blob: 3ae9a40a30430b9a8f5404e7a9e41270841b283a [file] [log] [blame]
Manuel Pégourié-Gonnard3d49b9d2014-06-06 14:48:09 +02001#if defined(POLARSSL_PLATFORM_C)
2#include "polarssl/platform.h"
3#else
Rich Evans00ab4702015-02-06 13:43:58 +00004#include <stdio.h>
5#define polarssl_printf printf
6#define polarssl_fprintf fprintf
Manuel Pégourié-Gonnard3d49b9d2014-06-06 14:48:09 +02007#define polarssl_malloc malloc
8#define polarssl_free free
9#endif
10
Paul Bakkerb3dcbc12011-03-13 16:57:25 +000011#ifdef _MSC_VER
12#include <basetsd.h>
13typedef UINT32 uint32_t;
14#else
15#include <inttypes.h>
16#endif
17
Paul Bakker19343182013-08-16 13:31:10 +020018#include <stdlib.h>
19#include <string.h>
20
Rich Evans4c091142015-02-02 12:04:10 +000021#define assert(a) if( !( a ) ) \
22{ \
23 polarssl_fprintf( stderr, "Assertion Failed at %s:%d - %s\n", \
24 __FILE__, __LINE__, #a ); \
25 polarssl_exit( 1 ); \
26}
27
Paul Bakkerb3dcbc12011-03-13 16:57:25 +000028/*
29 * 32-bit integer manipulation macros (big endian)
30 */
Paul Bakker5c2364c2012-10-01 14:41:15 +000031#ifndef GET_UINT32_BE
32#define GET_UINT32_BE(n,b,i) \
Paul Bakkerb3dcbc12011-03-13 16:57:25 +000033{ \
Paul Bakker5c2364c2012-10-01 14:41:15 +000034 (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
35 | ( (uint32_t) (b)[(i) + 1] << 16 ) \
36 | ( (uint32_t) (b)[(i) + 2] << 8 ) \
37 | ( (uint32_t) (b)[(i) + 3] ); \
Paul Bakkerb3dcbc12011-03-13 16:57:25 +000038}
39#endif
40
Paul Bakker5c2364c2012-10-01 14:41:15 +000041#ifndef PUT_UINT32_BE
42#define PUT_UINT32_BE(n,b,i) \
Paul Bakkerb3dcbc12011-03-13 16:57:25 +000043{ \
44 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
45 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
46 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
47 (b)[(i) + 3] = (unsigned char) ( (n) ); \
48}
49#endif
50
Rich Evans4c091142015-02-02 12:04:10 +000051static int unhexify( unsigned char *obuf, const char *ibuf )
Paul Bakker367dae42009-06-28 21:50:27 +000052{
53 unsigned char c, c2;
Rich Evans4c091142015-02-02 12:04:10 +000054 int len = strlen( ibuf ) / 2;
55 assert( strlen( ibuf ) % 2 == 0 ); // must be even number of bytes
Paul Bakker367dae42009-06-28 21:50:27 +000056
Rich Evans4c091142015-02-02 12:04:10 +000057 while( *ibuf != 0 )
Paul Bakker367dae42009-06-28 21:50:27 +000058 {
59 c = *ibuf++;
60 if( c >= '0' && c <= '9' )
61 c -= '0';
62 else if( c >= 'a' && c <= 'f' )
63 c -= 'a' - 10;
64 else if( c >= 'A' && c <= 'F' )
65 c -= 'A' - 10;
66 else
67 assert( 0 );
68
69 c2 = *ibuf++;
70 if( c2 >= '0' && c2 <= '9' )
71 c2 -= '0';
72 else if( c2 >= 'a' && c2 <= 'f' )
73 c2 -= 'a' - 10;
74 else if( c2 >= 'A' && c2 <= 'F' )
75 c2 -= 'A' - 10;
76 else
77 assert( 0 );
78
79 *obuf++ = ( c << 4 ) | c2;
80 }
81
82 return len;
83}
84
Rich Evans42914452015-02-02 12:09:25 +000085static void hexify( unsigned char *obuf, const unsigned char *ibuf, int len )
Paul Bakker367dae42009-06-28 21:50:27 +000086{
87 unsigned char l, h;
88
Rich Evans42914452015-02-02 12:09:25 +000089 while( len != 0 )
Paul Bakker367dae42009-06-28 21:50:27 +000090 {
Rich Evans42914452015-02-02 12:09:25 +000091 h = *ibuf / 16;
92 l = *ibuf % 16;
Paul Bakker367dae42009-06-28 21:50:27 +000093
94 if( h < 10 )
95 *obuf++ = '0' + h;
96 else
97 *obuf++ = 'a' + h - 10;
98
99 if( l < 10 )
100 *obuf++ = '0' + l;
101 else
102 *obuf++ = 'a' + l - 10;
103
104 ++ibuf;
105 len--;
106 }
107}
Paul Bakker9dcc3222011-03-08 14:16:06 +0000108
109/**
Manuel Pégourié-Gonnard0dc5e0d2014-06-13 21:09:26 +0200110 * Allocate and zeroize a buffer.
