| Paul Bakker | 33b43f1 | 2013-08-20 11:48:36 +0200 | [diff] [blame] | 1 | /* BEGIN_HEADER */ | 
| Paul Bakker | 0e04d0e | 2011-11-27 14:46:59 +0000 | [diff] [blame] | 2 | #include <polarssl/ctr_drbg.h> | 
|  | 3 |  | 
| Paul Bakker | 3ddfa66 | 2013-11-26 17:45:20 +0100 | [diff] [blame] | 4 | int test_offset_idx; | 
| Paul Bakker | 69e095c | 2011-12-10 21:55:01 +0000 | [diff] [blame] | 5 | int entropy_func( void *data, unsigned char *buf, size_t len ) | 
| Paul Bakker | 0e04d0e | 2011-11-27 14:46:59 +0000 | [diff] [blame] | 6 | { | 
| Manuel Pégourié-Gonnard | 7575daa | 2014-01-31 12:16:54 +0100 | [diff] [blame] | 7 | const unsigned char *p = (unsigned char *) data; | 
| Paul Bakker | 3ddfa66 | 2013-11-26 17:45:20 +0100 | [diff] [blame] | 8 | memcpy( buf, p + test_offset_idx, len ); | 
| Manuel Pégourié-Gonnard | 7575daa | 2014-01-31 12:16:54 +0100 | [diff] [blame] | 9 | test_offset_idx += len; | 
| Paul Bakker | 0e04d0e | 2011-11-27 14:46:59 +0000 | [diff] [blame] | 10 | return( 0 ); | 
|  | 11 | } | 
| Paul Bakker | 33b43f1 | 2013-08-20 11:48:36 +0200 | [diff] [blame] | 12 | /* END_HEADER */ | 
| Paul Bakker | 0e04d0e | 2011-11-27 14:46:59 +0000 | [diff] [blame] | 13 |  | 
| Paul Bakker | 33b43f1 | 2013-08-20 11:48:36 +0200 | [diff] [blame] | 14 | /* BEGIN_DEPENDENCIES | 
|  | 15 | * depends_on:POLARSSL_CTR_DRBG_C | 
|  | 16 | * END_DEPENDENCIES | 
|  | 17 | */ | 
| Paul Bakker | 0e04d0e | 2011-11-27 14:46:59 +0000 | [diff] [blame] | 18 |  | 
| Paul Bakker | 33b43f1 | 2013-08-20 11:48:36 +0200 | [diff] [blame] | 19 | /* BEGIN_CASE */ | 
|  | 20 | void ctr_drbg_validate_pr( char *add_init_string, char *entropy_string, | 
|  | 21 | char *add1_string, char *add2_string, | 
|  | 22 | char *result_str ) | 
| Paul Bakker | 0e04d0e | 2011-11-27 14:46:59 +0000 | [diff] [blame] | 23 | { | 
|  | 24 | unsigned char entropy[512]; | 
|  | 25 | unsigned char add_init[512]; | 
|  | 26 | unsigned char add1[512]; | 
|  | 27 | unsigned char add2[512]; | 
|  | 28 | ctr_drbg_context ctx; | 
|  | 29 | unsigned char buf[512]; | 
|  | 30 | unsigned char output_str[512]; | 
|  | 31 | int add_init_len, add1_len, add2_len; | 
|  | 32 |  | 
|  | 33 | memset( output_str, 0, 512 ); | 
|  | 34 |  | 
| Paul Bakker | 33b43f1 | 2013-08-20 11:48:36 +0200 | [diff] [blame] | 35 | unhexify( entropy, entropy_string ); | 
|  | 36 | add_init_len = unhexify( add_init, add_init_string ); | 
|  | 37 | add1_len = unhexify( add1, add1_string ); | 
|  | 38 | add2_len = unhexify( add2, add2_string ); | 
| Paul Bakker | 0e04d0e | 2011-11-27 14:46:59 +0000 | [diff] [blame] | 39 |  | 
| Paul Bakker | 3ddfa66 | 2013-11-26 17:45:20 +0100 | [diff] [blame] | 40 | test_offset_idx = 0; | 
| Paul Bakker | 18d3291 | 2011-12-10 21:42:49 +0000 | [diff] [blame] | 41 | TEST_ASSERT( ctr_drbg_init_entropy_len( &ctx, entropy_func, entropy, add_init, add_init_len, 32 ) == 0 ); | 
| Paul Bakker | 0e04d0e | 2011-11-27 14:46:59 +0000 | [diff] [blame] | 42 | ctr_drbg_set_prediction_resistance( &ctx, CTR_DRBG_PR_ON ); | 
