PolarSSL v1.3.2
test_suite_ctr_drbg.c
Go to the documentation of this file.
1 #include <polarssl/config.h>
2 
3 #ifdef POLARSSL_CTR_DRBG_C
4 
5 #include <polarssl/ctr_drbg.h>
6 
7 int test_offset;
8 int entropy_func( void *data, unsigned char *buf, size_t len )
9 {
10  unsigned char *p = (unsigned char *) data;
11  memcpy( buf, p + test_offset, len );
12  test_offset += 32;
13  return( 0 );
14 }
15 #endif /* POLARSSL_CTR_DRBG_C */
16 
17 
18 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
19 #include "polarssl/memory.h"
20 #endif
21 
22 #if defined(WANT_NOT_RND_MPI)
23 #if defined(POLARSSL_BIGNUM_C)
24 #include "polarssl/bignum.h"
25 #else
26 #error "not_rnd_mpi() need bignum.c"
27 #endif
28 #endif
29 
30 #ifdef _MSC_VER
31 #include <basetsd.h>
32 typedef UINT32 uint32_t;
33 #else
34 #include <inttypes.h>
35 #endif
36 
37 #include <assert.h>
38 #include <stdlib.h>
39 #include <string.h>
40 
41 /*
42  * 32-bit integer manipulation macros (big endian)
43  */
44 #ifndef GET_UINT32_BE
45 #define GET_UINT32_BE(n,b,i) \
46 { \
47  (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
48  | ( (uint32_t) (b)[(i) + 1] << 16 ) \
49  | ( (uint32_t) (b)[(i) + 2] << 8 ) \
50  | ( (uint32_t) (b)[(i) + 3] ); \
51 }
52 #endif
53 
54 #ifndef PUT_UINT32_BE
55 #define PUT_UINT32_BE(n,b,i) \
56 { \
57  (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
58  (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
59  (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
60  (b)[(i) + 3] = (unsigned char) ( (n) ); \
61 }
62 #endif
63 
64 static int unhexify(unsigned char *obuf, const char *ibuf)
65 {
66  unsigned char c, c2;
67  int len = strlen(ibuf) / 2;
68  assert(!(strlen(ibuf) %1)); // must be even number of bytes
69 
70  while (*ibuf != 0)
71  {
72  c = *ibuf++;
73  if( c >= '0' && c <= '9' )
74  c -= '0';
75  else if( c >= 'a' && c <= 'f' )
76  c -= 'a' - 10;
77  else if( c >= 'A' && c <= 'F' )
78  c -= 'A' - 10;
79  else
80  assert( 0 );
81 
82  c2 = *ibuf++;
83  if( c2 >= '0' && c2 <= '9' )
84  c2 -= '0';
85  else if( c2 >= 'a' && c2 <= 'f' )
86  c2 -= 'a' - 10;
87  else if( c2 >= 'A' && c2 <= 'F' )
88  c2 -= 'A' - 10;
89  else
90  assert( 0 );
91 
92  *obuf++ = ( c << 4 ) | c2;
93  }
94 
95  return len;
96 }
97 
98 static void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
99 {
100  unsigned char l, h;
101 
102  while (len != 0)
103  {
104  h = (*ibuf) / 16;
105  l = (*ibuf) % 16;
106 
107  if( h < 10 )
108  *obuf++ = '0' + h;
109  else
110  *obuf++ = 'a' + h - 10;
111 
112  if( l < 10 )
113  *obuf++ = '0' + l;
114  else
115  *obuf++ = 'a' + l - 10;
116 
117  ++ibuf;
118  len--;
119  }
120 }
121 
131 static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len )
132 {
133  size_t i;
134 
135  if( rng_state != NULL )
136  rng_state = NULL;
137 
138  for( i = 0; i < len; ++i )
139  output[i] = rand();
140 
141  return( 0 );
142 }
143 
149 static int rnd_zero_rand( void *rng_state, unsigned char *output, size_t len )
150 {
151  if( rng_state != NULL )
152  rng_state = NULL;
153 
154  memset( output, 0, len );
155 
156  return( 0 );
157 }
158 
159 typedef struct
160 {
161  unsigned char *buf;
162  size_t length;
163 } rnd_buf_info;
164 
176 static int rnd_buffer_rand( void *rng_state, unsigned char *output, size_t len )
177 {
178  rnd_buf_info *info = (rnd_buf_info *) rng_state;
179  size_t use_len;
180 
181  if( rng_state == NULL )
182  return( rnd_std_rand( NULL, output, len ) );
183 
184  use_len = len;
185  if( len > info->length )
186  use_len = info->length;
187 
188  if( use_len )
189  {
190  memcpy( output, info->buf, use_len );
191  info->buf += use_len;
192  info->length -= use_len;
