Add RSA key generation

1 files changed, 64 insertions, 23 deletions

diff --git a/tests/rsa.c b/tests/rsa.c
index 2eeaa47..16f6012 100644
--- a/tests/rsa.c
+++ b/tests/rsa.c
@@ -65,32 +65,13 @@ validate_mpis (const struct ncr_mpi *mpis, size_t num_mpis)
     assert (memcmp (mpis[i].data, import_mpis[i].data, mpis[i].size) == 0);
 }
 
-int
-main (void)
+static void
+test_key_pair (struct ncr_public_key *public, struct ncr_private_key *private)
 {
-  struct ncr_public_key *public;
-  struct ncr_private_key *private;
-  struct ncr_mpi dest_mpis[NCR_RSA_PRIVATE_NUM_MPIS];
-  uint8_t dest[4096], mpi_dest[NCR_RSA_PRIVATE_NUM_MPIS][256];
-  size_t src_size, dest_size, i;
+  uint8_t dest[4096];
+  size_t src_size, dest_size;
   CK_RV res;
 
-  /* We took a few shortcuts... validate them now.  Note that these are NOT
-     guaranteed by the API. */
-  assert ((size_t)NCR_RSA_PUBLIC_NUM_MPIS <= (size_t)NCR_RSA_PRIVATE_NUM_MPIS);
-  assert ((size_t)NCR_RSA_PUBLIC_MPI_MODULUS
-	  == (size_t)NCR_RSA_PRIVATE_MPI_MODULUS);
-  assert ((size_t)NCR_RSA_PUBLIC_MPI_PUBLIC_EXPONENT
-	  == (size_t)NCR_RSA_PRIVATE_MPI_PUBLIC_EXPONENT);
-
-
-  /* Test key loading.  Should we test the generic version as well? */
-  res = ncr_public_key_create_rsa (&public, import_mpis);
-  assert (res == CKR_OK);
-  res = ncr_private_key_create_rsa (&private, false, import_mpis);
-  assert (res == CKR_OK);
-
-
   /* Test encryption */
   dest_size = sizeof (dest);
   res = ncr_public_key_encrypt (CKM_RSA_PKCS, public, dest, &dest_size, input,
@@ -117,7 +98,36 @@ main (void)
   res = ncr_public_key_verify (CKM_RSA_PKCS, public, dest, dest_size, input,
 			       sizeof (input));
   assert (res != CKR_OK);
+}
+
+int
+main (void)
+{
+  struct ncr_public_key *public;
+  struct ncr_private_key *private;
+  struct ncr_mpi dest_mpis[NCR_RSA_PRIVATE_NUM_MPIS];
+  uint8_t mpi_dest[NCR_RSA_PRIVATE_NUM_MPIS][256];
+  size_t i;
+  CK_RV res;
+
+  /* We took a few shortcuts... validate them now.  Note that these are NOT
+     guaranteed by the API. */
+  assert ((size_t)NCR_RSA_PUBLIC_NUM_MPIS <= (size_t)NCR_RSA_PRIVATE_NUM_MPIS);
+  assert ((size_t)NCR_RSA_PUBLIC_MPI_MODULUS
+	  == (size_t)NCR_RSA_PRIVATE_MPI_MODULUS);
+  assert ((size_t)NCR_RSA_PUBLIC_MPI_PUBLIC_EXPONENT
+	  == (size_t)NCR_RSA_PRIVATE_MPI_PUBLIC_EXPONENT);
+
+
+  /* Test key loading.  Should we test the generic version as well? */
+  res = ncr_public_key_create_rsa (&public, import_mpis);
+  assert (res == CKR_OK);
+  res = ncr_private_key_create_rsa (&private, false, import_mpis);
+  assert (res == CKR_OK);
 
+  test_key_pair (public, private);
+
+  /* Test key export. */
   for (i = 0; i < NCR_RSA_PUBLIC_NUM_MPIS; i++)
     {
       dest_mpis[i].data = mpi_dest[i];
@@ -142,6 +152,37 @@ main (void)
   res = ncr_public_key_destroy (public);
   assert (res == CKR_OK);
 
+
+  /* Test key generation. */
+  res = ncr_key_pair_generate_rsa (&public, &private, CKM_RSA_PKCS_KEY_PAIR_GEN,
+				   false, 1024, NULL);
+  assert (res == CKR_OK);
+
+  test_key_pair (public, private);
+
+  /* Test key export - only test that it succeeds. */
+  for (i = 0; i < NCR_RSA_PUBLIC_NUM_MPIS; i++)
+    {
+      dest_mpis[i].data = mpi_dest[i];
+      dest_mpis[i].size = sizeof (mpi_dest[i]);
+    }
+  res = ncr_public_key_export_rsa (public, dest_mpis);
+  assert (res == CKR_OK);
+
+  for (i = 0; i < NCR_RSA_PRIVATE_NUM_MPIS; i++)
+    {
+      dest_mpis[i].data = mpi_dest[i];
+      dest_mpis[i].size = sizeof (mpi_dest[i]);
+    }
+  res = ncr_private_key_export_rsa (private, dest_mpis);
+  assert (res == CKR_OK);
+
+  res = ncr_private_key_destroy (private);
+  assert (res == CKR_OK);
+
+  res = ncr_public_key_destroy (public);
+  assert (res == CKR_OK);
+
   /* Test reference counting */
   res = ncr_open ();
   assert (res == CKR_OK);