARSSL_SHA2_C
3603  case SIG_RSA_SHA224:
3604  sha2( message_str, msg_len, hash_result, 1 );
3605  break;
3606  case SIG_RSA_SHA256:
3607  sha2( message_str, msg_len, hash_result, 0 );
3608  break;
3609  #endif
3610  #ifdef POLARSSL_SHA4_C
3611  case SIG_RSA_SHA384:
3612  sha4( message_str, msg_len, hash_result, 1 );
3613  break;
3614  case SIG_RSA_SHA512:
3615  sha4( message_str, msg_len, hash_result, 0 );
3616  break;
3617  #endif
3618  }
3619 
3620  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_MD4, 0, hash_result, result_str ) == 0 );
3621  }
3622  FCT_TEST_END();
3623 #endif /* POLARSSL_MD4_C */
3624 
3625 #ifdef POLARSSL_MD5_C
3626 
3627  FCT_TEST_BGN(rsa_pkcs1_sign_7_md5_2048_bits_rsa)
3628  {
3629  unsigned char message_str[1000];
3630  unsigned char hash_result[1000];
3631  unsigned char output[1000];
3632  unsigned char output_str[1000];
3633  rsa_context ctx;
3634  mpi P1, Q1, H, G;
3635  int msg_len;
3636 
3637  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
3638  rsa_init( &ctx, RSA_PKCS_V15, 0 );
3639 
3640  memset( message_str, 0x00, 1000 );
3641  memset( hash_result, 0x00, 1000 );
3642  memset( output, 0x00, 1000 );
3643  memset( output_str, 0x00, 1000 );
3644 
3645  ctx.len = 2048 / 8;
3646  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
3647  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
3648  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
3649  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
3650 
3651  fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
3652  fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
3653  fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
3654  fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 );
3655  fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
3656  fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
3657  fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
3658  fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
3659 
3660  fct_chk( rsa_check_privkey( &ctx ) == 0 );
3661 
3662  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
3663 
3664  switch( SIG_RSA_MD5 )
3665  {
3666  #ifdef POLARSSL_MD2_C
3667  case SIG_RSA_MD2:
3668  md2( message_str, msg_len, hash_result );
3669  break;
3670  #endif
3671  #ifdef POLARSSL_MD4_C
3672  case SIG_RSA_MD4:
3673  md4( message_str, msg_len, hash_result );
3674  break;
3675  #endif
3676  #ifdef POLARSSL_MD5_C
3677  case SIG_RSA_MD5:
3678  md5( message_str, msg_len, hash_result );
3679  break;
3680  #endif
3681  #ifdef POLARSSL_SHA1_C
3682  case SIG_RSA_SHA1:
3683  sha1( message_str, msg_len, hash_result );
3684  break;
3685  #endif
3686  #ifdef POLARSSL_SHA2_C
3687  case SIG_RSA_SHA224:
3688  sha2( message_str, msg_len, hash_result, 1 );
3689  break;
3690  case SIG_RSA_SHA256:
3691  sha2( message_str, msg_len, hash_result, 0 );
3692  break;
3693  #endif
3694  #ifdef POLARSSL_SHA4_C
3695  case SIG_RSA_SHA384:
3696  sha4( message_str, msg_len, hash_result, 1 );
3697  break;
3698  case SIG_RSA_SHA512:
3699  sha4( message_str, msg_len, hash_result, 0 );
3700  break;
3701  #endif
3702  }
3703 
3704  fct_chk( rsa_pkcs1_sign( &ctx, NULL, NULL, RSA_PRIVATE, SIG_RSA_MD5, 0, hash_result, output ) == 0 );
3705  if( 0 == 0 )
3706  {
3707  hexify( output_str, output, ctx.len );
3708 
3709  fct_chk( strcasecmp( (char *) output_str, "3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021" ) == 0 );
3710  }
3711 
3712  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
3713  }
3714  FCT_TEST_END();
3715 #endif /* POLARSSL_MD5_C */
3716 
3717 #ifdef POLARSSL_MD5_C
3718 
3719  FCT_TEST_BGN(rsa_pkcs1_sign_7_verify)
3720  {
3721  unsigned char message_str[1000];
3722  unsigned char hash_result[1000];
3723  unsigned char result_str[1000];
3724  rsa_context ctx;
3725  int msg_len;
3726 
3727  rsa_init( &ctx, RSA_PKCS_V15, 0 );
3728  memset( message_str, 0x00, 1000 );
3729  memset( hash_result, 0x00, 1000 );
3730  memset( result_str, 0x00, 1000 );
3731 
3732  ctx.len = 2048 / 8;
3733  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
3734  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
3735 
3736  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
3737 
3738  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
3739  unhexify( result_str, "3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021" );
3740 
3741  switch( SIG_RSA_MD5 )
3742  {
3743  #ifdef POLARSSL_MD2_C
3744  case SIG_RSA_MD2:
3745  md2( message_str, msg_len, hash_result );
3746  break;
3747  #endif
3748  #ifdef POLARSSL_MD4_C
3749  case SIG_RSA_MD4:
3750  md4( message_str, msg_len, hash_result );
3751  break;
3752  #endif
3753  #ifdef POLARSSL_MD5_C
3754  case SIG_RSA_MD5:
3755  md5( message_str, msg_len, hash_result );
3756  break;
3757  #endif
3758  #ifdef POLARSSL_SHA1_C
3759  case SIG_RSA_SHA1:
3760  sha1( message_str, msg_len, hash_result );
3761  break;
3762  #endif
3763  #ifdef POLARSSL_SHA2_C
3764  case SIG_RSA_SHA224:
3765  sha2( message_str, msg_len, hash_result, 1 );
3766  break;
3767  case SIG_RSA_SHA256:
3768  sha2( message_str, msg_len, hash_result, 0 );
3769  break;
3770  #endif
3771  #ifdef POLARSSL_SHA4_C
3772  case SIG_RSA_SHA384:
3773  sha4( message_str, msg_len, hash_result, 1 );
3774  break;
3775  case SIG_RSA_SHA512:
3776  sha4( message_str, msg_len, hash_result, 0 );
3777  break;
3778  #endif
3779  }
3780 
3781  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_MD5, 0, hash_result, result_str ) == 0 );
3782  }
3783  FCT_TEST_END();
3784 #endif /* POLARSSL_MD5_C */
3785 
3786 
3787  FCT_TEST_BGN(rsa_pkcs1_sign_8_raw_2048_bits_rsa)
3788  {
3789  unsigned char message_str[1000];
3790  unsigned char hash_result[1000];
3791  unsigned char output[1000];
3792  unsigned char output_str[1000];
3793  rsa_context ctx;
3794  mpi P1, Q1, H, G;
3795  int hash_len;
3796 
3797  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
3798  rsa_init( &ctx, RSA_PKCS_V15, 0 );
3799 
3800  memset( message_str, 0x00, 1000 );
3801  memset( hash_result, 0x00, 1000 );
3802  memset( output, 0x00, 1000 );
3803  memset( output_str, 0x00, 1000 );
3804 
3805  ctx.len = 2048 / 8;
3806  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
3807  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
3808  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
3809  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
3810 
3811  fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
3812  fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
3813  fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
3814  fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 );
3815  fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
3816  fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
