rsa-encrypt-test.c 3.24 KB
Newer Older
Niels Möller's avatar
Niels Möller committed
1 2
#include "testutils.h"

3
#include "rsa.h"
Niels Möller's avatar
Niels Möller committed
4 5
#include "knuth-lfib.h"

6
void
Niels Möller's avatar
Niels Möller committed
7 8 9 10 11 12 13
test_main(void)
{
  struct rsa_public_key pub;
  struct rsa_private_key key;
  struct knuth_lfib_ctx lfib;

  /* FIXME: How is this spelled? */
14 15
  const unsigned char msg[] = "Squemish ossifrage";
  size_t msg_length = LLENGTH(msg);
Niels Möller's avatar
Niels Möller committed
16 17

  uint8_t *decrypted;
18
  size_t decrypted_length;
19 20
  uint8_t after;

Niels Möller's avatar
Niels Möller committed
21 22 23 24 25 26 27 28 29 30 31
  mpz_t gibberish;

  rsa_private_key_init(&key);
  rsa_public_key_init(&pub);
  mpz_init(gibberish);

  knuth_lfib_init(&lfib, 17);
  
  test_rsa_set_key_1(&pub, &key);

  if (verbose)
32
    fprintf(stderr, "msg: `%s', length = %d\n", msg, (int) msg_length);
33 34

  ASSERT(msg_length <= key.size);
Niels Möller's avatar
Niels Möller committed
35 36
  
  ASSERT(rsa_encrypt(&pub,
37
		     &lfib, (nettle_random_func *) knuth_lfib_random,
Niels Möller's avatar
Niels Möller committed
38 39 40 41
		     msg_length, msg,
		     gibberish));

  if (verbose)
42 43 44 45
    {
      fprintf(stderr, "encrypted: ");
      mpz_out_str(stderr, 10, gibberish);
    }
Niels Möller's avatar
Niels Möller committed
46
  
47
  decrypted = xalloc(key.size + 1);
Niels Möller's avatar
Niels Möller committed
48

49 50 51
  knuth_lfib_random (&lfib, msg_length + 1, decrypted);
  after = decrypted[msg_length];
  
Niels Möller's avatar
Niels Möller committed
52 53 54 55 56 57 58
  decrypted_length = msg_length - 1;
  ASSERT(!rsa_decrypt(&key, &decrypted_length, decrypted, gibberish));

  decrypted_length = msg_length;
  ASSERT(rsa_decrypt(&key, &decrypted_length, decrypted, gibberish));
  ASSERT(decrypted_length == msg_length);
  ASSERT(MEMEQ(msg_length, msg, decrypted));
59 60
  ASSERT(decrypted[msg_length] == after);

61 62
  knuth_lfib_random (&lfib, key.size + 1, decrypted);
  after = decrypted[key.size];
Niels Möller's avatar
Niels Möller committed
63 64 65 66 67

  decrypted_length = key.size;
  ASSERT(rsa_decrypt(&key, &decrypted_length, decrypted, gibberish));
  ASSERT(decrypted_length == msg_length);
  ASSERT(MEMEQ(msg_length, msg, decrypted));
68
  ASSERT(decrypted[key.size] == after);
Niels Möller's avatar
Niels Möller committed
69
  
70 71 72 73 74 75 76 77 78 79 80
  knuth_lfib_random (&lfib, msg_length + 1, decrypted);
  after = decrypted[msg_length];

  decrypted_length = msg_length;
  ASSERT(rsa_decrypt_tr(&pub, &key,
			&lfib, (nettle_random_func *) knuth_lfib_random,
			&decrypted_length, decrypted, gibberish));
  ASSERT(decrypted_length == msg_length);
  ASSERT(MEMEQ(msg_length, msg, decrypted));
  ASSERT(decrypted[msg_length] == after);

81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104
  /* test side channel resistant variant */
  knuth_lfib_random (&lfib, msg_length + 1, decrypted);
  after = decrypted[msg_length];
  decrypted_length = msg_length;

  ASSERT(rsa_sec_decrypt(&pub, &key,
                         &lfib, (nettle_random_func *) knuth_lfib_random,
                         decrypted_length, decrypted, gibberish));
  ASSERT(MEMEQ(msg_length, msg, decrypted));
  ASSERT(decrypted[msg_length] == after);

  /* test invalid length to rsa_sec_decrypt */
  knuth_lfib_random (&lfib, msg_length + 1, decrypted);
  decrypted_length = msg_length - 1;
  after = decrypted[decrypted_length] = 'X';
  decrypted[0] = 'A';

  ASSERT(!rsa_sec_decrypt(&pub, &key,
                          &lfib, (nettle_random_func *) knuth_lfib_random,
                          decrypted_length, decrypted, gibberish));
  ASSERT(decrypted[decrypted_length] == after);
  ASSERT(decrypted[0] == 'A');


105 106 107 108 109 110 111
  /* Test invalid key. */
  mpz_add_ui (key.q, key.q, 2);
  decrypted_length = key.size;
  ASSERT(!rsa_decrypt_tr(&pub, &key,
			 &lfib, (nettle_random_func *) knuth_lfib_random,
			 &decrypted_length, decrypted, gibberish));

Niels Möller's avatar
Niels Möller committed
112 113 114
  rsa_private_key_clear(&key);
  rsa_public_key_clear(&pub);
  mpz_clear(gibberish);
115
  free(decrypted);
Niels Möller's avatar
Niels Möller committed
116 117
}