PolarSSL v1.2.8
test_suite_rsa.c
Go to the documentation of this file.
1 #include "fct.h"
2 #include <polarssl/config.h>
3 
4 #include <polarssl/rsa.h>
5 #include <polarssl/md2.h>
6 #include <polarssl/md4.h>
7 #include <polarssl/md5.h>
8 #include <polarssl/sha1.h>
9 #include <polarssl/sha2.h>
10 #include <polarssl/sha4.h>
11 #include <polarssl/entropy.h>
12 #include <polarssl/ctr_drbg.h>
13 
14 #ifdef _MSC_VER
15 #include <basetsd.h>
16 typedef UINT32 uint32_t;
17 #else
18 #include <inttypes.h>
19 #endif
20 
21 /*
22  * 32-bit integer manipulation macros (big endian)
23  */
24 #ifndef GET_UINT32_BE
25 #define GET_UINT32_BE(n,b,i) \
26 { \
27  (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
28  | ( (uint32_t) (b)[(i) + 1] << 16 ) \
29  | ( (uint32_t) (b)[(i) + 2] << 8 ) \
30  | ( (uint32_t) (b)[(i) + 3] ); \
31 }
32 #endif
33 
34 #ifndef PUT_UINT32_BE
35 #define PUT_UINT32_BE(n,b,i) \
36 { \
37  (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
38  (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
39  (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
40  (b)[(i) + 3] = (unsigned char) ( (n) ); \
41 }
42 #endif
43 
44 int unhexify(unsigned char *obuf, const char *ibuf)
45 {
46  unsigned char c, c2;
47  int len = strlen(ibuf) / 2;
48  assert(!(strlen(ibuf) %1)); // must be even number of bytes
49 
50  while (*ibuf != 0)
51  {
52  c = *ibuf++;
53  if( c >= '0' && c <= '9' )
54  c -= '0';
55  else if( c >= 'a' && c <= 'f' )
56  c -= 'a' - 10;
57  else if( c >= 'A' && c <= 'F' )
58  c -= 'A' - 10;
59  else
60  assert( 0 );
61 
62  c2 = *ibuf++;
63  if( c2 >= '0' && c2 <= '9' )
64  c2 -= '0';
65  else if( c2 >= 'a' && c2 <= 'f' )
66  c2 -= 'a' - 10;
67  else if( c2 >= 'A' && c2 <= 'F' )
68  c2 -= 'A' - 10;
69  else
70  assert( 0 );
71 
72  *obuf++ = ( c << 4 ) | c2;
73  }
74 
75  return len;
76 }
77 
78 void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
79 {
80  unsigned char l, h;
81 
82  while (len != 0)
83  {
84  h = (*ibuf) / 16;
85  l = (*ibuf) % 16;
86 
87  if( h < 10 )
88  *obuf++ = '0' + h;
89  else
90  *obuf++ = 'a' + h - 10;
91 
92  if( l < 10 )
93  *obuf++ = '0' + l;
94  else
95  *obuf++ = 'a' + l - 10;
96 
97  ++ibuf;
98  len--;
99  }
100 }
101 
111 static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len )
112 {
113  size_t i;
114 
115  if( rng_state != NULL )
116  rng_state = NULL;
117 
118  for( i = 0; i < len; ++i )
119  output[i] = rand();
120 
121  return( 0 );
122 }
123 
129 static int rnd_zero_rand( void *rng_state, unsigned char *output, size_t len )
130 {
131  if( rng_state != NULL )
132  rng_state = NULL;
133 
134  memset( output, 0, len );
135 
136  return( 0 );
137 }
138 
139 typedef struct
140 {
141  unsigned char *buf;
142  size_t length;
143 } rnd_buf_info;
144 
156 static int rnd_buffer_rand( void *rng_state, unsigned char *output, size_t len )
157 {
158  rnd_buf_info *info = (rnd_buf_info *) rng_state;
159  size_t use_len;
160 
161  if( rng_state == NULL )
162  return( rnd_std_rand( NULL, output, len ) );
163 
164  use_len = len;
165  if( len > info->length )
166  use_len = info->length;
167 
168  if( use_len )
169  {
170  memcpy( output, info->buf, use_len );
171  info->buf += use_len;
172  info->length -= use_len;
173  }
174 
175  if( len - use_len > 0 )
176  return( rnd_std_rand( NULL, output + use_len, len - use_len ) );
177 
178  return( 0 );
179 }
180 
188 typedef struct
189 {
190  uint32_t key[16];
191  uint32_t v0, v1;
193 
202 static int rnd_pseudo_rand( void *rng_state, unsigned char *output, size_t len )
203 {
204  rnd_pseudo_info *info = (rnd_pseudo_info *) rng_state;
205  uint32_t i, *k, sum, delta=0x9E3779B9;
206  unsigned char result[4];
207 
208  if( rng_state == NULL )
209  return( rnd_std_rand( NULL, output, len ) );
210 
211  k = info->key;
212 
213  while( len > 0 )
214  {
215  size_t use_len = ( len > 4 ) ? 4 : len;
216  sum = 0;
217 
218  for( i = 0; i < 32; i++ )
219  {
220  info->v0 += (((info->v1 << 4) ^ (info->v1 >> 5)) + info->v1) ^ (sum + k[sum & 3]);
221  sum += delta;
222  info->v1 += (((info->v0 << 4) ^ (info->v0 >> 5)) + info->v0) ^ (sum + k[(sum>>11) & 3]);
223  }
224 
225  PUT_UINT32_BE( info->v0, result, 0 );
226  memcpy( output, result, use_len );
227  len -= use_len;
228  }
229 
230  return( 0 );
231 }
232 
233 
235 {
236 #ifdef POLARSSL_RSA_C
237 #ifdef POLARSSL_BIGNUM_C
238 #ifdef POLARSSL_GENPRIME
239 
240 
241  FCT_SUITE_BGN(test_suite_rsa)
242  {
243 #ifdef POLARSSL_SHA1_C
244 
245  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_1)
246  {
247  unsigned char message_str[1000];
248  unsigned char hash_result[1000];
249  unsigned char result_str[1000];
250  rsa_context ctx;
251  int msg_len;
252 
253  rsa_init( &ctx, RSA_PKCS_V15, 0 );
254  memset( message_str, 0x00, 1000 );
255  memset( hash_result, 0x00, 1000 );
256  memset( result_str, 0x00, 1000 );
257 
258  ctx.len = 1024 / 8;
259  fct_chk( mpi_read_string( &ctx.N, 16, "e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5" ) == 0 );
260  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
261 
262  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
263 
264  msg_len = unhexify( message_str, "d6248c3e96b1a7e5fea978870fcc4c9786b4e5156e16b7faef4557d667f730b8bc4c784ef00c624df5309513c3a5de8ca94c2152e0459618666d3148092562ebc256ffca45b27fd2d63c68bd5e0a0aefbe496e9e63838a361b1db6fc272464f191490bf9c029643c49d2d9cd08833b8a70b4b3431f56fb1eb55ccd39e77a9c92" );
265  unhexify( result_str, "3203b7647fb7e345aa457681e5131777f1adc371f2fba8534928c4e52ef6206a856425d6269352ecbf64db2f6ad82397768cafdd8cd272e512d617ad67992226da6bc291c31404c17fd4b7e2beb20eff284a44f4d7af47fd6629e2c95809fa7f2241a04f70ac70d3271bb13258af1ed5c5988c95df7fa26603515791075feccd" );
266 
267  switch( SIG_RSA_SHA1 )
268  {
269  #ifdef POLARSSL_MD2_C
270  case SIG_RSA_MD2:
271  md2( message_str, msg_len, hash_result );
272  break;
273  #endif
274  #ifdef POLARSSL_MD4_C
275  case SIG_RSA_MD4:
276  md4( message_str, msg_len, hash_result );
277  break;
278  #endif
279  #ifdef POLARSSL_MD5_C
280  case SIG_RSA_MD5:
281  md5( message_str, msg_len, hash_result );
282  break;
283  #endif
284  #ifdef POLARSSL_SHA1_C
285  case SIG_RSA_SHA1:
286  sha1( message_str, msg_len, hash_result );
287  break;
288  #endif
289  #ifdef POLARSSL_SHA2_C
290  case SIG_RSA_SHA224:
291  sha2( message_str, msg_len, hash_result, 1 );
292  break;
293  case SIG_RSA_SHA256:
294  sha2( message_str, msg_len, hash_result, 0 );
295  break;
296  #endif
297  #ifdef POLARSSL_SHA4_C
298  case SIG_RSA_SHA384:
299  sha4( message_str, msg_len, hash_result, 1 );
300  break;
301  case SIG_RSA_SHA512:
302  sha4( message_str, msg_len, hash_result, 0 );
303  break;
304  #endif
305  }
306 
307  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == POLARSSL_ERR_RSA_VERIFY_FAILED );
308 
309  rsa_free( &ctx );
310  }
311  FCT_TEST_END();
312 #endif /* POLARSSL_SHA1_C */
313 
314 #ifdef POLARSSL_SHA1_C
315 
316  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_2)
317  {
318  unsigned char message_str[1000];
319  unsigned char hash_result[1000];
320  unsigned char result_str[1000];
321  rsa_context ctx;
322  int msg_len;
323 
324  rsa_init( &ctx, RSA_PKCS_V15, 0 );
325  memset( message_str, 0x00, 1000 );
326  memset( hash_result, 0x00, 1000 );
327  memset( result_str, 0x00, 1000 );
328 
329  ctx.len = 1024 / 8;
330  fct_chk( mpi_read_string( &ctx.N, 16, "e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5" ) == 0 );
331  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
332 
333  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
334 
335  msg_len = unhexify( message_str, "206ef4bf396c6087f8229ef196fd35f37ccb8de5efcdb238f20d556668f114257a11fbe038464a67830378e62ae9791453953dac1dbd7921837ba98e84e856eb80ed9487e656d0b20c28c8ba5e35db1abbed83ed1c7720a97701f709e3547a4bfcabca9c89c57ad15c3996577a0ae36d7c7b699035242f37954646c1cd5c08ac" );
336  unhexify( result_str, "5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7" );
337 
338  switch( SIG_RSA_SHA1 )
339  {
340  #ifdef POLARSSL_MD2_C
341  case SIG_RSA_MD2:
342  md2( message_str, msg_len, hash_result );
343  break;
344  #endif
345  #ifdef POLARSSL_MD4_C
346  case SIG_RSA_MD4:
347  md4( message_str, msg_len, hash_result );
348  break;
349  #endif
350  #ifdef POLARSSL_MD5_C
351  case SIG_RSA_MD5:
352  md5( message_str, msg_len, hash_result );
353  break;
354  #endif
355  #ifdef POLARSSL_SHA1_C
356  case SIG_RSA_SHA1:
357  sha1( message_str, msg_len, hash_result );
358  break;
359  #endif
360  #ifdef POLARSSL_SHA2_C
361  case SIG_RSA_SHA224:
362  sha2( message_str, msg_len, hash_result, 1 );
363  break;
364  case SIG_RSA_SHA256:
365  sha2( message_str, msg_len, hash_result, 0 );
366  break;
367  #endif
368  #ifdef POLARSSL_SHA4_C
369  case SIG_RSA_SHA384:
370  sha4( message_str, msg_len, hash_result, 1 );
371  break;
372  case SIG_RSA_SHA512:
373  sha4( message_str, msg_len, hash_result, 0 );
374  break;
375  #endif
376  }
377 
378  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 );
379 
380  rsa_free( &ctx );
381  }
382  FCT_TEST_END();
383 #endif /* POLARSSL_SHA1_C */
384 
385 #ifdef POLARSSL_SHA1_C
386 
387  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_3)
388  {
389  unsigned char message_str[1000];
390  unsigned char hash_result[1000];
391  unsigned char result_str[1000];
392  rsa_context ctx;
393  int msg_len;
394 
395  rsa_init( &ctx, RSA_PKCS_V15, 0 );
396  memset( message_str, 0x00, 1000 );
397  memset( hash_result, 0x00, 1000 );
398  memset( result_str, 0x00, 1000 );
399 
400  ctx.len = 1024 / 8;
401  fct_chk( mpi_read_string( &ctx.N, 16, "e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5" ) == 0 );
402  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
403 
404  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
405 
406  msg_len = unhexify( message_str, "206ef4bf396c6087f8229ef196fd35f37ccb8de5efcdb238f20d556668f114257a11fbe038464a67830378e62ae9791453953dac1dbd7921837ba98e84e856eb80ed9487e656d0b20c28c8ba5e35db1abbed83ed1c7720a97701f709e3547a4bfcabca9c89c57ad15c3996577a0ae36d7c7b699035242f37954646c1cd5c08ac" );
407  unhexify( result_str, "5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7" );
408 
409  switch( SIG_RSA_SHA1 )
410  {
411  #ifdef POLARSSL_MD2_C
412  case SIG_RSA_MD2:
413  md2( message_str, msg_len, hash_result );
414  break;
415  #endif
416  #ifdef POLARSSL_MD4_C
417  case SIG_RSA_MD4:
418  md4( message_str, msg_len, hash_result );
419  break;
420  #endif
421  #ifdef POLARSSL_MD5_C
422  case SIG_RSA_MD5:
423  md5( message_str, msg_len, hash_result );
424  break;
425  #endif
426  #ifdef POLARSSL_SHA1_C
427  case SIG_RSA_SHA1:
428  sha1( message_str, msg_len, hash_result );
429  break;
430  #endif
431  #ifdef POLARSSL_SHA2_C
432  case SIG_RSA_SHA224:
433  sha2( message_str, msg_len, hash_result, 1 );
434  break;
435  case SIG_RSA_SHA256:
436  sha2( message_str, msg_len, hash_result, 0 );
437  break;
438  #endif
439  #ifdef POLARSSL_SHA4_C
440  case SIG_RSA_SHA384:
441  sha4( message_str, msg_len, hash_result, 1 );
442  break;
443  case SIG_RSA_SHA512:
444  sha4( message_str, msg_len, hash_result, 0 );
445  break;
446  #endif
447  }
448 
449  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 );
450 
451  rsa_free( &ctx );
452  }
453  FCT_TEST_END();
454 #endif /* POLARSSL_SHA1_C */
455 
456 #ifdef POLARSSL_SHA2_C
457 
458  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_4)
459  {
460  unsigned char message_str[1000];
461  unsigned char hash_result[1000];
462  unsigned char result_str[1000];
463  rsa_context ctx;
464  int msg_len;
465 
466  rsa_init( &ctx, RSA_PKCS_V15, 0 );
467  memset( message_str, 0x00, 1000 );
468  memset( hash_result, 0x00, 1000 );
469  memset( result_str, 0x00, 1000 );
470 
471  ctx.len = 1024 / 8;
472  fct_chk( mpi_read_string( &ctx.N, 16, "e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5" ) == 0 );
473  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
474 
475  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
476 
477  msg_len = unhexify( message_str, "867ac26e11a13b7ac34a42a1e177648692861226effb55bb597fbde10f299bf7fffd6fc8ddb2a46a73b97b67387a461b23e1d65dc119366286979add615b926b9272832fc0c058b946fc752dcffceca12233f4c63f7897cbaa08aa7e07cf02b5e7e3e5ece252bf2fe61d163bce84c0e0368454a98e9fdebf6edbd70b290d549b" );
478  unhexify( result_str, "3bb7b1c5f3391de4549e2e96fd33afa4d647dd90e321d9d576f3808e32213e948b697ef4fd2dd12923de6ec3ffd625078a57f86af38dc07052bb50547c616ed51fa1352b3ab66788408168d21263ef2d3388d567d2ce8cf674f45491ab2b0319d47be1266bda39e343b2a38ea2d6aaaee6c4465aee1d7bb33e93a1c40a8e3ae4" );
479 
480  switch( SIG_RSA_SHA224 )
481  {
482  #ifdef POLARSSL_MD2_C
483  case SIG_RSA_MD2:
484  md2( message_str, msg_len, hash_result );
485  break;
486  #endif
487  #ifdef POLARSSL_MD4_C
488  case SIG_RSA_MD4:
489  md4( message_str, msg_len, hash_result );
490  break;
491  #endif
492  #ifdef POLARSSL_MD5_C
493  case SIG_RSA_MD5:
494  md5( message_str, msg_len, hash_result );
495  break;
496  #endif
497  #ifdef POLARSSL_SHA1_C
498  case SIG_RSA_SHA1:
499  sha1( message_str, msg_len, hash_result );
500  break;
501  #endif
502  #ifdef POLARSSL_SHA2_C
503  case SIG_RSA_SHA224:
504  sha2( message_str, msg_len, hash_result, 1 );
505  break;
506  case SIG_RSA_SHA256:
507  sha2( message_str, msg_len, hash_result, 0 );
508  break;
509  #endif
510  #ifdef POLARSSL_SHA4_C
511  case SIG_RSA_SHA384:
512  sha4( message_str, msg_len, hash_result, 1 );
513  break;
514  case SIG_RSA_SHA512:
515  sha4( message_str, msg_len, hash_result, 0 );
516  break;
517  #endif
518  }
519 
520  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA224, 0, hash_result, result_str ) == 0 );
521 
522  rsa_free( &ctx );
523  }
524  FCT_TEST_END();
525 #endif /* POLARSSL_SHA2_C */
526 
527 #ifdef POLARSSL_SHA2_C
528 
529  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_5)
530  {
531  unsigned char message_str[1000];
532  unsigned char hash_result[1000];
533  unsigned char result_str[1000];
534  rsa_context ctx;
535  int msg_len;
536 
537  rsa_init( &ctx, RSA_PKCS_V15, 0 );
538  memset( message_str, 0x00, 1000 );
539  memset( hash_result, 0x00, 1000 );
540  memset( result_str, 0x00, 1000 );
541 
542  ctx.len = 1024 / 8;
543  fct_chk( mpi_read_string( &ctx.N, 16, "e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5" ) == 0 );
544  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
545 
546  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
547 
548  msg_len = unhexify( message_str, "cd810e97dc21095ea7a0238027a7bafd343e01444785ea9184a44a79f80438c41fc0b57aa95693407da38fe5ff0ec1398e03361e51a3dbe134b99cca2df0cef1c444ca54d2b7db2789455b6bb41918c24001fd82fc20ee089de3f34f053699c1c5f7954ce0aaabb9d26fce39d032894152229d98cf64ecafc7089530073c61d9" );
549  unhexify( result_str, "7b5fba70ec5b521638f182bcab39cec30b76e7bc017bdbd1059658a9a1db0969ab482dce32f3e9865952f0a0de0978272c951e3c015328ea3758f47029a379ab4200550fba58f11d51264878406fc717d5f7b72b3582946f16a7e5314a220881fc820f7d29949710273421533d8ac0a449dc6d0fd1a21c22444edd1c0d5b44d3" );
550 
551  switch( SIG_RSA_SHA256 )
552  {
553  #ifdef POLARSSL_MD2_C
554  case SIG_RSA_MD2:
555  md2( message_str, msg_len, hash_result );
556  break;
557  #endif
558  #ifdef POLARSSL_MD4_C
559  case SIG_RSA_MD4:
560  md4( message_str, msg_len, hash_result );
561  break;
562  #endif
563  #ifdef POLARSSL_MD5_C
564  case SIG_RSA_MD5:
565  md5( message_str, msg_len, hash_result );
566  break;
567  #endif
568  #ifdef POLARSSL_SHA1_C
569  case SIG_RSA_SHA1:
570  sha1( message_str, msg_len, hash_result );
571  break;
572  #endif
573  #ifdef POLARSSL_SHA2_C
574  case SIG_RSA_SHA224:
575  sha2( message_str, msg_len, hash_result, 1 );
576  break;
577  case SIG_RSA_SHA256:
578  sha2( message_str, msg_len, hash_result, 0 );
579  break;
580  #endif
581  #ifdef POLARSSL_SHA4_C
582  case SIG_RSA_SHA384:
583  sha4( message_str, msg_len, hash_result, 1 );
584  break;
585  case SIG_RSA_SHA512:
586  sha4( message_str, msg_len, hash_result, 0 );
587  break;
588  #endif
589  }
590 
591  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA256, 0, hash_result, result_str ) == 0 );
592 
593  rsa_free( &ctx );
594  }
595  FCT_TEST_END();
596 #endif /* POLARSSL_SHA2_C */
597 
598 #ifdef POLARSSL_SHA4_C
599 
600  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_6)
601  {
602  unsigned char message_str[1000];
603  unsigned char hash_result[1000];
604  unsigned char result_str[1000];
605  rsa_context ctx;
606  int msg_len;
607 
608  rsa_init( &ctx, RSA_PKCS_V15, 0 );
609  memset( message_str, 0x00, 1000 );
610  memset( hash_result, 0x00, 1000 );
611  memset( result_str, 0x00, 1000 );
612 
613  ctx.len = 1024 / 8;
614  fct_chk( mpi_read_string( &ctx.N, 16, "e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5" ) == 0 );
615  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
616 
617  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
618 
619  msg_len = unhexify( message_str, "44637d3b8de525fd589237bc81229c8966d3af24540850c24036330db8007e6d19a19486018b2b02074da590aaba9d2c8848c0a2d1b6de4dfaf24025b6393df9228008f83f13cc76a67cfbed77a6e3429342824a0b6a9b8dd884094acc6a54bbc8c8829930c52fe39ce5e0dcd02d9553ef899d26eb6cae0940b63584e2daeb3b" );
620  unhexify( result_str, "38fc4f6f0430bb3ea9f470a4c0f5cebdabac4dbeb3b9c99d4168e7b00f5eb294ec0ece1908eded1f3e14f1e69d10f9feb425bda0c998af945ef864298a60a675f0bb5c540a7be3f534d5faddff974eea8bffe182a44e2ee1f4f653e71967a11869ee1a850edb03cb44a340378cb7a1bc9616d3649b78002b390a05a7e54edec6" );
621 
622  switch( SIG_RSA_SHA384 )
623  {
624  #ifdef POLARSSL_MD2_C
625  case SIG_RSA_MD2:
626  md2( message_str, msg_len, hash_result );
627  break;
628  #endif
629  #ifdef POLARSSL_MD4_C
630  case SIG_RSA_MD4:
631  md4( message_str, msg_len, hash_result );
632  break;
633  #endif
634  #ifdef POLARSSL_MD5_C
635  case SIG_RSA_MD5:
636  md5( message_str, msg_len, hash_result );
637  break;
638  #endif
639  #ifdef POLARSSL_SHA1_C
640  case SIG_RSA_SHA1:
641  sha1( message_str, msg_len, hash_result );
642  break;
643  #endif
644  #ifdef POLARSSL_SHA2_C
645  case SIG_RSA_SHA224:
646  sha2( message_str, msg_len, hash_result, 1 );
647  break;
648  case SIG_RSA_SHA256:
649  sha2( message_str, msg_len, hash_result, 0 );
650  break;
651  #endif
652  #ifdef POLARSSL_SHA4_C
653  case SIG_RSA_SHA384:
654  sha4( message_str, msg_len, hash_result, 1 );
655  break;
656  case SIG_RSA_SHA512:
657  sha4( message_str, msg_len, hash_result, 0 );
658  break;
659  #endif
660  }
661 
662  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA384, 0, hash_result, result_str ) == 0 );
663 
664  rsa_free( &ctx );
665  }
666  FCT_TEST_END();
667 #endif /* POLARSSL_SHA4_C */
668 
669 #ifdef POLARSSL_SHA4_C
670 
671  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_7)
672  {
673  unsigned char message_str[1000];
674  unsigned char hash_result[1000];
675  unsigned char result_str[1000];
676  rsa_context ctx;
677  int msg_len;
678 
679  rsa_init( &ctx, RSA_PKCS_V15, 0 );
680  memset( message_str, 0x00, 1000 );
681  memset( hash_result, 0x00, 1000 );
682  memset( result_str, 0x00, 1000 );
683 
684  ctx.len = 1024 / 8;
685  fct_chk( mpi_read_string( &ctx.N, 16, "e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5" ) == 0 );
686  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
687 
688  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
689 
690  msg_len = unhexify( message_str, "d03f12276f6ba7545b8fce719471bd253791878809694e8754f3b389f26c9253a758ed28b4c62535a8d5702d7a778731d5759ff2b3b39b192db680e791632918b6093c0e8ca25c2bf756a07fde4144a37f769fe4054455a45cb8cefe4462e7a9a45ce71f2189b4fef01b47aee8585d44dc9d6fa627a3e5f08801871731f234cd" );
691  unhexify( result_str, "d93a878c1ce86571590b0e43794b3edb23552797c4b8c9e3da4fe1cc4ac0566acd3b10541fe9a7a79f5ea4892d3069ca6903efb5c40c47eb8a9c781eb4249281d40c3d96aae16da1bb4daaece6a26eca5f41c062b4124a64fc9d340cba5ab0d1f5affff6515a87f0933774fd4322d2fa497cd6f708a429ca56dcb1fd3db623d0" );
692 
693  switch( SIG_RSA_SHA384 )
694  {
695  #ifdef POLARSSL_MD2_C
696  case SIG_RSA_MD2:
697  md2( message_str, msg_len, hash_result );
698  break;
699  #endif
700  #ifdef POLARSSL_MD4_C
701  case SIG_RSA_MD4:
702  md4( message_str, msg_len, hash_result );
703  break;
704  #endif
705  #ifdef POLARSSL_MD5_C
706  case SIG_RSA_MD5:
707  md5( message_str, msg_len, hash_result );
708  break;
709  #endif
710  #ifdef POLARSSL_SHA1_C
711  case SIG_RSA_SHA1:
712  sha1( message_str, msg_len, hash_result );
713  break;
714  #endif
715  #ifdef POLARSSL_SHA2_C
716  case SIG_RSA_SHA224:
717  sha2( message_str, msg_len, hash_result, 1 );
718  break;
719  case SIG_RSA_SHA256:
720  sha2( message_str, msg_len, hash_result, 0 );
721  break;
722  #endif
723  #ifdef POLARSSL_SHA4_C
724  case SIG_RSA_SHA384:
725  sha4( message_str, msg_len, hash_result, 1 );
726  break;
727  case SIG_RSA_SHA512:
728  sha4( message_str, msg_len, hash_result, 0 );
729  break;
730  #endif
731  }
732 
733  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA384, 0, hash_result, result_str ) == POLARSSL_ERR_RSA_INVALID_PADDING );
734 
735  rsa_free( &ctx );
736  }
737  FCT_TEST_END();
738 #endif /* POLARSSL_SHA4_C */
739 
740 #ifdef POLARSSL_SHA4_C
741 
742  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_8)
743  {
744  unsigned char message_str[1000];
745  unsigned char hash_result[1000];
746  unsigned char result_str[1000];
747  rsa_context ctx;
748  int msg_len;
749 
750  rsa_init( &ctx, RSA_PKCS_V15, 0 );
751  memset( message_str, 0x00, 1000 );
752  memset( hash_result, 0x00, 1000 );
753  memset( result_str, 0x00, 1000 );
754 
755  ctx.len = 1024 / 8;
756  fct_chk( mpi_read_string( &ctx.N, 16, "e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5" ) == 0 );
757  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
758 
759  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
760 
761  msg_len = unhexify( message_str, "b2f2e6e09fd19b0a8c06447554d6a236c69e2b334017488881d8c02ab81d74cae0c64efd50a374998eeec162651975e637cb2ba594250c750a4943253f1db0613e4ce1d50f8e3e968a2a83bd6cb97455ab2ccc77071076b3e211ffb251bd4c1a738b88b2021c61c727c074ce933c054acbcbf4f0c362ec09af38de191686aebe" );
762  unhexify( result_str, "a853e67f928281d11506c9d39e5ea9b2d742782c663c37d0a7c9e9fe15379cde1e75d94adbfb1ca08691f320af4ff2b0a29a4d2ea10a20cb95d85f3dabac3d56cca9039c851d0181408c00b385fc82cafa4cfa7380d0c2c024fb83fec59d5ee591d63806dcb18b21ea440c3d3f12c1e7795eb15b7ce4c4b288d646cf1d34bdf1" );
763 
764  switch( SIG_RSA_SHA512 )
765  {
766  #ifdef POLARSSL_MD2_C
767  case SIG_RSA_MD2:
768  md2( message_str, msg_len, hash_result );
769  break;
770  #endif
771  #ifdef POLARSSL_MD4_C
772  case SIG_RSA_MD4:
773  md4( message_str, msg_len, hash_result );
774  break;
775  #endif
776  #ifdef POLARSSL_MD5_C
777  case SIG_RSA_MD5:
778  md5( message_str, msg_len, hash_result );
779  break;
780  #endif
781  #ifdef POLARSSL_SHA1_C
782  case SIG_RSA_SHA1:
783  sha1( message_str, msg_len, hash_result );
784  break;
785  #endif
786  #ifdef POLARSSL_SHA2_C
787  case SIG_RSA_SHA224:
788  sha2( message_str, msg_len, hash_result, 1 );
789  break;
790  case SIG_RSA_SHA256:
791  sha2( message_str, msg_len, hash_result, 0 );
792  break;
793  #endif
794  #ifdef POLARSSL_SHA4_C
795  case SIG_RSA_SHA384:
796  sha4( message_str, msg_len, hash_result, 1 );
797  break;
798  case SIG_RSA_SHA512:
799  sha4( message_str, msg_len, hash_result, 0 );
800  break;
801  #endif
802  }
803 
804  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA512, 0, hash_result, result_str ) == 0 );
805 
806  rsa_free( &ctx );
807  }
808  FCT_TEST_END();
809 #endif /* POLARSSL_SHA4_C */
810 
811 #ifdef POLARSSL_SHA1_C
812 
813  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_9)
814  {
815  unsigned char message_str[1000];
816  unsigned char hash_result[1000];
817  unsigned char result_str[1000];
818  rsa_context ctx;
819  int msg_len;
820 
821  rsa_init( &ctx, RSA_PKCS_V15, 0 );
822  memset( message_str, 0x00, 1000 );
823  memset( hash_result, 0x00, 1000 );
824  memset( result_str, 0x00, 1000 );
825 
826  ctx.len = 1024 / 8;
827  fct_chk( mpi_read_string( &ctx.N, 16, "e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5" ) == 0 );
828  fct_chk( mpi_read_string( &ctx.E, 16, "10001" ) == 0 );
829 
830  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