3817  fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
3818  fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
3819 
3820  fct_chk( rsa_check_privkey( &ctx ) == 0 );
3821 
3822  unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
3823  hash_len = unhexify( hash_result, "1234567890deadbeef" );
3824 
3825  fct_chk( rsa_pkcs1_sign( &ctx, NULL, NULL, RSA_PRIVATE, SIG_RSA_RAW, hash_len, hash_result, output ) == 0 );
3826 
3827  hexify( output_str, output, ctx.len );
3828 
3829  fct_chk( strcasecmp( (char *) output_str, "605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8" ) == 0 );
3830 
3831  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
3832  }
3833  FCT_TEST_END();
3834 
3835 
3836  FCT_TEST_BGN(rsa_pkcs1_sign_8_verify)
3837  {
3838  unsigned char message_str[1000];
3839  unsigned char hash_result[1000];
3840  unsigned char result_str[1000];
3841  rsa_context ctx;
3842  size_t hash_len;
3843 
3844  rsa_init( &ctx, RSA_PKCS_V15, 0 );
3845  memset( message_str, 0x00, 1000 );
3846  memset( hash_result, 0x00, 1000 );
3847  memset( result_str, 0x00, 1000 );
3848 
3849  ctx.len = 2048 / 8;
3850  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
3851  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
3852 
3853  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
3854 
3855  unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
3856  hash_len = unhexify( hash_result, "1234567890deadbeef" );
3857  unhexify( result_str, "605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8" );
3858 
3859  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_RAW, hash_len, hash_result, result_str ) == 0 );
3860  }
3861  FCT_TEST_END();
3862 
3863 
3864  FCT_TEST_BGN(rsa_pkcs1_sign_8_verify_wrong_raw_hash)
3865  {
3866  unsigned char message_str[1000];
3867  unsigned char hash_result[1000];
3868  unsigned char result_str[1000];
3869  rsa_context ctx;
3870  size_t hash_len;
3871 
3872  rsa_init( &ctx, RSA_PKCS_V15, 0 );
3873  memset( message_str, 0x00, 1000 );
3874  memset( hash_result, 0x00, 1000 );
3875  memset( result_str, 0x00, 1000 );
3876 
3877  ctx.len = 2048 / 8;
3878  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
3879  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
3880 
3881  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
3882 
3883  unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
3884  hash_len = unhexify( hash_result, "1234567890deadcafe" );
3885  unhexify( result_str, "605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8" );
3886 
3887  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_RAW, hash_len, hash_result, result_str ) == POLARSSL_ERR_RSA_VERIFY_FAILED );
3888  }
3889  FCT_TEST_END();
3890 
3891 
3892  FCT_TEST_BGN(rsa_pkcs1_sign_9_invalid_digest_type)
3893  {
3894  unsigned char message_str[1000];
3895  unsigned char hash_result[1000];
3896  unsigned char output[1000];
3897  unsigned char output_str[1000];
3898  rsa_context ctx;
3899  mpi P1, Q1, H, G;
3900  int msg_len;
3901 
3902  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
3903  rsa_init( &ctx, RSA_PKCS_V15, 0 );
3904 
3905  memset( message_str, 0x00, 1000 );
3906  memset( hash_result, 0x00, 1000 );
3907  memset( output, 0x00, 1000 );
3908  memset( output_str, 0x00, 1000 );
3909 
3910  ctx.len = 2048 / 8;
3911  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
3912  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
3913  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
3914  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
3915 
3916  fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
3917  fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
3918  fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
3919  fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 );
3920  fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
3921  fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
3922  fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
3923  fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
3924 
3925  fct_chk( rsa_check_privkey( &ctx ) == 0 );
3926 
3927  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
3928 
3929  switch( 1 )
3930  {
3931  #ifdef POLARSSL_MD2_C
3932  case SIG_RSA_MD2:
3933  md2( message_str, msg_len, hash_result );
3934  break;
3935  #endif
3936  #ifdef POLARSSL_MD4_C
3937  case SIG_RSA_MD4:
3938  md4( message_str, msg_len, hash_result );
3939  break;
3940  #endif
3941  #ifdef POLARSSL_MD5_C
3942  case SIG_RSA_MD5:
3943  md5( message_str, msg_len, hash_result );
3944  break;
3945  #endif
3946  #ifdef POLARSSL_SHA1_C
3947  case SIG_RSA_SHA1:
3948  sha1( message_str, msg_len, hash_result );
3949  break;
3950  #endif
3951  #ifdef POLARSSL_SHA2_C
3952  case SIG_RSA_SHA224:
3953  sha2( message_str, msg_len, hash_result, 1 );
3954  break;
3955  case SIG_RSA_SHA256:
3956  sha2( message_str, msg_len, hash_result, 0 );
3957  break;
3958  #endif
3959  #ifdef POLARSSL_SHA4_C
3960  case SIG_RSA_SHA384:
3961  sha4( message_str, msg_len, hash_result, 1 );
3962  break;
3963  case SIG_RSA_SHA512:
3964  sha4( message_str, msg_len, hash_result, 0 );
3965  break;
3966  #endif
3967  }
3968 
3969  fct_chk( rsa_pkcs1_sign( &ctx, NULL, NULL, RSA_PRIVATE, 1, 0, hash_result, output ) == POLARSSL_ERR_RSA_BAD_INPUT_DATA );
3971  {
3972  hexify( output_str, output, ctx.len );
3973 
3974  fct_chk( strcasecmp( (char *) output_str, "3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021" ) == 0 );
3975  }
3976 
3977  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
3978  }
3979  FCT_TEST_END();
3980 
3981 
3982  FCT_TEST_BGN(rsa_pkcs1_sign_9_verify_invalid_digest_type)
3983  {
3984  unsigned char message_str[1000];
3985  unsigned char hash_result[1000];
3986  unsigned char result_str[1000];
3987  rsa_context ctx;
3988  int msg_len;
3989 
3990  rsa_init( &ctx, RSA_PKCS_V15, 0 );
3991  memset( message_str, 0x00, 1000 );
3992  memset( hash_result, 0x00, 1000 );
3993  memset( result_str, 0x00, 1000 );
3994 
3995  ctx.len = 2048 / 8;
3996  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
3997  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
3998 
3999  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
4000 
4001  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
4002  unhexify( result_str, "3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021" );
4003 
4004  switch( 1 )
4005  {
4006  #ifdef POLARSSL_MD2_C
4007  case SIG_RSA_MD2:
4008  md2( message_str, msg_len, hash_result );
4009  break;
4010  #endif
4011  #ifdef POLARSSL_MD4_C
4012  case SIG_RSA_MD4:
4013  md4( message_str, msg_len, hash_result );
4014  break;
4015  #endif
4016  #ifdef POLARSSL_MD5_C
4017  case SIG_RSA_MD5:
4018  md5( message_str, msg_len, hash_result );
4019  break;
4020  #endif