|  | 43 |  | 
|  | 44 | TEST_ASSERT( ctr_drbg_random_with_add( &ctx, buf, 16, add1, add1_len ) == 0 ); | 
|  | 45 | TEST_ASSERT( ctr_drbg_random_with_add( &ctx, buf, 16, add2, add2_len ) == 0 ); | 
|  | 46 | hexify( output_str, buf, 16 ); | 
| Paul Bakker | 33b43f1 | 2013-08-20 11:48:36 +0200 | [diff] [blame] | 47 | TEST_ASSERT( strcmp( (char *) output_str, result_str ) == 0 ); | 
| Paul Bakker | a317a98 | 2014-06-18 16:44:11 +0200 | [diff] [blame] | 48 |  | 
| Paul Bakker | bd51b26 | 2014-07-10 15:26:12 +0200 | [diff] [blame] | 49 | exit: | 
| Paul Bakker | a317a98 | 2014-06-18 16:44:11 +0200 | [diff] [blame] | 50 | ctr_drbg_free( &ctx ); | 
| Paul Bakker | 0e04d0e | 2011-11-27 14:46:59 +0000 | [diff] [blame] | 51 | } | 
| Paul Bakker | 33b43f1 | 2013-08-20 11:48:36 +0200 | [diff] [blame] | 52 | /* END_CASE */ | 
| Paul Bakker | 0e04d0e | 2011-11-27 14:46:59 +0000 | [diff] [blame] | 53 |  | 
| Paul Bakker | 33b43f1 | 2013-08-20 11:48:36 +0200 | [diff] [blame] | 54 | /* BEGIN_CASE */ | 
|  | 55 | void ctr_drbg_validate_nopr( char *add_init_string, char *entropy_string, | 
|  | 56 | char *add1_string, char *add_reseed_string, | 
|  | 57 | char *add2_string, char *result_str ) | 
| Paul Bakker | 0e04d0e | 2011-11-27 14:46:59 +0000 | [diff] [blame] | 58 | { | 
|  | 59 | unsigned char entropy[512]; | 
|  | 60 | unsigned char add_init[512]; | 
|  | 61 | unsigned char add1[512]; | 
|  | 62 | unsigned char add_reseed[512]; | 
|  | 63 | unsigned char add2[512]; | 
|  | 64 | ctr_drbg_context ctx; | 
|  | 65 | unsigned char buf[512]; | 
|  | 66 | unsigned char output_str[512]; | 
|  | 67 | int add_init_len, add1_len, add_reseed_len, add2_len; | 
|  | 68 |  | 
|  | 69 | memset( output_str, 0, 512 ); | 
|  | 70 |  | 
| Paul Bakker | 33b43f1 | 2013-08-20 11:48:36 +0200 | [diff] [blame] | 71 | unhexify( entropy, entropy_string ); | 
|  | 72 | add_init_len = unhexify( add_init, add_init_string ); | 
|  | 73 | add1_len = unhexify( add1, add1_string ); | 
|  | 74 | add_reseed_len = unhexify( add_reseed, add_reseed_string ); | 
|  | 75 | add2_len = unhexify( add2, add2_string ); | 
| Paul Bakker | 0e04d0e | 2011-11-27 14:46:59 +0000 | [diff] [blame] | 76 |  | 
| Paul Bakker | 3ddfa66 | 2013-11-26 17:45:20 +0100 | [diff] [blame] | 77 | test_offset_idx = 0; | 
| Paul Bakker | 18d3291 | 2011-12-10 21:42:49 +0000 | [diff] [blame] | 78 | TEST_ASSERT( ctr_drbg_init_entropy_len( &ctx, entropy_func, entropy, add_init, add_init_len, 32 ) == 0 ); | 
| Paul Bakker | 0e04d0e | 2011-11-27 14:46:59 +0000 | [diff] [blame] | 79 |  | 
|  | 80 | TEST_ASSERT( ctr_drbg_random_with_add( &ctx, buf, 16, add1, add1_len ) == 0 ); | 
|  | 81 | TEST_ASSERT( ctr_drbg_reseed( &ctx, add_reseed, add_reseed_len ) == 0 ); | 
|  | 82 | TEST_ASSERT( ctr_drbg_random_with_add( &ctx, buf, 16, add2, add2_len ) == 0 ); | 
|  | 83 | hexify( output_str, buf, 16 ); | 