831 
832  msg_len = unhexify( message_str, "647586ba587b09aa555d1b8da4cdf5c6e777e08859379ca45789019f2041e708d97c4408d4d6943b11dd7ebe05c6b48a9b5f1b0079452cc484579acfa66a34c0cf3f0e7339b2dbd5f1339ef7937a8261547705a846885c43d8ef139a9c83f5604ea52b231176a821fb48c45ed45226f31ba7e8a94a69f6c65c39b7278bf3f08f" );
833  unhexify( result_str, "e27a90b644c3a11f234132d6727ada397774cd7fdf5eb0160a665ffccedabb8ae9e357966939a71c973e75e5ff771fb01a6483fcaf82f16dee65e6826121e2ae9c69d2c92387b33a641f397676776cde501e7314a9a4e76c0f4538edeea163e8de7bd21c93c298df748c6f5c26b7d03bfa3671f2a7488fe311309e8218a71171" );
834 
835  switch( SIG_RSA_SHA1 )
836  {
837  #ifdef POLARSSL_MD2_C
838  case SIG_RSA_MD2:
839  md2( message_str, msg_len, hash_result );
840  break;
841  #endif
842  #ifdef POLARSSL_MD4_C
843  case SIG_RSA_MD4:
844  md4( message_str, msg_len, hash_result );
845  break;
846  #endif
847  #ifdef POLARSSL_MD5_C
848  case SIG_RSA_MD5:
849  md5( message_str, msg_len, hash_result );
850  break;
851  #endif
852  #ifdef POLARSSL_SHA1_C
853  case SIG_RSA_SHA1:
854  sha1( message_str, msg_len, hash_result );
855  break;
856  #endif
857  #ifdef POLARSSL_SHA2_C
858  case SIG_RSA_SHA224:
859  sha2( message_str, msg_len, hash_result, 1 );
860  break;
861  case SIG_RSA_SHA256:
862  sha2( message_str, msg_len, hash_result, 0 );
863  break;
864  #endif
865  #ifdef POLARSSL_SHA4_C
866  case SIG_RSA_SHA384:
867  sha4( message_str, msg_len, hash_result, 1 );
868  break;
869  case SIG_RSA_SHA512:
870  sha4( message_str, msg_len, hash_result, 0 );
871  break;
872  #endif
873  }
874 
875  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 );
876 
877  rsa_free( &ctx );
878  }
879  FCT_TEST_END();
880 #endif /* POLARSSL_SHA1_C */
881 
882 #ifdef POLARSSL_SHA1_C
883 
884  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_10)
885  {
886  unsigned char message_str[1000];
887  unsigned char hash_result[1000];
888  unsigned char result_str[1000];
889  rsa_context ctx;
890  int msg_len;
891 
892  rsa_init( &ctx, RSA_PKCS_V15, 0 );
893  memset( message_str, 0x00, 1000 );
894  memset( hash_result, 0x00, 1000 );
895  memset( result_str, 0x00, 1000 );
896 
897  ctx.len = 1024 / 8;
898  fct_chk( mpi_read_string( &ctx.N, 16, "e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5" ) == 0 );
899  fct_chk( mpi_read_string( &ctx.E, 16, "10001" ) == 0 );
900 
901  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
902 
903  msg_len = unhexify( message_str, "55013a489e09b6553262aab59fb041b49437b86d52876f8e5d5e405b77ca0ff6ce8ea2dd75c7b3b411cf4445d56233c5b0ff0e58c49128d81b4fedd295e172d225c451e13defb34b87b7aea6d6f0d20f5c55feb71d2a789fa31f3d9ff47896adc16bec5ce0c9dda3fde190e08ca2451c01ff3091449887695f96dac97ad6a30e" );
904  unhexify( result_str, "dd82b7be791c454fbbf6f1de47cbe585a687e4e8bbae0b6e2a77f8ca4efd06d71498f9a74b931bd59c377e71daf708a624c51303f377006c676487bad57f7067b09b7bb94a6189119ab8cf7321c321b2dc7df565bfbec833a28b86625fb5fd6a035d4ed79ff0f9aee9fa78935eec65069439ee449d7f5249cdae6fdd6d8c2a63" );
905 
906  switch( SIG_RSA_SHA1 )
907  {
908  #ifdef POLARSSL_MD2_C
909  case SIG_RSA_MD2:
910  md2( message_str, msg_len, hash_result );
911  break;
912  #endif
913  #ifdef POLARSSL_MD4_C
914  case SIG_RSA_MD4:
915  md4( message_str, msg_len, hash_result );
916  break;
917  #endif
918  #ifdef POLARSSL_MD5_C
919  case SIG_RSA_MD5:
920  md5( message_str, msg_len, hash_result );
921  break;
922  #endif
923  #ifdef POLARSSL_SHA1_C
924  case SIG_RSA_SHA1:
925  sha1( message_str, msg_len, hash_result );
926  break;
927  #endif
928  #ifdef POLARSSL_SHA2_C
929  case SIG_RSA_SHA224:
930  sha2( message_str, msg_len, hash_result, 1 );
931  break;
932  case SIG_RSA_SHA256:
933  sha2( message_str, msg_len, hash_result, 0 );
934  break;
935  #endif
936  #ifdef POLARSSL_SHA4_C
937  case SIG_RSA_SHA384:
938  sha4( message_str, msg_len, hash_result, 1 );
939  break;
940  case SIG_RSA_SHA512:
941  sha4( message_str, msg_len, hash_result, 0 );
942  break;
943  #endif
944  }
945 
946  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == POLARSSL_ERR_RSA_INVALID_PADDING );
947 
948  rsa_free( &ctx );
949  }
950  FCT_TEST_END();
951 #endif /* POLARSSL_SHA1_C */
952 
953 #ifdef POLARSSL_SHA2_C
954 
955  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_11)
956  {
957  unsigned char message_str[1000];
958  unsigned char hash_result[1000];
959  unsigned char result_str[1000];
960  rsa_context ctx;
961  int msg_len;
962 
963  rsa_init( &ctx, RSA_PKCS_V15, 0 );
964  memset( message_str, 0x00, 1000 );
965  memset( hash_result, 0x00, 1000 );
966  memset( result_str, 0x00, 1000 );
967 
968  ctx.len = 1024 / 8;
969  fct_chk( mpi_read_string( &ctx.N, 16, "e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5" ) == 0 );
970  fct_chk( mpi_read_string( &ctx.E, 16, "10001" ) == 0 );
971 
972  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
973 
974  msg_len = unhexify( message_str, "f4a990b8d434a5914340c0ca3ca4e4a70856c55e13e938c1f854e91cdef54c6107d6d682a62e6c1ff12b1c6178ee0b26b5d8ae5ee4043db4151465727f313e9e174d7c6961abe9cb86a21367a89e41b47267ac5ef3a6eceaaca5b19ae756b3904b97ec35aeb404dc2a2d0da373ba709a678d2728e7d72daae68d335cbf6c957d" );
975  unhexify( result_str, "d8ef7bdc0f111b1249d5ad6515b6fe37f2ff327f493832f1385c10e975c07b0266497716fcb84f5039cd60f5a050614fde27f354a6c45e8a7d74f9821e2f301500ac1953feafeb9d98cf88d2c928413f337813135c66abfc3dc7a4d80655d925bf96f21872ca2b3a2684b976ca768fe37feae20a69eeec3cc8f1de0db34b3462" );
976 
977  switch( SIG_RSA_SHA224 )
978  {
979  #ifdef POLARSSL_MD2_C
980  case SIG_RSA_MD2:
981  md2( message_str, msg_len, hash_result );
982  break;
983  #endif
984  #ifdef POLARSSL_MD4_C
985  case SIG_RSA_MD4:
986  md4( message_str, msg_len, hash_result );
987  break;
988  #endif
989  #ifdef POLARSSL_MD5_C
990  case SIG_RSA_MD5:
991  md5( message_str, msg_len, hash_result );
992  break;
993  #endif
994  #ifdef POLARSSL_SHA1_C
995  case SIG_RSA_SHA1:
996  sha1( message_str, msg_len, hash_result );
997  break;
998  #endif
999  #ifdef POLARSSL_SHA2_C
1000  case SIG_RSA_SHA224:
1001  sha2( message_str, msg_len, hash_result, 1 );
1002  break;
1003  case SIG_RSA_SHA256:
1004  sha2( message_str, msg_len, hash_result, 0 );
1005  break;
1006  #endif
1007  #ifdef POLARSSL_SHA4_C
1008  case SIG_RSA_SHA384:
1009  sha4( message_str, msg_len, hash_result, 1 );
1010  break;
1011  case SIG_RSA_SHA512:
1012  sha4( message_str, msg_len, hash_result, 0 );
1013  break;
1014  #endif
1015  }
1016 
1017  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA224, 0, hash_result, result_str ) == 0 );
1018 
1019  rsa_free( &ctx );
1020  }
1021  FCT_TEST_END();
1022 #endif /* POLARSSL_SHA2_C */
1023 
1024 #ifdef POLARSSL_SHA2_C
1025 
1026  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_12)
1027  {
1028  unsigned char message_str[1000];
1029  unsigned char hash_result[1000];
1030  unsigned char result_str[1000];
1031  rsa_context ctx;
1032  int msg_len;
1033 
1034  rsa_init( &ctx, RSA_PKCS_V15, 0 );
1035  memset( message_str, 0x00, 1000 );
1036  memset( hash_result, 0x00, 1000 );
1037  memset( result_str, 0x00, 1000 );
1038 
1039  ctx.len = 1024 / 8;
1040  fct_chk( mpi_read_string( &ctx.N, 16, "e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5" ) == 0 );
1041  fct_chk( mpi_read_string( &ctx.E, 16, "10001" ) == 0 );
1042 
1043  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
1044 
1045  msg_len = unhexify( message_str, "c81f04c79982971fa176d64e8f7f8812f86a94c49e84672ff10996a2d6dfc444a884c7a87c4606a1aab22558894ee59b798b457827f5ee0b0cadcd94371902cc4ddaf97acefed641997717bcb3cc74cd440f0a31e20fb95812cecb740c36d6d1bf07e3641514cfa678aff2a39562ff4d60e02b17583a92bf0c56d66bde9e09f8" );
1046  unhexify( result_str, "52111f4798da3c11b3c74394358348ab0fc797bde99080f238d33a69b04b08ac2bd767b33872473943e23af27ca32fd568a43a8c7d6cc55b4fbb380212fdfcb60487e20694d4287e233efdf7b04737c0037a592d03077801828b051998c42b9f9e2420063331d5b2349918a64d8b65b21a2011ee7318fcef48aced95b8ddf501" );
1047 
1048  switch( SIG_RSA_SHA256 )
1049  {
1050  #ifdef POLARSSL_MD2_C
1051  case SIG_RSA_MD2:
1052  md2( message_str, msg_len, hash_result );
1053  break;
1054  #endif
1055  #ifdef POLARSSL_MD4_C
1056  case SIG_RSA_MD4:
1057  md4( message_str, msg_len, hash_result );
1058  break;
1059  #endif
1060  #ifdef POLARSSL_MD5_C
1061  case SIG_RSA_MD5:
1062  md5( message_str, msg_len, hash_result );
1063  break;
1064  #endif
1065  #ifdef POLARSSL_SHA1_C
1066  case SIG_RSA_SHA1:
1067  sha1( message_str, msg_len, hash_result );
1068  break;
1069  #endif
1070  #ifdef POLARSSL_SHA2_C
1071  case SIG_RSA_SHA224:
1072  sha2( message_str, msg_len, hash_result, 1 );
1073  break;
1074  case SIG_RSA_SHA256:
1075  sha2( message_str, msg_len, hash_result, 0 );
1076  break;
1077  #endif
1078  #ifdef POLARSSL_SHA4_C
1079  case SIG_RSA_SHA384:
1080  sha4( message_str, msg_len, hash_result, 1 );
1081  break;
1082  case SIG_RSA_SHA512:
1083  sha4( message_str, msg_len, hash_result, 0 );
1084  break;
1085  #endif
1086  }
1087 
1088  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA256, 0, hash_result, result_str ) == 0 );
1089 
1090  rsa_free( &ctx );
1091  }
1092  FCT_TEST_END();
1093 #endif /* POLARSSL_SHA2_C */
1094 
1095 #ifdef POLARSSL_SHA4_C
1096 
1097  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_13)
1098  {
1099  unsigned char message_str[1000];
1100  unsigned char hash_result[1000];
1101  unsigned char result_str[1000];
1102  rsa_context ctx;
1103  int msg_len;
1104 
1105  rsa_init( &ctx, RSA_PKCS_V15, 0 );
1106  memset( message_str, 0x00, 1000 );
1107  memset( hash_result, 0x00, 1000 );
1108  memset( result_str, 0x00, 1000 );
1109 
1110  ctx.len = 1024 / 8;
1111  fct_chk( mpi_read_string( &ctx.N, 16, "e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5" ) == 0 );
1112  fct_chk( mpi_read_string( &ctx.E, 16, "10001" ) == 0 );
1113 
1114  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
1115 
1116  msg_len = unhexify( message_str, "a97824871770b79da979a111f6decfb1dd11bd946cfa800b008f0ad5aea5aa92e205d27a46c31d4fe6cb909091bd21f082fb75074000ee46c2f3e530d77b34c7c5d6f8453025950d3e0afae1f9752655f5bbea8432e9f1014357ff11b08076179a101e4f9d3f25bffb5e656bf6afe6c97d7aa4740b5d9224cde4dede035a7768" );
1117  unhexify( result_str, "d5dcd27c74e040ea86f106b63d3275fa7b7e98d2dd701f38ec15fc7301b72df127f6d3bd5571253a0b9e0e719d7d522893896941a1aeccc697912282b5308d829b91905b5dd7b7e1b8fe27e2bd4003b09dfe7fe295f8a43c076c0cb52f2aac067e87de7ffe3a275d21a870c3dfc9b1d06d7f018667de9eb187bdf53d282e5d8b" );
1118 
1119  switch( SIG_RSA_SHA384 )
1120  {
1121  #ifdef POLARSSL_MD2_C
1122  case SIG_RSA_MD2:
1123  md2( message_str, msg_len, hash_result );
1124  break;
1125  #endif
1126  #ifdef POLARSSL_MD4_C
1127  case SIG_RSA_MD4:
1128  md4( message_str, msg_len, hash_result );
1129  break;
1130  #endif
1131  #ifdef POLARSSL_MD5_C
1132  case SIG_RSA_MD5:
1133  md5( message_str, msg_len, hash_result );
1134  break;
1135  #endif
1136  #ifdef POLARSSL_SHA1_C
1137  case SIG_RSA_SHA1:
1138  sha1( message_str, msg_len, hash_result );
1139  break;
1140  #endif
1141  #ifdef POLARSSL_SHA2_C
1142  case SIG_RSA_SHA224:
1143  sha2( message_str, msg_len, hash_result, 1 );
1144  break;
1145  case SIG_RSA_SHA256:
1146  sha2( message_str, msg_len, hash_result, 0 );
1147  break;
1148  #endif
1149  #ifdef POLARSSL_SHA4_C
1150  case SIG_RSA_SHA384:
1151  sha4( message_str, msg_len, hash_result, 1 );
1152  break;
1153  case SIG_RSA_SHA512:
1154  sha4( message_str, msg_len, hash_result, 0 );
1155  break;
1156  #endif
1157  }
1158 
1159  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA384, 0, hash_result, result_str ) == 0 );
1160 
1161  rsa_free( &ctx );
1162  }
1163  FCT_TEST_END();
1164 #endif /* POLARSSL_SHA4_C */
1165 
1166 #ifdef POLARSSL_SHA4_C
1167 
1168  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_14)
1169  {
1170  unsigned char message_str[1000];
1171  unsigned char hash_result[1000];
1172  unsigned char result_str[1000];
1173  rsa_context ctx;
1174  int msg_len;
1175 
1176  rsa_init( &ctx, RSA_PKCS_V15, 0 );
1177  memset( message_str, 0x00, 1000 );
1178  memset( hash_result, 0x00, 1000 );
1179  memset( result_str, 0x00, 1000 );
1180 
1181  ctx.len = 1024 / 8;
1182  fct_chk( mpi_read_string( &ctx.N, 16, "e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5" ) == 0 );
1183  fct_chk( mpi_read_string( &ctx.E, 16, "10001" ) == 0 );
1184 
1185  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
1186 
1187  msg_len = unhexify( message_str, "4ce61930c79dc017c2dea0c5085d73a3b0e4a6f341e9a5061a6658af11e5edf95bdad915ac3619969e39bee15788a8de667f92f4efc84f35082d52d562aa74e12cc7f22d3425b58f5056d74afcf162cd44e65b9ee510ff91af094c3d2d42c3b088536d62a98f1c689edcf3ea3fc228d711c109d76ae83d82d6a34dcfbad563cf" );
1188  unhexify( result_str, "27280b92eab5cbf0d787ff6fa6b0151d6610adfd25116113f2f186f3f8d39736d91ae510ec2bd96f2de135aefda79178138696dcc6d302e4a79ddabbe16e39ab96075776afce863e84a2e6013cb457e4047e22d43f67bf64ae5e1d844a7c12ac696efbb3cda7c0e0aca71f8a7ada9a0547bfaefe1ba2e04058c672c803720dd9" );
1189 
1190  switch( SIG_RSA_SHA512 )
1191  {
1192  #ifdef POLARSSL_MD2_C
1193  case SIG_RSA_MD2:
1194  md2( message_str, msg_len, hash_result );
1195  break;
1196  #endif
1197  #ifdef POLARSSL_MD4_C
1198  case SIG_RSA_MD4:
1199  md4( message_str, msg_len, hash_result );
1200  break;
1201  #endif
1202  #ifdef POLARSSL_MD5_C
1203  case SIG_RSA_MD5:
1204  md5( message_str, msg_len, hash_result );
1205  break;
1206  #endif
1207  #ifdef POLARSSL_SHA1_C
1208  case SIG_RSA_SHA1:
1209  sha1( message_str, msg_len, hash_result );
1210  break;
1211  #endif
1212  #ifdef POLARSSL_SHA2_C
1213  case SIG_RSA_SHA224:
1214  sha2( message_str, msg_len, hash_result, 1 );
1215  break;
1216  case SIG_RSA_SHA256:
1217  sha2( message_str, msg_len, hash_result, 0 );
1218  break;
1219  #endif
1220  #ifdef POLARSSL_SHA4_C
1221  case SIG_RSA_SHA384:
1222  sha4( message_str, msg_len, hash_result, 1 );
1223  break;
1224  case SIG_RSA_SHA512:
1225  sha4( message_str, msg_len, hash_result, 0 );
1226  break;
1227  #endif
1228  }
1229 
1230  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA512, 0, hash_result, result_str ) == 0 );
1231 
1232  rsa_free( &ctx );
1233  }
1234  FCT_TEST_END();
1235 #endif /* POLARSSL_SHA4_C */
1236 
1237 #ifdef POLARSSL_SHA1_C
1238 
1239  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_15)
1240  {
1241  unsigned char message_str[1000];
1242  unsigned char hash_result[1000];
1243  unsigned char result_str[1000];
1244  rsa_context ctx;
1245  int msg_len;
1246 
1247  rsa_init( &ctx, RSA_PKCS_V15, 0 );
1248  memset( message_str, 0x00, 1000 );
1249  memset( hash_result, 0x00, 1000 );
1250  memset( result_str, 0x00, 1000 );
1251 
1252  ctx.len = 1536 / 8;
1253  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
1254  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
1255 
1256  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
1257 
1258  msg_len = unhexify( message_str, "224ecd3b630581da948216366c741015a9723c5ea43de67e28454d0a846f54a6df167a25cc500cf21f729aaefed6a71a3bdba438e12e20ad0c48396afe38568b70a3187f26098d6ac649a7c7ea68ed52748e7125225102216236a28f67753b077cfd8d9198b86b0b331027cb59b24b85fd92896e8f2ff5a1d11872c2e6af6ae2" );
1259  unhexify( result_str, "1f7938b20a9cd8bb8ca26bad9e79ea92373174203f3ab212a06de34a9a3e14e102d19a8878c28a2fc8083a97c06b19c1ae62678289d5d071a904aed1d364655d9e2d16480a6fd18f4c8edf204844a34d573b1b988b82d495caefd9298c1635083e196a11f4a7df6a7e3cc4db7b9642e7682d22ec7038c3bad791e1365fe8836976092460e6df749dc032baf1e026684f55936beb9369845c53c3d217941c1f8d8f54a32333a4c049c3f2d527125778032f5d390040d1d4cce83dc353ce250152" );
1260 
1261  switch( SIG_RSA_SHA1 )
1262  {
1263  #ifdef POLARSSL_MD2_C
1264  case SIG_RSA_MD2:
1265  md2( message_str, msg_len, hash_result );
1266  break;
1267  #endif
1268  #ifdef POLARSSL_MD4_C
1269  case SIG_RSA_MD4:
1270  md4( message_str, msg_len, hash_result );
1271  break;
1272  #endif
1273  #ifdef POLARSSL_MD5_C
1274  case SIG_RSA_MD5:
1275  md5( message_str, msg_len, hash_result );
1276  break;
1277  #endif
1278  #ifdef POLARSSL_SHA1_C
1279  case SIG_RSA_SHA1:
1280  sha1( message_str, msg_len, hash_result );
1281  break;
1282  #endif
1283  #ifdef POLARSSL_SHA2_C
1284  case SIG_RSA_SHA224:
1285  sha2( message_str, msg_len, hash_result, 1 );
1286  break;
1287  case SIG_RSA_SHA256:
1288  sha2( message_str, msg_len, hash_result, 0 );
1289  break;
1290  #endif
1291  #ifdef POLARSSL_SHA4_C
1292  case SIG_RSA_SHA384:
1293  sha4( message_str, msg_len, hash_result, 1 );
1294  break;
1295  case SIG_RSA_SHA512:
1296  sha4( message_str, msg_len, hash_result, 0 );
1297  break;
1298  #endif
1299  }
1300 
1301  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 );
1302 
1303  rsa_free( &ctx );
1304  }
1305  FCT_TEST_END();
1306 #endif /* POLARSSL_SHA1_C */
1307 
1308 #ifdef POLARSSL_SHA2_C
1309 
1310  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_16)
1311  {
1312  unsigned char message_str[1000];
1313  unsigned char hash_result[1000];
1314  unsigned char result_str[1000];
1315  rsa_context ctx;
1316  int msg_len;
1317 
1318  rsa_init( &ctx, RSA_PKCS_V15, 0 );
1319  memset( message_str, 0x00, 1000 );
1320  memset( hash_result, 0x00, 1000 );
1321  memset( result_str, 0x00, 1000 );
1322 
1323  ctx.len = 1536 / 8;
1324  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
1325  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
1326 
1327  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
1328 
1329  msg_len = unhexify( message_str, "6ecc722d233dad1aca45e6bc3e1a0b99fb1f89c0ec63bc657e6aaacbf931f267106cff42b712819f341b1ede798964a0b1a5032c198b391111e88d0d7303c02e23fa0137e74e604579a285b2dbc0a23aebdda65c371eb403125bd366e822e72dceffe0d55dfa3155c16283020dc9abb0d150da1aef251484aa49e49e00974dac" );
1330  unhexify( result_str, "339dce3a1937669d9fb14c4f652378861fd5adc4da88eaf833b16020b55a24ddc83b7ae3395a9a49b426bb9a4170cb765b02652faa9594b457aeefdae4f802e93d8e65c687ddc723701465a5ef19249ed5d2617b5121c58557b34eb99a663bbcf4453a6e1db5d88723de449fcf58ca8ef514daf08cfdc71be155bb3d0724df0c0a6fd5aa7737433cc376640b9b8b4c7ddd09776bae0245729cddb56e36f28edad6aecaed0821ec8d843a96348e722bf0a84cf060a793a2179f054138f907d0c3" );
1331 
1332  switch( SIG_RSA_SHA224 )
1333  {
1334  #ifdef POLARSSL_MD2_C
1335  case SIG_RSA_MD2:
1336  md2( message_str, msg_len, hash_result );
1337  break;
1338  #endif
1339  #ifdef POLARSSL_MD4_C
1340  case SIG_RSA_MD4:
1341  md4( message_str, msg_len, hash_result );
1342  break;
1343  #endif
1344  #ifdef POLARSSL_MD5_C
1345  case SIG_RSA_MD5:
1346  md5( message_str, msg_len, hash_result );
1347  break;
1348  #endif
1349  #ifdef POLARSSL_SHA1_C
1350  case SIG_RSA_SHA1:
1351  sha1( message_str, msg_len, hash_result );
1352  break;
1353  #endif
1354  #ifdef POLARSSL_SHA2_C
1355  case SIG_RSA_SHA224:
1356  sha2( message_str, msg_len, hash_result, 1 );
1357  break;
1358  case SIG_RSA_SHA256:
1359  sha2( message_str, msg_len, hash_result, 0 );
1360  break;
1361  #endif
1362  #ifdef POLARSSL_SHA4_C
1363  case SIG_RSA_SHA384:
1364  sha4( message_str, msg_len, hash_result, 1 );
1365  break;
1366  case SIG_RSA_SHA512:
1367  sha4( message_str, msg_len, hash_result, 0 );
1368  break;
1369  #endif
1370  }
1371 
1372  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA224, 0, hash_result, result_str ) == 0 );
1373 
1374  rsa_free( &ctx );
1375  }
1376  FCT_TEST_END();
1377 #endif /* POLARSSL_SHA2_C */
1378 
1379 #ifdef POLARSSL_SHA2_C
1380 
1381  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_17)
1382  {
1383  unsigned char message_str[1000];
1384  unsigned char hash_result[1000];
1385  unsigned char result_str[1000];
1386  rsa_context ctx;
1387  int msg_len;
1388 
1389  rsa_init( &ctx, RSA_PKCS_V15, 0 );
1390  memset( message_str, 0x00, 1000 );
1391  memset( hash_result, 0x00, 1000 );
1392  memset( result_str, 0x00, 1000 );
1393 
1394  ctx.len = 1536 / 8;
1395  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
1396  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
1397 
1398  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
1399 
1400  msg_len = unhexify( message_str, "72f0b1ae27e1f5e5bfa15ded204c2c54b47b2420750a3eb5471f9ff98b67c8b5f1a30d3f8d6448562e12ce4deb33a26cfeeae993d6be9e20679d8713c5216870f11276e5f22b0ead2821a7b4dee106fc1e19b13fc9fba5d6e73e4bd93b65a9881a43d5e97ebfb0b357d5d06b21ddbecdbb10626d7748bb9e6e07d49316bbf3c4" );
1401  unhexify( result_str, "8117a6897e14c183737661cf5741350a84ae00495cd9ee8fb033582e559f79701ab424706660515ee5821a69a6850647ec641676a625d1a3899932aaa52161fbc0c0a825db82fde0585b3c9b9c16de43e26da6a30fe5a601dae68bded1e29ec34557b5f6962efb10b9450d6f096655f68e8499cfa16a0adeb9075e7b91851fef84243132d08273d35d01ad89c17e1e6e4deaf1cb233050b275fa9d2cae57e9e1a0e23139267040aa39b6abd8f10fa1cec38ce2183573ddc11626fc262e1a0ced" );
1402 
1403  switch( SIG_RSA_SHA256 )
1404  {
1405  #ifdef POLARSSL_MD2_C
1406  case SIG_RSA_MD2:
1407  md2( message_str, msg_len, hash_result );
1408  break;
1409  #endif
1410  #ifdef POLARSSL_MD4_C
1411  case SIG_RSA_MD4:
1412  md4( message_str, msg_len, hash_result );
1413  break;
1414  #endif
1415  #ifdef POLARSSL_MD5_C
1416  case SIG_RSA_MD5:
1417  md5( message_str, msg_len, hash_result );
1418  break;
1419  #endif
1420  #ifdef POLARSSL_SHA1_C
1421  case SIG_RSA_SHA1:
1422  sha1( message_str, msg_len, hash_result );
1423  break;
1424  #endif
1425  #ifdef POLARSSL_SHA2_C
1426  case SIG_RSA_SHA224:
1427  sha2( message_str, msg_len, hash_result, 1 );
1428  break;
1429  case SIG_RSA_SHA256:
1430  sha2( message_str, msg_len, hash_result, 0 );
1431  break;
1432  #endif
1433  #ifdef POLARSSL_SHA4_C
1434  case SIG_RSA_SHA384:
1435  sha4( message_str, msg_len, hash_result, 1 );
1436  break;
1437  case SIG_RSA_SHA512:
1438  sha4( message_str, msg_len, hash_result, 0 );
1439  break;
1440  #endif
1441  }
1442 
1443  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA256, 0, hash_result, result_str ) == 0 );
1444 
1445  rsa_free( &ctx );
1446  }
1447  FCT_TEST_END();
1448 #endif /* POLARSSL_SHA2_C */
1449 
1450 #ifdef POLARSSL_SHA4_C
1451 
1452  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_18)
1453  {
1454  unsigned char message_str[1000];
1455  unsigned char hash_result[1000];
1456  unsigned char result_str[1000];
1457  rsa_context ctx;
1458  int msg_len;
1459 
1460  rsa_init( &ctx, RSA_PKCS_V15, 0 );
1461  memset( message_str, 0x00, 1000 );
1462  memset( hash_result, 0x00, 1000 );
1463  memset( result_str, 0x00, 1000 );
1464 
1465  ctx.len = 1536 / 8;
1466  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
1467  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
1468 
1469  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
1470 
1471  msg_len = unhexify( message_str, "f80c94a2b53736978adf041886ad97ab2aeb9e91c08bd4eeef6b2f2b8dd75a99b4506657188bbd7597bd5759121630627c8bf9cc30d90dd488c7a81cabab5350a62fa30abf5523f305b98f2c2c1743ec980cf26ab8219bfd9505b981ab1abbfef733b384519d5259fc5c14577cb6b88fa7f6f332ff6a65b23faecc24342c78e9" );
1472  unhexify( result_str, "6b49553ed964ae196a41ea281f4d2a250ce7d1e7434e45cf6a82f7bed17554f39c3f0241e0364702fcb87475eb0c0839ffd2180890fa05b4bbf31bbfa4bf5119dea0c9f88e1e9617fcdadabc6fa1945136cc66e039b905d78ed365c5806d38aec88b3edfb86c05ff446dbfd51d7cd75cbf8d3b85154c783765386f51637532221f52429db5612dcc034968bb8feab7dc6f5ed1f2feb557f6dd49c980296117be2c4195ec7b6101ea767df9d16a56fc9709b49308a54dab63dbc4d609f959ce17" );
1473 
1474  switch( SIG_RSA_SHA384 )
1475  {
1476  #ifdef POLARSSL_MD2_C
1477  case SIG_RSA_MD2:
1478  md2( message_str, msg_len, hash_result );
1479  break;
1480  #endif
1481  #ifdef POLARSSL_MD4_C
1482  case SIG_RSA_MD4:
1483  md4( message_str, msg_len, hash_result );
1484  break;
1485  #endif
1486  #ifdef POLARSSL_MD5_C
1487  case SIG_RSA_MD5:
1488  md5( message_str, msg_len, hash_result );
1489  break;
1490  #endif
1491  #ifdef POLARSSL_SHA1_C
1492  case SIG_RSA_SHA1:
1493  sha1( message_str, msg_len, hash_result );
1494  break;
1495  #endif
1496  #ifdef POLARSSL_SHA2_C
1497  case SIG_RSA_SHA224:
1498  sha2( message_str, msg_len, hash_result, 1 );
1499  break;
1500  case SIG_RSA_SHA256:
1501  sha2( message_str, msg_len, hash_result, 0 );
1502  break;
1503  #endif
1504  #ifdef POLARSSL_SHA4_C
1505  case SIG_RSA_SHA384:
1506  sha4( message_str, msg_len, hash_result, 1 );
1507  break;
1508  case SIG_RSA_SHA512:
1509  sha4( message_str, msg_len, hash_result, 0 );
1510  break;
1511  #endif
1512  }
1513 
1514  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA384, 0, hash_result, result_str ) == 0 );
1515 
1516  rsa_free( &ctx );
1517  }
1518  FCT_TEST_END();
1519 #endif /* POLARSSL_SHA4_C */
1520 
1521 #ifdef POLARSSL_SHA4_C
1522 
1523  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_19)
1524  {
1525  unsigned char message_str[1000];
1526  unsigned char hash_result[1000];
1527  unsigned char result_str[1000];
1528  rsa_context ctx;
1529  int msg_len;
1530 
1531  rsa_init( &ctx, RSA_PKCS_V15, 0 );
1532  memset( message_str, 0x00, 1000 );
1533  memset( hash_result, 0x00, 1000 );
1534  memset( result_str, 0x00, 1000 );
1535 
1536  ctx.len = 1536 / 8;
1537  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
1538  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
1539 
1540  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
1541 
1542  msg_len = unhexify( message_str, "4eb97094bb42aaa58b040bd06a8f324396b9eca9e39359b7039c4a010434ee131a53aebd9f7a55ae58ea7444fa1505a3ec524e054fd408513cddc1ee4c2f7fd95ec4a6f594be1ba39fa1aa933dc0a5dafff5ce44509577ebb3a3e8084c44010aa27321e5a3f646ade99175633b795c0f570b360eeebeefaef15788f80b5cbecd" );
1543  unhexify( result_str, "2b8b794a8621d492eec18a4efd239e0e077c89340a34b0fdbf467f2bf3112c7f33d00ee736f2988af8569c1a74891efbefa839e295fffdf4d908c1ede61a861a4d24b154a09d1b3f923fd2bb7906994cf82a97da285bf48e61f90cc3596f9350ab9b66a216ffca323195bb213f5a77fe8c697475595a1857dbee58128cbf1be7cb220229ce52766fefd88cc129ad5cbbdcd31fb4eede6c4fdd3193a9aaaa54362bcea4082981d9b7c40483814828f3297d95ad933c76f31c47e37a93ffaf0d4a" );
1544 
1545  switch( SIG_RSA_SHA512 )
1546  {
1547  #ifdef POLARSSL_MD2_C
1548  case SIG_RSA_MD2:
1549  md2( message_str, msg_len, hash_result );
1550  break;
1551  #endif
1552  #ifdef POLARSSL_MD4_C
1553  case SIG_RSA_MD4:
1554  md4( message_str, msg_len, hash_result );
1555  break;
1556  #endif
1557  #ifdef POLARSSL_MD5_C
1558  case SIG_RSA_MD5:
1559  md5( message_str, msg_len, hash_result );
1560  break;
1561  #endif
1562  #ifdef POLARSSL_SHA1_C
1563  case SIG_RSA_SHA1:
1564  sha1( message_str, msg_len, hash_result );
1565  break;
1566  #endif
1567  #ifdef POLARSSL_SHA2_C
1568  case SIG_RSA_SHA224:
1569  sha2( message_str, msg_len, hash_result, 1 );
1570  break;
1571  case SIG_RSA_SHA256:
1572  sha2( message_str, msg_len, hash_result, 0 );
1573  break;
1574  #endif
1575  #ifdef POLARSSL_SHA4_C
1576  case SIG_RSA_SHA384:
1577  sha4( message_str, msg_len, hash_result, 1 );
1578  break;
1579  case SIG_RSA_SHA512:
1580  sha4( message_str, msg_len, hash_result, 0 );
1581  break;
1582  #endif
1583  }
1584 
1585  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA512, 0, hash_result, result_str ) == 0 );
1586 
1587  rsa_free( &ctx );
1588  }
1589  FCT_TEST_END();
1590 #endif /* POLARSSL_SHA4_C */
1591 
1592 #ifdef POLARSSL_SHA1_C
1593 
1594  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_20)
1595  {
1596  unsigned char message_str[1000];
1597  unsigned char hash_result[1000];
1598  unsigned char result_str[1000];
1599  rsa_context ctx;
1600  int msg_len;
1601 
1602  rsa_init( &ctx, RSA_PKCS_V15, 0 );
1603  memset( message_str, 0x00, 1000 );
1604  memset( hash_result, 0x00, 1000 );
1605  memset( result_str, 0x00, 1000 );
1606 
1607  ctx.len = 1536 / 8;
1608  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
1609  fct_chk( mpi_read_string( &ctx.E, 16, "10001" ) == 0 );
1610 
1611  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
1612 
1613  msg_len = unhexify( message_str, "a3edb0f52c6166d7b76e71634761f402337c3e9667549d00cd7877e6055396b35c54c4dffc4c987060178fc10b7e5e827a5c870057002ba6efd31fc4e63a429029be0d6b256b6b653775cb026322743f48e319d053c4aeac34077acb8e0c6c2ef375b2210f8788bd23d24eb0b614de41875b1c8ec56acf18825eaf826691be96" );
1614  unhexify( result_str, "180630d2f4dc91ddb1159978e278cda7ac4b178e82477f9770c4d2e1c5017d2f222348658044c1be4cda24ce3c9ba3d423536a39bf60324c1b30eabdad700b0982e58072f7e18216e7e4c07e17674ec3eabcfbafce317d2f539f129902d80031ca201a8b325629a96ca4a70b51294c2fddd1d0aca1537d7d8b780e1e62d34be2f98104d876a4990396c8628e6498d9651f468bdf1139664eabe9166efbe909bf87d7305d5f60f1acc3599ed339fcf4e009fbad4059af1a50264cb0a4ec1d23f3" );
1615 
1616  switch( SIG_RSA_SHA1 )
1617  {
1618  #ifdef POLARSSL_MD2_C
1619  case SIG_RSA_MD2:
1620  md2( message_str, msg_len, hash_result );
1621  break;
1622  #endif
1623  #ifdef POLARSSL_MD4_C
1624  case SIG_RSA_MD4:
1625  md4( message_str, msg_len, hash_result );
1626  break;
1627  #endif
1628  #ifdef POLARSSL_MD5_C
1629  case SIG_RSA_MD5:
1630  md5( message_str, msg_len, hash_result );
1631  break;
1632  #endif
1633  #ifdef POLARSSL_SHA1_C
1634  case SIG_RSA_SHA1:
1635  sha1( message_str, msg_len, hash_result );
1636  break;
1637  #endif
1638  #ifdef POLARSSL_SHA2_C
1639  case SIG_RSA_SHA224:
1640  sha2( message_str, msg_len, hash_result, 1 );
1641  break;
1642  case SIG_RSA_SHA256:
1643  sha2( message_str, msg_len, hash_result, 0 );
1644  break;
1645  #endif
1646  #ifdef POLARSSL_SHA4_C
1647  case SIG_RSA_SHA384:
1648  sha4( message_str, msg_len, hash_result, 1 );
1649  break;
1650  case SIG_RSA_SHA512:
1651  sha4( message_str, msg_len, hash_result, 0 );
1652  break;
1653  #endif
1654  }
1655 
1656  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 );
1657 
1658  rsa_free( &ctx );
1659  }
1660  FCT_TEST_END();
1661 #endif /* POLARSSL_SHA1_C */
1662 
1663 #ifdef POLARSSL_SHA1_C
1664 
1665  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_21)
1666  {
1667  unsigned char message_str[1000];
1668  unsigned char hash_result[1000];
1669  unsigned char result_str[1000];
1670  rsa_context ctx;
1671  int msg_len;
1672 
1673  rsa_init( &ctx, RSA_PKCS_V15, 0 );
1674  memset( message_str, 0x00, 1000 );
1675  memset( hash_result, 0x00, 1000 );
1676  memset( result_str, 0x00, 1000 );
1677 
1678  ctx.len = 1536 / 8;
1679  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
1680  fct_chk( mpi_read_string( &ctx.E, 16, "10001" ) == 0 );
1681 
1682  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
1683 
1684  msg_len = unhexify( message_str, "ac58fd024208d7f045d81a56cd55aad40ab86b0d216ab55136c7027aca23ea13480a52c0dacce0d98139b25965aa4ff76a41dd92037195d24bc0750d52cb3467b48b7b3e71d852c5f82bd9ee85a8388ead5cd8bc38c3d4792e8daa9734a137d31963e245ad3217fad235f7dfd5584de0fe91c4526568588e08b60bdf1badd99f" );
1685  unhexify( result_str, "a142b0d9456f8f4772675265a08613a66c416bd1ae712975c69d9ca5fb8c1be9c24359a04fd15460bf6136a8a11f13e3ce2de2171524f10cb715f0d71e3db15281ab99eadbe86cf8c5c518162c638ef27a4f7bfb4a1a3873f3c384a5b1c3b4966c837b9d8d192ac34e03943b7ae191355aa1ff3b9cd041bb2668f1f81cf0d015b3d3608cd9ac79398212c0f132f1bd45d47768b999fcf3c05fe2069593ceecedc851a7fc465abcfef0fabba9b9460153f6ba8723a5c6e766c83a446aef3ee327" );
1686 
1687  switch( SIG_RSA_SHA1 )
1688  {
1689  #ifdef POLARSSL_MD2_C
1690  case SIG_RSA_MD2:
1691  md2( message_str, msg_len, hash_result );
1692  break;
1693  #endif
1694  #ifdef POLARSSL_MD4_C
1695  case SIG_RSA_MD4:
1696  md4( message_str, msg_len, hash_result );
1697  break;
1698  #endif
1699  #ifdef POLARSSL_MD5_C
1700  case SIG_RSA_MD5:
1701  md5( message_str, msg_len, hash_result );
1702  break;
1703  #endif
1704  #ifdef POLARSSL_SHA1_C
1705  case SIG_RSA_SHA1:
1706  sha1( message_str, msg_len, hash_result );
1707  break;
1708  #endif
1709  #ifdef POLARSSL_SHA2_C
1710  case SIG_RSA_SHA224:
1711  sha2( message_str, msg_len, hash_result, 1 );
1712  break;
1713  case SIG_RSA_SHA256:
1714  sha2( message_str, msg_len, hash_result, 0 );
1715  break;
1716  #endif
1717  #ifdef POLARSSL_SHA4_C
1718  case SIG_RSA_SHA384:
1719  sha4( message_str, msg_len, hash_result, 1 );
1720  break;
1721  case SIG_RSA_SHA512:
1722  sha4( message_str, msg_len, hash_result, 0 );
1723  break;
1724  #endif
1725  }
1726 
1727  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == POLARSSL_ERR_RSA_INVALID_PADDING );
1728 
1729  rsa_free( &ctx );
1730  }
1731  FCT_TEST_END();
1732 #endif /* POLARSSL_SHA1_C */
1733 
1734 #ifdef POLARSSL_SHA2_C
1735 
1736  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_22)
1737  {
1738  unsigned char message_str[1000];
1739  unsigned char hash_result[1000];
1740  unsigned char result_str[1000];
1741  rsa_context ctx;
1742  int msg_len;
1743 
1744  rsa_init( &ctx, RSA_PKCS_V15, 0 );
1745  memset( message_str, 0x00, 1000 );
1746  memset( hash_result, 0x00, 1000 );
1747  memset( result_str, 0x00, 1000 );
1748 
1749  ctx.len = 1536 / 8;
1750  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
1751  fct_chk( mpi_read_string( &ctx.E, 16, "10001" ) == 0 );
1752 
1753  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
1754 
1755  msg_len = unhexify( message_str, "027f767928a5821e2723d6f36c43e6b498b6f0b381852571794a096bd49f1c36a4d7bacec7ec402c24b970163169173bb930ec7fdc39bc9457dfc4ca051f5f28a64de1bbe007c22e8368ff9b117dbda17efd2fb73434bbbf5a4158df56813b8c904bb2e779de504dcd974a291568210d6f85810291606a1c0cd88d51ceadf98a" );
1756  unhexify( result_str, "0676e64daaa18f4af46e9dfbe234db389b8a527b0fe1db97eb7f404e3155226cba70d318800f83160fa1aa19916e5c09f079331079f18cb8ab1a4b884cb28501824974f683ed2b9babae9f8c15bea30802805c6b2152119764811bbf5f3994d2e97fa2fe8c5ab15a23c14d7ae56be00eaa8bc26678481ff5ba59b0acfb0e43341bff9fc638e5625480a73dbc5d8d13bd2b9e64037c6b79df0c60869980c6a22ec46f80fb859cb4ee5d2032ac1fe538cfd85c70a7f33b4af50a93395917c2cfb6" );
1757 
1758  switch( SIG_RSA_SHA224 )
1759  {
1760  #ifdef POLARSSL_MD2_C
1761  case SIG_RSA_MD2:
1762  md2( message_str, msg_len, hash_result );
1763  break;
1764  #endif
1765  #ifdef POLARSSL_MD4_C
1766  case SIG_RSA_MD4:
1767  md4( message_str, msg_len, hash_result );
1768  break;
1769  #endif
1770  #ifdef POLARSSL_MD5_C
1771  case SIG_RSA_MD5:
1772  md5( message_str, msg_len, hash_result );
1773  break;
1774  #endif
1775  #ifdef POLARSSL_SHA1_C
1776  case SIG_RSA_SHA1:
1777  sha1( message_str, msg_len, hash_result );
1778  break;
1779  #endif
1780  #ifdef POLARSSL_SHA2_C
1781  case SIG_RSA_SHA224:
1782  sha2( message_str, msg_len, hash_result, 1 );
1783  break;
1784  case SIG_RSA_SHA256:
1785  sha2( message_str, msg_len, hash_result, 0 );
1786  break;
1787  #endif
1788  #ifdef POLARSSL_SHA4_C
1789  case SIG_RSA_SHA384:
1790  sha4( message_str, msg_len, hash_result, 1 );
1791  break;
1792  case SIG_RSA_SHA512:
1793  sha4( message_str, msg_len, hash_result, 0 );
1794  break;
1795  #endif
1796  }
1797 
1798  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA224, 0, hash_result, result_str ) == POLARSSL_ERR_RSA_INVALID_PADDING );
1799 
1800  rsa_free( &ctx );
1801  }
1802  FCT_TEST_END();
1803 #endif /* POLARSSL_SHA2_C */
1804 
1805 #ifdef POLARSSL_SHA2_C
1806 
1807  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_23)
1808  {
1809  unsigned char message_str[1000];
1810  unsigned char hash_result[1000];
1811  unsigned char result_str[1000];
1812  rsa_context ctx;
1813  int msg_len;
1814 
1815  rsa_init( &ctx, RSA_PKCS_V15, 0 );
1816  memset( message_str, 0x00, 1000 );
1817  memset( hash_result, 0x00, 1000 );
1818  memset( result_str, 0x00, 1000 );
1819 
1820  ctx.len = 1536 / 8;
1821  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
1822  fct_chk( mpi_read_string( &ctx.E, 16, "10001" ) == 0 );
1823 
1824  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
1825 
1826  msg_len = unhexify( message_str, "06dcd9d4c056b6a45b9ed2ae5f6c1cfa43aae06fe01ee098264aa7a80e901abbcf9a505e55f9a352ef0c078d48249b8298e57ea21bf0e423c3bf69002acfa541ca05007c704bc79cee7a80e1107c7b28d2b2aa6dd093b28efe9642519952a4a95ee49235f9924a0ac0aee5b2a1bce47459d70cd6e75074614199dca44561407c" );
1827  unhexify( result_str, "5e08f399258e6de075b67a0a6a822ceb21b1eb7a0342eca6a4295739f644547dee3456243cf32bd6ea6f357c88632508457130f3dae04f7806efaed43d1d501e16c961dfbd6c71a42b480e95c7027f8275063d05a9aac3eef0520867b9896ebe8ec358f7d121beb4e61ddfdc3dcd835dfe265f2ba68d300ef566ed1284f9f3d7b1af363ed47bfa2e5f0492925444df7e5fcb1e79e690c746117650b543a5e82c39553552f0f44e617b5cf773c533050f4129e893ac22af69b1eb9afb4b5ba5f5" );
1828 
1829  switch( SIG_RSA_SHA224 )
1830  {
1831  #ifdef POLARSSL_MD2_C
1832  case SIG_RSA_MD2:
1833  md2( message_str, msg_len, hash_result );
1834  break;
1835  #endif
1836  #ifdef POLARSSL_MD4_C
1837  case SIG_RSA_MD4:
1838  md4( message_str, msg_len, hash_result );
1839  break;
1840  #endif
1841  #ifdef POLARSSL_MD5_C
1842  case SIG_RSA_MD5:
1843  md5( message_str, msg_len, hash_result );
1844  break;
1845  #endif
1846  #ifdef POLARSSL_SHA1_C
1847  case SIG_RSA_SHA1:
1848  sha1( message_str, msg_len, hash_result );
1849  break;
1850  #endif
1851  #ifdef POLARSSL_SHA2_C
1852  case SIG_RSA_SHA224:
1853  sha2( message_str, msg_len, hash_result, 1 );
1854  break;
1855  case SIG_RSA_SHA256:
1856  sha2( message_str, msg_len, hash_result, 0 );
1857  break;
1858  #endif
1859  #ifdef POLARSSL_SHA4_C
1860  case SIG_RSA_SHA384:
1861  sha4( message_str, msg_len, hash_result, 1 );
1862  break;
1863  case SIG_RSA_SHA512:
1864  sha4( message_str, msg_len, hash_result, 0 );
1865  break;
1866  #endif
1867  }
1868 
1869  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA224, 0, hash_result, result_str ) == 0 );
1870 
1871  rsa_free( &ctx );
1872  }
1873  FCT_TEST_END();
1874 #endif /* POLARSSL_SHA2_C */
1875 
1876 #ifdef POLARSSL_SHA2_C
1877 
1878  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_24)
1879  {
1880  unsigned char message_str[1000];
1881  unsigned char hash_result[1000];
1882  unsigned char result_str[1000];
1883  rsa_context ctx;
1884  int msg_len;
1885 
1886  rsa_init( &ctx, RSA_PKCS_V15, 0 );
1887  memset( message_str, 0x00, 1000 );
1888  memset( hash_result, 0x00, 1000 );
1889  memset( result_str, 0x00, 1000 );
1890 
1891  ctx.len = 1536 / 8;
1892  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
1893  fct_chk( mpi_read_string( &ctx.E, 16, "10001" ) == 0 );
1894 
1895  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
1896 
1897  msg_len = unhexify( message_str, "1240028c6d7ab3992ada0e5ca55ee4f3d62f8de575302d5861d73685423c2e6a6d6fb3be090fbc2a701821b6d8fd5e8233f794b6549cd0bb52b390ac31478307bffa91a9bd9c1bf93ffc846356fef008ebee4bb3ee148e0fb1893d188e4934d0d088a433d14a596c5f2e3e49648a22edc6bdbcc58dc1edbd440046b3a169ca2b" );
1898  unhexify( result_str, "a003ae9cf0704d58763b214f20446ecc4099c566f25384e28d0dd6540c58705fc8d0bfe1ceaa06096ed1e230146edb82056e39e6727abec09f25e44079b6ce1ca2c6a540dec7aa34444d7d435f41e5fca9b0bba62759ae2780638e5160e031bb60409c2e85674ac7a776b444b37b9d7f4dbaa557e88b8562a584f2dbe90729b241aede95dfcc7e05b10deef06255cb89f0e7ccff23354818756a1f8bb9f00fd18f6cd22ca1b4bfc38027562bb37562c77c7883b5d735170d75521195fd3f2bd3" );
1899 
1900  switch( SIG_RSA_SHA256 )
1901  {
1902  #ifdef POLARSSL_MD2_C
1903  case SIG_RSA_MD2:
1904  md2( message_str, msg_len, hash_result );
1905  break;
1906  #endif
1907  #ifdef POLARSSL_MD4_C
1908  case SIG_RSA_MD4:
1909  md4( message_str, msg_len, hash_result );
1910  break;
1911  #endif
1912  #ifdef POLARSSL_MD5_C
1913  case SIG_RSA_MD5:
1914  md5( message_str, msg_len, hash_result );
1915  break;
1916  #endif
1917  #ifdef POLARSSL_SHA1_C
1918  case SIG_RSA_SHA1:
1919  sha1( message_str, msg_len, hash_result );
1920  break;
1921  #endif
1922  #ifdef POLARSSL_SHA2_C
1923  case SIG_RSA_SHA224:
1924  sha2( message_str, msg_len, hash_result, 1 );
1925  break;
1926  case SIG_RSA_SHA256:
1927  sha2( message_str, msg_len, hash_result, 0 );
1928  break;
1929  #endif
1930  #ifdef POLARSSL_SHA4_C
1931  case SIG_RSA_SHA384:
1932  sha4( message_str, msg_len, hash_result, 1 );
1933  break;
1934  case SIG_RSA_SHA512:
1935  sha4( message_str, msg_len, hash_result, 0 );
1936  break;
1937  #endif
1938  }
1939 
1940  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA256, 0, hash_result, result_str ) == 0 );
1941 
1942  rsa_free( &ctx );
1943  }
1944  FCT_TEST_END();
1945 #endif /* POLARSSL_SHA2_C */
1946 
1947 #ifdef POLARSSL_SHA4_C
1948 
1949  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_25)
1950  {
1951  unsigned char message_str[1000];
1952  unsigned char hash_result[1000];
1953  unsigned char result_str[1000];
1954  rsa_context ctx;
1955  int msg_len;
1956 
1957  rsa_init( &ctx, RSA_PKCS_V15, 0 );
1958  memset( message_str, 0x00, 1000 );
1959  memset( hash_result, 0x00, 1000 );
1960  memset( result_str, 0x00, 1000 );
1961 
1962  ctx.len = 1536 / 8;
1963  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
1964  fct_chk( mpi_read_string( &ctx.E, 16, "10001" ) == 0 );
1965 
1966  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
1967 
1968  msg_len = unhexify( message_str, "67922a8b9cbc95cf7c555ff2d73cfc62ee04c3f0df9bfc8f64293a58bd3bebd2eb212d711f94e35c729d0873d6b244914d21bd0e59b23089b38740e43f480e8f407d090ac93b08a57403968b55e78cfe31eee6e4ecbacf834168fe89b6b8454fce6e675e80f82b33e850ae3f3d24fd320335e37981fd000576941b4f08d4ba99" );
1969  unhexify( result_str, "2c6b301852cc55a993a933e2c080eb9dabfe19e9dc3571066caeabed1492d3501cd838de1c01784932df7a5ad5bbfb48c78f53a45f76e9812d046f23bd968495ef7e981e5add4acfc538fe33a5205de74bb37d3d9b6b87b2d174e85a73f216fd67d5738fc469dff7ea6b852e8dd08bc8df036597372d4d51185e6f47a45fbe1b9bdb06a4018783425ec95294de41f27235ad3b3263a890b8b62b17410a9bb08673393ff205a866ee2057e99c6517c6bbc84f8d87717b83d6f64de7ee215e1e8d" );
1970 
1971  switch( SIG_RSA_SHA384 )
1972  {
1973  #ifdef POLARSSL_MD2_C
1974  case SIG_RSA_MD2:
1975  md2( message_str, msg_len, hash_result );
1976  break;
1977  #endif
1978  #ifdef POLARSSL_MD4_C
1979  case SIG_RSA_MD4:
1980  md4( message_str, msg_len, hash_result );
1981  break;
1982  #endif
1983  #ifdef POLARSSL_MD5_C
1984  case SIG_RSA_MD5:
1985  md5( message_str, msg_len, hash_result );
1986  break;
1987  #endif
1988  #ifdef POLARSSL_SHA1_C
1989  case SIG_RSA_SHA1:
1990  sha1( message_str, msg_len, hash_result );
1991  break;
1992  #endif
1993  #ifdef POLARSSL_SHA2_C
1994  case SIG_RSA_SHA224:
1995  sha2( message_str, msg_len, hash_result, 1 );
1996  break;
1997  case SIG_RSA_SHA256:
1998  sha2( message_str, msg_len, hash_result, 0 );
1999  break;
2000  #endif
2001  #ifdef POLARSSL_SHA4_C
2002  case SIG_RSA_SHA384:
2003  sha4( message_str, msg_len, hash_result, 1 );
2004  break;
2005  case SIG_RSA_SHA512:
2006  sha4( message_str, msg_len, hash_result, 0 );
2007  break;
2008  #endif
2009  }
2010 
2011  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA384, 0, hash_result, result_str ) == 0 );
2012 
2013  rsa_free( &ctx );
2014  }
2015  FCT_TEST_END();
2016 #endif /* POLARSSL_SHA4_C */
2017 
2018 #ifdef POLARSSL_SHA4_C
2019 
2020  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_26)
2021  {
2022  unsigned char message_str[1000];
2023  unsigned char hash_result[1000];
2024  unsigned char result_str[1000];
2025  rsa_context ctx;
2026  int msg_len;
2027 
2028  rsa_init( &ctx, RSA_PKCS_V15, 0 );
2029  memset( message_str, 0x00, 1000 );
2030  memset( hash_result, 0x00, 1000 );
2031  memset( result_str, 0x00, 1000 );
2032 
2033  ctx.len = 1536 / 8;
2034  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
2035  fct_chk( mpi_read_string( &ctx.E, 16, "10001" ) == 0 );
2036 
2037  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
2038 
2039  msg_len = unhexify( message_str, "1428b4a449698a994ef84c46a517c3aa6359c48e4264ef65f1f69d77ae26133e17edfc103de416fffb4f2bfe865b434544a418f6e2faca00a165d443f0663ff64080154614f7194057d8b5f1f33934cc9fc2314cf86d4fdad4892bf0d3058f7f37ebe98ef52bfb240b9ad369153afe081bbcf9d7ae43e8ba336b8ac57e8a6da0" );
2040  unhexify( result_str, "8e10a1ae470e6e57a8d234185f78fdb600cc636c41565a9f3694a84ae102f6251984f54d11a7785fdcfdfaf80a821e05d57ef6b8edc03d9076755779322fd53eb98c805da77dc9316744e393c2fecd291a7e6043b1ca89fd8248f661e1d53110211b91edb41b31e848cde1115d8afd9963ebcc36aff5a27085949f0781bc69167c140ecfe71c44aacaf4123e557eaf2b528c6d0ea875b4ceefa942fe338af8df10562c438af04cd7521da912b3e3899cef0d75722161be6abed5e4e9009dbf40" );
2041 
2042  switch( SIG_RSA_SHA512 )
2043  {
2044  #ifdef POLARSSL_MD2_C
2045  case SIG_RSA_MD2:
2046  md2( message_str, msg_len, hash_result );
2047  break;
2048  #endif
2049  #ifdef POLARSSL_MD4_C
2050  case SIG_RSA_MD4:
2051  md4( message_str, msg_len, hash_result );
2052  break;
2053  #endif
2054  #ifdef POLARSSL_MD5_C
2055  case SIG_RSA_MD5:
2056  md5( message_str, msg_len, hash_result );
2057  break;
2058  #endif
2059  #ifdef POLARSSL_SHA1_C
2060  case SIG_RSA_SHA1:
2061  sha1( message_str, msg_len, hash_result );
2062  break;
2063  #endif
2064  #ifdef POLARSSL_SHA2_C
2065  case SIG_RSA_SHA224:
2066  sha2( message_str, msg_len, hash_result, 1 );
2067  break;
2068  case SIG_RSA_SHA256:
2069  sha2( message_str, msg_len, hash_result, 0 );
2070  break;
2071  #endif
2072  #ifdef POLARSSL_SHA4_C
2073  case SIG_RSA_SHA384:
2074  sha4( message_str, msg_len, hash_result, 1 );
2075  break;
2076  case SIG_RSA_SHA512:
2077  sha4( message_str, msg_len, hash_result, 0 );
2078  break;
2079  #endif
2080  }
2081 
2082  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA512, 0, hash_result, result_str ) == 0 );
2083 
2084  rsa_free( &ctx );
2085  }
2086  FCT_TEST_END();
2087 #endif /* POLARSSL_SHA4_C */
2088 
2089 #ifdef POLARSSL_SHA1_C
2090 
2091  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_27)
2092  {
2093  unsigned char message_str[1000];
2094  unsigned char hash_result[1000];
2095  unsigned char result_str[1000];
2096  rsa_context ctx;
2097  int msg_len;
2098 
2099  rsa_init( &ctx, RSA_PKCS_V15, 0 );
2100  memset( message_str, 0x00, 1000 );
2101  memset( hash_result, 0x00, 1000 );
2102  memset( result_str, 0x00, 1000 );
2103 
2104  ctx.len = 1536 / 8;
2105  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
2106  fct_chk( mpi_read_string( &ctx.E, 16, "11" ) == 0 );
2107 
2108  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
2109 
2110  msg_len = unhexify( message_str, "4871adc05f6b3ecf296680b0dd8d86715b0d5264c064008037dc410512520b5f193c8f4d21eb6c42e10d220c0275c9b3751f03a4096e2f0e3db9df8d52068c06a51589d23ca1361e9fe27691e95663301ec1407fbf73aee99cc92362eaf6994b95038396d815052a0aef6489bbb7bcb0fffdf13f0af9e7d9fd14f6ce00ab98f7" );
2111  unhexify( result_str, "180caf03781b391aacebe5b3f5e1d3b01c68a00df4ecfb6c4bf14217aed7cfca0adac099ec1d6e1f0b43b09b86788533fee6691d773807af0df6cc3bbdde3cf34bf5b848fa59c8bc10227cc3eba3452a85e0520fccdb2d8d32dd99672d302756a2d7f7f2693db3a48be17bd34d9d891f4ba44449c5bad1de91b788f524500a7703cccbaa77b9fe8791f5c8aa7b8f055336f28fcfc01733712e33cfb3d33fe71ddb9ced2a31931ec38007f5ad4a0d19acc428124b0e5ee6e0746fb33c1a4d90c8" );
2112 
2113  switch( SIG_RSA_SHA1 )
2114  {
2115  #ifdef POLARSSL_MD2_C
2116  case SIG_RSA_MD2:
2117  md2( message_str, msg_len, hash_result );
2118  break;
2119  #endif
2120  #ifdef POLARSSL_MD4_C
2121  case SIG_RSA_MD4:
2122  md4( message_str, msg_len, hash_result );
2123  break;
2124  #endif
2125  #ifdef POLARSSL_MD5_C
2126  case SIG_RSA_MD5:
2127  md5( message_str, msg_len, hash_result );
2128  break;
2129  #endif
2130  #ifdef POLARSSL_SHA1_C
2131  case SIG_RSA_SHA1:
2132  sha1( message_str, msg_len, hash_result );
2133  break;
2134  #endif
2135  #ifdef POLARSSL_SHA2_C
2136  case SIG_RSA_SHA224:
2137  sha2( message_str, msg_len, hash_result, 1 );
2138  break;
2139  case SIG_RSA_SHA256:
2140  sha2( message_str, msg_len, hash_result, 0 );
2141  break;
2142  #endif
2143  #ifdef POLARSSL_SHA4_C
2144  case SIG_RSA_SHA384:
2145  sha4( message_str, msg_len, hash_result, 1 );
2146  break;
2147  case SIG_RSA_SHA512:
2148  sha4( message_str, msg_len, hash_result, 0 );
2149  break;
2150  #endif
2151  }
2152 
2153  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA1, 0, hash_result, result_str ) == 0 );
2154 
2155  rsa_free( &ctx );
2156  }
2157  FCT_TEST_END();
2158 #endif /* POLARSSL_SHA1_C */
2159 
2160 #ifdef POLARSSL_SHA2_C
2161 
2162  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_28)
2163  {
2164  unsigned char message_str[1000];
2165  unsigned char hash_result[1000];
2166  unsigned char result_str[1000];
2167  rsa_context ctx;
2168  int msg_len;
2169 
2170  rsa_init( &ctx, RSA_PKCS_V15, 0 );
2171  memset( message_str, 0x00, 1000 );
2172  memset( hash_result, 0x00, 1000 );
2173  memset( result_str, 0x00, 1000 );
2174 
2175  ctx.len = 1536 / 8;