193  }
194 
195  if( len - use_len > 0 )
196  return( rnd_std_rand( NULL, output + use_len, len - use_len ) );
197 
198  return( 0 );
199 }
200 
208 typedef struct
209 {
210  uint32_t key[16];
211  uint32_t v0, v1;
213 
222 static int rnd_pseudo_rand( void *rng_state, unsigned char *output, size_t len )
223 {
224  rnd_pseudo_info *info = (rnd_pseudo_info *) rng_state;
225  uint32_t i, *k, sum, delta=0x9E3779B9;
226  unsigned char result[4];
227 
228  if( rng_state == NULL )
229  return( rnd_std_rand( NULL, output, len ) );
230 
231  k = info->key;
232 
233  while( len > 0 )
234  {
235  size_t use_len = ( len > 4 ) ? 4 : len;
236  sum = 0;
237 
238  for( i = 0; i < 32; i++ )
239  {
240  info->v0 += (((info->v1 << 4) ^ (info->v1 >> 5)) + info->v1) ^ (sum + k[sum & 3]);
241  sum += delta;
242  info->v1 += (((info->v0 << 4) ^ (info->v0 >> 5)) + info->v0) ^ (sum + k[(sum>>11) & 3]);
243  }
244 
245  PUT_UINT32_BE( info->v0, result, 0 );
246  memcpy( output, result, use_len );
247  len -= use_len;
248  }
249 
250  return( 0 );
251 }
252 
253 #if defined(WANT_NOT_RND_MPI)
254 
262 #define ciL (sizeof(t_uint)) /* chars in limb */
263 #define CHARS_TO_LIMBS(i) (((i) + ciL - 1) / ciL)
264 static int not_rnd_mpi( void *in, unsigned char *out, size_t len )
265 {
266  char *str = (char *) in;
267  mpi X;
268 
269  /*
270  * The 'in' pointer we get is from an MPI prepared by mpi_fill_random(),
271  * just reconstruct the rest in order to be able to call mpi_read_string()
272  */
273  X.s = 1;
274  X.p = (t_uint *) out;
275  X.n = CHARS_TO_LIMBS( len );
276 
277  /*
278  * If str is too long, mpi_read_string() will try to allocate a new buffer
279  * for X.p, which we want to avoid at all costs.
280  */
281  assert( strlen( str ) / 2 == len );
282 
283  return( mpi_read_string( &X, 16, str ) );
284 }
285 #endif /* WANT_NOT_RND_MPI */
286 
287 
288 #include <stdio.h>
289 #include <string.h>
290 
291 static int test_errors = 0;
292 
293 #ifdef POLARSSL_CTR_DRBG_C
294 
295 #define TEST_SUITE_ACTIVE
296 
297 static int test_assert( int correct, char *test )
298 {
299  if( correct )
300  return( 0 );
301 
302  test_errors++;
303  if( test_errors == 1 )
304  printf( "FAILED\n" );
305  printf( " %s\n", test );
306 
307  return( 1 );
308 }
309 
310 #define TEST_ASSERT( TEST ) \
311  do { test_assert( (TEST) ? 1 : 0, #TEST ); \
312  if( test_errors) return; \
313  } while (0)
314 
315 int verify_string( char **str )
316 {
317  if( (*str)[0] != '"' ||
318  (*str)[strlen( *str ) - 1] != '"' )
319  {
320  printf( "Expected string (with \"\") for parameter and got: %s\n", *str );
321  return( -1 );
322  }
323 
324  (*str)++;
325  (*str)[strlen( *str ) - 1] = '\0';
326 
327  return( 0 );
328 }
329 
330 int verify_int( char *str, int *value )
331 {
332  size_t i;
333  int minus = 0;
334  int digits = 1;
335  int hex = 0;
336 
337  for( i = 0; i < strlen( str ); i++ )
338  {
339  if( i == 0 && str[i] == '-' )
340  {
341  minus = 1;
342  continue;
343  }
344 
345  if( ( ( minus && i == 2 ) || ( !minus && i == 1 ) ) &&
346  str[i - 1] == '0' && str[i] == 'x' )
347  {
348  hex = 1;
349  continue;
350  }
351 
352  if( str[i] < '0' || str[i] > '9' )
353  {
354  digits = 0;
355  break;
356  }
357  }
358 
359  if( digits )
360  {
361  if( hex )
362  *value = strtol( str, NULL, 16 );
363  else
364  *value = strtol( str, NULL, 10 );
365 
366  return( 0 );
367  }
368 
369 
370 
371  printf( "Expected integer for parameter and got: %s\n", str );
372  return( -1 );
373 }
374 
375 void test_suite_ctr_drbg_validate_pr( char *add_init_string, char *entropy_string,
376  char *add1_string, char *add2_string,
377  char *result_str )
