blob: 73d6767f97c0935f98ea4f4dfd0b2f73c5dace26 [file] [log] [blame]
Manuel Pégourié-Gonnard3d49b9d2014-06-06 14:48:09 +02001#if defined(POLARSSL_PLATFORM_C)
2#include "polarssl/platform.h"
3#else
4#define polarssl_malloc malloc
5#define polarssl_free free
6#endif
7
Paul Bakkerb3dcbc12011-03-13 16:57:25 +00008#ifdef _MSC_VER
9#include <basetsd.h>
10typedef UINT32 uint32_t;
11#else
12#include <inttypes.h>
13#endif
14
Paul Bakker19343182013-08-16 13:31:10 +020015#include <assert.h>
16#include <stdlib.h>
17#include <string.h>
18
Paul Bakkerb3dcbc12011-03-13 16:57:25 +000019/*
20 * 32-bit integer manipulation macros (big endian)
21 */
Paul Bakker5c2364c2012-10-01 14:41:15 +000022#ifndef GET_UINT32_BE
23#define GET_UINT32_BE(n,b,i) \
Paul Bakkerb3dcbc12011-03-13 16:57:25 +000024{ \
Paul Bakker5c2364c2012-10-01 14:41:15 +000025 (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
26 | ( (uint32_t) (b)[(i) + 1] << 16 ) \
27 | ( (uint32_t) (b)[(i) + 2] << 8 ) \
28 | ( (uint32_t) (b)[(i) + 3] ); \
Paul Bakkerb3dcbc12011-03-13 16:57:25 +000029}
30#endif
31
Paul Bakker5c2364c2012-10-01 14:41:15 +000032#ifndef PUT_UINT32_BE
33#define PUT_UINT32_BE(n,b,i) \
Paul Bakkerb3dcbc12011-03-13 16:57:25 +000034{ \
35 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
36 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
37 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
38 (b)[(i) + 3] = (unsigned char) ( (n) ); \
39}
40#endif
41
Paul Bakkerb6c5d2e2013-06-25 16:25:17 +020042static int unhexify(unsigned char *obuf, const char *ibuf)
Paul Bakker367dae42009-06-28 21:50:27 +000043{
44 unsigned char c, c2;
45 int len = strlen(ibuf) / 2;
Rich Evans1fef5ff2015-02-02 11:57:21 +000046 assert( strlen(ibuf) % 2 == 0 ); // must be even number of bytes
Paul Bakker367dae42009-06-28 21:50:27 +000047
48 while (*ibuf != 0)
49 {
50 c = *ibuf++;
51 if( c >= '0' && c <= '9' )
52 c -= '0';
53 else if( c >= 'a' && c <= 'f' )
54 c -= 'a' - 10;
55 else if( c >= 'A' && c <= 'F' )
56 c -= 'A' - 10;
57 else
58 assert( 0 );
59
60 c2 = *ibuf++;
61 if( c2 >= '0' && c2 <= '9' )
62 c2 -= '0';
63 else if( c2 >= 'a' && c2 <= 'f' )
64 c2 -= 'a' - 10;
65 else if( c2 >= 'A' && c2 <= 'F' )
66 c2 -= 'A' - 10;
67 else
68 assert( 0 );
69
70 *obuf++ = ( c << 4 ) | c2;
71 }
72
73 return len;
74}
75
Rich Evans42914452015-02-02 12:09:25 +000076static void hexify( unsigned char *obuf, const unsigned char *ibuf, int len )
Paul Bakker367dae42009-06-28 21:50:27 +000077{
78 unsigned char l, h;
79
Rich Evans42914452015-02-02 12:09:25 +000080 while( len != 0 )
Paul Bakker367dae42009-06-28 21:50:27 +000081 {
Rich Evans42914452015-02-02 12:09:25 +000082 h = *ibuf / 16;
83 l = *ibuf % 16;
Paul Bakker367dae42009-06-28 21:50:27 +000084
85 if( h < 10 )
86 *obuf++ = '0' + h;
87 else
88 *obuf++ = 'a' + h - 10;
89
90 if( l < 10 )
91 *obuf++ = '0' + l;
92 else
93 *obuf++ = 'a' + l - 10;
94
95 ++ibuf;
96 len--;
97 }
98}
Paul Bakker9dcc3222011-03-08 14:16:06 +000099
100/**
Manuel Pégourié-Gonnard0dc5e0d2014-06-13 21:09:26 +0200101 * Allocate and zeroize a buffer.
102 *
103 * If the size if zero, a pointer to a zeroized 1-byte buffer is returned.
104 *
105 * For convenience, dies if allocation fails.
106 */
107static unsigned char *zero_alloc( size_t len )
108{
109 void *p;
Rich Evans42914452015-02-02 12:09:25 +0000110 size_t actual_len = ( len != 0 ) ? len : 1;
Manuel Pégourié-Gonnard0dc5e0d2014-06-13 21:09:26 +0200111
Paul Bakker4d0cfe82014-07-10 14:37:36 +0200112 p = polarssl_malloc( actual_len );
113 assert( p != NULL );
Manuel Pégourié-Gonnard0dc5e0d2014-06-13 21:09:26 +0200114
115 memset( p, 0x00, actual_len );
116
117 return( p );
118}
119
120/**
Manuel Pégourié-Gonnard3d49b9d2014-06-06 14:48:09 +0200121 * Allocate and fill a buffer from hex data.