| Paul Bakker | 33b43f1 | 2013-08-20 11:48:36 +0200 | [diff] [blame] | 84 | TEST_ASSERT( strcmp( (char *) output_str, result_str ) == 0 ); | 
| Paul Bakker | a317a98 | 2014-06-18 16:44:11 +0200 | [diff] [blame] | 85 |  | 
| Paul Bakker | bd51b26 | 2014-07-10 15:26:12 +0200 | [diff] [blame] | 86 | exit: | 
| Paul Bakker | a317a98 | 2014-06-18 16:44:11 +0200 | [diff] [blame] | 87 | ctr_drbg_free( &ctx ); | 
| Paul Bakker | 0e04d0e | 2011-11-27 14:46:59 +0000 | [diff] [blame] | 88 | } | 
| Paul Bakker | 33b43f1 | 2013-08-20 11:48:36 +0200 | [diff] [blame] | 89 | /* END_CASE */ | 
| Manuel Pégourié-Gonnard | b3b205e | 2014-01-31 12:04:06 +0100 | [diff] [blame] | 90 |  | 
| Manuel Pégourié-Gonnard | 7575daa | 2014-01-31 12:16:54 +0100 | [diff] [blame] | 91 | /* BEGIN_CASE */ | 
|  | 92 | void ctr_drbg_entropy_usage( ) | 
|  | 93 | { | 
|  | 94 | unsigned char out[16]; | 
|  | 95 | unsigned char add[16]; | 
|  | 96 | unsigned char entropy[1024]; | 
|  | 97 | ctr_drbg_context ctx; | 
|  | 98 | size_t i, reps = 10; | 
|  | 99 | int last_idx; | 
|  | 100 |  | 
|  | 101 | test_offset_idx = 0; | 
|  | 102 | memset( entropy, 0, sizeof( entropy ) ); | 
|  | 103 | memset( out, 0, sizeof( out ) ); | 
|  | 104 | memset( add, 0, sizeof( add ) ); | 
|  | 105 |  | 
|  | 106 | /* Init must use entropy */ | 
|  | 107 | last_idx = test_offset_idx; | 
|  | 108 | TEST_ASSERT( ctr_drbg_init( &ctx, entropy_func, entropy, NULL, 0 ) == 0 ); | 
|  | 109 | TEST_ASSERT( last_idx < test_offset_idx ); | 
|  | 110 |  | 
|  | 111 | /* By default, PR is off and reseed_interval is large, | 
|  | 112 | * so the next few calls should not use entropy */ | 
|  | 113 | last_idx = test_offset_idx; | 
|  | 114 | for( i = 0; i < reps; i++ ) | 
|  | 115 | { | 
|  | 116 | TEST_ASSERT( ctr_drbg_random( &ctx, out, sizeof( out ) - 4 ) == 0 ); | 
|  | 117 | TEST_ASSERT( ctr_drbg_random_with_add( &ctx, out, sizeof( out ) - 4, | 
|  | 118 | add, sizeof( add ) ) == 0 ); | 
|  | 119 | } | 
|  | 120 | TEST_ASSERT( last_idx == test_offset_idx ); | 
|  | 121 |  | 
|  | 122 | /* While at it, make sure we didn't write past the requested length */ | 
|  | 123 | TEST_ASSERT( out[sizeof( out ) - 4] == 0 ); | 
|  | 124 | TEST_ASSERT( out[sizeof( out ) - 3] == 0 ); | 
|  | 125 | TEST_ASSERT( out[sizeof( out ) - 2] == 0 ); | 
|  | 126 | TEST_ASSERT( out[sizeof( out ) - 1] == 0 ); | 
|  | 127 |  | 
|  | 128 | /* Set reseed_interval to the number of calls done, | 
|  | 129 | * so the next call should reseed */ | 
|  | 130 | ctr_drbg_set_reseed_interval( &ctx, 2 * reps ); | 
|  | 131 | TEST_ASSERT( ctr_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); | 
|  | 132 | TEST_ASSERT( last_idx < test_offset_idx ); | 
|  | 133 |  | 
|  | 134 | /* The new few calls should not reseed */ | 
|  | 135 | last_idx = test_offset_idx; | 
|  | 136 | for( i = 0; i < reps / 2; i++ ) | 
|  | 137 | { | 
|  | 138 | TEST_ASSERT( ctr_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); | 
|  | 139 | TEST_ASSERT( ctr_drbg_random_with_add( &ctx, out, sizeof( out ) , | 