4021  #ifdef POLARSSL_SHA1_C
4022  case SIG_RSA_SHA1:
4023  sha1( message_str, msg_len, hash_result );
4024  break;
4025  #endif
4026  #ifdef POLARSSL_SHA2_C
4027  case SIG_RSA_SHA224:
4028  sha2( message_str, msg_len, hash_result, 1 );
4029  break;
4030  case SIG_RSA_SHA256:
4031  sha2( message_str, msg_len, hash_result, 0 );
4032  break;
4033  #endif
4034  #ifdef POLARSSL_SHA4_C
4035  case SIG_RSA_SHA384:
4036  sha4( message_str, msg_len, hash_result, 1 );
4037  break;
4038  case SIG_RSA_SHA512:
4039  sha4( message_str, msg_len, hash_result, 0 );
4040  break;
4041  #endif
4042  }
4043 
4044  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, 1, 0, hash_result, result_str ) == POLARSSL_ERR_RSA_INVALID_PADDING );
4045  }
4046  FCT_TEST_END();
4047 
4048 
4049  FCT_TEST_BGN(rsa_pkcs1_sign_8_invalid_padding_type)
4050  {
4051  unsigned char message_str[1000];
4052  unsigned char hash_result[1000];
4053  unsigned char output[1000];
4054  unsigned char output_str[1000];
4055  rsa_context ctx;
4056  mpi P1, Q1, H, G;
4057  int msg_len;
4058 
4059  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
4060  rsa_init( &ctx, 2, 0 );
4061 
4062  memset( message_str, 0x00, 1000 );
4063  memset( hash_result, 0x00, 1000 );
4064  memset( output, 0x00, 1000 );
4065  memset( output_str, 0x00, 1000 );
4066 
4067  ctx.len = 2048 / 8;
4068  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
4069  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
4070  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4071  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4072 
4073  fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
4074  fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
4075  fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
4076  fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 );
4077  fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
4078  fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
4079  fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
4080  fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
4081 
4082  fct_chk( rsa_check_privkey( &ctx ) == 0 );
4083 
4084  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
4085 
4086  switch( SIG_RSA_MD5 )
4087  {
4088  #ifdef POLARSSL_MD2_C
4089  case SIG_RSA_MD2:
4090  md2( message_str, msg_len, hash_result );
4091  break;
4092  #endif
4093  #ifdef POLARSSL_MD4_C
4094  case SIG_RSA_MD4:
4095  md4( message_str, msg_len, hash_result );
4096  break;
4097  #endif
4098  #ifdef POLARSSL_MD5_C
4099  case SIG_RSA_MD5:
4100  md5( message_str, msg_len, hash_result );
4101  break;
4102  #endif
4103  #ifdef POLARSSL_SHA1_C
4104  case SIG_RSA_SHA1:
4105  sha1( message_str, msg_len, hash_result );
4106  break;
4107  #endif
4108  #ifdef POLARSSL_SHA2_C
4109  case SIG_RSA_SHA224:
4110  sha2( message_str, msg_len, hash_result, 1 );
4111  break;
4112  case SIG_RSA_SHA256:
4113  sha2( message_str, msg_len, hash_result, 0 );
4114  break;
4115  #endif
4116  #ifdef POLARSSL_SHA4_C
4117  case SIG_RSA_SHA384:
4118  sha4( message_str, msg_len, hash_result, 1 );
4119  break;
4120  case SIG_RSA_SHA512:
4121  sha4( message_str, msg_len, hash_result, 0 );
4122  break;
4123  #endif
4124  }
4125 
4126  fct_chk( rsa_pkcs1_sign( &ctx, NULL, NULL, RSA_PRIVATE, SIG_RSA_MD5, 0, hash_result, output ) == POLARSSL_ERR_RSA_INVALID_PADDING );
4128  {
4129  hexify( output_str, output, ctx.len );
4130 
4131  fct_chk( strcasecmp( (char *) output_str, "3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021" ) == 0 );
4132  }
4133 
4134  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
4135  }
4136  FCT_TEST_END();
4137 
4138 
4139  FCT_TEST_BGN(rsa_pkcs1_sign_8_verify_invalid_padding_type)
4140  {
4141  unsigned char message_str[1000];
4142  unsigned char hash_result[1000];
4143  unsigned char result_str[1000];
4144  rsa_context ctx;
4145  int msg_len;
4146 
4147  rsa_init( &ctx, 1, 0 );
4148  memset( message_str, 0x00, 1000 );
4149  memset( hash_result, 0x00, 1000 );
4150  memset( result_str, 0x00, 1000 );
4151 
4152  ctx.len = 2048 / 8;
4153  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4154  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4155 
4156  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
4157 
4158  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
4159  unhexify( result_str, "3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021" );
4160 
4161  switch( SIG_RSA_MD5 )
4162  {
4163  #ifdef POLARSSL_MD2_C
4164  case SIG_RSA_MD2:
4165  md2( message_str, msg_len, hash_result );
4166  break;
4167  #endif
4168  #ifdef POLARSSL_MD4_C
4169  case SIG_RSA_MD4:
4170  md4( message_str, msg_len, hash_result );
4171  break;
4172  #endif
4173  #ifdef POLARSSL_MD5_C
4174  case SIG_RSA_MD5:
4175  md5( message_str, msg_len, hash_result );
4176  break;
4177  #endif
4178  #ifdef POLARSSL_SHA1_C
4179  case SIG_RSA_SHA1:
4180  sha1( message_str, msg_len, hash_result );
4181  break;
4182  #endif
4183  #ifdef POLARSSL_SHA2_C
4184  case SIG_RSA_SHA224:
4185  sha2( message_str, msg_len, hash_result, 1 );
4186  break;
4187  case SIG_RSA_SHA256:
4188  sha2( message_str, msg_len, hash_result, 0 );
4189  break;
4190  #endif
4191  #ifdef POLARSSL_SHA4_C
4192  case SIG_RSA_SHA384:
4193  sha4( message_str, msg_len, hash_result, 1 );
4194  break;
4195  case SIG_RSA_SHA512:
4196  sha4( message_str, msg_len, hash_result, 0 );
4197  break;
4198  #endif
4199  }
4200 
4201  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_MD5, 0, hash_result, result_str ) == POLARSSL_ERR_RSA_INVALID_PADDING );
4202  }
4203  FCT_TEST_END();
4204 
4205 
4206  FCT_TEST_BGN(rsa_pkcs1_encrypt_1)
4207  {
4208  unsigned char message_str[1000];
4209  unsigned char output[1000];
4210  unsigned char output_str[1000];
4211  rsa_context ctx;
4212  size_t msg_len;
4213  rnd_pseudo_info rnd_info;
4214 
4215  memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
4216 
4217  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4218  memset( message_str, 0x00, 1000 );
4219  memset( output, 0x00, 1000 );
4220  memset( output_str, 0x00, 1000 );
4221 
4222  ctx.len = 2048 / 8;
4223  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4224  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4225 
4226  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
4227 
4228  msg_len = unhexify( message_str, "4E636AF98E40F3ADCFCCB698F4E80B9F" );
4229 
4230  fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_pseudo_rand, &rnd_info, RSA_PUBLIC, msg_len, message_str, output ) == 0 );
4231  if( 0 == 0 )
4232  {
4233  hexify( output_str, output, ctx.len );
4234 