2176  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
2177  fct_chk( mpi_read_string( &ctx.E, 16, "11" ) == 0 );
2178 
2179  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
2180 
2181  msg_len = unhexify( message_str, "3bba64de38438a71b95ab9c94539d5870c1fb08d7a9937600c00e9d063438edc97e625d0cd4b1eb00c31c9d94c7a0fe6d03160d1b6cbec5acdad16ada6ef253fee603df9faca8f98a477cc5456f3dfbf6414dbf19f3832e227ce291780188881e82e96a2e84744f12a34a9808a2daedc6fd00b345c6772bec26a095719451e6a" );
2182  unhexify( result_str, "8c846e75e32ce5f9964bdd8f6dcf1d2996a646b233bcf1bd6394e13e856691b89bedd18290a0f9f7c90dca307271b3108e795340490513b25e6789e93722c65ec064b4c43457295a31d1f07dd605e133fd6eaafc58cda132df2939f5f693e0205af34550afaa137f3e482885e50dfb48333a15c0821e7a19642acdddc6fea3c7487c691246a2b083dac439889d5ae741b7e08c47937530b4b069f1a260cd07fe4a0ddd530ab11534fb805e9b562118ee0e97932966008aadfc83f3b8a10de8ee" );
2183 
2184  switch( SIG_RSA_SHA224 )
2185  {
2186  #ifdef POLARSSL_MD2_C
2187  case SIG_RSA_MD2:
2188  md2( message_str, msg_len, hash_result );
2189  break;
2190  #endif
2191  #ifdef POLARSSL_MD4_C
2192  case SIG_RSA_MD4:
2193  md4( message_str, msg_len, hash_result );
2194  break;
2195  #endif
2196  #ifdef POLARSSL_MD5_C
2197  case SIG_RSA_MD5:
2198  md5( message_str, msg_len, hash_result );
2199  break;
2200  #endif
2201  #ifdef POLARSSL_SHA1_C
2202  case SIG_RSA_SHA1:
2203  sha1( message_str, msg_len, hash_result );
2204  break;
2205  #endif
2206  #ifdef POLARSSL_SHA2_C
2207  case SIG_RSA_SHA224:
2208  sha2( message_str, msg_len, hash_result, 1 );
2209  break;
2210  case SIG_RSA_SHA256:
2211  sha2( message_str, msg_len, hash_result, 0 );
2212  break;
2213  #endif
2214  #ifdef POLARSSL_SHA4_C
2215  case SIG_RSA_SHA384:
2216  sha4( message_str, msg_len, hash_result, 1 );
2217  break;
2218  case SIG_RSA_SHA512:
2219  sha4( message_str, msg_len, hash_result, 0 );
2220  break;
2221  #endif
2222  }
2223 
2224  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA224, 0, hash_result, result_str ) == 0 );
2225 
2226  rsa_free( &ctx );
2227  }
2228  FCT_TEST_END();
2229 #endif /* POLARSSL_SHA2_C */
2230 
2231 #ifdef POLARSSL_SHA2_C
2232 
2233  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_29)
2234  {
2235  unsigned char message_str[1000];
2236  unsigned char hash_result[1000];
2237  unsigned char result_str[1000];
2238  rsa_context ctx;
2239  int msg_len;
2240 
2241  rsa_init( &ctx, RSA_PKCS_V15, 0 );
2242  memset( message_str, 0x00, 1000 );
2243  memset( hash_result, 0x00, 1000 );
2244  memset( result_str, 0x00, 1000 );
2245 
2246  ctx.len = 1536 / 8;
2247  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
2248  fct_chk( mpi_read_string( &ctx.E, 16, "11" ) == 0 );
2249 
2250  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
2251 
2252  msg_len = unhexify( message_str, "f7857ce04bf4292ea1755f9e587822372f4dcdf10bddfc0ff498a8af60ae94a0b482e873085c1cd52a5d181ce6b99a1f8520d74b947d65f3e7e358e8ddc4ac4ae465e39d408eee1f09865159733f83f553cd93cfde1c114fb3e32cf51cd418359016b3867df467b645d752808671a4609f3c49a67023c9ca617e6cffa544a10a" );
2253  unhexify( result_str, "9677300bbee003be3c445634f8ed5beb152b63f46f84cf5a8e721e0fafe8f3f7e99a6d50741f23f449d3026da3e8a7ac36be99ab44831803486ae552f7aa01f075287829b231d2d0840908e09081ae177ed888fe46a9d937a0871eb5d52ec541c8411c4cbf7efea6ca213b12cea513b0739eedca7c9473e10a7796936f4eaa0c5d3a9013ca5536781ac68eb2ca5779144de23da2e9875114aca885b3219dfc292d73940c5992ea3c4882889e7543430652860e441a01a45d9f4005a012421493" );
2254 
2255  switch( SIG_RSA_SHA256 )
2256  {
2257  #ifdef POLARSSL_MD2_C
2258  case SIG_RSA_MD2:
2259  md2( message_str, msg_len, hash_result );
2260  break;
2261  #endif
2262  #ifdef POLARSSL_MD4_C
2263  case SIG_RSA_MD4:
2264  md4( message_str, msg_len, hash_result );
2265  break;
2266  #endif
2267  #ifdef POLARSSL_MD5_C
2268  case SIG_RSA_MD5:
2269  md5( message_str, msg_len, hash_result );
2270  break;
2271  #endif
2272  #ifdef POLARSSL_SHA1_C
2273  case SIG_RSA_SHA1:
2274  sha1( message_str, msg_len, hash_result );
2275  break;
2276  #endif
2277  #ifdef POLARSSL_SHA2_C
2278  case SIG_RSA_SHA224:
2279  sha2( message_str, msg_len, hash_result, 1 );
2280  break;
2281  case SIG_RSA_SHA256:
2282  sha2( message_str, msg_len, hash_result, 0 );
2283  break;
2284  #endif
2285  #ifdef POLARSSL_SHA4_C
2286  case SIG_RSA_SHA384:
2287  sha4( message_str, msg_len, hash_result, 1 );
2288  break;
2289  case SIG_RSA_SHA512:
2290  sha4( message_str, msg_len, hash_result, 0 );
2291  break;
2292  #endif
2293  }
2294 
2295  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA256, 0, hash_result, result_str ) == 0 );
2296 
2297  rsa_free( &ctx );
2298  }
2299  FCT_TEST_END();
2300 #endif /* POLARSSL_SHA2_C */
2301 
2302 #ifdef POLARSSL_SHA2_C
2303 
2304  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_30)
2305  {
2306  unsigned char message_str[1000];
2307  unsigned char hash_result[1000];
2308  unsigned char result_str[1000];
2309  rsa_context ctx;
2310  int msg_len;
2311 
2312  rsa_init( &ctx, RSA_PKCS_V15, 0 );
2313  memset( message_str, 0x00, 1000 );
2314  memset( hash_result, 0x00, 1000 );
2315  memset( result_str, 0x00, 1000 );
2316 
2317  ctx.len = 1536 / 8;
2318  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
2319  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
2320 
2321  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
2322 
2323  msg_len = unhexify( message_str, "ca312774f2756ac2019f213a01a63c9a0b4a49ccafecf25e97a4c632668e3c77e664f4d7635241f25205e50c37061b02c546db8346fa597c3da8cfd44a827c5a4ff4ecfcd1797b39a1b215d9bbb93fdb6eb35bafbda427a5068888a6e19f86224b0897490491207e35ce39085668b10b4fb851b7dd9465c03869790ef38a61b5" );
2324  unhexify( result_str, "a202c33eb831b9d8e818b6c3bcdb42818e1d9c22a06ddd73a17a21e49d18cda44df349a066477cae068e1a5d2b518b0885e889ef796ca9e6f42a69ac755b8a6405fbaef93fe0130d98de35d689addfee3eecd26658903f774bda481c3f40ee0e9569a3c3e2da7ad576c7de82159d933e36fa29cfef99367005e34ab5082d80f48276d37dabc88dbb023bd01585329d2ccf417f78ec508aaa29751007d31f1669296b981d44c8fa99130c5df7a071725b496859314aaf9baf0ebc780355914249" );
2325 
2326  switch( SIG_RSA_SHA256 )
2327  {
2328  #ifdef POLARSSL_MD2_C
2329  case SIG_RSA_MD2:
2330  md2( message_str, msg_len, hash_result );
2331  break;
2332  #endif
2333  #ifdef POLARSSL_MD4_C
2334  case SIG_RSA_MD4:
2335  md4( message_str, msg_len, hash_result );
2336  break;
2337  #endif
2338  #ifdef POLARSSL_MD5_C
2339  case SIG_RSA_MD5:
2340  md5( message_str, msg_len, hash_result );
2341  break;
2342  #endif
2343  #ifdef POLARSSL_SHA1_C
2344  case SIG_RSA_SHA1:
2345  sha1( message_str, msg_len, hash_result );
2346  break;
2347  #endif
2348  #ifdef POLARSSL_SHA2_C
2349  case SIG_RSA_SHA224:
2350  sha2( message_str, msg_len, hash_result, 1 );
2351  break;
2352  case SIG_RSA_SHA256:
2353  sha2( message_str, msg_len, hash_result, 0 );
2354  break;
2355  #endif
2356  #ifdef POLARSSL_SHA4_C
2357  case SIG_RSA_SHA384:
2358  sha4( message_str, msg_len, hash_result, 1 );
2359  break;
2360  case SIG_RSA_SHA512:
2361  sha4( message_str, msg_len, hash_result, 0 );
2362  break;
2363  #endif
2364  }
2365 
2366  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA256, 0, hash_result, result_str ) == POLARSSL_ERR_RSA_INVALID_PADDING );
2367 
2368  rsa_free( &ctx );
2369  }
2370  FCT_TEST_END();
2371 #endif /* POLARSSL_SHA2_C */
2372 
2373 #ifdef POLARSSL_SHA4_C
2374 
2375  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_31)
2376  {
2377  unsigned char message_str[1000];
2378  unsigned char hash_result[1000];
2379  unsigned char result_str[1000];
2380  rsa_context ctx;
2381  int msg_len;
2382 
2383  rsa_init( &ctx, RSA_PKCS_V15, 0 );
2384  memset( message_str, 0x00, 1000 );
2385  memset( hash_result, 0x00, 1000 );
2386  memset( result_str, 0x00, 1000 );
2387 
2388  ctx.len = 1536 / 8;
2389  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
2390  fct_chk( mpi_read_string( &ctx.E, 16, "10001" ) == 0 );
2391 
2392  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
2393 
2394  msg_len = unhexify( message_str, "2abe079077290ceb6c80ac5c61062ce8da814b1fb99a1a9fb2860ed900e6541856ec64bf19c0d9d1cc2280b7cc50af3e3d2ad8e044945d44761ca60891dd72bd6aa26a33274ffcf7ae7d661b5e651135fcff21aaf06b4a2db18fe5827e0243884f2841760b9f1c65fbda870f7f0cfbd6ff484f0825e688614928f2d12d1e7080" );
2395  unhexify( result_str, "402631f3cddfb02cc4d9cb58ef1ab6726bd787a50e12e98567c9702bfdf47af85904aec5a2f6c5df9a10f08f90f93728eb090ae2ac21ded9f38faecd8195f3eb3d4107521b1cee956e7a214245b038adae912fa35ec97cb3bdc41352e8aaff80173561284cb740f999a3cd6653a6c3d5a3f911a416f41e2155083982c99eb5998a0a74d77f1ae999d901ee24a7f2c424179a3f92b07dc0b3498c1884e60677bee0175e810b426c4ad008d2743cd19b00b33177bf8be3fed7f7406e1bce0c2ea3" );
2396 
2397  switch( SIG_RSA_SHA384 )
2398  {
2399  #ifdef POLARSSL_MD2_C
2400  case SIG_RSA_MD2:
2401  md2( message_str, msg_len, hash_result );
2402  break;
2403  #endif
2404  #ifdef POLARSSL_MD4_C
2405  case SIG_RSA_MD4:
2406  md4( message_str, msg_len, hash_result );
2407  break;
2408  #endif
2409  #ifdef POLARSSL_MD5_C
2410  case SIG_RSA_MD5:
2411  md5( message_str, msg_len, hash_result );
2412  break;
2413  #endif
2414  #ifdef POLARSSL_SHA1_C
2415  case SIG_RSA_SHA1:
2416  sha1( message_str, msg_len, hash_result );
2417  break;
2418  #endif
2419  #ifdef POLARSSL_SHA2_C
2420  case SIG_RSA_SHA224:
2421  sha2( message_str, msg_len, hash_result, 1 );
2422  break;
2423  case SIG_RSA_SHA256:
2424  sha2( message_str, msg_len, hash_result, 0 );
2425  break;
2426  #endif
2427  #ifdef POLARSSL_SHA4_C
2428  case SIG_RSA_SHA384:
2429  sha4( message_str, msg_len, hash_result, 1 );
2430  break;
2431  case SIG_RSA_SHA512:
2432  sha4( message_str, msg_len, hash_result, 0 );
2433  break;
2434  #endif
2435  }
2436 
2437  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA384, 0, hash_result, result_str ) == POLARSSL_ERR_RSA_INVALID_PADDING );
2438 
2439  rsa_free( &ctx );
2440  }
2441  FCT_TEST_END();
2442 #endif /* POLARSSL_SHA4_C */
2443 
2444 #ifdef POLARSSL_SHA4_C
2445 
2446  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_32)
2447  {
2448  unsigned char message_str[1000];
2449  unsigned char hash_result[1000];
2450  unsigned char result_str[1000];
2451  rsa_context ctx;
2452  int msg_len;
2453 
2454  rsa_init( &ctx, RSA_PKCS_V15, 0 );
2455  memset( message_str, 0x00, 1000 );
2456  memset( hash_result, 0x00, 1000 );
2457  memset( result_str, 0x00, 1000 );
2458 
2459  ctx.len = 1536 / 8;
2460  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
2461  fct_chk( mpi_read_string( &ctx.E, 16, "11" ) == 0 );
2462 
2463  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
2464 
2465  msg_len = unhexify( message_str, "da9505809dc92cfd8e01a1857dde52df6677c40d98f4577c1659ca7d3e9f01f9a809065f51b54fe2f9723fe2c9d1eea7397f2d5531d1c51c6ea100b028596bf9f24dd90be14eab58f07b4f24a35b073aeb29ecde4a6f320237d7adbdc43d94f87e08866b95bbcac83dc7db3553a42400441f088e2bf6259539a2da8b5a74065f" );
2466  unhexify( result_str, "57edd0560df9840a25c28ff6d254e432395a5cd2d92248b3b44d7eab0fc65b3c4e545a916a8e90ce89745119db9ec9799aa8890f5250fb589cfc12dac1b6e406a39bc3b3663892da5354ba453cbd5e4c89bdce82d0ffe97052a03a5c3308819c1139ebc780c13cf6dc1477faf734abcb1db3fafaed6f22885c9c0222ff5deacb8cc6d027f2e959c3075011b382e88c4b27b83b4f2e6fda022e331c3602d19f5ac7bccfe95ea1e93d736dbd918ae5b1f468cd0b5b536a2f918d5e27a0757e75b7" );
2467 
2468  switch( SIG_RSA_SHA384 )
2469  {
2470  #ifdef POLARSSL_MD2_C
2471  case SIG_RSA_MD2:
2472  md2( message_str, msg_len, hash_result );
2473  break;
2474  #endif
2475  #ifdef POLARSSL_MD4_C
2476  case SIG_RSA_MD4:
2477  md4( message_str, msg_len, hash_result );
2478  break;
2479  #endif
2480  #ifdef POLARSSL_MD5_C
2481  case SIG_RSA_MD5:
2482  md5( message_str, msg_len, hash_result );
2483  break;
2484  #endif
2485  #ifdef POLARSSL_SHA1_C
2486  case SIG_RSA_SHA1:
2487  sha1( message_str, msg_len, hash_result );
2488  break;
2489  #endif
2490  #ifdef POLARSSL_SHA2_C
2491  case SIG_RSA_SHA224:
2492  sha2( message_str, msg_len, hash_result, 1 );
2493  break;
2494  case SIG_RSA_SHA256:
2495  sha2( message_str, msg_len, hash_result, 0 );
2496  break;
2497  #endif
2498  #ifdef POLARSSL_SHA4_C
2499  case SIG_RSA_SHA384:
2500  sha4( message_str, msg_len, hash_result, 1 );
2501  break;
2502  case SIG_RSA_SHA512:
2503  sha4( message_str, msg_len, hash_result, 0 );
2504  break;
2505  #endif
2506  }
2507 
2508  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA384, 0, hash_result, result_str ) == 0 );
2509 
2510  rsa_free( &ctx );
2511  }
2512  FCT_TEST_END();
2513 #endif /* POLARSSL_SHA4_C */
2514 
2515 #ifdef POLARSSL_SHA4_C
2516 
2517  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_33)
2518  {
2519  unsigned char message_str[1000];
2520  unsigned char hash_result[1000];
2521  unsigned char result_str[1000];
2522  rsa_context ctx;
2523  int msg_len;
2524 
2525  rsa_init( &ctx, RSA_PKCS_V15, 0 );
2526  memset( message_str, 0x00, 1000 );
2527  memset( hash_result, 0x00, 1000 );
2528  memset( result_str, 0x00, 1000 );
2529 
2530  ctx.len = 1536 / 8;
2531  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
2532  fct_chk( mpi_read_string( &ctx.E, 16, "11" ) == 0 );
2533 
2534  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
2535 
2536  msg_len = unhexify( message_str, "d0cd038c65b3acca45822eaf91ea5176e82043268876dec0b62e2abd619023b7023abc67c6b823cfef5447b8772f985ff7910d6cc87e6c23688ac6de1fee40bbe2da1a92770de92adaa427ace02fee571a0a0176fceb0c8f3eb72dde839ab201395625f5c0db8641ce19d7711212dec61733262c6ce4476c025e67a3d5bc01f3" );
2537  unhexify( result_str, "2f30629c1117d013bb36e6099dee931dcaf0a1032b07ec23e2b262898a8945e569c9573d81e22bb0a5f8a28b0d7b8ff01367dd7f089c68ed1daa11cf53a96ee91b38e6b839b6e90bea34d14b78f5d2c7629b68c5b4f2ecfff66b483b2233cb14f95df533c867a2b610aebcdbb7ea3109aaf2f5762ab3edc2571deccc7da0c9a5b443ca2b924c0f18de7bbb736a08fed3916795018a436a3ae62c85d554a53a6d48623908e06e7d275f4251d3b3bd530bd11e155dcf2b5c2adf030cdf931ae749" );
2538 
2539  switch( SIG_RSA_SHA512 )
2540  {
2541  #ifdef POLARSSL_MD2_C
2542  case SIG_RSA_MD2:
2543  md2( message_str, msg_len, hash_result );
2544  break;
2545  #endif
2546  #ifdef POLARSSL_MD4_C
2547  case SIG_RSA_MD4:
2548  md4( message_str, msg_len, hash_result );
2549  break;
2550  #endif
2551  #ifdef POLARSSL_MD5_C
2552  case SIG_RSA_MD5:
2553  md5( message_str, msg_len, hash_result );
2554  break;
2555  #endif
2556  #ifdef POLARSSL_SHA1_C
2557  case SIG_RSA_SHA1:
2558  sha1( message_str, msg_len, hash_result );
2559  break;
2560  #endif
2561  #ifdef POLARSSL_SHA2_C
2562  case SIG_RSA_SHA224:
2563  sha2( message_str, msg_len, hash_result, 1 );
2564  break;
2565  case SIG_RSA_SHA256:
2566  sha2( message_str, msg_len, hash_result, 0 );
2567  break;
2568  #endif
2569  #ifdef POLARSSL_SHA4_C
2570  case SIG_RSA_SHA384:
2571  sha4( message_str, msg_len, hash_result, 1 );
2572  break;
2573  case SIG_RSA_SHA512:
2574  sha4( message_str, msg_len, hash_result, 0 );
2575  break;
2576  #endif
2577  }
2578 
2579  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA512, 0, hash_result, result_str ) == POLARSSL_ERR_RSA_INVALID_PADDING );
2580 
2581  rsa_free( &ctx );
2582  }
2583  FCT_TEST_END();
2584 #endif /* POLARSSL_SHA4_C */
2585 
2586 #ifdef POLARSSL_SHA4_C
2587 
2588  FCT_TEST_BGN(rsa_pkcs1_verify_v15_cavs_34)
2589  {
2590  unsigned char message_str[1000];
2591  unsigned char hash_result[1000];
2592  unsigned char result_str[1000];
2593  rsa_context ctx;
2594  int msg_len;
2595 
2596  rsa_init( &ctx, RSA_PKCS_V15, 0 );
2597  memset( message_str, 0x00, 1000 );
2598  memset( hash_result, 0x00, 1000 );
2599  memset( result_str, 0x00, 1000 );
2600 
2601  ctx.len = 1536 / 8;
2602  fct_chk( mpi_read_string( &ctx.N, 16, "a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd" ) == 0 );
2603  fct_chk( mpi_read_string( &ctx.E, 16, "11" ) == 0 );
2604 
2605  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
2606 
2607  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
2608  unhexify( result_str, "0b4d96f411c727a262d6d0ade34195b78603551061917d060f89add47b09dfe8715f4f9147d327dc25e91fe457e5d1a2f22cd8fe6fe8e29d2060658307c87a40640650fef3d4b289a6c3febc5a100b29a8b56623afb29fd3c13ea372bf3c638c1db25f8bd8c74c821beec7b5affcace1d05d056a6c2d3035926c7a268df4751a54bc20a6b8cfd729a7cba309ae817daccbef9950a482cf23950a8ca1d3a13ddb7d8d0f87ad5587d4d9ebe19fe93457597a7bdd056c2fd4cea7d31e4a0e595a7b" );
2609 
2610  switch( SIG_RSA_SHA512 )
2611  {
2612  #ifdef POLARSSL_MD2_C
2613  case SIG_RSA_MD2:
2614  md2( message_str, msg_len, hash_result );
2615  break;
2616  #endif
2617  #ifdef POLARSSL_MD4_C
2618  case SIG_RSA_MD4:
2619  md4( message_str, msg_len, hash_result );
2620  break;
2621  #endif
2622  #ifdef POLARSSL_MD5_C
2623  case SIG_RSA_MD5:
2624  md5( message_str, msg_len, hash_result );
2625  break;
2626  #endif
2627  #ifdef POLARSSL_SHA1_C
2628  case SIG_RSA_SHA1:
2629  sha1( message_str, msg_len, hash_result );
2630  break;
2631  #endif
2632  #ifdef POLARSSL_SHA2_C
2633  case SIG_RSA_SHA224:
2634  sha2( message_str, msg_len, hash_result, 1 );
2635  break;
2636  case SIG_RSA_SHA256:
2637  sha2( message_str, msg_len, hash_result, 0 );
2638  break;
2639  #endif
2640  #ifdef POLARSSL_SHA4_C
2641  case SIG_RSA_SHA384:
2642  sha4( message_str, msg_len, hash_result, 1 );
2643  break;
2644  case SIG_RSA_SHA512:
2645  sha4( message_str, msg_len, hash_result, 0 );
2646  break;
2647  #endif
2648  }
2649 
2650  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA512, 0, hash_result, result_str ) == 0 );
2651 
2652  rsa_free( &ctx );
2653  }
2654  FCT_TEST_END();
2655 #endif /* POLARSSL_SHA4_C */
2656 
2657 #ifdef POLARSSL_SHA4_C
2658 
2659  FCT_TEST_BGN(rsa_pkcs1_sign_1_sha512_1536_bits_rsa)
2660  {
2661  unsigned char message_str[1000];
2662  unsigned char hash_result[1000];
2663  unsigned char output[1000];
2664  unsigned char output_str[1000];
2665  rsa_context ctx;
2666  mpi P1, Q1, H, G;
2667  int msg_len;
2668 
2669  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
2670  rsa_init( &ctx, RSA_PKCS_V15, 0 );
2671 
2672  memset( message_str, 0x00, 1000 );
2673  memset( hash_result, 0x00, 1000 );
2674  memset( output, 0x00, 1000 );
2675  memset( output_str, 0x00, 1000 );
2676 
2677  ctx.len = 1536 / 8;
2678  fct_chk( mpi_read_string( &ctx.P, 16, "c8c67df894c882045ede26a9008ab09ea0672077d7bc71d412511cd93981ddde8f91b967da404056c39f105f7f239abdaff92923859920f6299e82b95bd5b8c959948f4a035cbd693ad83014294d349813d1ad57911a6355d0731fe3a034e9db" ) == 0 );
2679  fct_chk( mpi_read_string( &ctx.Q, 16, "f15147d0e7c04a1e3f37adde802cdc610999bf7ab0088434aaeda0c0ab3910b14d2ce56cb66bffd97552195fae8b061077e03920814d8b9cfb5a3958b3a82c2a7fc97e55db5978b47a922156eb8a3e55c06a54a45d1670abdfb995489c4d0051" ) == 0 );
2680  fct_chk( mpi_read_string( &ctx.N, 16, "bd429bb7c3b00bbea19ba664c0f8172d1a73c3cfa05e2ed656d570c1590918bb7e372ed25e2cd71395ba0a9b1a30f3ee012ffb0546cab8e3581fe3e23f44ab57a8aee9717e71a936a580fa8572d450fb00339a6f6704b717df0c149a465bab768c61500cd93b61113ff3e4389167f7b2c8e3c0da2d4765286bee555b0bcb4998f59b14fad03180a17c8b4f69bcd1234f4ae85950137665ac2ba80b55cc9b1aafb454b83771aa755acd2a00e93ddb65e696dbed8bdca69fb5e0c5c2097b9cfe4b" ) == 0 );
2681  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
2682 
2683  fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
2684  fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
2685  fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
2686  fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 );
2687  fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
2688  fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
2689  fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
2690  fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
2691 
2692  fct_chk( rsa_check_privkey( &ctx ) == 0 );
2693 
2694  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
2695 
2696  switch( SIG_RSA_SHA512 )
2697  {
2698  #ifdef POLARSSL_MD2_C
2699  case SIG_RSA_MD2:
2700  md2( message_str, msg_len, hash_result );
2701  break;
2702  #endif
2703  #ifdef POLARSSL_MD4_C
2704  case SIG_RSA_MD4:
2705  md4( message_str, msg_len, hash_result );
2706  break;
2707  #endif
2708  #ifdef POLARSSL_MD5_C
2709  case SIG_RSA_MD5:
2710  md5( message_str, msg_len, hash_result );
2711  break;
2712  #endif
2713  #ifdef POLARSSL_SHA1_C
2714  case SIG_RSA_SHA1:
2715  sha1( message_str, msg_len, hash_result );
2716  break;
2717  #endif
2718  #ifdef POLARSSL_SHA2_C
2719  case SIG_RSA_SHA224:
2720  sha2( message_str, msg_len, hash_result, 1 );
2721  break;
2722  case SIG_RSA_SHA256:
2723  sha2( message_str, msg_len, hash_result, 0 );
2724  break;
2725  #endif
2726  #ifdef POLARSSL_SHA4_C
2727  case SIG_RSA_SHA384:
2728  sha4( message_str, msg_len, hash_result, 1 );
2729  break;
2730  case SIG_RSA_SHA512:
2731  sha4( message_str, msg_len, hash_result, 0 );
2732  break;
2733  #endif
2734  }
2735 
2736  fct_chk( rsa_pkcs1_sign( &ctx, NULL, NULL, RSA_PRIVATE, SIG_RSA_SHA512, 0, hash_result, output ) == 0 );
2737  if( 0 == 0 )
2738  {
2739  hexify( output_str, output, ctx.len );
2740 
2741  fct_chk( strcasecmp( (char *) output_str, "93b6fa99485c116ca6efdd4202ea1cf49f4c6345fae692584413743ce5b65510e8e4690aee9a19ea1ff10d57f22aa3548d839f28a8525a34354e9e58e0f3947e056ce2554e21bf287e220b98db3b551258cd42b495e5d1a3bbc83c9d1a02f2a300ef6d866ea75108e44ebb3e16b47df2f6de28feb2be3874dbbf21599451082d86e9f2f462575a8185c69aa1f1fcb6a363c5d71aeba2103449eaf3845285291148d5f78d1646b8dc95cbcc4082f987d948b0e7d4e80b60595f8a7517584e1643" ) == 0 );
2742  }
2743 
2744  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
2745  rsa_free( &ctx );
2746  }
2747  FCT_TEST_END();
2748 #endif /* POLARSSL_SHA4_C */
2749 
2750 #ifdef POLARSSL_SHA4_C
2751 
2752  FCT_TEST_BGN(rsa_pkcs1_sign_1_verify)
2753  {
2754  unsigned char message_str[1000];
2755  unsigned char hash_result[1000];
2756  unsigned char result_str[1000];
2757  rsa_context ctx;
2758  int msg_len;
2759 
2760  rsa_init( &ctx, RSA_PKCS_V15, 0 );
2761  memset( message_str, 0x00, 1000 );
2762  memset( hash_result, 0x00, 1000 );
2763  memset( result_str, 0x00, 1000 );
2764 
2765  ctx.len = 1536 / 8;
2766  fct_chk( mpi_read_string( &ctx.N, 16, "bd429bb7c3b00bbea19ba664c0f8172d1a73c3cfa05e2ed656d570c1590918bb7e372ed25e2cd71395ba0a9b1a30f3ee012ffb0546cab8e3581fe3e23f44ab57a8aee9717e71a936a580fa8572d450fb00339a6f6704b717df0c149a465bab768c61500cd93b61113ff3e4389167f7b2c8e3c0da2d4765286bee555b0bcb4998f59b14fad03180a17c8b4f69bcd1234f4ae85950137665ac2ba80b55cc9b1aafb454b83771aa755acd2a00e93ddb65e696dbed8bdca69fb5e0c5c2097b9cfe4b" ) == 0 );
2767  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
2768 
2769  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
2770 
2771  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
2772  unhexify( result_str, "93b6fa99485c116ca6efdd4202ea1cf49f4c6345fae692584413743ce5b65510e8e4690aee9a19ea1ff10d57f22aa3548d839f28a8525a34354e9e58e0f3947e056ce2554e21bf287e220b98db3b551258cd42b495e5d1a3bbc83c9d1a02f2a300ef6d866ea75108e44ebb3e16b47df2f6de28feb2be3874dbbf21599451082d86e9f2f462575a8185c69aa1f1fcb6a363c5d71aeba2103449eaf3845285291148d5f78d1646b8dc95cbcc4082f987d948b0e7d4e80b60595f8a7517584e1643" );
2773 
2774  switch( SIG_RSA_SHA512 )
2775  {
2776  #ifdef POLARSSL_MD2_C
2777  case SIG_RSA_MD2:
2778  md2( message_str, msg_len, hash_result );
2779  break;
2780  #endif
2781  #ifdef POLARSSL_MD4_C
2782  case SIG_RSA_MD4:
2783  md4( message_str, msg_len, hash_result );
2784  break;
2785  #endif
2786  #ifdef POLARSSL_MD5_C
2787  case SIG_RSA_MD5:
2788  md5( message_str, msg_len, hash_result );
2789  break;
2790  #endif
2791  #ifdef POLARSSL_SHA1_C
2792  case SIG_RSA_SHA1:
2793  sha1( message_str, msg_len, hash_result );
2794  break;
2795  #endif
2796  #ifdef POLARSSL_SHA2_C
2797  case SIG_RSA_SHA224:
2798  sha2( message_str, msg_len, hash_result, 1 );
2799  break;
2800  case SIG_RSA_SHA256:
2801  sha2( message_str, msg_len, hash_result, 0 );
2802  break;
2803  #endif
2804  #ifdef POLARSSL_SHA4_C
2805  case SIG_RSA_SHA384:
2806  sha4( message_str, msg_len, hash_result, 1 );
2807  break;
2808  case SIG_RSA_SHA512:
2809  sha4( message_str, msg_len, hash_result, 0 );
2810  break;
2811  #endif
2812  }
2813 
2814  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA512, 0, hash_result, result_str ) == 0 );