378 {
379  unsigned char entropy[512];
380  unsigned char add_init[512];
381  unsigned char add1[512];
382  unsigned char add2[512];
383  ctr_drbg_context ctx;
384  unsigned char buf[512];
385  unsigned char output_str[512];
386  int add_init_len, add1_len, add2_len;
387 
388  memset( output_str, 0, 512 );
389 
390  unhexify( entropy, entropy_string );
391  add_init_len = unhexify( add_init, add_init_string );
392  add1_len = unhexify( add1, add1_string );
393  add2_len = unhexify( add2, add2_string );
394 
395  test_offset = 0;
396  TEST_ASSERT( ctr_drbg_init_entropy_len( &ctx, entropy_func, entropy, add_init, add_init_len, 32 ) == 0 );
398 
399  TEST_ASSERT( ctr_drbg_random_with_add( &ctx, buf, 16, add1, add1_len ) == 0 );
400  TEST_ASSERT( ctr_drbg_random_with_add( &ctx, buf, 16, add2, add2_len ) == 0 );
401  hexify( output_str, buf, 16 );
402  TEST_ASSERT( strcmp( (char *) output_str, result_str ) == 0 );
403 }
404 
405 void test_suite_ctr_drbg_validate_nopr( char *add_init_string, char *entropy_string,
406  char *add1_string, char *add_reseed_string,
407  char *add2_string, char *result_str )
408 {
409  unsigned char entropy[512];
410  unsigned char add_init[512];
411  unsigned char add1[512];
412  unsigned char add_reseed[512];
413  unsigned char add2[512];
414  ctr_drbg_context ctx;
415  unsigned char buf[512];
416  unsigned char output_str[512];
417  int add_init_len, add1_len, add_reseed_len, add2_len;
418 
419  memset( output_str, 0, 512 );
420 
421  unhexify( entropy, entropy_string );
422  add_init_len = unhexify( add_init, add_init_string );
423  add1_len = unhexify( add1, add1_string );
424  add_reseed_len = unhexify( add_reseed, add_reseed_string );
425  add2_len = unhexify( add2, add2_string );
426 
427  test_offset = 0;
428  TEST_ASSERT( ctr_drbg_init_entropy_len( &ctx, entropy_func, entropy, add_init, add_init_len, 32 ) == 0 );
429 
430  TEST_ASSERT( ctr_drbg_random_with_add( &ctx, buf, 16, add1, add1_len ) == 0 );
431  TEST_ASSERT( ctr_drbg_reseed( &ctx, add_reseed, add_reseed_len ) == 0 );
432  TEST_ASSERT( ctr_drbg_random_with_add( &ctx, buf, 16, add2, add2_len ) == 0 );
433  hexify( output_str, buf, 16 );
434  TEST_ASSERT( strcmp( (char *) output_str, result_str ) == 0 );
435 }
436 
437 
438 #endif /* POLARSSL_CTR_DRBG_C */
439 
440 
441 int dep_check( char *str )
442 {
443  if( str == NULL )
444  return( 1 );
445 
446 
447 
448  return( 1 );
449 }
450 
451 int dispatch_test(int cnt, char *params[50])
452 {
453  int ret;
454  ((void) cnt);
455  ((void) params);
456 
457 #if defined(TEST_SUITE_ACTIVE)
458  if( strcmp( params[0], "ctr_drbg_validate_pr" ) == 0 )
459  {
460 
461  char *param1 = params[1];
462  char *param2 = params[2];
463  char *param3 = params[3];
464  char *param4 = params[4];
465  char *param5 = params[5];
466 
467  if( cnt != 6 )
468  {
469  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 6 );
470  return( 2 );
471  }
472 
473  if( verify_string( &param1 ) != 0 ) return( 2 );
474  if( verify_string( &param2 ) != 0 ) return( 2 );
475  if( verify_string( &param3 ) != 0 ) return( 2 );
476  if( verify_string( &param4 ) != 0 ) return( 2 );
477  if( verify_string( &param5 ) != 0 ) return( 2 );
478 
479  test_suite_ctr_drbg_validate_pr( param1, param2, param3, param4, param5 );
480  return ( 0 );
481 
482  return ( 3 );
483  }
484  else
485  if( strcmp( params[0], "ctr_drbg_validate_nopr" ) == 0 )
486  {
487 
488  char *param1 = params[1];
489  char *param2 = params[2];
490  char *param3 = params[3];
491  char *param4 = params[4];
492  char *param5 = params[5];
493  char *param6 = params[6];
494 
495  if( cnt != 7 )
496  {