4235  fct_chk( strcasecmp( (char *) output_str, "b0c0b193ba4a5b4502bfacd1a9c2697da5510f3e3ab7274cf404418afd2c62c89b98d83bbc21c8c1bf1afe6d8bf40425e053e9c03e03a3be0edbe1eda073fade1cc286cc0305a493d98fe795634c3cad7feb513edb742d66d910c87d07f6b0055c3488bb262b5fd1ce8747af64801fb39d2d3a3e57086ffe55ab8d0a2ca86975629a0f85767a4990c532a7c2dab1647997ebb234d0b28a0008bfebfc905e7ba5b30b60566a5e0190417465efdbf549934b8f0c5c9f36b7c5b6373a47ae553ced0608a161b1b70dfa509375cf7a3598223a6d7b7a1d1a06ac74d345a9bb7c0e44c8388858a4f1d8115f2bd769ffa69020385fa286302c80e950f9e2751308666c" ) == 0 );
4236  }
4237  }
4238  FCT_TEST_END();
4239 
4240 
4241  FCT_TEST_BGN(rsa_pkcs1_decrypt_1_verify)
4242  {
4243  unsigned char message_str[1000];
4244  unsigned char output[1000];
4245  unsigned char output_str[1000];
4246  rsa_context ctx;
4247  mpi P1, Q1, H, G;
4248  size_t output_len;
4249 
4250  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
4251  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4252 
4253  memset( message_str, 0x00, 1000 );
4254  memset( output, 0x00, 1000 );
4255  memset( output_str, 0x00, 1000 );
4256 
4257  ctx.len = 2048 / 8;
4258  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
4259  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
4260  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4261  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4262 
4263  fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
4264  fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
4265  fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
4266  fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 );
4267  fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
4268  fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
4269  fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
4270  fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
4271 
4272  fct_chk( rsa_check_privkey( &ctx ) == 0 );
4273 
4274  unhexify( message_str, "a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6" );
4275  output_len = 0;
4276 
4277  fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 );
4278  if( 0 == 0 )
4279  {
4280  hexify( output_str, output, ctx.len );
4281 
4282  fct_chk( strncasecmp( (char *) output_str, "4E636AF98E40F3ADCFCCB698F4E80B9F", strlen( "4E636AF98E40F3ADCFCCB698F4E80B9F" ) ) == 0 );
4283  }
4284 
4285  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
4286  }
4287  FCT_TEST_END();
4288 
4289 
4290  FCT_TEST_BGN(rsa_pkcs1_encrypt_2_data_too_large)
4291  {
4292  unsigned char message_str[1000];
4293  unsigned char output[1000];
4294  unsigned char output_str[1000];
4295  rsa_context ctx;
4296  size_t msg_len;
4297  rnd_pseudo_info rnd_info;
4298 
4299  memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
4300 
4301  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4302  memset( message_str, 0x00, 1000 );
4303  memset( output, 0x00, 1000 );
4304  memset( output_str, 0x00, 1000 );
4305 
4306  ctx.len = 2048 / 8;
4307  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4308  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4309 
4310  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
4311 
4312  msg_len = unhexify( message_str, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" );
4313 
4314  fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_pseudo_rand, &rnd_info, RSA_PUBLIC, msg_len, message_str, output ) == POLARSSL_ERR_RSA_BAD_INPUT_DATA );
4316  {
4317  hexify( output_str, output, ctx.len );
4318 
4319  fct_chk( strcasecmp( (char *) output_str, "a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6" ) == 0 );
4320  }
4321  }
4322  FCT_TEST_END();
4323 
4324 
4325  FCT_TEST_BGN(rsa_pkcs1_decrypt_2_data_too_small)
4326  {
4327  unsigned char message_str[1000];
4328  unsigned char output[1000];
4329  unsigned char output_str[1000];
4330  rsa_context ctx;
4331  mpi P1, Q1, H, G;
4332  size_t output_len;
4333 
4334  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
4335  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4336 
4337  memset( message_str, 0x00, 1000 );
4338  memset( output, 0x00, 1000 );
4339  memset( output_str, 0x00, 1000 );
4340 
4341  ctx.len = 2048 / 8;
4342  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
4343  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
4344  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4345  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4346 
4347  fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
4348  fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
4349  fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
4350  fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 );
4351  fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
4352  fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
4353  fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
4354  fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
4355 
4356  fct_chk( rsa_check_privkey( &ctx ) == 0 );
4357 
4358  unhexify( message_str, "deadbeafcafedeadbeeffedcba9876" );
4359  output_len = 0;
4360 
4361  fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == POLARSSL_ERR_RSA_BAD_INPUT_DATA );
4363  {
4364  hexify( output_str, output, ctx.len );
4365 
4366  fct_chk( strncasecmp( (char *) output_str, "4E636AF98E40F3ADCFCCB698F4E80B9F", strlen( "4E636AF98E40F3ADCFCCB698F4E80B9F" ) ) == 0 );
4367  }
4368 
4369  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
4370  }
4371  FCT_TEST_END();
4372 
4373 
4374  FCT_TEST_BGN(rsa_pkcs1_encrypt_3_invalid_padding_mode)
4375  {
4376  unsigned char message_str[1000];
4377  unsigned char output[1000];
4378  unsigned char output_str[1000];
4379  rsa_context ctx;
4380  size_t msg_len;
4381  rnd_pseudo_info rnd_info;
4382 
4383  memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
4384 
4385  rsa_init( &ctx, 2, 0 );
4386  memset( message_str, 0x00, 1000 );
4387  memset( output, 0x00, 1000 );
4388  memset( output_str, 0x00, 1000 );
4389 
4390  ctx.len = 2048 / 8;
4391  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4392  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4393 
4394  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
4395 
4396  msg_len = unhexify( message_str, "4E636AF98E40F3ADCFCCB698F4E80B9F" );
4397 
4398  fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_pseudo_rand, &rnd_info, RSA_PUBLIC, msg_len, message_str, output ) == POLARSSL_ERR_RSA_INVALID_PADDING );
4400  {
4401  hexify( output_str, output, ctx.len );
4402 
4403  fct_chk( strcasecmp( (char *) output_str, "a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6" ) == 0 );
4404  }
4405  }
4406  FCT_TEST_END();
4407 
4408 
4409  FCT_TEST_BGN(rsa_pkcs1_decrypt_3_invalid_padding_mode)
4410  {
4411  unsigned char message_str[1000];
4412  unsigned char output[1000];
4413  unsigned char output_str[1000];
4414  rsa_context ctx;
4415  mpi P1, Q1, H, G;