2815 
2816  rsa_free( &ctx );
2817  }
2818  FCT_TEST_END();
2819 #endif /* POLARSSL_SHA4_C */
2820 
2821 #ifdef POLARSSL_SHA2_C
2822 
2823  FCT_TEST_BGN(rsa_pkcs1_sign_2_sha256_2048_bits_rsa)
2824  {
2825  unsigned char message_str[1000];
2826  unsigned char hash_result[1000];
2827  unsigned char output[1000];
2828  unsigned char output_str[1000];
2829  rsa_context ctx;
2830  mpi P1, Q1, H, G;
2831  int msg_len;
2832 
2833  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
2834  rsa_init( &ctx, RSA_PKCS_V15, 0 );
2835 
2836  memset( message_str, 0x00, 1000 );
2837  memset( hash_result, 0x00, 1000 );
2838  memset( output, 0x00, 1000 );
2839  memset( output_str, 0x00, 1000 );
2840 
2841  ctx.len = 2048 / 8;
2842  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
2843  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
2844  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
2845  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
2846 
2847  fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
2848  fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
2849  fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
2850  fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 );
2851  fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
2852  fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
2853  fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
2854  fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
2855 
2856  fct_chk( rsa_check_privkey( &ctx ) == 0 );
2857 
2858  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
2859 
2860  switch( SIG_RSA_SHA256 )
2861  {
2862  #ifdef POLARSSL_MD2_C
2863  case SIG_RSA_MD2:
2864  md2( message_str, msg_len, hash_result );
2865  break;
2866  #endif
2867  #ifdef POLARSSL_MD4_C
2868  case SIG_RSA_MD4:
2869  md4( message_str, msg_len, hash_result );
2870  break;
2871  #endif
2872  #ifdef POLARSSL_MD5_C
2873  case SIG_RSA_MD5:
2874  md5( message_str, msg_len, hash_result );
2875  break;
2876  #endif
2877  #ifdef POLARSSL_SHA1_C
2878  case SIG_RSA_SHA1:
2879  sha1( message_str, msg_len, hash_result );
2880  break;
2881  #endif
2882  #ifdef POLARSSL_SHA2_C
2883  case SIG_RSA_SHA224:
2884  sha2( message_str, msg_len, hash_result, 1 );
2885  break;
2886  case SIG_RSA_SHA256:
2887  sha2( message_str, msg_len, hash_result, 0 );
2888  break;
2889  #endif
2890  #ifdef POLARSSL_SHA4_C
2891  case SIG_RSA_SHA384:
2892  sha4( message_str, msg_len, hash_result, 1 );
2893  break;
2894  case SIG_RSA_SHA512:
2895  sha4( message_str, msg_len, hash_result, 0 );
2896  break;
2897  #endif
2898  }
2899 
2900  fct_chk( rsa_pkcs1_sign( &ctx, NULL, NULL, RSA_PRIVATE, SIG_RSA_SHA256, 0, hash_result, output ) == 0 );
2901  if( 0 == 0 )
2902  {
2903  hexify( output_str, output, ctx.len );
2904 
2905  fct_chk( strcasecmp( (char *) output_str, "5aee2b9dbc02a6a2d87ff64a64165dc0b9ce70c79bab2d287939e2601c3223e0493988d5468731ae4edc7d5f5d449335c204fdb0e192c1915c9d694d3a61c3be14df79c4b34d6ac73707829024d263c94f9107fa93f3783de3965522336e18d1e01a142b5103451bb97839eaf2f44703a63050a36b78aef4072ea1a8daaaf1a2918fc03ee957a9c09efdc7287bcb4d6aec4723290294b249b3e3dc63157b560ad9c867323a73ebeb360cc9e482111643b0d86c4e33dcf170155590f0eba7d170789e84de336b7fe2f6cf485ddca94607a4ff379fc49d375c730249dd1a210e7dccd762d1c23c7532e769c6aa88e38e8654ff90f7b34df4c07ba90e89099ec1ed" ) == 0 );
2906  }
2907 
2908  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
2909  rsa_free( &ctx );
2910  }
2911  FCT_TEST_END();
2912 #endif /* POLARSSL_SHA2_C */
2913 
2914 #ifdef POLARSSL_SHA2_C
2915 
2916  FCT_TEST_BGN(rsa_pkcs1_sign_2_verify)
2917  {
2918  unsigned char message_str[1000];
2919  unsigned char hash_result[1000];
2920  unsigned char result_str[1000];
2921  rsa_context ctx;
2922  int msg_len;
2923 
2924  rsa_init( &ctx, RSA_PKCS_V15, 0 );
2925  memset( message_str, 0x00, 1000 );
2926  memset( hash_result, 0x00, 1000 );
2927  memset( result_str, 0x00, 1000 );
2928 
2929  ctx.len = 2048 / 8;
2930  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
2931  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
2932 
2933  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
2934 
2935  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
2936  unhexify( result_str, "5aee2b9dbc02a6a2d87ff64a64165dc0b9ce70c79bab2d287939e2601c3223e0493988d5468731ae4edc7d5f5d449335c204fdb0e192c1915c9d694d3a61c3be14df79c4b34d6ac73707829024d263c94f9107fa93f3783de3965522336e18d1e01a142b5103451bb97839eaf2f44703a63050a36b78aef4072ea1a8daaaf1a2918fc03ee957a9c09efdc7287bcb4d6aec4723290294b249b3e3dc63157b560ad9c867323a73ebeb360cc9e482111643b0d86c4e33dcf170155590f0eba7d170789e84de336b7fe2f6cf485ddca94607a4ff379fc49d375c730249dd1a210e7dccd762d1c23c7532e769c6aa88e38e8654ff90f7b34df4c07ba90e89099ec1ed" );
2937 
2938  switch( SIG_RSA_SHA256 )
2939  {
2940  #ifdef POLARSSL_MD2_C
2941  case SIG_RSA_MD2:
2942  md2( message_str, msg_len, hash_result );
2943  break;
2944  #endif
2945  #ifdef POLARSSL_MD4_C
2946  case SIG_RSA_MD4:
2947  md4( message_str, msg_len, hash_result );
2948  break;
2949  #endif
2950  #ifdef POLARSSL_MD5_C
2951  case SIG_RSA_MD5:
2952  md5( message_str, msg_len, hash_result );
2953  break;
2954  #endif
2955  #ifdef POLARSSL_SHA1_C
2956  case SIG_RSA_SHA1:
2957  sha1( message_str, msg_len, hash_result );
2958  break;
2959  #endif
2960  #ifdef POLARSSL_SHA2_C
2961  case SIG_RSA_SHA224:
2962  sha2( message_str, msg_len, hash_result, 1 );
2963  break;
2964  case SIG_RSA_SHA256:
2965  sha2( message_str, msg_len, hash_result, 0 );
2966  break;
2967  #endif
2968  #ifdef POLARSSL_SHA4_C
2969  case SIG_RSA_SHA384:
2970  sha4( message_str, msg_len, hash_result, 1 );
2971  break;
2972  case SIG_RSA_SHA512:
2973  sha4( message_str, msg_len, hash_result, 0 );
2974  break;
2975  #endif
2976  }
2977 
2978  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA256, 0, hash_result, result_str ) == 0 );
2979 
2980  rsa_free( &ctx );
2981  }
2982  FCT_TEST_END();
2983 #endif /* POLARSSL_SHA2_C */
2984 
2985 #ifdef POLARSSL_SHA2_C
2986 
2987  FCT_TEST_BGN(rsa_pkcs1_sign_2_verify_fail)
2988  {
2989  unsigned char message_str[1000];
2990  unsigned char hash_result[1000];
2991  unsigned char result_str[1000];
2992  rsa_context ctx;
2993  int msg_len;
2994 
2995  rsa_init( &ctx, RSA_PKCS_V15, 0 );
2996  memset( message_str, 0x00, 1000 );
2997  memset( hash_result, 0x00, 1000 );
2998  memset( result_str, 0x00, 1000 );
2999 
3000  ctx.len = 2048 / 8;
3001  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
3002  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
3003 
3004  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
3005 
3006  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
3007  unhexify( result_str, "5aee2b9dbc02a6a2d87ff64a64165dc0b9ce70c79bab2d287939e2601c3223e0493988d5468731ae4edc7d5f5d449335c204fdb0e192c1915c9d694d3a61c3be14df79c4b34d6ac73707829024d263c94f9107fa93f3783de3965522336e18d1e01a142b5103451bb97839eaf2f44703a63050a36b78aef4072ea1a8daaaf1a2918fc03ee957a9c09efdc6287bcb4d6aec4723290294b249b3e3dc63157b560ad9c867323a73ebeb360cc9e482111643b0d86c4e33dcf170155590f0eba7d170789e84de336b7fe2f6cf485ddca94607a4ff379fc49d375c730249dd1a210e7dccd763d1c23c7532e769c6aa88e38e8654ff90f7b34df4c07ba90e89099ec1ed" );
3008 
3009  switch( SIG_RSA_SHA256 )
3010  {
3011  #ifdef POLARSSL_MD2_C
3012  case SIG_RSA_MD2:
3013  md2( message_str, msg_len, hash_result );
3014  break;
3015  #endif
3016  #ifdef POLARSSL_MD4_C
3017  case SIG_RSA_MD4:
3018  md4( message_str, msg_len, hash_result );
3019  break;
3020  #endif
3021  #ifdef POLARSSL_MD5_C
3022  case SIG_RSA_MD5:
3023  md5( message_str, msg_len, hash_result );
3024  break;
3025  #endif
3026  #ifdef POLARSSL_SHA1_C
3027  case SIG_RSA_SHA1:
3028  sha1( message_str, msg_len, hash_result );
3029  break;
3030  #endif
3031  #ifdef POLARSSL_SHA2_C
3032  case SIG_RSA_SHA224:
3033  sha2( message_str, msg_len, hash_result, 1 );
3034  break;
3035  case SIG_RSA_SHA256:
3036  sha2( message_str, msg_len, hash_result, 0 );
3037  break;
3038  #endif
3039  #ifdef POLARSSL_SHA4_C
3040  case SIG_RSA_SHA384:
3041  sha4( message_str, msg_len, hash_result, 1 );
3042  break;
3043  case SIG_RSA_SHA512:
3044  sha4( message_str, msg_len, hash_result, 0 );
3045  break;
3046  #endif
3047  }
3048 
3049  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA256, 0, hash_result, result_str ) == POLARSSL_ERR_RSA_INVALID_PADDING );
3050 
3051  rsa_free( &ctx );
3052  }
3053  FCT_TEST_END();
3054 #endif /* POLARSSL_SHA2_C */
3055 
3056 #ifdef POLARSSL_SHA2_C
3057 
3058  FCT_TEST_BGN(rsa_pkcs1_sign_3_sha224_2048_bits_rsa)
3059  {
3060  unsigned char message_str[1000];
3061  unsigned char hash_result[1000];
3062  unsigned char output[1000];
3063  unsigned char output_str[1000];
3064  rsa_context ctx;
3065  mpi P1, Q1, H, G;
3066  int msg_len;
3067 
3068  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
3069  rsa_init( &ctx, RSA_PKCS_V15, 0 );
3070 
3071  memset( message_str, 0x00, 1000 );
3072  memset( hash_result, 0x00, 1000 );
3073  memset( output, 0x00, 1000 );
3074  memset( output_str, 0x00, 1000 );
3075 
3076  ctx.len = 2048 / 8;
3077  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
3078  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
3079  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
3080  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
3081 
3082  fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
3083  fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
3084  fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
3085  fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 );
3086  fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
3087  fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
3088  fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
3089  fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
3090 
3091  fct_chk( rsa_check_privkey( &ctx ) == 0 );
3092 
3093  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
3094 
3095  switch( SIG_RSA_SHA224 )
3096  {
3097  #ifdef POLARSSL_MD2_C
3098  case SIG_RSA_MD2:
3099  md2( message_str, msg_len, hash_result );
3100  break;
3101  #endif
3102  #ifdef POLARSSL_MD4_C
3103  case SIG_RSA_MD4:
3104  md4( message_str, msg_len, hash_result );
3105  break;
3106  #endif
3107  #ifdef POLARSSL_MD5_C
3108  case SIG_RSA_MD5:
3109  md5( message_str, msg_len, hash_result );
3110  break;
3111  #endif
3112  #ifdef POLARSSL_SHA1_C
3113  case SIG_RSA_SHA1:
3114  sha1( message_str, msg_len, hash_result );
3115  break;
3116  #endif
3117  #ifdef POLARSSL_SHA2_C
3118  case SIG_RSA_SHA224:
3119  sha2( message_str, msg_len, hash_result, 1 );
3120  break;
3121  case SIG_RSA_SHA256:
3122  sha2( message_str, msg_len, hash_result, 0 );
3123  break;
3124  #endif
3125  #ifdef POLARSSL_SHA4_C
3126  case SIG_RSA_SHA384:
3127  sha4( message_str, msg_len, hash_result, 1 );
3128  break;
3129  case SIG_RSA_SHA512:
3130  sha4( message_str, msg_len, hash_result, 0 );
3131  break;
3132  #endif
3133  }
3134 
3135  fct_chk( rsa_pkcs1_sign( &ctx, NULL, NULL, RSA_PRIVATE, SIG_RSA_SHA224, 0, hash_result, output ) == 0 );
3136  if( 0 == 0 )
3137  {
3138  hexify( output_str, output, ctx.len );
3139 
3140  fct_chk( strcasecmp( (char *) output_str, "9d768b8b31421f9d9ced890aafaf8b3468656419049ed268f6e1992066f45dc3e4cd349e8c5ed5a06e4ef5badaba064ba94907dfedf3d708becaf44ae9b27c3866d329311ba93e8ddc7fc284fba05d1bb84fb1e060a5b76b7fa515cfcd2c8144474623672703cac1e15ff4fdf8ef19d365c51ba86e60f4cbbcd07f956060625751bfbecc47945646459cadaddd900603a8149a93b31a6d432e1da1a67eb765f5b2f0bd1adb9af12d731c7b02931b42dbbfd8c7cecde76b817e96f664147a2c5091c6ce4dc562c5f57159d6f9dc9ba2daa212db56677839621bd4805dde62955fb2d0cc2c448109d10ecc6206ea81f0a02e1646471358f3ec146cd3c75f2d390b" ) == 0 );
3141  }
3142 
3143  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
3144  rsa_free( &ctx );
3145  }
3146  FCT_TEST_END();
3147 #endif /* POLARSSL_SHA2_C */
3148 
3149 #ifdef POLARSSL_SHA2_C
3150 
3151  FCT_TEST_BGN(rsa_pkcs1_sign_3_verify)
3152  {
3153  unsigned char message_str[1000];
3154  unsigned char hash_result[1000];
3155  unsigned char result_str[1000];
3156  rsa_context ctx;
3157  int msg_len;
3158 
3159  rsa_init( &ctx, RSA_PKCS_V15, 0 );
3160  memset( message_str, 0x00, 1000 );
3161  memset( hash_result, 0x00, 1000 );
3162  memset( result_str, 0x00, 1000 );
3163 
3164  ctx.len = 2048 / 8;
3165  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
3166  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
3167 
3168  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
3169 
3170  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
3171  unhexify( result_str, "9d768b8b31421f9d9ced890aafaf8b3468656419049ed268f6e1992066f45dc3e4cd349e8c5ed5a06e4ef5badaba064ba94907dfedf3d708becaf44ae9b27c3866d329311ba93e8ddc7fc284fba05d1bb84fb1e060a5b76b7fa515cfcd2c8144474623672703cac1e15ff4fdf8ef19d365c51ba86e60f4cbbcd07f956060625751bfbecc47945646459cadaddd900603a8149a93b31a6d432e1da1a67eb765f5b2f0bd1adb9af12d731c7b02931b42dbbfd8c7cecde76b817e96f664147a2c5091c6ce4dc562c5f57159d6f9dc9ba2daa212db56677839621bd4805dde62955fb2d0cc2c448109d10ecc6206ea81f0a02e1646471358f3ec146cd3c75f2d390b" );
3172 
3173  switch( SIG_RSA_SHA224 )
3174  {
3175  #ifdef POLARSSL_MD2_C
3176  case SIG_RSA_MD2:
3177  md2( message_str, msg_len, hash_result );
3178  break;
3179  #endif
3180  #ifdef POLARSSL_MD4_C
3181  case SIG_RSA_MD4:
3182  md4( message_str, msg_len, hash_result );
3183  break;
3184  #endif
3185  #ifdef POLARSSL_MD5_C
3186  case SIG_RSA_MD5:
3187  md5( message_str, msg_len, hash_result );
3188  break;
3189  #endif
3190  #ifdef POLARSSL_SHA1_C
3191  case SIG_RSA_SHA1:
3192  sha1( message_str, msg_len, hash_result );
3193  break;
3194  #endif
3195  #ifdef POLARSSL_SHA2_C
3196  case SIG_RSA_SHA224:
3197  sha2( message_str, msg_len, hash_result, 1 );
3198  break;
3199  case SIG_RSA_SHA256:
3200  sha2( message_str, msg_len, hash_result, 0 );
3201  break;
3202  #endif
3203  #ifdef POLARSSL_SHA4_C
3204  case SIG_RSA_SHA384:
3205  sha4( message_str, msg_len, hash_result, 1 );
3206  break;
3207  case SIG_RSA_SHA512:
3208  sha4( message_str, msg_len, hash_result, 0 );
3209  break;
3210  #endif
3211  }
3212 
3213  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA224, 0, hash_result, result_str ) == 0 );
3214 
3215  rsa_free( &ctx );
3216  }
3217  FCT_TEST_END();
3218 #endif /* POLARSSL_SHA2_C */
3219 
3220 #ifdef POLARSSL_SHA4_C
3221 
3222  FCT_TEST_BGN(rsa_pkcs1_sign_4_sha384_2048_bits_rsa)
3223  {
3224  unsigned char message_str[1000];
3225  unsigned char hash_result[1000];
3226  unsigned char output[1000];
3227  unsigned char output_str[1000];
3228  rsa_context ctx;
3229  mpi P1, Q1, H, G;
3230  int msg_len;
3231 
3232  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
3233  rsa_init( &ctx, RSA_PKCS_V15, 0 );
3234 
3235  memset( message_str, 0x00, 1000 );
3236  memset( hash_result, 0x00, 1000 );
3237  memset( output, 0x00, 1000 );
3238  memset( output_str, 0x00, 1000 );
3239 
3240  ctx.len = 2048 / 8;
3241  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
3242  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
3243  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
3244  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
3245 
3246  fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
3247  fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
3248  fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
3249  fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 );
3250  fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
3251  fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
3252  fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
3253  fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
3254 
3255  fct_chk( rsa_check_privkey( &ctx ) == 0 );
3256 
3257  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
3258 
3259  switch( SIG_RSA_SHA384 )
3260  {
3261  #ifdef POLARSSL_MD2_C
3262  case SIG_RSA_MD2:
3263  md2( message_str, msg_len, hash_result );
3264  break;
3265  #endif
3266  #ifdef POLARSSL_MD4_C
3267  case SIG_RSA_MD4:
3268  md4( message_str, msg_len, hash_result );
3269  break;
3270  #endif
3271  #ifdef POLARSSL_MD5_C
3272  case SIG_RSA_MD5:
3273  md5( message_str, msg_len, hash_result );
3274  break;
3275  #endif
3276  #ifdef POLARSSL_SHA1_C
3277  case SIG_RSA_SHA1:
3278  sha1( message_str, msg_len, hash_result );
3279  break;
3280  #endif
3281  #ifdef POLARSSL_SHA2_C
3282  case SIG_RSA_SHA224:
3283  sha2( message_str, msg_len, hash_result, 1 );
3284  break;
3285  case SIG_RSA_SHA256:
3286  sha2( message_str, msg_len, hash_result, 0 );
3287  break;
3288  #endif
3289  #ifdef POLARSSL_SHA4_C
3290  case SIG_RSA_SHA384:
3291  sha4( message_str, msg_len, hash_result, 1 );
3292  break;
3293  case SIG_RSA_SHA512:
3294  sha4( message_str, msg_len, hash_result, 0 );
3295  break;
3296  #endif
3297  }
3298 
3299  fct_chk( rsa_pkcs1_sign( &ctx, NULL, NULL, RSA_PRIVATE, SIG_RSA_SHA384, 0, hash_result, output ) == 0 );
3300  if( 0 == 0 )
3301  {
3302  hexify( output_str, output, ctx.len );
3303 
3304  fct_chk( strcasecmp( (char *) output_str, "40dcc96822e5612eb33f1dca247a35109ba3845c7a3d556a60e656624bf1c103d94686ca7379e9e329ccd1b19b52bfd48b608df9f59a96a82d3feb0101096dbcb80e46da543b4c982ac6bb1717f24f9fe3f76b7154492b47525be1ddcaf4631d33481531be8f3e685837b40bdf4a02827d79f6a32374147174680f51c8e0d8eed9d5c445a563a7bce9ef4236e7cfdc12b2223ef457c3e8ccc6dd65cc23e977a1f03f5ef584feb9af00efc71a701f9d413b0290af17692cb821a1e863d5778e174b1130659f30583f434f09cb1212471a41dd65c102de64a194b6ae3e43cd75928049db78042c58e980aff3ea2774e42845bcf217410a118cf5deeaa64224dbc8" ) == 0 );
3305  }
3306 
3307  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
3308  rsa_free( &ctx );
3309  }
3310  FCT_TEST_END();
3311 #endif /* POLARSSL_SHA4_C */
3312 
3313 #ifdef POLARSSL_SHA4_C
3314 
3315  FCT_TEST_BGN(rsa_pkcs1_sign_4_verify)
3316  {
3317  unsigned char message_str[1000];
3318  unsigned char hash_result[1000];
3319  unsigned char result_str[1000];
3320  rsa_context ctx;
3321  int msg_len;
3322 
3323  rsa_init( &ctx, RSA_PKCS_V15, 0 );
3324  memset( message_str, 0x00, 1000 );
3325  memset( hash_result, 0x00, 1000 );
3326  memset( result_str, 0x00, 1000 );
3327 
3328  ctx.len = 2048 / 8;
3329  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
3330  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
3331 
3332  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
3333 
3334  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
3335  unhexify( result_str, "40dcc96822e5612eb33f1dca247a35109ba3845c7a3d556a60e656624bf1c103d94686ca7379e9e329ccd1b19b52bfd48b608df9f59a96a82d3feb0101096dbcb80e46da543b4c982ac6bb1717f24f9fe3f76b7154492b47525be1ddcaf4631d33481531be8f3e685837b40bdf4a02827d79f6a32374147174680f51c8e0d8eed9d5c445a563a7bce9ef4236e7cfdc12b2223ef457c3e8ccc6dd65cc23e977a1f03f5ef584feb9af00efc71a701f9d413b0290af17692cb821a1e863d5778e174b1130659f30583f434f09cb1212471a41dd65c102de64a194b6ae3e43cd75928049db78042c58e980aff3ea2774e42845bcf217410a118cf5deeaa64224dbc8" );
3336 
3337  switch( SIG_RSA_SHA384 )
3338  {
3339  #ifdef POLARSSL_MD2_C
3340  case SIG_RSA_MD2:
3341  md2( message_str, msg_len, hash_result );
3342  break;
3343  #endif
3344  #ifdef POLARSSL_MD4_C
3345  case SIG_RSA_MD4:
3346  md4( message_str, msg_len, hash_result );
3347  break;
3348  #endif
3349  #ifdef POLARSSL_MD5_C
3350  case SIG_RSA_MD5:
3351  md5( message_str, msg_len, hash_result );
3352  break;
3353  #endif
3354  #ifdef POLARSSL_SHA1_C
3355  case SIG_RSA_SHA1:
3356  sha1( message_str, msg_len, hash_result );
3357  break;
3358  #endif
3359  #ifdef POLARSSL_SHA2_C
3360  case SIG_RSA_SHA224:
3361  sha2( message_str, msg_len, hash_result, 1 );
3362  break;
3363  case SIG_RSA_SHA256:
3364  sha2( message_str, msg_len, hash_result, 0 );
3365  break;
3366  #endif
3367  #ifdef POLARSSL_SHA4_C
3368  case SIG_RSA_SHA384:
3369  sha4( message_str, msg_len, hash_result, 1 );
3370  break;
3371  case SIG_RSA_SHA512:
3372  sha4( message_str, msg_len, hash_result, 0 );
3373  break;
3374  #endif
3375  }
3376 
3377  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_SHA384, 0, hash_result, result_str ) == 0 );
3378 
3379  rsa_free( &ctx );
3380  }
3381  FCT_TEST_END();
3382 #endif /* POLARSSL_SHA4_C */
3383 
3384 #ifdef POLARSSL_MD2_C
3385 
3386  FCT_TEST_BGN(rsa_pkcs1_sign_5_md2_2048_bits_rsa)
3387  {
3388  unsigned char message_str[1000];
3389  unsigned char hash_result[1000];
3390  unsigned char output[1000];
3391  unsigned char output_str[1000];
3392  rsa_context ctx;
3393  mpi P1, Q1, H, G;
3394  int msg_len;
3395 
3396  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
3397  rsa_init( &ctx, RSA_PKCS_V15, 0 );
3398 
3399  memset( message_str, 0x00, 1000 );
3400  memset( hash_result, 0x00, 1000 );
3401  memset( output, 0x00, 1000 );
3402  memset( output_str, 0x00, 1000 );
3403 
3404  ctx.len = 2048 / 8;
3405  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
3406  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
3407  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
3408  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
3409 
3410  fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
3411  fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
3412  fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
3413  fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 );
3414  fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
3415  fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
3416  fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
3417  fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
3418 
3419  fct_chk( rsa_check_privkey( &ctx ) == 0 );
3420 
3421  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
3422 
3423  switch( SIG_RSA_MD2 )
3424  {
3425  #ifdef POLARSSL_MD2_C
3426  case SIG_RSA_MD2:
3427  md2( message_str, msg_len, hash_result );
3428  break;
3429  #endif
3430  #ifdef POLARSSL_MD4_C
3431  case SIG_RSA_MD4:
3432  md4( message_str, msg_len, hash_result );
3433  break;
3434  #endif
3435  #ifdef POLARSSL_MD5_C
3436  case SIG_RSA_MD5:
3437  md5( message_str, msg_len, hash_result );
3438  break;
3439  #endif
3440  #ifdef POLARSSL_SHA1_C
3441  case SIG_RSA_SHA1:
3442  sha1( message_str, msg_len, hash_result );
3443  break;
3444  #endif
3445  #ifdef POLARSSL_SHA2_C
3446  case SIG_RSA_SHA224:
3447  sha2( message_str, msg_len, hash_result, 1 );
3448  break;
3449  case SIG_RSA_SHA256:
3450  sha2( message_str, msg_len, hash_result, 0 );
3451  break;
3452  #endif
3453  #ifdef POLARSSL_SHA4_C
3454  case SIG_RSA_SHA384:
3455  sha4( message_str, msg_len, hash_result, 1 );
3456  break;
3457  case SIG_RSA_SHA512:
3458  sha4( message_str, msg_len, hash_result, 0 );
3459  break;
3460  #endif
3461  }
3462 
3463  fct_chk( rsa_pkcs1_sign( &ctx, NULL, NULL, RSA_PRIVATE, SIG_RSA_MD2, 0, hash_result, output ) == 0 );
3464  if( 0 == 0 )
3465  {
3466  hexify( output_str, output, ctx.len );
3467 
3468  fct_chk( strcasecmp( (char *) output_str, "6cbb0e4019d64dd5cd2d48fa43446e5cba1a7edbb79d91b199be75c7d3e7ae0820c44d3a120cd2910f73cbb315e15963a60ea7da3452015d9d6beb5ac998fddbd1fa3e5908abc9151f3ffb70365aaee6fb0cd440d3f5591868fc136fae38ac7bcdb3bde3c6a0362dd8b814f7edadd4a51b2edf2227a40d1e34c29f608add7746731425858eb93661c633b7a90942fca3cd594ab4ec170052d44105643518020782e76235def34d014135bad8daed590200482325c3416c3d66417e80d9f9c6322a54683638247b577445ecd0be2765ce96c4ee45213204026dfba24d5ee89e1ea75538ba39f7149a5ac0fc12d7c53cbc12481d4a8e2d410ec633d800ad4b4304" ) == 0 );
3469  }
3470 
3471  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
3472  rsa_free( &ctx );
3473  }
3474  FCT_TEST_END();
3475 #endif /* POLARSSL_MD2_C */
3476 
3477 #ifdef POLARSSL_MD2_C
3478 
3479  FCT_TEST_BGN(rsa_pkcs1_sign_5_verify)
3480  {
3481  unsigned char message_str[1000];
3482  unsigned char hash_result[1000];
3483  unsigned char result_str[1000];
3484  rsa_context ctx;
3485  int msg_len;
3486 
3487  rsa_init( &ctx, RSA_PKCS_V15, 0 );
3488  memset( message_str, 0x00, 1000 );
3489  memset( hash_result, 0x00, 1000 );
3490  memset( result_str, 0x00, 1000 );
3491 
3492  ctx.len = 2048 / 8;
3493  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