497  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 7 );
498  return( 2 );
499  }
500 
501  if( verify_string( &param1 ) != 0 ) return( 2 );
502  if( verify_string( &param2 ) != 0 ) return( 2 );
503  if( verify_string( &param3 ) != 0 ) return( 2 );
504  if( verify_string( &param4 ) != 0 ) return( 2 );
505  if( verify_string( &param5 ) != 0 ) return( 2 );
506  if( verify_string( &param6 ) != 0 ) return( 2 );
507 
508  test_suite_ctr_drbg_validate_nopr( param1, param2, param3, param4, param5, param6 );
509  return ( 0 );
510 
511  return ( 3 );
512  }
513  else
514 
515  {
516  fprintf( stdout, "FAILED\nSkipping unknown test function '%s'\n", params[0] );
517  fflush( stdout );
518  return( 1 );
519  }
520 #else
521  return( 3 );
522 #endif
523  return( ret );
524 }
525 
526 int get_line( FILE *f, char *buf, size_t len )
527 {
528  char *ret;
529 
530  ret = fgets( buf, len, f );
531  if( ret == NULL )
532  return( -1 );
533 
534  if( strlen( buf ) && buf[strlen(buf) - 1] == '\n' )
535  buf[strlen(buf) - 1] = '\0';
536  if( strlen( buf ) && buf[strlen(buf) - 1] == '\r' )
537  buf[strlen(buf) - 1] = '\0';
538 
539  return( 0 );
540 }
541 
542 int parse_arguments( char *buf, size_t len, char *params[50] )
543 {
544  int cnt = 0, i;
545  char *cur = buf;
546  char *p = buf, *q;
547 
548  params[cnt++] = cur;
549 
550  while( *p != '\0' && p < buf + len )
551  {
552  if( *p == '\\' )
553  {
554  *p++;
555  *p++;
556  continue;
557  }
558  if( *p == ':' )
559  {
560  if( p + 1 < buf + len )
561  {
562  cur = p + 1;
563  params[cnt++] = cur;
564  }
565  *p = '\0';
566  }
567 
568  *p++;
569  }
570 
571  // Replace newlines, question marks and colons in strings
572  for( i = 0; i < cnt; i++ )
573  {
574  p = params[i];
575  q = params[i];
576 
577  while( *p != '\0' )
578  {
579  if( *p == '\\' && *(p + 1) == 'n' )
580  {
581  p += 2;
582  *(q++) = '\n';
583  }
584  else if( *p == '\\' && *(p + 1) == ':' )
585  {
586  p += 2;
587  *(q++) = ':';
588  }
589  else if( *p == '\\' && *(p + 1) == '?' )
590  {
591  p += 2;
592  *(q++) = '?';
593  }
594  else
595  *(q++) = *(p++);
596  }
597  *q = '\0';
598  }
599 
600  return( cnt );
601 }
602 
603 int main()
604 {
605  int ret, i, cnt, total_errors = 0, total_tests = 0, total_skipped = 0;
606  const char *filename = "/tmp/B.6b9404fc-5e27-486e-9bbd-77463d7343ee/BUILD/polarssl-1.3.2/tests/suites/test_suite_ctr_drbg.data";
607  FILE *file;
608  char buf[5000];
609  char *params[50];
610 
611 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
612  unsigned char alloc_buf[1000000];
613  memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) );
614 #endif
615 
616  file = fopen( filename, "r" );
617  if( file == NULL )
618  {
619  fprintf( stderr, "Failed to open\n" );
620  return( 1 );
621  }
622 
623  while( !feof( file ) )
624  {
625  int skip = 0;
626 
627  if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
628  break;
629  fprintf( stdout, "%s%.66s", test_errors ? "\n" : "", buf );
630  fprintf( stdout, " " );
631  for( i = strlen( buf ) + 1; i < 67; i++ )
632  fprintf( stdout, "." );
633  fprintf( stdout, " " );
634  fflush( stdout );
635 
636  total_tests++;
637 
638  if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
639  break;
640  cnt = parse_arguments( buf, strlen(buf), params );
641 
642  if( strcmp( params[0], "depends_on" ) == 0 )
643  {
644  for( i = 1; i < cnt; i++ )
645  if( dep_check( params[i] ) != 0 )
646  skip = 1;
647 
648  if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
649  break;
650  cnt = parse_arguments( buf, strlen(buf), params );
651  }
652 
653  if( skip == 0 )
654  {
655  test_errors = 0;
656  ret = dispatch_test( cnt, params );