4416  size_t output_len;
4417 
4418  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
4419  rsa_init( &ctx, 2, 0 );
4420 
4421  memset( message_str, 0x00, 1000 );
4422  memset( output, 0x00, 1000 );
4423  memset( output_str, 0x00, 1000 );
4424 
4425  ctx.len = 2048 / 8;
4426  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
4427  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
4428  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4429  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4430 
4431  fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
4432  fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
4433  fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
4434  fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 );
4435  fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
4436  fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
4437  fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
4438  fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
4439 
4440  fct_chk( rsa_check_privkey( &ctx ) == 0 );
4441 
4442  unhexify( message_str, "a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6" );
4443  output_len = 0;
4444 
4445  fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == POLARSSL_ERR_RSA_INVALID_PADDING );
4447  {
4448  hexify( output_str, output, ctx.len );
4449 
4450  fct_chk( strncasecmp( (char *) output_str, "4E636AF98E40F3ADCFCCB698F4E80B9F", strlen( "4E636AF98E40F3ADCFCCB698F4E80B9F" ) ) == 0 );
4451  }
4452 
4453  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
4454  }
4455  FCT_TEST_END();
4456 
4457 
4458  FCT_TEST_BGN(rsa_pkcs1_decrypt_4_output_buffer_too_small)
4459  {
4460  unsigned char message_str[1000];
4461  unsigned char output[1000];
4462  unsigned char output_str[1000];
4463  rsa_context ctx;
4464  mpi P1, Q1, H, G;
4465  size_t output_len;
4466 
4467  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
4468  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4469 
4470  memset( message_str, 0x00, 1000 );
4471  memset( output, 0x00, 1000 );
4472  memset( output_str, 0x00, 1000 );
4473 
4474  ctx.len = 2048 / 8;
4475  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
4476  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
4477  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4478  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4479 
4480  fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
4481  fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
4482  fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
4483  fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 );
4484  fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
4485  fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
4486  fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
4487  fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
4488 
4489  fct_chk( rsa_check_privkey( &ctx ) == 0 );
4490 
4491  unhexify( message_str, "a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6" );
4492  output_len = 0;
4493 
4494  fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 15 ) == POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE );
4496  {
4497  hexify( output_str, output, ctx.len );
4498 
4499  fct_chk( strncasecmp( (char *) output_str, "4E636AF98E40F3ADCFCCB698F4E80B9F", strlen( "4E636AF98E40F3ADCFCCB698F4E80B9F" ) ) == 0 );
4500  }
4501 
4502  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
4503  }
4504  FCT_TEST_END();
4505 
4506 
4507  FCT_TEST_BGN(rsa_check_empty_private_key)
4508  {
4509  rsa_context ctx;
4510  memset( &ctx, 0x00, sizeof( rsa_context ) );
4511 
4513  }
4514  FCT_TEST_END();
4515 
4516 
4517  FCT_TEST_BGN(rsa_check_private_key_1_correct)
4518  {
4519  rsa_context ctx;
4520 
4521  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4522 
4523  ctx.len = 2048 / 8;
4524  if( strlen( "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) )
4525  {
4526  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
4527  }
4528  if( strlen( "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) )
4529  {
4530  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
4531  }
4532  if( strlen( "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) )
4533  {
4534  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4535  }
4536  if( strlen( "3" ) )
4537  {
4538  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4539  }
4540  if( strlen( "77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB" ) )
4541  {
4542  fct_chk( mpi_read_string( &ctx.D, 16, "77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB" ) == 0 );
4543  }
4544 
4545  fct_chk( rsa_check_privkey( &ctx ) == 0 );
4546  }
4547  FCT_TEST_END();
4548 
4549 
4550  FCT_TEST_BGN(rsa_check_private_key_2_no_p)
4551  {
4552  rsa_context ctx;
4553 
4554  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4555 
4556  ctx.len = 2048 / 8;
4557  if( strlen( "" ) )
4558  {
4559  fct_chk( mpi_read_string( &ctx.P, 16, "" ) == 0 );
4560  }
4561  if( strlen( "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) )
4562  {
4563  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
4564  }
4565  if( strlen( "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) )
4566  {
4567  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4568  }
4569  if( strlen( "3" ) )
4570  {
4571  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4572  }
4573  if( strlen( "77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB" ) )
4574  {
4575  fct_chk( mpi_read_string( &ctx.D, 16, "77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB" ) == 0 );
4576  }
4577 
4579  }
4580  FCT_TEST_END();
4581 
4582 
4583  FCT_TEST_BGN(rsa_check_private_key_3_no_q)
4584  {
4585  rsa_context ctx;
4586 
4587  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4588 
4589  ctx.len = 2048 / 8;
4590  if( strlen( "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) )
4591  {
4592  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
4593  }
4594  if( strlen( "" ) )
4595  {
4596  fct_chk( mpi_read_string( &ctx.Q, 16, "" ) == 0 );
4597  }
4598  if( strlen( "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) )
4599  {
4600  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4601  }
4602  if( strlen( "3" ) )
4603  {
4604  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4605  }
4606  if( strlen( "77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB" ) )
4607  {
4608  fct_chk( mpi_read_string( &ctx.D, 16, "77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB" ) == 0 );
4609  }
4610 
4612  }
4613  FCT_TEST_END();
4614 
4615 
4616  FCT_TEST_BGN(rsa_check_private_key_4_no_n)
4617  {
4618  rsa_context ctx;
4619 
4620  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4621 
4622  ctx.len = 2048 / 8;