111 *
112 * If the size if zero, a pointer to a zeroized 1-byte buffer is returned.
113 *
114 * For convenience, dies if allocation fails.
115 */
116static unsigned char *zero_alloc( size_t len )
117{
118 void *p;
Rich Evans42914452015-02-02 12:09:25 +0000119 size_t actual_len = ( len != 0 ) ? len : 1;
Manuel Pégourié-Gonnard0dc5e0d2014-06-13 21:09:26 +0200120
Paul Bakker4d0cfe82014-07-10 14:37:36 +0200121 p = polarssl_malloc( actual_len );
122 assert( p != NULL );
Manuel Pégourié-Gonnard0dc5e0d2014-06-13 21:09:26 +0200123
124 memset( p, 0x00, actual_len );
125
126 return( p );
127}
128
129/**
Manuel Pégourié-Gonnard3d49b9d2014-06-06 14:48:09 +0200130 * Allocate and fill a buffer from hex data.
131 *
132 * The buffer is sized exactly as needed. This allows to detect buffer
133 * overruns (including overreads) when running the test suite under valgrind.
134 *
Manuel Pégourié-Gonnard0dc5e0d2014-06-13 21:09:26 +0200135 * If the size if zero, a pointer to a zeroized 1-byte buffer is returned.
136 *
Manuel Pégourié-Gonnard3d49b9d2014-06-06 14:48:09 +0200137 * For convenience, dies if allocation fails.
138 */
139static unsigned char *unhexify_alloc( const char *ibuf, size_t *olen )
140{
141 unsigned char *obuf;
142
Rich Evans42914452015-02-02 12:09:25 +0000143 *olen = strlen( ibuf ) / 2;
Manuel Pégourié-Gonnard3d49b9d2014-06-06 14:48:09 +0200144
Manuel Pégourié-Gonnard0dc5e0d2014-06-13 21:09:26 +0200145 if( *olen == 0 )
146 return( zero_alloc( *olen ) );
147
Paul Bakker4d0cfe82014-07-10 14:37:36 +0200148 obuf = polarssl_malloc( *olen );
149 assert( obuf != NULL );
Manuel Pégourié-Gonnard3d49b9d2014-06-06 14:48:09 +0200150
151 (void) unhexify( obuf, ibuf );
152
153 return( obuf );
154}
155
156/**
Paul Bakker9dcc3222011-03-08 14:16:06 +0000157 * This function just returns data from rand().
Paul Bakker997bbd12011-03-13 15:45:42 +0000158 * Although predictable and often similar on multiple
159 * runs, this does not result in identical random on
160 * each run. So do not use this if the results of a
161 * test depend on the random data that is generated.
Paul Bakker9dcc3222011-03-08 14:16:06 +0000162 *
163 * rng_state shall be NULL.
164 */
Paul Bakkera3d195c2011-11-27 21:07:34 +0000165static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len )
Paul Bakker9dcc3222011-03-08 14:16:06 +0000166{
Paul Bakkerf96f7b62014-04-30 16:02:38 +0200167#if !defined(__OpenBSD__)
Paul Bakkera3d195c2011-11-27 21:07:34 +0000168 size_t i;
169
Paul Bakker9dcc3222011-03-08 14:16:06 +0000170 if( rng_state != NULL )
171 rng_state = NULL;
172
Paul Bakkera3d195c2011-11-27 21:07:34 +0000173 for( i = 0; i < len; ++i )
174 output[i] = rand();
Paul Bakkerf96f7b62014-04-30 16:02:38 +0200175#else
176 if( rng_state != NULL )
177 rng_state = NULL;
178
179 arc4random_buf( output, len );
180#endif /* !OpenBSD */
Paul Bakkera3d195c2011-11-27 21:07:34 +0000181
182 return( 0 );
Paul Bakker9dcc3222011-03-08 14:16:06 +0000183}
184
185/**
186 * This function only returns zeros
187 *
188 * rng_state shall be NULL.