657  }
658 
659  if( skip == 1 || ret == 3 )
660  {
661  total_skipped++;
662  fprintf( stdout, "----\n" );
663  fflush( stdout );
664  }
665  else if( ret == 0 && test_errors == 0 )
666  {
667  fprintf( stdout, "PASS\n" );
668  fflush( stdout );
669  }
670  else if( ret == 2 )
671  {
672  fprintf( stderr, "FAILED: FATAL PARSE ERROR\n" );
673  fclose(file);
674  exit( 2 );
675  }
676  else
677  total_errors++;
678 
679  if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
680  break;
681  if( strlen(buf) != 0 )
682  {
683  fprintf( stderr, "Should be empty %d\n", (int) strlen(buf) );
684  return( 1 );
685  }
686  }
687  fclose(file);
688 
689  fprintf( stdout, "\n----------------------------------------------------------------------------\n\n");
690  if( total_errors == 0 )
691  fprintf( stdout, "PASSED" );
692  else
693  fprintf( stdout, "FAILED" );
694 
695  fprintf( stdout, " (%d / %d tests (%d skipped))\n",
696  total_tests - total_errors, total_tests, total_skipped );
697 
698 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
699 #if defined(POLARSSL_MEMORY_DEBUG)
700  memory_buffer_alloc_status();
701 #endif
702  memory_buffer_alloc_free();
703 #endif
704 
705  return( total_errors != 0 );
706 }
707 
708 
void ctr_drbg_set_prediction_resistance(ctr_drbg_context *ctx, int resistance)
Enable / disable prediction resistance (Default: Off)
#define CTR_DRBG_PR_ON
Prediction resistance enabled.
Definition: ctr_drbg.h:58
static int rnd_zero_rand(void *rng_state, unsigned char *output, size_t len)
This function only returns zeros.
Memory allocation layer.
uint32_t t_uint
Definition: bignum.h:149
Info structure for the pseudo random function.
int s
Definition: bignum.h:173
Configuration options (set of defines)
static int rnd_std_rand(void *rng_state, unsigned char *output, size_t len)
This function just returns data from rand().
MPI structure.
Definition: bignum.h:171
int ctr_drbg_init_entropy_len(ctr_drbg_context *, int(*)(void *, unsigned char *, size_t), void *, const unsigned char *, size_t, size_t)
static int test_assert(int correct, char *test)
int main(int argc, char *argv[])
Multi-precision integer library.
int dep_check(char *str)
#define TEST_ASSERT(TEST)
int ctr_drbg_random_with_add(void *p_rng, unsigned char *output, size_t output_len, const unsigned char *additional, size_t add_len)
CTR_DRBG generate random with additional update input.
static void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
static int test_errors
int ctr_drbg_reseed(ctr_drbg_context *ctx, const unsigned char *additional, size_t len)
CTR_DRBG reseeding (extracts data from entropy source)
int parse_arguments(char *buf, size_t len, char *params[50])
CTR_DRBG context structure.
Definition: ctr_drbg.h:67
int mpi_read_string(mpi *X, int radix, const char *s)
Import from an ASCII string.
t_uint * p
Definition: bignum.h:175
int verify_string(char **str)
int dispatch_test(int cnt, char *params[50])
static int rnd_buffer_rand(void *rng_state, unsigned char *output, size_t len)
This function returns random based on a buffer it receives.
size_t n
Definition: bignum.h:174
unsigned char * buf
static int unhexify(unsigned char *obuf, const char *ibuf)
static int rnd_pseudo_rand(void *rng_state, unsigned char *output, size_t len)
This function returns random based on a pseudo random function.
int verify_int(char *str, int *value)
int entropy_func(void *data, unsigned char *output, size_t len)
Retrieve entropy from the accumulator (Max ENTROPY_BLOCK_SIZE) (Thread-safe if POLARSSL_THREADING_C i...
#define PUT_UINT32_BE(n, b, i)
int get_line(FILE *f, char *buf, size_t len)
CTR_DRBG based on AES-256 (NIST SP 800-90)