4623  if( strlen( "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) )
4624  {
4625  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
4626  }
4627  if( strlen( "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) )
4628  {
4629  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
4630  }
4631  if( strlen( "" ) )
4632  {
4633  fct_chk( mpi_read_string( &ctx.N, 16, "" ) == 0 );
4634  }
4635  if( strlen( "3" ) )
4636  {
4637  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4638  }
4639  if( strlen( "77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB" ) )
4640  {
4641  fct_chk( mpi_read_string( &ctx.D, 16, "77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB" ) == 0 );
4642  }
4643 
4645  }
4646  FCT_TEST_END();
4647 
4648 
4649  FCT_TEST_BGN(rsa_check_private_key_5_no_e)
4650  {
4651  rsa_context ctx;
4652 
4653  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4654 
4655  ctx.len = 2048 / 8;
4656  if( strlen( "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) )
4657  {
4658  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
4659  }
4660  if( strlen( "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) )
4661  {
4662  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
4663  }
4664  if( strlen( "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) )
4665  {
4666  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4667  }
4668  if( strlen( "" ) )
4669  {
4670  fct_chk( mpi_read_string( &ctx.E, 16, "" ) == 0 );
4671  }
4672  if( strlen( "77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB" ) )
4673  {
4674  fct_chk( mpi_read_string( &ctx.D, 16, "77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB" ) == 0 );
4675  }
4676 
4678  }
4679  FCT_TEST_END();
4680 
4681 
4682  FCT_TEST_BGN(rsa_check_private_key_6_no_d)
4683  {
4684  rsa_context ctx;
4685 
4686  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4687 
4688  ctx.len = 2048 / 8;
4689  if( strlen( "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) )
4690  {
4691  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
4692  }
4693  if( strlen( "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) )
4694  {
4695  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
4696  }
4697  if( strlen( "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) )
4698  {
4699  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4700  }
4701  if( strlen( "3" ) )
4702  {
4703  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4704  }
4705  if( strlen( "" ) )
4706  {
4707  fct_chk( mpi_read_string( &ctx.D, 16, "" ) == 0 );
4708  }
4709 
4711  }
4712  FCT_TEST_END();
4713 
4714 
4715  FCT_TEST_BGN(rsa_check_private_key_7_incorrect)
4716  {
4717  rsa_context ctx;
4718 
4719  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4720 
4721  ctx.len = 2048 / 8;
4722  if( strlen( "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) )
4723  {
4724  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
4725  }
4726  if( strlen( "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) )
4727  {
4728  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
4729  }
4730  if( strlen( "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) )
4731  {
4732  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4733  }
4734  if( strlen( "3" ) )
4735  {
4736  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4737  }
4738  if( strlen( "77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCC" ) )
4739  {
4740  fct_chk( mpi_read_string( &ctx.D, 16, "77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCC" ) == 0 );
4741  }
4742 
4744  }
4745  FCT_TEST_END();
4746 
4747 
4748  FCT_TEST_BGN(rsa_check_public_key_1_correct)
4749  {
4750  rsa_context ctx;
4751 
4752  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4753 
4754  if( strlen( "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) )
4755  {
4756  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4757  }
4758  if( strlen( "3" ) )
4759  {
4760  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4761  }
4762 
4763  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
4764  }
4765  FCT_TEST_END();
4766 
4767 
4768  FCT_TEST_BGN(rsa_check_public_key_2_even_n)
4769  {
4770  rsa_context ctx;
4771 
4772  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4773 
4774  if( strlen( "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a20340" ) )
4775  {
4776  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a20340" ) == 0 );
4777  }
4778  if( strlen( "3" ) )
4779  {
4780  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4781  }
4782 
4784  }
4785  FCT_TEST_END();
4786 
4787 
4788  FCT_TEST_BGN(rsa_check_public_key_3_even_e)
4789  {
4790  rsa_context ctx;
4791 
4792  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4793 
4794  if( strlen( "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a20340" ) )
4795  {
4796  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a20340" ) == 0 );
4797  }
4798  if( strlen( "65536" ) )
4799  {
4800  fct_chk( mpi_read_string( &ctx.E, 16, "65536" ) == 0 );
4801  }
4802 
4804  }
4805  FCT_TEST_END();
4806 
4807 
4808  FCT_TEST_BGN(rsa_check_public_key_4_n_exactly_128_bits)
4809  {
4810  rsa_context ctx;
4811 
4812  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4813 
4814  if( strlen( "fedcba9876543210deadbeefcafe4321" ) )
4815  {
4816  fct_chk( mpi_read_string( &ctx.N, 16, "fedcba9876543210deadbeefcafe4321" ) == 0 );
4817  }
4818  if( strlen( "3" ) )
4819  {
4820  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4821  }
4822 
4823  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
4824  }
4825  FCT_TEST_END();
4826 
4827 
4828  FCT_TEST_BGN(rsa_check_public_key_5_n_smaller_than_128_bits)
4829  {
4830  rsa_context ctx;
4831 
4832  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4833 
4834  if( strlen( "7edcba9876543210deadbeefcafe4321" ) )
4835  {
4836  fct_chk( mpi_read_string( &ctx.N, 16, "7edcba9876543210deadbeefcafe4321" ) == 0 );
4837  }
4838  if( strlen( "3" ) )
4839  {
4840  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4841  }
4842 
4844  }
4845  FCT_TEST_END();
4846 
4847 
4848  FCT_TEST_BGN(rsa_check_public_key_6_n_exactly_4096_bits)
4849  {
4850  rsa_context ctx;
4851 
4852  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4853 
4854  if( strlen( "00b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034fb38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) )
4855  {
4856  fct_chk( mpi_read_string( &ctx.N, 16, "00b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034fb38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4857  }
4858  if( strlen( "3" ) )
4859  {
4860  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4861  }
4862 
4863  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