122 *
123 * The buffer is sized exactly as needed. This allows to detect buffer
124 * overruns (including overreads) when running the test suite under valgrind.
125 *
Manuel Pégourié-Gonnard0dc5e0d2014-06-13 21:09:26 +0200126 * If the size if zero, a pointer to a zeroized 1-byte buffer is returned.
127 *
Manuel Pégourié-Gonnard3d49b9d2014-06-06 14:48:09 +0200128 * For convenience, dies if allocation fails.
129 */
130static unsigned char *unhexify_alloc( const char *ibuf, size_t *olen )
131{
132 unsigned char *obuf;
133
Rich Evans42914452015-02-02 12:09:25 +0000134 *olen = strlen( ibuf ) / 2;
Manuel Pégourié-Gonnard3d49b9d2014-06-06 14:48:09 +0200135
Manuel Pégourié-Gonnard0dc5e0d2014-06-13 21:09:26 +0200136 if( *olen == 0 )
137 return( zero_alloc( *olen ) );
138
Paul Bakker4d0cfe82014-07-10 14:37:36 +0200139 obuf = polarssl_malloc( *olen );
140 assert( obuf != NULL );
Manuel Pégourié-Gonnard3d49b9d2014-06-06 14:48:09 +0200141
142 (void) unhexify( obuf, ibuf );
143
144 return( obuf );
145}
146
147/**
Paul Bakker9dcc3222011-03-08 14:16:06 +0000148 * This function just returns data from rand().
Paul Bakker997bbd12011-03-13 15:45:42 +0000149 * Although predictable and often similar on multiple
150 * runs, this does not result in identical random on
151 * each run. So do not use this if the results of a
152 * test depend on the random data that is generated.
Paul Bakker9dcc3222011-03-08 14:16:06 +0000153 *
154 * rng_state shall be NULL.
155 */
Paul Bakkera3d195c2011-11-27 21:07:34 +0000156static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len )
Paul Bakker9dcc3222011-03-08 14:16:06 +0000157{
Paul Bakkerf96f7b62014-04-30 16:02:38 +0200158#if !defined(__OpenBSD__)
Paul Bakkera3d195c2011-11-27 21:07:34 +0000159 size_t i;
160
Paul Bakker9dcc3222011-03-08 14:16:06 +0000161 if( rng_state != NULL )
162 rng_state = NULL;
163
Paul Bakkera3d195c2011-11-27 21:07:34 +0000164 for( i = 0; i < len; ++i )
165 output[i] = rand();
Paul Bakkerf96f7b62014-04-30 16:02:38 +0200166#else
167 if( rng_state != NULL )
168 rng_state = NULL;
169
170 arc4random_buf( output, len );
171#endif /* !OpenBSD */
Paul Bakkera3d195c2011-11-27 21:07:34 +0000172
173 return( 0 );
Paul Bakker9dcc3222011-03-08 14:16:06 +0000174}
175
176/**
177 * This function only returns zeros
178 *
179 * rng_state shall be NULL.
180 */
Paul Bakkera3d195c2011-11-27 21:07:34 +0000181static int rnd_zero_rand( void *rng_state, unsigned char *output, size_t len )
Paul Bakker9dcc3222011-03-08 14:16:06 +0000182{
183 if( rng_state != NULL )
184 rng_state = NULL;
185
Paul Bakkera3d195c2011-11-27 21:07:34 +0000186 memset( output, 0, len );
187
Paul Bakker9dcc3222011-03-08 14:16:06 +0000188 return( 0 );
189}
190
191typedef struct
192{
193 unsigned char *buf;
Paul Bakkera3d195c2011-11-27 21:07:34 +0000194 size_t length;
Paul Bakker997bbd12011-03-13 15:45:42 +0000195} rnd_buf_info;
Paul Bakker9dcc3222011-03-08 14:16:06 +0000196
197/**
198 * This function returns random based on a buffer it receives.
199 *
Paul Bakker997bbd12011-03-13 15:45:42 +0000200 * rng_state shall be a pointer to a rnd_buf_info structure.