|  | 140 | add, sizeof( add ) ) == 0 ); | 
|  | 141 | } | 
|  | 142 | TEST_ASSERT( last_idx == test_offset_idx ); | 
|  | 143 |  | 
| Manuel Pégourié-Gonnard | f5f25b3 | 2014-11-27 14:04:56 +0100 | [diff] [blame^] | 144 | /* Call update with too much data (sizeof entropy > MAX(_SEED)_INPUT) | 
|  | 145 | * (just make sure it doesn't cause memory corruption) */ | 
|  | 146 | ctr_drbg_update( &ctx, entropy, sizeof( entropy ) ); | 
|  | 147 |  | 
| Manuel Pégourié-Gonnard | 7575daa | 2014-01-31 12:16:54 +0100 | [diff] [blame] | 148 | /* Now enable PR, so the next few calls should all reseed */ | 
|  | 149 | ctr_drbg_set_prediction_resistance( &ctx, CTR_DRBG_PR_ON ); | 
|  | 150 | TEST_ASSERT( ctr_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); | 
|  | 151 | TEST_ASSERT( last_idx < test_offset_idx ); | 
|  | 152 |  | 
|  | 153 | /* Finally, check setting entropy_len */ | 
|  | 154 | ctr_drbg_set_entropy_len( &ctx, 42 ); | 
|  | 155 | last_idx = test_offset_idx; | 
|  | 156 | TEST_ASSERT( ctr_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); | 
|  | 157 | TEST_ASSERT( test_offset_idx - last_idx == 42 ); | 
|  | 158 |  | 
|  | 159 | ctr_drbg_set_entropy_len( &ctx, 13 ); | 
|  | 160 | last_idx = test_offset_idx; | 
|  | 161 | TEST_ASSERT( ctr_drbg_random( &ctx, out, sizeof( out ) ) == 0 ); | 
|  | 162 | TEST_ASSERT( test_offset_idx - last_idx == 13 ); | 
| Paul Bakker | a317a98 | 2014-06-18 16:44:11 +0200 | [diff] [blame] | 163 |  | 
| Paul Bakker | bd51b26 | 2014-07-10 15:26:12 +0200 | [diff] [blame] | 164 | exit: | 
| Paul Bakker | a317a98 | 2014-06-18 16:44:11 +0200 | [diff] [blame] | 165 | ctr_drbg_free( &ctx ); | 
| Manuel Pégourié-Gonnard | 7575daa | 2014-01-31 12:16:54 +0100 | [diff] [blame] | 166 | } | 
|  | 167 | /* END_CASE */ | 
|  | 168 |  | 
|  | 169 | /* BEGIN_CASE depends_on:POLARSSL_FS_IO */ | 
|  | 170 | void ctr_drbg_seed_file( char *path, int ret ) | 
|  | 171 | { | 
|  | 172 | ctr_drbg_context ctx; | 
|  | 173 |  | 
|  | 174 | TEST_ASSERT( ctr_drbg_init( &ctx, rnd_std_rand, NULL, NULL, 0 ) == 0 ); | 
|  | 175 | TEST_ASSERT( ctr_drbg_write_seed_file( &ctx, path ) == ret ); | 
|  | 176 | TEST_ASSERT( ctr_drbg_update_seed_file( &ctx, path ) == ret ); | 
| Paul Bakker | a317a98 | 2014-06-18 16:44:11 +0200 | [diff] [blame] | 177 |  | 
| Paul Bakker | bd51b26 | 2014-07-10 15:26:12 +0200 | [diff] [blame] | 178 | exit: | 
| Paul Bakker | a317a98 | 2014-06-18 16:44:11 +0200 | [diff] [blame] | 179 | ctr_drbg_free( &ctx ); | 
| Manuel Pégourié-Gonnard | 7575daa | 2014-01-31 12:16:54 +0100 | [diff] [blame] | 180 | } | 
|  | 181 | /* END_CASE */ | 
|  | 182 |  | 
| Manuel Pégourié-Gonnard | b3b205e | 2014-01-31 12:04:06 +0100 | [diff] [blame] | 183 | /* BEGIN_CASE depends_on:POLARSSL_SELF_TEST */ | 
|  | 184 | void ctr_drbg_selftest( ) | 
|  | 185 | { | 
|  | 186 | TEST_ASSERT( ctr_drbg_self_test( 0 ) == 0 ); | 
|  | 187 | } | 
|  | 188 | /* END_CASE */ |