4864  }
4865  FCT_TEST_END();
4866 
4867 
4868  FCT_TEST_BGN(rsa_check_public_key_7_n_larger_than_4096_bits)
4869  {
4870  rsa_context ctx;
4871 
4872  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4873 
4874  if( strlen( "01b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034fb38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) )
4875  {
4876  fct_chk( mpi_read_string( &ctx.N, 16, "01b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034fb38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4877  }
4878  if( strlen( "3" ) )
4879  {
4880  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4881  }
4882 
4884  }
4885  FCT_TEST_END();
4886 
4887 
4888  FCT_TEST_BGN(rsa_check_public_key_8_e_exactly_2_bits)
4889  {
4890  rsa_context ctx;
4891 
4892  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4893 
4894  if( strlen( "fedcba9876543210deadbeefcafe4321" ) )
4895  {
4896  fct_chk( mpi_read_string( &ctx.N, 16, "fedcba9876543210deadbeefcafe4321" ) == 0 );
4897  }
4898  if( strlen( "3" ) )
4899  {
4900  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4901  }
4902 
4903  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
4904  }
4905  FCT_TEST_END();
4906 
4907 
4908  FCT_TEST_BGN(rsa_check_public_key_8_e_exactly_1_bits)
4909  {
4910  rsa_context ctx;
4911 
4912  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4913 
4914  if( strlen( "fedcba9876543210deadbeefcafe4321" ) )
4915  {
4916  fct_chk( mpi_read_string( &ctx.N, 16, "fedcba9876543210deadbeefcafe4321" ) == 0 );
4917  }
4918  if( strlen( "1" ) )
4919  {
4920  fct_chk( mpi_read_string( &ctx.E, 16, "1" ) == 0 );
4921  }
4922 
4924  }
4925  FCT_TEST_END();
4926 
4927 
4928  FCT_TEST_BGN(rsa_check_public_key_8_e_exactly_64_bits)
4929  {
4930  rsa_context ctx;
4931 
4932  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4933 
4934  if( strlen( "fedcba9876543210deadbeefcafe4321" ) )
4935  {
4936  fct_chk( mpi_read_string( &ctx.N, 16, "fedcba9876543210deadbeefcafe4321" ) == 0 );
4937  }
4938  if( strlen( "00fedcba9876543213" ) )
4939  {
4940  fct_chk( mpi_read_string( &ctx.E, 16, "00fedcba9876543213" ) == 0 );
4941  }
4942 
4943  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
4944  }
4945  FCT_TEST_END();
4946 
4947 
4948  FCT_TEST_BGN(rsa_check_public_key_8_e_larger_than_64_bits)
4949  {
4950  rsa_context ctx;
4951 
4952  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4953 
4954  if( strlen( "fedcba9876543210deadbeefcafe4321" ) )
4955  {
4956  fct_chk( mpi_read_string( &ctx.N, 16, "fedcba9876543210deadbeefcafe4321" ) == 0 );
4957  }
4958  if( strlen( "01fedcba9876543213" ) )
4959  {
4960  fct_chk( mpi_read_string( &ctx.E, 16, "01fedcba9876543213" ) == 0 );
4961  }
4962 
4964  }
4965  FCT_TEST_END();
4966 
4967 
4968  FCT_TEST_BGN(rsa_private_correct)
4969  {
4970  unsigned char message_str[1000];
4971  unsigned char output[1000];
4972  unsigned char output_str[1000];
4973  rsa_context ctx;
4974  mpi P1, Q1, H, G;
4975 
4976  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
4977  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4978 
4979  memset( message_str, 0x00, 1000 );
4980  memset( output, 0x00, 1000 );
4981  memset( output_str, 0x00, 1000 );
4982 
4983  ctx.len = 2048 / 8;
4984  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
4985  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
4986  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4987  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4988 
4989  fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
4990  fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
4991  fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
4992  fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 );
4993  fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
4994  fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
4995  fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
4996  fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
4997 
4998  fct_chk( rsa_check_privkey( &ctx ) == 0 );
4999 
5000  unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
5001 
5002  fct_chk( rsa_private( &ctx, message_str, output ) == 0 );
5003  if( 0 == 0 )
5004  {
5005  hexify( output_str, output, ctx.len );
5006 
5007  fct_chk( strcasecmp( (char *) output_str, "48ce62658d82be10737bd5d3579aed15bc82617e6758ba862eeb12d049d7bacaf2f62fce8bf6e980763d1951f7f0eae3a493df9890d249314b39d00d6ef791de0daebf2c50f46e54aeb63a89113defe85de6dbe77642aae9f2eceb420f3a47a56355396e728917f17876bb829fabcaeef8bf7ef6de2ff9e84e6108ea2e52bbb62b7b288efa0a3835175b8b08fac56f7396eceb1c692d419ecb79d80aef5bc08a75d89de9f2b2d411d881c0e3ffad24c311a19029d210d3d3534f1b626f982ea322b4d1cfba476860ef20d4f672f38c371084b5301b429b747ea051a619e4430e0dac33c12f9ee41ca4d81a4f6da3e495aa8524574bdc60d290dd1f7a62e90a67" ) == 0 );
5008  }
5009 
5010  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
5011  }
5012  FCT_TEST_END();
5013 
5014 
5015  FCT_TEST_BGN(rsa_private_data_larger_than_n)
5016  {
5017  unsigned char message_str[1000];
5018  unsigned char output[1000];
5019  unsigned char output_str[1000];
5020  rsa_context ctx;
5021  mpi P1, Q1, H, G;
5022 
5023  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
5024  rsa_init( &ctx, RSA_PKCS_V15, 0 );
5025 
5026  memset( message_str, 0x00, 1000 );
5027  memset( output, 0x00, 1000 );
5028  memset( output_str, 0x00, 1000 );
5029 
5030  ctx.len = 2048 / 8;
5031  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
5032  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
5033  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
5034  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
5035 
5036  fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
5037  fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
5038  fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
5039  fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 );
5040  fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
5041  fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
5042  fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
5043  fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
5044 
5045  fct_chk( rsa_check_privkey( &ctx ) == 0 );
5046 
5047  unhexify( message_str, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" );
5048 
5049  fct_chk( rsa_private( &ctx, message_str, output ) == POLARSSL_ERR_RSA_BAD_INPUT_DATA );
5051  {
5052  hexify( output_str, output, ctx.len );
5053 
5054  fct_chk( strcasecmp( (char *) output_str, "605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8" ) == 0 );
5055  }
5056 
5057  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
5058  }
5059  FCT_TEST_END();
5060 
5061 
5062  FCT_TEST_BGN(rsa_public_correct)