3494  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
3495 
3496  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
3497 
3498  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
3499  unhexify( result_str, "6cbb0e4019d64dd5cd2d48fa43446e5cba1a7edbb79d91b199be75c7d3e7ae0820c44d3a120cd2910f73cbb315e15963a60ea7da3452015d9d6beb5ac998fddbd1fa3e5908abc9151f3ffb70365aaee6fb0cd440d3f5591868fc136fae38ac7bcdb3bde3c6a0362dd8b814f7edadd4a51b2edf2227a40d1e34c29f608add7746731425858eb93661c633b7a90942fca3cd594ab4ec170052d44105643518020782e76235def34d014135bad8daed590200482325c3416c3d66417e80d9f9c6322a54683638247b577445ecd0be2765ce96c4ee45213204026dfba24d5ee89e1ea75538ba39f7149a5ac0fc12d7c53cbc12481d4a8e2d410ec633d800ad4b4304" );
3500 
3501  switch( SIG_RSA_MD2 )
3502  {
3503  #ifdef POLARSSL_MD2_C
3504  case SIG_RSA_MD2:
3505  md2( message_str, msg_len, hash_result );
3506  break;
3507  #endif
3508  #ifdef POLARSSL_MD4_C
3509  case SIG_RSA_MD4:
3510  md4( message_str, msg_len, hash_result );
3511  break;
3512  #endif
3513  #ifdef POLARSSL_MD5_C
3514  case SIG_RSA_MD5:
3515  md5( message_str, msg_len, hash_result );
3516  break;
3517  #endif
3518  #ifdef POLARSSL_SHA1_C
3519  case SIG_RSA_SHA1:
3520  sha1( message_str, msg_len, hash_result );
3521  break;
3522  #endif
3523  #ifdef POLARSSL_SHA2_C
3524  case SIG_RSA_SHA224:
3525  sha2( message_str, msg_len, hash_result, 1 );
3526  break;
3527  case SIG_RSA_SHA256:
3528  sha2( message_str, msg_len, hash_result, 0 );
3529  break;
3530  #endif
3531  #ifdef POLARSSL_SHA4_C
3532  case SIG_RSA_SHA384:
3533  sha4( message_str, msg_len, hash_result, 1 );
3534  break;
3535  case SIG_RSA_SHA512:
3536  sha4( message_str, msg_len, hash_result, 0 );
3537  break;
3538  #endif
3539  }
3540 
3541  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_MD2, 0, hash_result, result_str ) == 0 );
3542 
3543  rsa_free( &ctx );
3544  }
3545  FCT_TEST_END();
3546 #endif /* POLARSSL_MD2_C */
3547 
3548 #ifdef POLARSSL_MD4_C
3549 
3550  FCT_TEST_BGN(rsa_pkcs1_sign_6_md4_2048_bits_rsa)
3551  {
3552  unsigned char message_str[1000];
3553  unsigned char hash_result[1000];
3554  unsigned char output[1000];
3555  unsigned char output_str[1000];
3556  rsa_context ctx;
3557  mpi P1, Q1, H, G;
3558  int msg_len;
3559 
3560  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
3561  rsa_init( &ctx, RSA_PKCS_V15, 0 );
3562 
3563  memset( message_str, 0x00, 1000 );
3564  memset( hash_result, 0x00, 1000 );
3565  memset( output, 0x00, 1000 );
3566  memset( output_str, 0x00, 1000 );
3567 
3568  ctx.len = 2048 / 8;
3569  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
3570  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
3571  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
3572  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
3573 
3574  fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
3575  fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
3576  fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
3577  fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 );
3578  fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
3579  fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
3580  fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
3581  fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
3582 
3583  fct_chk( rsa_check_privkey( &ctx ) == 0 );
3584 
3585  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
3586 
3587  switch( SIG_RSA_MD4 )
3588  {
3589  #ifdef POLARSSL_MD2_C
3590  case SIG_RSA_MD2:
3591  md2( message_str, msg_len, hash_result );
3592  break;
3593  #endif
3594  #ifdef POLARSSL_MD4_C
3595  case SIG_RSA_MD4:
3596  md4( message_str, msg_len, hash_result );
3597  break;
3598  #endif
3599  #ifdef POLARSSL_MD5_C
3600  case SIG_RSA_MD5:
3601  md5( message_str, msg_len, hash_result );
3602  break;
3603  #endif
3604  #ifdef POLARSSL_SHA1_C
3605  case SIG_RSA_SHA1:
3606  sha1( message_str, msg_len, hash_result );
3607  break;
3608  #endif
3609  #ifdef POLARSSL_SHA2_C
3610  case SIG_RSA_SHA224:
3611  sha2( message_str, msg_len, hash_result, 1 );
3612  break;
3613  case SIG_RSA_SHA256:
3614  sha2( message_str, msg_len, hash_result, 0 );
3615  break;
3616  #endif
3617  #ifdef POLARSSL_SHA4_C
3618  case SIG_RSA_SHA384:
3619  sha4( message_str, msg_len, hash_result, 1 );
3620  break;
3621  case SIG_RSA_SHA512:
3622  sha4( message_str, msg_len, hash_result, 0 );
3623  break;
3624  #endif
3625  }
3626 
3627  fct_chk( rsa_pkcs1_sign( &ctx, NULL, NULL, RSA_PRIVATE, SIG_RSA_MD4, 0, hash_result, output ) == 0 );
3628  if( 0 == 0 )
3629  {
3630  hexify( output_str, output, ctx.len );
3631 
3632  fct_chk( strcasecmp( (char *) output_str, "b0e60dc4dfaf0f636a3a4414eae2d7bce7c3ce505a46e38f3f654d8769b31b7891ba18f89672fce204bbac6e3764355e65447c087994731cd44f086710e79e8c3ebc6e2cb61edc5d3e05848ab733d95efe2d0252a691e810c17fa57fd2dd296374c9ba17fea704685677f45d668a386c8ca433fbbb56d3bbfb43a489ed9518b1c9ab13ce497a1cec91467453bfe533145a31a095c2de541255141768ccc6fdff3fc790b5050f1122c93c3044a9346947e1b23e8125bf7edbf38c64a4286dfc1b829e983db3117959a2559a8ef97687ab673e231be213d88edc632637b58cdb2d69c51fbf6bf894cff319216718b1e696f75cd4366f53dc2e28b2a00017984207" ) == 0 );
3633  }
3634 
3635  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
3636  rsa_free( &ctx );
3637  }
3638  FCT_TEST_END();
3639 #endif /* POLARSSL_MD4_C */
3640 
3641 #ifdef POLARSSL_MD4_C
3642 
3643  FCT_TEST_BGN(rsa_pkcs1_sign_6_verify)
3644  {
3645  unsigned char message_str[1000];
3646  unsigned char hash_result[1000];
3647  unsigned char result_str[1000];
3648  rsa_context ctx;
3649  int msg_len;
3650 
3651  rsa_init( &ctx, RSA_PKCS_V15, 0 );
3652  memset( message_str, 0x00, 1000 );
3653  memset( hash_result, 0x00, 1000 );
3654  memset( result_str, 0x00, 1000 );
3655 
3656  ctx.len = 2048 / 8;
3657  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
3658  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
3659 
3660  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
3661 
3662  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
3663  unhexify( result_str, "b0e60dc4dfaf0f636a3a4414eae2d7bce7c3ce505a46e38f3f654d8769b31b7891ba18f89672fce204bbac6e3764355e65447c087994731cd44f086710e79e8c3ebc6e2cb61edc5d3e05848ab733d95efe2d0252a691e810c17fa57fd2dd296374c9ba17fea704685677f45d668a386c8ca433fbbb56d3bbfb43a489ed9518b1c9ab13ce497a1cec91467453bfe533145a31a095c2de541255141768ccc6fdff3fc790b5050f1122c93c3044a9346947e1b23e8125bf7edbf38c64a4286dfc1b829e983db3117959a2559a8ef97687ab673e231be213d88edc632637b58cdb2d69c51fbf6bf894cff319216718b1e696f75cd4366f53dc2e28b2a00017984207" );
3664 
3665  switch( SIG_RSA_MD4 )
3666  {
3667  #ifdef POLARSSL_MD2_C
3668  case SIG_RSA_MD2:
3669  md2( message_str, msg_len, hash_result );
3670  break;
3671  #endif
3672  #ifdef POLARSSL_MD4_C
3673  case SIG_RSA_MD4:
3674  md4( message_str, msg_len, hash_result );
3675  break;
3676  #endif
3677  #ifdef POLARSSL_MD5_C
3678  case SIG_RSA_MD5:
3679  md5( message_str, msg_len, hash_result );
3680  break;
3681  #endif
3682  #ifdef POLARSSL_SHA1_C
3683  case SIG_RSA_SHA1:
3684  sha1( message_str, msg_len, hash_result );
3685  break;
3686  #endif
3687  #ifdef POLARSSL_SHA2_C
3688  case SIG_RSA_SHA224:
3689  sha2( message_str, msg_len, hash_result, 1 );
3690  break;
3691  case SIG_RSA_SHA256:
3692  sha2( message_str, msg_len, hash_result, 0 );
3693  break;
3694  #endif
3695  #ifdef POLARSSL_SHA4_C
3696  case SIG_RSA_SHA384:
3697  sha4( message_str, msg_len, hash_result, 1 );
3698  break;
3699  case SIG_RSA_SHA512:
3700  sha4( message_str, msg_len, hash_result, 0 );
3701  break;
3702  #endif
3703  }
3704 
3705  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_MD4, 0, hash_result, result_str ) == 0 );
3706 
3707  rsa_free( &ctx );
3708  }
3709  FCT_TEST_END();
3710 #endif /* POLARSSL_MD4_C */
3711 
3712 #ifdef POLARSSL_MD5_C
3713 
3714  FCT_TEST_BGN(rsa_pkcs1_sign_7_md5_2048_bits_rsa)
3715  {
3716  unsigned char message_str[1000];
3717  unsigned char hash_result[1000];
3718  unsigned char output[1000];
3719  unsigned char output_str[1000];
3720  rsa_context ctx;
3721  mpi P1, Q1, H, G;
3722  int msg_len;
3723 
3724  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
3725  rsa_init( &ctx, RSA_PKCS_V15, 0 );
3726 
3727  memset( message_str, 0x00, 1000 );
3728  memset( hash_result, 0x00, 1000 );
3729  memset( output, 0x00, 1000 );
3730  memset( output_str, 0x00, 1000 );
3731 
3732  ctx.len = 2048 / 8;
3733  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
3734  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
3735  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
3736  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
3737 
3738  fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
3739  fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
3740  fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
3741  fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 );
3742  fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
3743  fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
3744  fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
3745  fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
3746 
3747  fct_chk( rsa_check_privkey( &ctx ) == 0 );
3748 
3749  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
3750 
3751  switch( SIG_RSA_MD5 )
3752  {
3753  #ifdef POLARSSL_MD2_C
3754  case SIG_RSA_MD2:
3755  md2( message_str, msg_len, hash_result );
3756  break;
3757  #endif
3758  #ifdef POLARSSL_MD4_C
3759  case SIG_RSA_MD4:
3760  md4( message_str, msg_len, hash_result );
3761  break;
3762  #endif
3763  #ifdef POLARSSL_MD5_C
3764  case SIG_RSA_MD5:
3765  md5( message_str, msg_len, hash_result );
3766  break;
3767  #endif
3768  #ifdef POLARSSL_SHA1_C
3769  case SIG_RSA_SHA1:
3770  sha1( message_str, msg_len, hash_result );
3771  break;
3772  #endif
3773  #ifdef POLARSSL_SHA2_C
3774  case SIG_RSA_SHA224:
3775  sha2( message_str, msg_len, hash_result, 1 );
3776  break;
3777  case SIG_RSA_SHA256:
3778  sha2( message_str, msg_len, hash_result, 0 );
3779  break;
3780  #endif
3781  #ifdef POLARSSL_SHA4_C
3782  case SIG_RSA_SHA384:
3783  sha4( message_str, msg_len, hash_result, 1 );
3784  break;
3785  case SIG_RSA_SHA512:
3786  sha4( message_str, msg_len, hash_result, 0 );
3787  break;
3788  #endif
3789  }
3790 
3791  fct_chk( rsa_pkcs1_sign( &ctx, NULL, NULL, RSA_PRIVATE, SIG_RSA_MD5, 0, hash_result, output ) == 0 );
3792  if( 0 == 0 )
3793  {
3794  hexify( output_str, output, ctx.len );
3795 
3796  fct_chk( strcasecmp( (char *) output_str, "3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021" ) == 0 );
3797  }
3798 
3799  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
3800  rsa_free( &ctx );
3801  }
3802  FCT_TEST_END();
3803 #endif /* POLARSSL_MD5_C */
3804 
3805 #ifdef POLARSSL_MD5_C
3806 
3807  FCT_TEST_BGN(rsa_pkcs1_sign_7_verify)
3808  {
3809  unsigned char message_str[1000];
3810  unsigned char hash_result[1000];
3811  unsigned char result_str[1000];
3812  rsa_context ctx;
3813  int msg_len;
3814 
3815  rsa_init( &ctx, RSA_PKCS_V15, 0 );
3816  memset( message_str, 0x00, 1000 );
3817  memset( hash_result, 0x00, 1000 );
3818  memset( result_str, 0x00, 1000 );
3819 
3820  ctx.len = 2048 / 8;
3821  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
3822  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
3823 
3824  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
3825 
3826  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
3827  unhexify( result_str, "3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021" );
3828 
3829  switch( SIG_RSA_MD5 )
3830  {
3831  #ifdef POLARSSL_MD2_C
3832  case SIG_RSA_MD2:
3833  md2( message_str, msg_len, hash_result );
3834  break;
3835  #endif
3836  #ifdef POLARSSL_MD4_C
3837  case SIG_RSA_MD4:
3838  md4( message_str, msg_len, hash_result );
3839  break;
3840  #endif
3841  #ifdef POLARSSL_MD5_C
3842  case SIG_RSA_MD5:
3843  md5( message_str, msg_len, hash_result );
3844  break;
3845  #endif
3846  #ifdef POLARSSL_SHA1_C
3847  case SIG_RSA_SHA1:
3848  sha1( message_str, msg_len, hash_result );
3849  break;
3850  #endif
3851  #ifdef POLARSSL_SHA2_C
3852  case SIG_RSA_SHA224:
3853  sha2( message_str, msg_len, hash_result, 1 );
3854  break;
3855  case SIG_RSA_SHA256:
3856  sha2( message_str, msg_len, hash_result, 0 );
3857  break;
3858  #endif
3859  #ifdef POLARSSL_SHA4_C
3860  case SIG_RSA_SHA384:
3861  sha4( message_str, msg_len, hash_result, 1 );
3862  break;
3863  case SIG_RSA_SHA512:
3864  sha4( message_str, msg_len, hash_result, 0 );
3865  break;
3866  #endif
3867  }
3868 
3869  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_MD5, 0, hash_result, result_str ) == 0 );
3870 
3871  rsa_free( &ctx );
3872  }
3873  FCT_TEST_END();
3874 #endif /* POLARSSL_MD5_C */
3875 
3876 
3877  FCT_TEST_BGN(rsa_pkcs1_sign_8_raw_2048_bits_rsa)
3878  {
3879  unsigned char message_str[1000];
3880  unsigned char hash_result[1000];
3881  unsigned char output[1000];
3882  unsigned char output_str[1000];
3883  rsa_context ctx;
3884  mpi P1, Q1, H, G;
3885  int hash_len;
3886 
3887  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
3888  rsa_init( &ctx, RSA_PKCS_V15, 0 );
3889 
3890  memset( message_str, 0x00, 1000 );
3891  memset( hash_result, 0x00, 1000 );
3892  memset( output, 0x00, 1000 );
3893  memset( output_str, 0x00, 1000 );
3894 
3895  ctx.len = 2048 / 8;
3896  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
3897  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
3898  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
3899  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
3900 
3901  fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
3902  fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
3903  fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
3904  fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 );
3905  fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
3906  fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
3907  fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
3908  fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
3909 
3910  fct_chk( rsa_check_privkey( &ctx ) == 0 );
3911 
3912  unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
3913  hash_len = unhexify( hash_result, "1234567890deadbeef" );
3914 
3915  fct_chk( rsa_pkcs1_sign( &ctx, NULL, NULL, RSA_PRIVATE, SIG_RSA_RAW, hash_len, hash_result, output ) == 0 );
3916 
3917  hexify( output_str, output, ctx.len );
3918 
3919  fct_chk( strcasecmp( (char *) output_str, "605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8" ) == 0 );
3920 
3921  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
3922  rsa_free( &ctx );
3923  }
3924  FCT_TEST_END();
3925 
3926 
3927  FCT_TEST_BGN(rsa_pkcs1_sign_8_verify)
3928  {
3929  unsigned char message_str[1000];
3930  unsigned char hash_result[1000];
3931  unsigned char result_str[1000];
3932  rsa_context ctx;
3933  size_t hash_len;
3934 
3935  rsa_init( &ctx, RSA_PKCS_V15, 0 );
3936  memset( message_str, 0x00, 1000 );
3937  memset( hash_result, 0x00, 1000 );
3938  memset( result_str, 0x00, 1000 );
3939 
3940  ctx.len = 2048 / 8;
3941  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
3942  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
3943 
3944  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
3945 
3946  unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
3947  hash_len = unhexify( hash_result, "1234567890deadbeef" );
3948  unhexify( result_str, "605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8" );
3949 
3950  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_RAW, hash_len, hash_result, result_str ) == 0 );
3951 
3952  rsa_free( &ctx );
3953  }
3954  FCT_TEST_END();
3955 
3956 
3957  FCT_TEST_BGN(rsa_pkcs1_sign_8_verify_wrong_raw_hash)
3958  {
3959  unsigned char message_str[1000];
3960  unsigned char hash_result[1000];
3961  unsigned char result_str[1000];
3962  rsa_context ctx;
3963  size_t hash_len;
3964 
3965  rsa_init( &ctx, RSA_PKCS_V15, 0 );
3966  memset( message_str, 0x00, 1000 );
3967  memset( hash_result, 0x00, 1000 );
3968  memset( result_str, 0x00, 1000 );
3969 
3970  ctx.len = 2048 / 8;
3971  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
3972  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
3973 
3974  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
3975 
3976  unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
3977  hash_len = unhexify( hash_result, "1234567890deadcafe" );
3978  unhexify( result_str, "605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8" );
3979 
3980  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_RAW, hash_len, hash_result, result_str ) == POLARSSL_ERR_RSA_VERIFY_FAILED );
3981 
3982  rsa_free( &ctx );
3983  }
3984  FCT_TEST_END();
3985 
3986 
3987  FCT_TEST_BGN(rsa_pkcs1_sign_9_invalid_digest_type)
3988  {
3989  unsigned char message_str[1000];
3990  unsigned char hash_result[1000];
3991  unsigned char output[1000];
3992  unsigned char output_str[1000];
3993  rsa_context ctx;
3994  mpi P1, Q1, H, G;
3995  int msg_len;
3996 
3997  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
3998  rsa_init( &ctx, RSA_PKCS_V15, 0 );
3999 
4000  memset( message_str, 0x00, 1000 );
4001  memset( hash_result, 0x00, 1000 );
4002  memset( output, 0x00, 1000 );
4003  memset( output_str, 0x00, 1000 );
4004 
4005  ctx.len = 2048 / 8;
4006  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
4007  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
4008  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4009  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4010 
4011  fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
4012  fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
4013  fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
4014  fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 );
4015  fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
4016  fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
4017  fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
4018  fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
4019 
4020  fct_chk( rsa_check_privkey( &ctx ) == 0 );
4021 
4022  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
4023 
4024  switch( 1 )
4025  {
4026  #ifdef POLARSSL_MD2_C
4027  case SIG_RSA_MD2:
4028  md2( message_str, msg_len, hash_result );
4029  break;
4030  #endif
4031  #ifdef POLARSSL_MD4_C
4032  case SIG_RSA_MD4:
4033  md4( message_str, msg_len, hash_result );
4034  break;
4035  #endif
4036  #ifdef POLARSSL_MD5_C
4037  case SIG_RSA_MD5:
4038  md5( message_str, msg_len, hash_result );
4039  break;
4040  #endif
4041  #ifdef POLARSSL_SHA1_C
4042  case SIG_RSA_SHA1:
4043  sha1( message_str, msg_len, hash_result );
4044  break;
4045  #endif
4046  #ifdef POLARSSL_SHA2_C
4047  case SIG_RSA_SHA224:
4048  sha2( message_str, msg_len, hash_result, 1 );
4049  break;
4050  case SIG_RSA_SHA256:
4051  sha2( message_str, msg_len, hash_result, 0 );
4052  break;
4053  #endif
4054  #ifdef POLARSSL_SHA4_C
4055  case SIG_RSA_SHA384:
4056  sha4( message_str, msg_len, hash_result, 1 );
4057  break;
4058  case SIG_RSA_SHA512:
4059  sha4( message_str, msg_len, hash_result, 0 );
4060  break;
4061  #endif
4062  }
4063 
4064  fct_chk( rsa_pkcs1_sign( &ctx, NULL, NULL, RSA_PRIVATE, 1, 0, hash_result, output ) == POLARSSL_ERR_RSA_BAD_INPUT_DATA );
4066  {
4067  hexify( output_str, output, ctx.len );
4068 
4069  fct_chk( strcasecmp( (char *) output_str, "3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021" ) == 0 );
4070  }
4071 
4072  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
4073  rsa_free( &ctx );
4074  }
4075  FCT_TEST_END();
4076 
4077 
4078  FCT_TEST_BGN(rsa_pkcs1_sign_9_verify_invalid_digest_type)
4079  {
4080  unsigned char message_str[1000];
4081  unsigned char hash_result[1000];
4082  unsigned char result_str[1000];
4083  rsa_context ctx;
4084  int msg_len;
4085 
4086  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4087  memset( message_str, 0x00, 1000 );
4088  memset( hash_result, 0x00, 1000 );
4089  memset( result_str, 0x00, 1000 );
4090 
4091  ctx.len = 2048 / 8;
4092  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4093  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4094 
4095  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
4096 
4097  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
4098  unhexify( result_str, "3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021" );
4099 
4100  switch( 1 )
4101  {
4102  #ifdef POLARSSL_MD2_C
4103  case SIG_RSA_MD2:
4104  md2( message_str, msg_len, hash_result );
4105  break;
4106  #endif
4107  #ifdef POLARSSL_MD4_C
4108  case SIG_RSA_MD4:
4109  md4( message_str, msg_len, hash_result );
4110  break;
4111  #endif
4112  #ifdef POLARSSL_MD5_C
4113  case SIG_RSA_MD5:
4114  md5( message_str, msg_len, hash_result );
4115  break;
4116  #endif
4117  #ifdef POLARSSL_SHA1_C
4118  case SIG_RSA_SHA1:
4119  sha1( message_str, msg_len, hash_result );
4120  break;
4121  #endif
4122  #ifdef POLARSSL_SHA2_C
4123  case SIG_RSA_SHA224:
4124  sha2( message_str, msg_len, hash_result, 1 );
4125  break;
4126  case SIG_RSA_SHA256:
4127  sha2( message_str, msg_len, hash_result, 0 );
4128  break;
4129  #endif
4130  #ifdef POLARSSL_SHA4_C
4131  case SIG_RSA_SHA384:
4132  sha4( message_str, msg_len, hash_result, 1 );
4133  break;
4134  case SIG_RSA_SHA512:
4135  sha4( message_str, msg_len, hash_result, 0 );
4136  break;
4137  #endif
4138  }
4139 
4140  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, 1, 0, hash_result, result_str ) == POLARSSL_ERR_RSA_INVALID_PADDING );
4141 
4142  rsa_free( &ctx );
4143  }
4144  FCT_TEST_END();
4145 
4146 
4147  FCT_TEST_BGN(rsa_pkcs1_sign_8_invalid_padding_type)
4148  {
4149  unsigned char message_str[1000];
4150  unsigned char hash_result[1000];
4151  unsigned char output[1000];
4152  unsigned char output_str[1000];
4153  rsa_context ctx;
4154  mpi P1, Q1, H, G;
4155  int msg_len;
4156 
4157  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
4158  rsa_init( &ctx, 2, 0 );
4159 
4160  memset( message_str, 0x00, 1000 );
4161  memset( hash_result, 0x00, 1000 );
4162  memset( output, 0x00, 1000 );
4163  memset( output_str, 0x00, 1000 );
4164 
4165  ctx.len = 2048 / 8;
4166  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
4167  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
4168  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4169  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4170 
4171  fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
4172  fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
4173  fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
4174  fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 );
4175  fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
4176  fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
4177  fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
4178  fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
4179 
4180  fct_chk( rsa_check_privkey( &ctx ) == 0 );
4181 
4182  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
4183 
4184  switch( SIG_RSA_MD5 )
4185  {
4186  #ifdef POLARSSL_MD2_C
4187  case SIG_RSA_MD2:
4188  md2( message_str, msg_len, hash_result );
4189  break;
4190  #endif
4191  #ifdef POLARSSL_MD4_C
4192  case SIG_RSA_MD4:
4193  md4( message_str, msg_len, hash_result );
4194  break;
4195  #endif
4196  #ifdef POLARSSL_MD5_C
4197  case SIG_RSA_MD5:
4198  md5( message_str, msg_len, hash_result );
4199  break;
4200  #endif
4201  #ifdef POLARSSL_SHA1_C
4202  case SIG_RSA_SHA1:
4203  sha1( message_str, msg_len, hash_result );
4204  break;
4205  #endif
4206  #ifdef POLARSSL_SHA2_C
4207  case SIG_RSA_SHA224:
4208  sha2( message_str, msg_len, hash_result, 1 );
4209  break;
4210  case SIG_RSA_SHA256:
4211  sha2( message_str, msg_len, hash_result, 0 );
4212  break;
4213  #endif
4214  #ifdef POLARSSL_SHA4_C
4215  case SIG_RSA_SHA384:
4216  sha4( message_str, msg_len, hash_result, 1 );
4217  break;
4218  case SIG_RSA_SHA512:
4219  sha4( message_str, msg_len, hash_result, 0 );
4220  break;
4221  #endif
4222  }
4223 