201 *
202 * The number of bytes released from the buffer on each call to
203 * the random function is specified by per_call. (Can be between
204 * 1 and 4)
Paul Bakker9dcc3222011-03-08 14:16:06 +0000205 *
206 * After the buffer is empty it will return rand();
207 */
Paul Bakkera3d195c2011-11-27 21:07:34 +0000208static int rnd_buffer_rand( void *rng_state, unsigned char *output, size_t len )
Paul Bakker9dcc3222011-03-08 14:16:06 +0000209{
Paul Bakker997bbd12011-03-13 15:45:42 +0000210 rnd_buf_info *info = (rnd_buf_info *) rng_state;
Paul Bakkera3d195c2011-11-27 21:07:34 +0000211 size_t use_len;
Paul Bakker9dcc3222011-03-08 14:16:06 +0000212
213 if( rng_state == NULL )
Paul Bakkera3d195c2011-11-27 21:07:34 +0000214 return( rnd_std_rand( NULL, output, len ) );
Paul Bakker9dcc3222011-03-08 14:16:06 +0000215
Paul Bakkera3d195c2011-11-27 21:07:34 +0000216 use_len = len;
217 if( len > info->length )
218 use_len = info->length;
Paul Bakker997bbd12011-03-13 15:45:42 +0000219
Paul Bakkera3d195c2011-11-27 21:07:34 +0000220 if( use_len )
Paul Bakker9dcc3222011-03-08 14:16:06 +0000221 {
Paul Bakkera3d195c2011-11-27 21:07:34 +0000222 memcpy( output, info->buf, use_len );
223 info->buf += use_len;
224 info->length -= use_len;
Paul Bakker9dcc3222011-03-08 14:16:06 +0000225 }
226
Paul Bakkera3d195c2011-11-27 21:07:34 +0000227 if( len - use_len > 0 )
228 return( rnd_std_rand( NULL, output + use_len, len - use_len ) );
229
230 return( 0 );
Paul Bakker9dcc3222011-03-08 14:16:06 +0000231}
Paul Bakker997bbd12011-03-13 15:45:42 +0000232
233/**
234 * Info structure for the pseudo random function
235 *
236 * Key should be set at the start to a test-unique value.
Paul Bakkerb3dcbc12011-03-13 16:57:25 +0000237 * Do not forget endianness!
Paul Bakker997bbd12011-03-13 15:45:42 +0000238 * State( v0, v1 ) should be set to zero.
239 */
240typedef struct
241{
Paul Bakkerb3dcbc12011-03-13 16:57:25 +0000242 uint32_t key[16];
Paul Bakker997bbd12011-03-13 15:45:42 +0000243 uint32_t v0, v1;
244} rnd_pseudo_info;
245
246/**
247 * This function returns random based on a pseudo random function.
248 * This means the results should be identical on all systems.
249 * Pseudo random is based on the XTEA encryption algorithm to
250 * generate pseudorandom.
251 *
252 * rng_state shall be a pointer to a rnd_pseudo_info structure.
253 */
Paul Bakkera3d195c2011-11-27 21:07:34 +0000254static int rnd_pseudo_rand( void *rng_state, unsigned char *output, size_t len )
Paul Bakker997bbd12011-03-13 15:45:42 +0000255{
256 rnd_pseudo_info *info = (rnd_pseudo_info *) rng_state;
Paul Bakkera3d195c2011-11-27 21:07:34 +0000257 uint32_t i, *k, sum, delta=0x9E3779B9;
Manuel Pégourié-Gonnard217a29c2014-01-03 11:59:09 +0100258 unsigned char result[4], *out = output;
Paul Bakker997bbd12011-03-13 15:45:42 +0000259
260 if( rng_state == NULL )
Paul Bakkera3d195c2011-11-27 21:07:34 +0000261 return( rnd_std_rand( NULL, output, len ) );
Paul Bakker997bbd12011-03-13 15:45:42 +0000262
Paul Bakkerb3dcbc12011-03-13 16:57:25 +0000263 k = info->key;
Paul Bakkera3d195c2011-11-27 21:07:34 +0000264
265 while( len > 0 )
Paul Bakker997bbd12011-03-13 15:45:42 +0000266 {
Paul Bakker40dd5302012-05-15 15:02:38 +0000267 size_t use_len = ( len > 4 ) ? 4 : len;
Paul Bakkera3d195c2011-11-27 21:07:34 +0000268 sum = 0;
269
Paul Bakkera3d195c2011-11-27 21:07:34 +0000270 for( i = 0; i < 32; i++ )
271 {
Rich Evans42914452015-02-02 12:09:25 +0000272 info->v0 += ( ( ( info->v1 << 4 ) ^ ( info->v1 >> 5 ) )
273 + info->v1 ) ^ ( sum + k[sum & 3] );
Paul Bakkera3d195c2011-11-27 21:07:34 +0000274 sum += delta;
Rich Evans42914452015-02-02 12:09:25 +0000275 info->v1 += ( ( ( info->v0 << 4 ) ^ ( info->v0 >> 5 ) )
276 + info->v0 ) ^ ( sum + k[( sum>>11 ) & 3] );
Paul Bakkera3d195c2011-11-27 21:07:34 +0000277 }
278
Paul Bakker5c2364c2012-10-01 14:41:15 +0000279 PUT_UINT32_BE( info->v0, result, 0 );
Manuel Pégourié-Gonnard217a29c2014-01-03 11:59:09 +0100280 memcpy( out, result, use_len );
Paul Bakkera3d195c2011-11-27 21:07:34 +0000281 len -= use_len;
Manuel Pégourié-Gonnard217a29c2014-01-03 11:59:09 +0100282 out += 4;
Paul Bakker997bbd12011-03-13 15:45:42 +0000283 }
284
Paul Bakkera3d195c2011-11-27 21:07:34 +0000285 return( 0 );
Paul Bakker997bbd12011-03-13 15:45:42 +0000286}