5063  {
5064  unsigned char message_str[1000];
5065  unsigned char output[1000];
5066  unsigned char output_str[1000];
5067  rsa_context ctx;
5068 
5069  rsa_init( &ctx, RSA_PKCS_V15, 0 );
5070  memset( message_str, 0x00, 1000 );
5071  memset( output, 0x00, 1000 );
5072  memset( output_str, 0x00, 1000 );
5073 
5074  ctx.len = 2048 / 8;
5075  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
5076  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
5077 
5078  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
5079 
5080  unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
5081 
5082  fct_chk( rsa_public( &ctx, message_str, output ) == 0 );
5083  if( 0 == 0 )
5084  {
5085  hexify( output_str, output, ctx.len );
5086 
5087  fct_chk( strcasecmp( (char *) output_str, "1f5e927c13ff231090b0f18c8c3526428ed0f4a7561457ee5afe4d22d5d9220c34ef5b9a34d0c07f7248a1f3d57f95d10f7936b3063e40660b3a7ca3e73608b013f85a6e778ac7c60d576e9d9c0c5a79ad84ceea74e4722eb3553bdb0c2d7783dac050520cb27ca73478b509873cb0dcbd1d51dd8fccb96c29ad314f36d67cc57835d92d94defa0399feb095fd41b9f0b2be10f6041079ed4290040449f8a79aba50b0a1f8cf83c9fb8772b0686ec1b29cb1814bb06f9c024857db54d395a8da9a2c6f9f53b94bec612a0cb306a3eaa9fc80992e85d9d232e37a50cabe48c9343f039601ff7d95d60025e582aec475d031888310e8ec3833b394a5cf0599101e" ) == 0 );
5088  }
5089  }
5090  FCT_TEST_END();
5091 
5092 
5093  FCT_TEST_BGN(rsa_public_data_larger_than_n)
5094  {
5095  unsigned char message_str[1000];
5096  unsigned char output[1000];
5097  unsigned char output_str[1000];
5098  rsa_context ctx;
5099 
5100  rsa_init( &ctx, RSA_PKCS_V15, 0 );
5101  memset( message_str, 0x00, 1000 );
5102  memset( output, 0x00, 1000 );
5103  memset( output_str, 0x00, 1000 );
5104 
5105  ctx.len = 2048 / 8;
5106  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
5107  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
5108 
5109  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
5110 
5111  unhexify( message_str, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" );
5112 
5113  fct_chk( rsa_public( &ctx, message_str, output ) == POLARSSL_ERR_RSA_BAD_INPUT_DATA );
5115  {
5116  hexify( output_str, output, ctx.len );
5117 
5118  fct_chk( strcasecmp( (char *) output_str, "605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8" ) == 0 );
5119  }
5120  }
5121  FCT_TEST_END();
5122 
5123 #ifdef POLARSSL_ENTROPY_C
5124 #ifdef POLARSSL_CTR_DRBG_C
5125 
5126  FCT_TEST_BGN(rsa_generate_key)
5127  {
5128  rsa_context ctx;
5129  entropy_context entropy;
5130  ctr_drbg_context ctr_drbg;
5131  char *pers = "test_suite_rsa";
5132 
5133  entropy_init( &entropy );
5134  fct_chk( ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
5135  (unsigned char *) pers, strlen( pers ) ) == 0 );
5136 
5137  rsa_init( &ctx, 0, 0 );
5138 
5139  fct_chk( rsa_gen_key( &ctx, ctr_drbg_random, &ctr_drbg, 128, 3 ) == 0 );
5140  if( 0 == 0 )
5141  {
5142  fct_chk( rsa_check_privkey( &ctx ) == 0 );
5143  }
5144  }
5145  FCT_TEST_END();
5146 #endif /* POLARSSL_ENTROPY_C */
5147 #endif /* POLARSSL_CTR_DRBG_C */
5148 
5149 #ifdef POLARSSL_ENTROPY_C
5150 #ifdef POLARSSL_CTR_DRBG_C
5151 
5152  FCT_TEST_BGN(rsa_generate_key_number_of_bits_too_small)
5153  {
5154  rsa_context ctx;
5155  entropy_context entropy;
5156  ctr_drbg_context ctr_drbg;
5157  char *pers = "test_suite_rsa";
5158 
5159  entropy_init( &entropy );
5160  fct_chk( ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
5161  (unsigned char *) pers, strlen( pers ) ) == 0 );
5162 
5163  rsa_init( &ctx, 0, 0 );
5164 
5165  fct_chk( rsa_gen_key( &ctx, ctr_drbg_random, &ctr_drbg, 127, 3 ) == POLARSSL_ERR_RSA_BAD_INPUT_DATA );
5167  {
5168  fct_chk( rsa_check_privkey( &ctx ) == 0 );
5169  }
5170  }
5171  FCT_TEST_END();
5172 #endif /* POLARSSL_ENTROPY_C */
5173 #endif /* POLARSSL_CTR_DRBG_C */
5174 
5175 #ifdef POLARSSL_ENTROPY_C
5176 #ifdef POLARSSL_CTR_DRBG_C
5177 
5178  FCT_TEST_BGN(rsa_generate_key_exponent_too_small)
5179  {
5180  rsa_context ctx;
5181  entropy_context entropy;
5182  ctr_drbg_context ctr_drbg;
5183  char *pers = "test_suite_rsa";
5184 
5185  entropy_init( &entropy );
5186  fct_chk( ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
5187  (unsigned char *) pers, strlen( pers ) ) == 0 );
5188 
5189  rsa_init( &ctx, 0, 0 );
5190 
5191  fct_chk( rsa_gen_key( &ctx, ctr_drbg_random, &ctr_drbg, 128, 2 ) == POLARSSL_ERR_RSA_BAD_INPUT_DATA );
5193  {
5194  fct_chk( rsa_check_privkey( &ctx ) == 0 );
5195  }
5196  }
5197  FCT_TEST_END();
5198 #endif /* POLARSSL_ENTROPY_C */
5199 #endif /* POLARSSL_CTR_DRBG_C */
5200 
5201 #ifdef POLARSSL_ENTROPY_C
5202 #ifdef POLARSSL_CTR_DRBG_C
5203 
5204  FCT_TEST_BGN(rsa_generate_key)
5205  {
5206  rsa_context ctx;
5207  entropy_context entropy;
5208  ctr_drbg_context ctr_drbg;
5209  char *pers = "test_suite_rsa";
5210 
5211  entropy_init( &entropy );
5212  fct_chk( ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
5213  (unsigned char *) pers, strlen( pers ) ) == 0 );
5214 
5215  rsa_init( &ctx, 0, 0 );
5216 
5217  fct_chk( rsa_gen_key( &ctx, ctr_drbg_random, &ctr_drbg, 1024, 3 ) == 0 );
5218  if( 0 == 0 )
5219  {
5220  fct_chk( rsa_check_privkey( &ctx ) == 0 );
5221  }
5222  }
5223  FCT_TEST_END();
5224 #endif /* POLARSSL_ENTROPY_C */
5225 #endif /* POLARSSL_CTR_DRBG_C */
5226 
5227 
5228  FCT_TEST_BGN(rsa_pkcs1_encrypt_bad_rng)
5229  {
5230  unsigned char message_str[1000];
5231  unsigned char output[1000];
5232  unsigned char output_str[1000];
5233  rsa_context ctx;
5234  size_t msg_len;
5235 
5236  rsa_init( &ctx, RSA_PKCS_V15, 0 );
5237  memset( message_str, 0x00, 1000 );
5238  memset( output, 0x00, 1000 );
5239  memset( output_str, 0x00, 1000 );
5240 
5241  ctx.len = 2048 / 8;
5242  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
5243  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
5244 
5245  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
5246 
5247  msg_len = unhexify( message_str, "4E636AF98E40F3ADCFCCB698F4E80B9F" );
5248 
5249  fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_zero_rand, NULL, RSA_PUBLIC, msg_len, message_str, output ) == POLARSSL_ERR_RSA_RNG_FAILED );
5250  if( POLARSSL_ERR_RSA_RNG_FAILED == 0 )
5251  {
5252  hexify( output_str, output, ctx.len );
5253 
5254  fct_chk( strcasecmp( (char *) output_str, "a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6" ) == 0 );
5255  }
5256  }
5257  FCT_TEST_END();
5258 
5259 #ifdef POLARSSL_SELF_TEST
5260 
5261  FCT_TEST_BGN(rsa_selftest)
5262  {
5263  fct_chk( rsa_self_test( 0 ) == 0 );
5264  }
5265  FCT_TEST_END();
5266 #endif /* POLARSSL_SELF_TEST */
5267 
5268  }
5269  FCT_SUITE_END();
5270 
5271 #endif /* POLARSSL_RSA_C */
5272 #endif /* POLARSSL_BIGNUM_C */
5273 #endif /* POLARSSL_GENPRIME */
5274 
5275 }
5276 FCT_END();
5277