4224  fct_chk( rsa_pkcs1_sign( &ctx, NULL, NULL, RSA_PRIVATE, SIG_RSA_MD5, 0, hash_result, output ) == POLARSSL_ERR_RSA_INVALID_PADDING );
4226  {
4227  hexify( output_str, output, ctx.len );
4228 
4229  fct_chk( strcasecmp( (char *) output_str, "3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021" ) == 0 );
4230  }
4231 
4232  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
4233  rsa_free( &ctx );
4234  }
4235  FCT_TEST_END();
4236 
4237 
4238  FCT_TEST_BGN(rsa_pkcs1_sign_8_verify_invalid_padding_type)
4239  {
4240  unsigned char message_str[1000];
4241  unsigned char hash_result[1000];
4242  unsigned char result_str[1000];
4243  rsa_context ctx;
4244  int msg_len;
4245 
4246  rsa_init( &ctx, 1, 0 );
4247  memset( message_str, 0x00, 1000 );
4248  memset( hash_result, 0x00, 1000 );
4249  memset( result_str, 0x00, 1000 );
4250 
4251  ctx.len = 2048 / 8;
4252  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4253  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4254 
4255  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
4256 
4257  msg_len = unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
4258  unhexify( result_str, "3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021" );
4259 
4260  switch( SIG_RSA_MD5 )
4261  {
4262  #ifdef POLARSSL_MD2_C
4263  case SIG_RSA_MD2:
4264  md2( message_str, msg_len, hash_result );
4265  break;
4266  #endif
4267  #ifdef POLARSSL_MD4_C
4268  case SIG_RSA_MD4:
4269  md4( message_str, msg_len, hash_result );
4270  break;
4271  #endif
4272  #ifdef POLARSSL_MD5_C
4273  case SIG_RSA_MD5:
4274  md5( message_str, msg_len, hash_result );
4275  break;
4276  #endif
4277  #ifdef POLARSSL_SHA1_C
4278  case SIG_RSA_SHA1:
4279  sha1( message_str, msg_len, hash_result );
4280  break;
4281  #endif
4282  #ifdef POLARSSL_SHA2_C
4283  case SIG_RSA_SHA224:
4284  sha2( message_str, msg_len, hash_result, 1 );
4285  break;
4286  case SIG_RSA_SHA256:
4287  sha2( message_str, msg_len, hash_result, 0 );
4288  break;
4289  #endif
4290  #ifdef POLARSSL_SHA4_C
4291  case SIG_RSA_SHA384:
4292  sha4( message_str, msg_len, hash_result, 1 );
4293  break;
4294  case SIG_RSA_SHA512:
4295  sha4( message_str, msg_len, hash_result, 0 );
4296  break;
4297  #endif
4298  }
4299 
4300  fct_chk( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_MD5, 0, hash_result, result_str ) == POLARSSL_ERR_RSA_INVALID_PADDING );
4301 
4302  rsa_free( &ctx );
4303  }
4304  FCT_TEST_END();
4305 
4306 
4307  FCT_TEST_BGN(rsa_pkcs1_encrypt_1)
4308  {
4309  unsigned char message_str[1000];
4310  unsigned char output[1000];
4311  unsigned char output_str[1000];
4312  rsa_context ctx;
4313  size_t msg_len;
4314  rnd_pseudo_info rnd_info;
4315 
4316  memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
4317 
4318  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4319  memset( message_str, 0x00, 1000 );
4320  memset( output, 0x00, 1000 );
4321  memset( output_str, 0x00, 1000 );
4322 
4323  ctx.len = 2048 / 8;
4324  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4325  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4326 
4327  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
4328 
4329  msg_len = unhexify( message_str, "4E636AF98E40F3ADCFCCB698F4E80B9F" );
4330 
4331  fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_pseudo_rand, &rnd_info, RSA_PUBLIC, msg_len, message_str, output ) == 0 );
4332  if( 0 == 0 )
4333  {
4334  hexify( output_str, output, ctx.len );
4335 
4336  fct_chk( strcasecmp( (char *) output_str, "b0c0b193ba4a5b4502bfacd1a9c2697da5510f3e3ab7274cf404418afd2c62c89b98d83bbc21c8c1bf1afe6d8bf40425e053e9c03e03a3be0edbe1eda073fade1cc286cc0305a493d98fe795634c3cad7feb513edb742d66d910c87d07f6b0055c3488bb262b5fd1ce8747af64801fb39d2d3a3e57086ffe55ab8d0a2ca86975629a0f85767a4990c532a7c2dab1647997ebb234d0b28a0008bfebfc905e7ba5b30b60566a5e0190417465efdbf549934b8f0c5c9f36b7c5b6373a47ae553ced0608a161b1b70dfa509375cf7a3598223a6d7b7a1d1a06ac74d345a9bb7c0e44c8388858a4f1d8115f2bd769ffa69020385fa286302c80e950f9e2751308666c" ) == 0 );
4337  }
4338 
4339  rsa_free( &ctx );
4340  }
4341  FCT_TEST_END();
4342 
4343 
4344  FCT_TEST_BGN(rsa_pkcs1_decrypt_1_verify)
4345  {
4346  unsigned char message_str[1000];
4347  unsigned char output[1000];
4348  unsigned char output_str[1000];
4349  rsa_context ctx;
4350  mpi P1, Q1, H, G;
4351  size_t output_len;
4352 
4353  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
4354  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4355 
4356  memset( message_str, 0x00, 1000 );
4357  memset( output, 0x00, 1000 );
4358  memset( output_str, 0x00, 1000 );
4359 
4360  ctx.len = 2048 / 8;
4361  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
4362  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
4363  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4364  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4365 
4366  fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
4367  fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
4368  fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
4369  fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 );
4370  fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
4371  fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
4372  fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
4373  fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
4374 
4375  fct_chk( rsa_check_privkey( &ctx ) == 0 );
4376 
4377  unhexify( message_str, "a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6" );
4378  output_len = 0;
4379 
4380  fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == 0 );
4381  if( 0 == 0 )
4382  {
4383  hexify( output_str, output, ctx.len );
4384 
4385  fct_chk( strncasecmp( (char *) output_str, "4E636AF98E40F3ADCFCCB698F4E80B9F", strlen( "4E636AF98E40F3ADCFCCB698F4E80B9F" ) ) == 0 );
4386  }
4387 
4388  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
4389  rsa_free( &ctx );
4390  }
4391  FCT_TEST_END();
4392 
4393 
4394  FCT_TEST_BGN(rsa_pkcs1_encrypt_2_data_too_large)
4395  {
4396  unsigned char message_str[1000];
4397  unsigned char output[1000];
4398  unsigned char output_str[1000];
4399  rsa_context ctx;
4400  size_t msg_len;
4401  rnd_pseudo_info rnd_info;
4402 
4403  memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
4404 
4405  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4406  memset( message_str, 0x00, 1000 );
4407  memset( output, 0x00, 1000 );
4408  memset( output_str, 0x00, 1000 );
4409 
4410  ctx.len = 2048 / 8;
4411  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4412  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4413 
4414  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
4415 
4416  msg_len = unhexify( message_str, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" );
4417 
4418  fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_pseudo_rand, &rnd_info, RSA_PUBLIC, msg_len, message_str, output ) == POLARSSL_ERR_RSA_BAD_INPUT_DATA );
4420  {
4421  hexify( output_str, output, ctx.len );
4422 
4423  fct_chk( strcasecmp( (char *) output_str, "a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6" ) == 0 );
4424  }
4425 
4426  rsa_free( &ctx );
4427  }
4428  FCT_TEST_END();
4429 
4430 
4431  FCT_TEST_BGN(rsa_pkcs1_decrypt_2_data_too_small)
4432  {
4433  unsigned char message_str[1000];
4434  unsigned char output[1000];
4435  unsigned char output_str[1000];
4436  rsa_context ctx;
4437  mpi P1, Q1, H, G;
4438  size_t output_len;
4439 
4440  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
4441  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4442 
4443  memset( message_str, 0x00, 1000 );
4444  memset( output, 0x00, 1000 );
4445  memset( output_str, 0x00, 1000 );
4446 
4447  ctx.len = 2048 / 8;
4448  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
4449  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
4450  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4451  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4452 
4453  fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
4454  fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
4455  fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
4456  fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 );
4457  fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
4458  fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
4459  fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
4460  fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
4461 
4462  fct_chk( rsa_check_privkey( &ctx ) == 0 );
4463 
4464  unhexify( message_str, "deadbeafcafedeadbeeffedcba9876" );
4465  output_len = 0;
4466 
4467  fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == POLARSSL_ERR_RSA_BAD_INPUT_DATA );
4469  {
4470  hexify( output_str, output, ctx.len );
4471 
4472  fct_chk( strncasecmp( (char *) output_str, "4E636AF98E40F3ADCFCCB698F4E80B9F", strlen( "4E636AF98E40F3ADCFCCB698F4E80B9F" ) ) == 0 );
4473  }
4474 
4475  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
4476  rsa_free( &ctx );
4477  }
4478  FCT_TEST_END();
4479 
4480 
4481  FCT_TEST_BGN(rsa_pkcs1_encrypt_3_invalid_padding_mode)
4482  {
4483  unsigned char message_str[1000];
4484  unsigned char output[1000];
4485  unsigned char output_str[1000];
4486  rsa_context ctx;
4487  size_t msg_len;
4488  rnd_pseudo_info rnd_info;
4489 
4490  memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
4491 
4492  rsa_init( &ctx, 2, 0 );
4493  memset( message_str, 0x00, 1000 );
4494  memset( output, 0x00, 1000 );
4495  memset( output_str, 0x00, 1000 );
4496 
4497  ctx.len = 2048 / 8;
4498  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4499  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4500 
4501  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
4502 
4503  msg_len = unhexify( message_str, "4E636AF98E40F3ADCFCCB698F4E80B9F" );
4504 
4505  fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_pseudo_rand, &rnd_info, RSA_PUBLIC, msg_len, message_str, output ) == POLARSSL_ERR_RSA_INVALID_PADDING );
4507  {
4508  hexify( output_str, output, ctx.len );
4509 
4510  fct_chk( strcasecmp( (char *) output_str, "a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6" ) == 0 );
4511  }
4512 
4513  rsa_free( &ctx );
4514  }
4515  FCT_TEST_END();
4516 
4517 
4518  FCT_TEST_BGN(rsa_pkcs1_decrypt_3_invalid_padding_mode)
4519  {
4520  unsigned char message_str[1000];
4521  unsigned char output[1000];
4522  unsigned char output_str[1000];
4523  rsa_context ctx;
4524  mpi P1, Q1, H, G;
4525  size_t output_len;
4526 
4527  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
4528  rsa_init( &ctx, 2, 0 );
4529 
4530  memset( message_str, 0x00, 1000 );
4531  memset( output, 0x00, 1000 );
4532  memset( output_str, 0x00, 1000 );
4533 
4534  ctx.len = 2048 / 8;
4535  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
4536  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
4537  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4538  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4539 
4540  fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
4541  fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
4542  fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
4543  fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 );
4544  fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
4545  fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
4546  fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
4547  fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
4548 
4549  fct_chk( rsa_check_privkey( &ctx ) == 0 );
4550 
4551  unhexify( message_str, "a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6" );
4552  output_len = 0;
4553 
4554  fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 1000 ) == POLARSSL_ERR_RSA_INVALID_PADDING );
4556  {
4557  hexify( output_str, output, ctx.len );
4558 
4559  fct_chk( strncasecmp( (char *) output_str, "4E636AF98E40F3ADCFCCB698F4E80B9F", strlen( "4E636AF98E40F3ADCFCCB698F4E80B9F" ) ) == 0 );
4560  }
4561 
4562  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
4563  rsa_free( &ctx );
4564  }
4565  FCT_TEST_END();
4566 
4567 
4568  FCT_TEST_BGN(rsa_pkcs1_decrypt_4_output_buffer_too_small)
4569  {
4570  unsigned char message_str[1000];
4571  unsigned char output[1000];
4572  unsigned char output_str[1000];
4573  rsa_context ctx;
4574  mpi P1, Q1, H, G;
4575  size_t output_len;
4576 
4577  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
4578  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4579 
4580  memset( message_str, 0x00, 1000 );
4581  memset( output, 0x00, 1000 );
4582  memset( output_str, 0x00, 1000 );
4583 
4584  ctx.len = 2048 / 8;
4585  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
4586  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
4587  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4588  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4589 
4590  fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
4591  fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
4592  fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
4593  fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 );
4594  fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
4595  fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
4596  fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
4597  fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
4598 
4599  fct_chk( rsa_check_privkey( &ctx ) == 0 );
4600 
4601  unhexify( message_str, "a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6" );
4602  output_len = 0;
4603 
4604  fct_chk( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, 15 ) == POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE );
4606  {
4607  hexify( output_str, output, ctx.len );
4608 
4609  fct_chk( strncasecmp( (char *) output_str, "4E636AF98E40F3ADCFCCB698F4E80B9F", strlen( "4E636AF98E40F3ADCFCCB698F4E80B9F" ) ) == 0 );
4610  }
4611 
4612  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
4613  rsa_free( &ctx );
4614  }
4615  FCT_TEST_END();
4616 
4617 
4618  FCT_TEST_BGN(rsa_check_empty_private_key)
4619  {
4620  rsa_context ctx;
4621  memset( &ctx, 0x00, sizeof( rsa_context ) );
4622 
4624  }
4625  FCT_TEST_END();
4626 
4627 
4628  FCT_TEST_BGN(rsa_check_private_key_1_correct)
4629  {
4630  rsa_context ctx;
4631 
4632  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4633 
4634  ctx.len = 2048 / 8;
4635  if( strlen( "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) )
4636  {
4637  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
4638  }
4639  if( strlen( "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) )
4640  {
4641  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
4642  }
4643  if( strlen( "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) )
4644  {
4645  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4646  }
4647  if( strlen( "3" ) )
4648  {
4649  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4650  }
4651  if( strlen( "77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB" ) )
4652  {
4653  fct_chk( mpi_read_string( &ctx.D, 16, "77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB" ) == 0 );
4654  }
4655  if( strlen( "9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F" ) )
4656  {
4657  fct_chk( mpi_read_string( &ctx.DP, 16, "9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F" ) == 0 );
4658  }
4659  if( strlen( "844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B" ) )
4660  {
4661  fct_chk( mpi_read_string( &ctx.DQ, 16, "844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B" ) == 0 );
4662  }
4663  if( strlen( "4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB" ) )
4664  {
4665  fct_chk( mpi_read_string( &ctx.QP, 16, "4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB" ) == 0 );
4666  }
4667 
4668  fct_chk( rsa_check_privkey( &ctx ) == 0 );
4669 
4670  rsa_free( &ctx );
4671  }
4672  FCT_TEST_END();
4673 
4674 
4675  FCT_TEST_BGN(rsa_check_private_key_2_no_p)
4676  {
4677  rsa_context ctx;
4678 
4679  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4680 
4681  ctx.len = 2048 / 8;
4682  if( strlen( "" ) )
4683  {
4684  fct_chk( mpi_read_string( &ctx.P, 16, "" ) == 0 );
4685  }
4686  if( strlen( "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) )
4687  {
4688  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
4689  }
4690  if( strlen( "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) )
4691  {
4692  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4693  }
4694  if( strlen( "3" ) )
4695  {
4696  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4697  }
4698  if( strlen( "77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB" ) )
4699  {
4700  fct_chk( mpi_read_string( &ctx.D, 16, "77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB" ) == 0 );
4701  }
4702  if( strlen( "9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F" ) )
4703  {
4704  fct_chk( mpi_read_string( &ctx.DP, 16, "9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F" ) == 0 );
4705  }
4706  if( strlen( "844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B" ) )
4707  {
4708  fct_chk( mpi_read_string( &ctx.DQ, 16, "844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B" ) == 0 );
4709  }
4710  if( strlen( "4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB" ) )
4711  {
4712  fct_chk( mpi_read_string( &ctx.QP, 16, "4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB" ) == 0 );
4713  }
4714 
4716 
4717  rsa_free( &ctx );
4718  }
4719  FCT_TEST_END();
4720 
4721 
4722  FCT_TEST_BGN(rsa_check_private_key_3_no_q)
4723  {
4724  rsa_context ctx;
4725 
4726  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4727 
4728  ctx.len = 2048 / 8;
4729  if( strlen( "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) )
4730  {
4731  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
4732  }
4733  if( strlen( "" ) )
4734  {
4735  fct_chk( mpi_read_string( &ctx.Q, 16, "" ) == 0 );
4736  }
4737  if( strlen( "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) )
4738  {
4739  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4740  }
4741  if( strlen( "3" ) )
4742  {
4743  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4744  }
4745  if( strlen( "77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB" ) )
4746  {
4747  fct_chk( mpi_read_string( &ctx.D, 16, "77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB" ) == 0 );
4748  }
4749  if( strlen( "9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F" ) )
4750  {
4751  fct_chk( mpi_read_string( &ctx.DP, 16, "9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F" ) == 0 );
4752  }
4753  if( strlen( "844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B" ) )
4754  {
4755  fct_chk( mpi_read_string( &ctx.DQ, 16, "844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B" ) == 0 );
4756  }
4757  if( strlen( "4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB" ) )
4758  {
4759  fct_chk( mpi_read_string( &ctx.QP, 16, "4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB" ) == 0 );
4760  }
4761 
4763 
4764  rsa_free( &ctx );
4765  }
4766  FCT_TEST_END();
4767 
4768 
4769  FCT_TEST_BGN(rsa_check_private_key_4_no_n)
4770  {
4771  rsa_context ctx;
4772 
4773  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4774 
4775  ctx.len = 2048 / 8;
4776  if( strlen( "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) )
4777  {
4778  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
4779  }
4780  if( strlen( "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) )
4781  {
4782  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
4783  }
4784  if( strlen( "" ) )
4785  {
4786  fct_chk( mpi_read_string( &ctx.N, 16, "" ) == 0 );
4787  }
4788  if( strlen( "3" ) )
4789  {
4790  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4791  }
4792  if( strlen( "77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB" ) )
4793  {
4794  fct_chk( mpi_read_string( &ctx.D, 16, "77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB" ) == 0 );
4795  }
4796  if( strlen( "9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F" ) )
4797  {
4798  fct_chk( mpi_read_string( &ctx.DP, 16, "9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F" ) == 0 );
4799  }
4800  if( strlen( "844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B" ) )
4801  {
4802  fct_chk( mpi_read_string( &ctx.DQ, 16, "844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B" ) == 0 );
4803  }
4804  if( strlen( "4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB" ) )
4805  {
4806  fct_chk( mpi_read_string( &ctx.QP, 16, "4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB" ) == 0 );
4807  }
4808 
4810 
4811  rsa_free( &ctx );
4812  }
4813  FCT_TEST_END();
4814 
4815 
4816  FCT_TEST_BGN(rsa_check_private_key_5_no_e)
4817  {
4818  rsa_context ctx;
4819 
4820  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4821 
4822  ctx.len = 2048 / 8;
4823  if( strlen( "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) )
4824  {
4825  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
4826  }
4827  if( strlen( "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) )
4828  {
4829  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
4830  }
4831  if( strlen( "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) )
4832  {
4833  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4834  }
4835  if( strlen( "" ) )
4836  {
4837  fct_chk( mpi_read_string( &ctx.E, 16, "" ) == 0 );
4838  }
4839  if( strlen( "77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB" ) )
4840  {
4841  fct_chk( mpi_read_string( &ctx.D, 16, "77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB" ) == 0 );
4842  }
4843  if( strlen( "9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F" ) )
4844  {
4845  fct_chk( mpi_read_string( &ctx.DP, 16, "9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F" ) == 0 );
4846  }
4847  if( strlen( "844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B" ) )
4848  {
4849  fct_chk( mpi_read_string( &ctx.DQ, 16, "844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B" ) == 0 );
4850  }
4851  if( strlen( "4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB" ) )
4852  {
4853  fct_chk( mpi_read_string( &ctx.QP, 16, "4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB" ) == 0 );
4854  }
4855 
4857 
4858  rsa_free( &ctx );
4859  }
4860  FCT_TEST_END();
4861 
4862 
4863  FCT_TEST_BGN(rsa_check_private_key_6_no_d)
4864  {
4865  rsa_context ctx;
4866 
4867  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4868 
4869  ctx.len = 2048 / 8;
4870  if( strlen( "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) )
4871  {
4872  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
4873  }
4874  if( strlen( "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) )
4875  {
4876  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
4877  }
4878  if( strlen( "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) )
4879  {
4880  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4881  }
4882  if( strlen( "3" ) )
4883  {
4884  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4885  }
4886  if( strlen( "" ) )
4887  {
4888  fct_chk( mpi_read_string( &ctx.D, 16, "" ) == 0 );
4889  }
4890  if( strlen( "9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F" ) )
4891  {
4892  fct_chk( mpi_read_string( &ctx.DP, 16, "9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F" ) == 0 );
4893  }
4894  if( strlen( "844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B" ) )
4895  {
4896  fct_chk( mpi_read_string( &ctx.DQ, 16, "844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B" ) == 0 );
4897  }
4898  if( strlen( "4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB" ) )
4899  {
4900  fct_chk( mpi_read_string( &ctx.QP, 16, "4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB" ) == 0 );
4901  }
4902 
4904 
4905  rsa_free( &ctx );
4906  }
4907  FCT_TEST_END();
4908 
4909 
4910  FCT_TEST_BGN(rsa_check_private_key_7_no_dp)
4911  {
4912  rsa_context ctx;
4913 
4914  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4915 
4916  ctx.len = 2048 / 8;
4917  if( strlen( "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) )
4918  {
4919  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
4920  }
4921  if( strlen( "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) )
4922  {
4923  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
4924  }
4925  if( strlen( "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) )
4926  {
4927  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4928  }
4929  if( strlen( "3" ) )
4930  {
4931  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4932  }
4933  if( strlen( "77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB" ) )
4934  {
4935  fct_chk( mpi_read_string( &ctx.D, 16, "77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB" ) == 0 );
4936  }
4937  if( strlen( "" ) )
4938  {
4939  fct_chk( mpi_read_string( &ctx.DP, 16, "" ) == 0 );
4940  }
4941  if( strlen( "844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B" ) )
4942  {
4943  fct_chk( mpi_read_string( &ctx.DQ, 16, "844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B" ) == 0 );
4944  }
4945  if( strlen( "4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB" ) )
4946  {
4947  fct_chk( mpi_read_string( &ctx.QP, 16, "4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB" ) == 0 );
4948  }
4949 
4951 
4952  rsa_free( &ctx );
4953  }
4954  FCT_TEST_END();
4955 
4956 
4957  FCT_TEST_BGN(rsa_check_private_key_8_no_dq)
4958  {
4959  rsa_context ctx;
4960 
4961  rsa_init( &ctx, RSA_PKCS_V15, 0 );
4962 
4963  ctx.len = 2048 / 8;
4964  if( strlen( "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) )
4965  {
4966  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
4967  }
4968  if( strlen( "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) )
4969  {
4970  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
4971  }
4972  if( strlen( "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) )
4973  {
4974  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
4975  }
4976  if( strlen( "3" ) )
4977  {
4978  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
4979  }
4980  if( strlen( "77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB" ) )
4981  {
4982  fct_chk( mpi_read_string( &ctx.D, 16, "77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB" ) == 0 );
4983  }
4984  if( strlen( "9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F" ) )
4985  {
4986  fct_chk( mpi_read_string( &ctx.DP, 16, "9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F" ) == 0 );
4987  }
4988  if( strlen( "" ) )
4989  {
4990  fct_chk( mpi_read_string( &ctx.DQ, 16, "" ) == 0 );
4991  }
4992  if( strlen( "4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB" ) )
4993  {
4994  fct_chk( mpi_read_string( &ctx.QP, 16, "4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB" ) == 0 );
4995  }
4996 
4998 
4999  rsa_free( &ctx );
5000  }
5001  FCT_TEST_END();
5002 
5003 
5004  FCT_TEST_BGN(rsa_check_private_key_9_no_qp)
5005  {
5006  rsa_context ctx;
5007 
5008  rsa_init( &ctx, RSA_PKCS_V15, 0 );
5009 
5010  ctx.len = 2048 / 8;
5011  if( strlen( "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) )
5012  {
5013  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
5014  }
5015  if( strlen( "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) )
5016  {
5017  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
5018  }
5019  if( strlen( "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) )
5020  {
5021  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
5022  }
5023  if( strlen( "3" ) )
5024  {
5025  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
5026  }
5027  if( strlen( "77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB" ) )
5028  {
5029  fct_chk( mpi_read_string( &ctx.D, 16, "77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCB" ) == 0 );
5030  }
5031  if( strlen( "9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F" ) )
5032  {
5033  fct_chk( mpi_read_string( &ctx.DP, 16, "9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F" ) == 0 );
5034  }
5035  if( strlen( "844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B" ) )
5036  {
5037  fct_chk( mpi_read_string( &ctx.DQ, 16, "844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B" ) == 0 );
5038  }
5039  if( strlen( "" ) )
5040  {
5041  fct_chk( mpi_read_string( &ctx.QP, 16, "" ) == 0 );
5042  }
5043 
5045 
5046  rsa_free( &ctx );
5047  }
5048  FCT_TEST_END();
5049 
5050 
5051  FCT_TEST_BGN(rsa_check_private_key_10_incorrect)
5052  {
5053  rsa_context ctx;
5054 
5055  rsa_init( &ctx, RSA_PKCS_V15, 0 );
5056 
5057  ctx.len = 2048 / 8;
5058  if( strlen( "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) )
5059  {
5060  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
5061  }
5062  if( strlen( "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) )
5063  {
5064  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
5065  }
5066  if( strlen( "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) )
5067  {
5068  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
5069  }
5070  if( strlen( "3" ) )
5071  {
5072  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
5073  }
5074  if( strlen( "77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCC" ) )
5075  {
5076  fct_chk( mpi_read_string( &ctx.D, 16, "77B1D99300D6A54E864962DA09AE10CF19A7FB888456BC2672B72AEA52B204914493D16C184AD201EC3F762E1FBD8702BA796EF953D9EA2F26300D285264F11B0C8301D0207FEB1E2C984445C899B0ACEBAA74EF014DD1D4BDDB43202C08D2FF9692D8D788478DEC829EB52AFB5AE068FBDBAC499A27FACECC391E75C936D55F07BB45EE184DAB45808E15722502F279F89B38C1CB292557E5063597F52C75D61001EDC33F4739353E33E56AD273B067C1A2760208529EA421774A5FFFCB3423B1E0051E7702A55D80CBF2141569F18F87BFF538A1DA8EDBB2693A539F68E0D62D77743F89EACF3B1723BDB25CE2F333FA63CACF0E67DF1A431893BB9B352FCC" ) == 0 );
5077  }
5078  if( strlen( "9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F" ) )
5079  {
5080  fct_chk( mpi_read_string( &ctx.DP, 16, "9A66CF76572A71A17475794FA1C8C70D987E581E990D772BB27C77C53FF1ECBB31260E9EDAFAEBC79991807E48918EAB8C3A5F03A600F30C69511546AE788EDF53168E2D035D300EDCD5E4BF3AA2A6D603EA0A7BD11E1C1089657306DF8A64E7F1BC6B266B825C1A6C5F0FC85775F4CF7ACD63367E42EAFE46511D58AD6DFE0F" ) == 0 );
5081  }
5082  if( strlen( "844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B" ) )
5083  {
5084  fct_chk( mpi_read_string( &ctx.DQ, 16, "844DBDD20925D9164F9A1E2F707076C261CCA8337D0241392B38AE3C12342F3AC14F8FD6DF4A1C36839662BD0D227344CD55A32AE5DBD2309A9A2B8A2C82BE6DDDDCE81D1B694775D9047AA765CA0C6E1BB8E61C8B7BE27ED711E8EE2FEAD87F3491F76A6D2262C14189EACDFD4CEFE0BF9D0A5B49857E0ED22CBEB98DC8D45B" ) == 0 );
5085  }
5086  if( strlen( "4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB" ) )
5087  {
5088  fct_chk( mpi_read_string( &ctx.QP, 16, "4951A7B174DF972C37BADCC38457B5EDD1F078BC613E75CE25E08814E12461C7A1C189A70EB8138294298D141244C7A9DE31AB4F6D38B40B04D6353CD30F77ADBF66BBDE41C7BE463C5E30AAA3F7BAD6CEE99506DEAAFA2F335C1B1C5C88B8ABB0D0387EE0D1B4E7027F7F085A025CEDB5CCE18B88C0462F1C3C910D47C0D4AB" ) == 0 );
5089  }
5090 
5092 
5093  rsa_free( &ctx );
5094  }
5095  FCT_TEST_END();
5096 
5097 
5098  FCT_TEST_BGN(rsa_check_public_key_1_correct)
5099  {
5100  rsa_context ctx;
5101 
5102  rsa_init( &ctx, RSA_PKCS_V15, 0 );
5103 
5104  if( strlen( "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) )
5105  {
5106  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
5107  }
5108  if( strlen( "3" ) )
5109  {
5110  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
5111  }
5112 
5113  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
5114 
5115  rsa_free( &ctx );
5116  }
5117  FCT_TEST_END();
5118 
5119 
5120  FCT_TEST_BGN(rsa_check_public_key_2_even_n)
5121  {
5122  rsa_context ctx;
5123 
5124  rsa_init( &ctx, RSA_PKCS_V15, 0 );
5125 
5126  if( strlen( "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a20340" ) )
5127  {
5128  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a20340" ) == 0 );
5129  }
5130  if( strlen( "3" ) )
5131  {
5132  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
5133  }
5134 
5136 
5137  rsa_free( &ctx );
5138  }
5139  FCT_TEST_END();
5140 
5141 
5142  FCT_TEST_BGN(rsa_check_public_key_3_even_e)
5143  {
5144  rsa_context ctx;
5145 
5146  rsa_init( &ctx, RSA_PKCS_V15, 0 );
5147 
5148  if( strlen( "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a20340" ) )
5149  {
5150  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a20340" ) == 0 );
5151  }
5152  if( strlen( "65536" ) )
5153  {
5154  fct_chk( mpi_read_string( &ctx.E, 16, "65536" ) == 0 );
5155  }
5156 
5158 
5159  rsa_free( &ctx );
5160  }
5161  FCT_TEST_END();
5162 
5163 
5164  FCT_TEST_BGN(rsa_check_public_key_4_n_exactly_128_bits)
5165  {
5166  rsa_context ctx;
5167 
5168  rsa_init( &ctx, RSA_PKCS_V15, 0 );
5169 
5170  if( strlen( "fedcba9876543210deadbeefcafe4321" ) )
5171  {
5172  fct_chk( mpi_read_string( &ctx.N, 16, "fedcba9876543210deadbeefcafe4321" ) == 0 );
5173  }
5174  if( strlen( "3" ) )
5175  {
5176  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
5177  }
5178 
5179  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
5180 
5181  rsa_free( &ctx );
5182  }
5183  FCT_TEST_END();
5184 
5185 
5186  FCT_TEST_BGN(rsa_check_public_key_5_n_smaller_than_128_bits)
5187  {
5188  rsa_context ctx;
5189 
5190  rsa_init( &ctx, RSA_PKCS_V15, 0 );
5191 
5192  if( strlen( "7edcba9876543210deadbeefcafe4321" ) )
5193  {
5194  fct_chk( mpi_read_string( &ctx.N, 16, "7edcba9876543210deadbeefcafe4321" ) == 0 );
5195  }
5196  if( strlen( "3" ) )
5197  {
5198  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
5199  }
5200 
5202 
5203  rsa_free( &ctx );
5204  }
5205  FCT_TEST_END();
5206 
5207 
5208  FCT_TEST_BGN(rsa_check_public_key_6_n_exactly_4096_bits)
5209  {
5210  rsa_context ctx;
5211 
5212  rsa_init( &ctx, RSA_PKCS_V15, 0 );
5213 
5214  if( strlen( "00b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034fb38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) )
5215  {
5216  fct_chk( mpi_read_string( &ctx.N, 16, "00b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034fb38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
5217  }
5218  if( strlen( "3" ) )
5219  {
5220  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
5221  }
5222 
5223  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
5224 
5225  rsa_free( &ctx );
5226  }
5227  FCT_TEST_END();
5228 
5229 
5230  FCT_TEST_BGN(rsa_check_public_key_7_n_larger_than_4096_bits)
5231  {
5232  rsa_context ctx;
5233 
5234  rsa_init( &ctx, RSA_PKCS_V15, 0 );
5235 
5236  if( strlen( "01b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034fb38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) )
5237  {
5238  fct_chk( mpi_read_string( &ctx.N, 16, "01b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034fb38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
5239  }
5240  if( strlen( "3" ) )
5241  {
5242  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
5243  }
5244 
5246 
5247  rsa_free( &ctx );
5248  }
5249  FCT_TEST_END();
5250 
5251 
5252  FCT_TEST_BGN(rsa_check_public_key_8_e_exactly_2_bits)
5253  {
5254  rsa_context ctx;
5255 
5256  rsa_init( &ctx, RSA_PKCS_V15, 0 );
5257 
5258  if( strlen( "fedcba9876543210deadbeefcafe4321" ) )
5259  {
5260  fct_chk( mpi_read_string( &ctx.N, 16, "fedcba9876543210deadbeefcafe4321" ) == 0 );
5261  }
5262  if( strlen( "3" ) )
5263  {
5264  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
5265  }
5266 
5267  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
5268 
5269  rsa_free( &ctx );
5270  }
5271  FCT_TEST_END();
5272 
5273 
5274  FCT_TEST_BGN(rsa_check_public_key_8_e_exactly_1_bits)
5275  {
5276  rsa_context ctx;
5277 
5278  rsa_init( &ctx, RSA_PKCS_V15, 0 );
5279 
5280  if( strlen( "fedcba9876543210deadbeefcafe4321" ) )
5281  {
5282  fct_chk( mpi_read_string( &ctx.N, 16, "fedcba9876543210deadbeefcafe4321" ) == 0 );
5283  }
5284  if( strlen( "1" ) )
5285  {
5286  fct_chk( mpi_read_string( &ctx.E, 16, "1" ) == 0 );
5287  }
5288 
5290 
5291  rsa_free( &ctx );
5292  }
5293  FCT_TEST_END();
5294 
5295 
5296  FCT_TEST_BGN(rsa_check_public_key_8_e_exactly_64_bits)
5297  {
5298  rsa_context ctx;
5299 
5300  rsa_init( &ctx, RSA_PKCS_V15, 0 );
5301 
5302  if( strlen( "fedcba9876543210deadbeefcafe4321" ) )
5303  {
5304  fct_chk( mpi_read_string( &ctx.N, 16, "fedcba9876543210deadbeefcafe4321" ) == 0 );
5305  }
5306  if( strlen( "00fedcba9876543213" ) )
5307  {
5308  fct_chk( mpi_read_string( &ctx.E, 16, "00fedcba9876543213" ) == 0 );
5309  }
5310 
5311  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
5312 
5313  rsa_free( &ctx );
5314  }
5315  FCT_TEST_END();
5316 
5317 
5318  FCT_TEST_BGN(rsa_check_public_key_8_e_larger_than_64_bits)
5319  {
5320  rsa_context ctx;
5321 
5322  rsa_init( &ctx, RSA_PKCS_V15, 0 );
5323 
5324  if( strlen( "fedcba9876543210deadbeefcafe4321" ) )
5325  {
5326  fct_chk( mpi_read_string( &ctx.N, 16, "fedcba9876543210deadbeefcafe4321" ) == 0 );
5327  }
5328  if( strlen( "01fedcba9876543213" ) )
5329  {
5330  fct_chk( mpi_read_string( &ctx.E, 16, "01fedcba9876543213" ) == 0 );
5331  }
5332 
5334 
5335  rsa_free( &ctx );
5336  }
5337  FCT_TEST_END();
5338 
5339 
5340  FCT_TEST_BGN(rsa_private_correct)
5341  {
5342  unsigned char message_str[1000];
5343  unsigned char output[1000];
5344  unsigned char output_str[1000];
5345  rsa_context ctx;
5346  mpi P1, Q1, H, G;
5347 
5348  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
5349  rsa_init( &ctx, RSA_PKCS_V15, 0 );
5350 
5351  memset( message_str, 0x00, 1000 );
5352  memset( output, 0x00, 1000 );
5353  memset( output_str, 0x00, 1000 );
5354 
5355  ctx.len = 2048 / 8;
5356  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
5357  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
5358  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
5359  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
5360 
5361  fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
5362  fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
5363  fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
5364  fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 );
5365  fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
5366  fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
5367  fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
5368  fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
5369 
5370  fct_chk( rsa_check_privkey( &ctx ) == 0 );
5371 
5372  unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
5373 
5374  fct_chk( rsa_private( &ctx, message_str, output ) == 0 );
5375  if( 0 == 0 )
5376  {
5377  hexify( output_str, output, ctx.len );
5378 
5379  fct_chk( strcasecmp( (char *) output_str, "48ce62658d82be10737bd5d3579aed15bc82617e6758ba862eeb12d049d7bacaf2f62fce8bf6e980763d1951f7f0eae3a493df9890d249314b39d00d6ef791de0daebf2c50f46e54aeb63a89113defe85de6dbe77642aae9f2eceb420f3a47a56355396e728917f17876bb829fabcaeef8bf7ef6de2ff9e84e6108ea2e52bbb62b7b288efa0a3835175b8b08fac56f7396eceb1c692d419ecb79d80aef5bc08a75d89de9f2b2d411d881c0e3ffad24c311a19029d210d3d3534f1b626f982ea322b4d1cfba476860ef20d4f672f38c371084b5301b429b747ea051a619e4430e0dac33c12f9ee41ca4d81a4f6da3e495aa8524574bdc60d290dd1f7a62e90a67" ) == 0 );
5380  }
5381 
5382  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
5383  rsa_free( &ctx );
5384  }
5385  FCT_TEST_END();
5386 
5387 
5388  FCT_TEST_BGN(rsa_private_data_larger_than_n)
5389  {
5390  unsigned char message_str[1000];
5391  unsigned char output[1000];
5392  unsigned char output_str[1000];
5393  rsa_context ctx;
5394  mpi P1, Q1, H, G;
5395 
5396  mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
5397  rsa_init( &ctx, RSA_PKCS_V15, 0 );
5398 
5399  memset( message_str, 0x00, 1000 );
5400  memset( output, 0x00, 1000 );
5401  memset( output_str, 0x00, 1000 );
5402 
5403  ctx.len = 2048 / 8;
5404  fct_chk( mpi_read_string( &ctx.P, 16, "e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17" ) == 0 );
5405  fct_chk( mpi_read_string( &ctx.Q, 16, "c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89" ) == 0 );
5406  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
5407  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
5408 
5409  fct_chk( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
5410  fct_chk( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
5411  fct_chk( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
5412  fct_chk( mpi_gcd( &G, &ctx.E, &H ) == 0 );
5413  fct_chk( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
5414  fct_chk( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
5415  fct_chk( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
5416  fct_chk( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
5417 
5418  fct_chk( rsa_check_privkey( &ctx ) == 0 );
5419 
5420  unhexify( message_str, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" );
5421 
5422  fct_chk( rsa_private( &ctx, message_str, output ) == POLARSSL_ERR_RSA_BAD_INPUT_DATA );
5424  {
5425  hexify( output_str, output, ctx.len );
5426 
5427  fct_chk( strcasecmp( (char *) output_str, "605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8" ) == 0 );
5428  }
5429 
5430  mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G );
5431  rsa_free( &ctx );
5432  }
5433  FCT_TEST_END();
5434 
5435 
5436  FCT_TEST_BGN(rsa_public_correct)
5437  {
5438  unsigned char message_str[1000];
5439  unsigned char output[1000];
5440  unsigned char output_str[1000];
5441  rsa_context ctx;
5442 
5443  rsa_init( &ctx, RSA_PKCS_V15, 0 );
5444  memset( message_str, 0x00, 1000 );
5445  memset( output, 0x00, 1000 );
5446  memset( output_str, 0x00, 1000 );
5447 
5448  ctx.len = 2048 / 8;
5449  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
5450  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
5451 
5452  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
5453 
5454  unhexify( message_str, "59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870" );
5455 
5456  fct_chk( rsa_public( &ctx, message_str, output ) == 0 );
5457  if( 0 == 0 )
5458  {
5459  hexify( output_str, output, ctx.len );
5460 
5461  fct_chk( strcasecmp( (char *) output_str, "1f5e927c13ff231090b0f18c8c3526428ed0f4a7561457ee5afe4d22d5d9220c34ef5b9a34d0c07f7248a1f3d57f95d10f7936b3063e40660b3a7ca3e73608b013f85a6e778ac7c60d576e9d9c0c5a79ad84ceea74e4722eb3553bdb0c2d7783dac050520cb27ca73478b509873cb0dcbd1d51dd8fccb96c29ad314f36d67cc57835d92d94defa0399feb095fd41b9f0b2be10f6041079ed4290040449f8a79aba50b0a1f8cf83c9fb8772b0686ec1b29cb1814bb06f9c024857db54d395a8da9a2c6f9f53b94bec612a0cb306a3eaa9fc80992e85d9d232e37a50cabe48c9343f039601ff7d95d60025e582aec475d031888310e8ec3833b394a5cf0599101e" ) == 0 );
5462  }
5463 
5464  rsa_free( &ctx );
5465  }
5466  FCT_TEST_END();
5467 
5468 
5469  FCT_TEST_BGN(rsa_public_data_larger_than_n)
5470  {
5471  unsigned char message_str[1000];
5472  unsigned char output[1000];
5473  unsigned char output_str[1000];
5474  rsa_context ctx;
5475 
5476  rsa_init( &ctx, RSA_PKCS_V15, 0 );
5477  memset( message_str, 0x00, 1000 );
5478  memset( output, 0x00, 1000 );
5479  memset( output_str, 0x00, 1000 );
5480 
5481  ctx.len = 2048 / 8;
5482  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
5483  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
5484 
5485  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
5486 
5487  unhexify( message_str, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" );
5488 
5489  fct_chk( rsa_public( &ctx, message_str, output ) == POLARSSL_ERR_RSA_BAD_INPUT_DATA );
5491  {
5492  hexify( output_str, output, ctx.len );
5493 
5494  fct_chk( strcasecmp( (char *) output_str, "605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8" ) == 0 );
5495  }
5496 
5497  rsa_free( &ctx );
5498  }
5499  FCT_TEST_END();
5500 
5501 #ifdef POLARSSL_ENTROPY_C
5502 #ifdef POLARSSL_CTR_DRBG_C
5503 
5504  FCT_TEST_BGN(rsa_generate_key)
5505  {
5506  rsa_context ctx;
5507  entropy_context entropy;
5508  ctr_drbg_context ctr_drbg;
5509  const char *pers = "test_suite_rsa";
5510 
5511  entropy_init( &entropy );
5512  fct_chk( ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
5513  (const unsigned char *) pers, strlen( pers ) ) == 0 );
5514 
5515  rsa_init( &ctx, 0, 0 );
5516 
5517  fct_chk( rsa_gen_key( &ctx, ctr_drbg_random, &ctr_drbg, 128, 3 ) == 0 );
5518  if( 0 == 0 )
5519  {
5520  fct_chk( rsa_check_privkey( &ctx ) == 0 );
5521  }
5522 
5523  rsa_free( &ctx );
5524  }
5525  FCT_TEST_END();
5526 #endif /* POLARSSL_ENTROPY_C */
5527 #endif /* POLARSSL_CTR_DRBG_C */
5528 
5529 #ifdef POLARSSL_ENTROPY_C
5530 #ifdef POLARSSL_CTR_DRBG_C
5531 
5532  FCT_TEST_BGN(rsa_generate_key_number_of_bits_too_small)
5533  {
5534  rsa_context ctx;
5535  entropy_context entropy;
5536  ctr_drbg_context ctr_drbg;
5537  const char *pers = "test_suite_rsa";
5538 
5539  entropy_init( &entropy );
5540  fct_chk( ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
5541  (const unsigned char *) pers, strlen( pers ) ) == 0 );
5542 
5543  rsa_init( &ctx, 0, 0 );
5544 
5545  fct_chk( rsa_gen_key( &ctx, ctr_drbg_random, &ctr_drbg, 127, 3 ) == POLARSSL_ERR_RSA_BAD_INPUT_DATA );
5547  {
5548  fct_chk( rsa_check_privkey( &ctx ) == 0 );
5549  }
5550 
5551  rsa_free( &ctx );
5552  }
5553  FCT_TEST_END();
5554 #endif /* POLARSSL_ENTROPY_C */
5555 #endif /* POLARSSL_CTR_DRBG_C */
5556 
5557 #ifdef POLARSSL_ENTROPY_C
5558 #ifdef POLARSSL_CTR_DRBG_C
5559 
5560  FCT_TEST_BGN(rsa_generate_key_exponent_too_small)
5561  {
5562  rsa_context ctx;
5563  entropy_context entropy;
5564  ctr_drbg_context ctr_drbg;
5565  const char *pers = "test_suite_rsa";
5566 
5567  entropy_init( &entropy );
5568  fct_chk( ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
5569  (const unsigned char *) pers, strlen( pers ) ) == 0 );
5570 
5571  rsa_init( &ctx, 0, 0 );
5572 
5573  fct_chk( rsa_gen_key( &ctx, ctr_drbg_random, &ctr_drbg, 128, 2 ) == POLARSSL_ERR_RSA_BAD_INPUT_DATA );
5575  {
5576  fct_chk( rsa_check_privkey( &ctx ) == 0 );
5577  }
5578 
5579  rsa_free( &ctx );
5580  }
5581  FCT_TEST_END();
5582 #endif /* POLARSSL_ENTROPY_C */
5583 #endif /* POLARSSL_CTR_DRBG_C */
5584 
5585 #ifdef POLARSSL_ENTROPY_C
5586 #ifdef POLARSSL_CTR_DRBG_C
5587 
5588  FCT_TEST_BGN(rsa_generate_key)
5589  {
5590  rsa_context ctx;
5591  entropy_context entropy;
5592  ctr_drbg_context ctr_drbg;
5593  const char *pers = "test_suite_rsa";
5594 
5595  entropy_init( &entropy );
5596  fct_chk( ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
5597  (const unsigned char *) pers, strlen( pers ) ) == 0 );
5598 
5599  rsa_init( &ctx, 0, 0 );
5600 
5601  fct_chk( rsa_gen_key( &ctx, ctr_drbg_random, &ctr_drbg, 1024, 3 ) == 0 );
5602  if( 0 == 0 )
5603  {
5604  fct_chk( rsa_check_privkey( &ctx ) == 0 );
5605  }
5606 
5607  rsa_free( &ctx );
5608  }
5609  FCT_TEST_END();
5610 #endif /* POLARSSL_ENTROPY_C */
5611 #endif /* POLARSSL_CTR_DRBG_C */
5612 
5613 
5614  FCT_TEST_BGN(rsa_pkcs1_encrypt_bad_rng)
5615  {
5616  unsigned char message_str[1000];
5617  unsigned char output[1000];
5618  unsigned char output_str[1000];
5619  rsa_context ctx;
5620  size_t msg_len;
5621 
5622  rsa_init( &ctx, RSA_PKCS_V15, 0 );
5623  memset( message_str, 0x00, 1000 );
5624  memset( output, 0x00, 1000 );
5625  memset( output_str, 0x00, 1000 );
5626 
5627  ctx.len = 2048 / 8;
5628  fct_chk( mpi_read_string( &ctx.N, 16, "b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f" ) == 0 );
5629  fct_chk( mpi_read_string( &ctx.E, 16, "3" ) == 0 );
5630 
5631  fct_chk( rsa_check_pubkey( &ctx ) == 0 );
5632 
5633  msg_len = unhexify( message_str, "4E636AF98E40F3ADCFCCB698F4E80B9F" );
5634 
5635  fct_chk( rsa_pkcs1_encrypt( &ctx, &rnd_zero_rand, NULL, RSA_PUBLIC, msg_len, message_str, output ) == POLARSSL_ERR_RSA_RNG_FAILED );
5636  if( POLARSSL_ERR_RSA_RNG_FAILED == 0 )
5637  {
5638  hexify( output_str, output, ctx.len );
5639 
5640  fct_chk( strcasecmp( (char *) output_str, "a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6" ) == 0 );
5641  }
5642 
5643  rsa_free( &ctx );
5644  }
5645  FCT_TEST_END();
5646 
5647 #ifdef POLARSSL_SELF_TEST
5648 
5649  FCT_TEST_BGN(rsa_selftest)
5650  {
5651  fct_chk( rsa_self_test( 0 ) == 0 );
5652  }
5653  FCT_TEST_END();
5654 #endif /* POLARSSL_SELF_TEST */
5655 
5656  }
5657  FCT_SUITE_END();
5658 
5659 #endif /* POLARSSL_RSA_C */
5660 #endif /* POLARSSL_BIGNUM_C */
5661 #endif /* POLARSSL_GENPRIME */
5662 
5663 }
5664 FCT_END();
5665