189 */
Paul Bakkera3d195c2011-11-27 21:07:34 +0000190static int rnd_zero_rand( void *rng_state, unsigned char *output, size_t len )
Paul Bakker9dcc3222011-03-08 14:16:06 +0000191{
192 if( rng_state != NULL )
193 rng_state = NULL;
194
Paul Bakkera3d195c2011-11-27 21:07:34 +0000195 memset( output, 0, len );
196
Paul Bakker9dcc3222011-03-08 14:16:06 +0000197 return( 0 );
198}
199
200typedef struct
201{
202 unsigned char *buf;
Paul Bakkera3d195c2011-11-27 21:07:34 +0000203 size_t length;
Paul Bakker997bbd12011-03-13 15:45:42 +0000204} rnd_buf_info;
Paul Bakker9dcc3222011-03-08 14:16:06 +0000205
206/**
207 * This function returns random based on a buffer it receives.
208 *
Paul Bakker997bbd12011-03-13 15:45:42 +0000209 * rng_state shall be a pointer to a rnd_buf_info structure.
210 *
211 * The number of bytes released from the buffer on each call to
212 * the random function is specified by per_call. (Can be between
213 * 1 and 4)
Paul Bakker9dcc3222011-03-08 14:16:06 +0000214 *
215 * After the buffer is empty it will return rand();
216 */
Paul Bakkera3d195c2011-11-27 21:07:34 +0000217static int rnd_buffer_rand( void *rng_state, unsigned char *output, size_t len )
Paul Bakker9dcc3222011-03-08 14:16:06 +0000218{
Paul Bakker997bbd12011-03-13 15:45:42 +0000219 rnd_buf_info *info = (rnd_buf_info *) rng_state;
Paul Bakkera3d195c2011-11-27 21:07:34 +0000220 size_t use_len;
Paul Bakker9dcc3222011-03-08 14:16:06 +0000221
222 if( rng_state == NULL )
Paul Bakkera3d195c2011-11-27 21:07:34 +0000223 return( rnd_std_rand( NULL, output, len ) );
Paul Bakker9dcc3222011-03-08 14:16:06 +0000224
Paul Bakkera3d195c2011-11-27 21:07:34 +0000225 use_len = len;
226 if( len > info->length )
227 use_len = info->length;
Paul Bakker997bbd12011-03-13 15:45:42 +0000228
Paul Bakkera3d195c2011-11-27 21:07:34 +0000229 if( use_len )
Paul Bakker9dcc3222011-03-08 14:16:06 +0000230 {
Paul Bakkera3d195c2011-11-27 21:07:34 +0000231 memcpy( output, info->buf, use_len );
232 info->buf += use_len;
233 info->length -= use_len;
Paul Bakker9dcc3222011-03-08 14:16:06 +0000234 }
235
Paul Bakkera3d195c2011-11-27 21:07:34 +0000236 if( len - use_len > 0 )
237 return( rnd_std_rand( NULL, output + use_len, len - use_len ) );
238
239 return( 0 );
Paul Bakker9dcc3222011-03-08 14:16:06 +0000240}
Paul Bakker997bbd12011-03-13 15:45:42 +0000241
242/**
243 * Info structure for the pseudo random function
244 *
245 * Key should be set at the start to a test-unique value.
Paul Bakkerb3dcbc12011-03-13 16:57:25 +0000246 * Do not forget endianness!
Paul Bakker997bbd12011-03-13 15:45:42 +0000247 * State( v0, v1 ) should be set to zero.
248 */
249typedef struct
250{
Paul Bakkerb3dcbc12011-03-13 16:57:25 +0000251 uint32_t key[16];
Paul Bakker997bbd12011-03-13 15:45:42 +0000252 uint32_t v0, v1;
253} rnd_pseudo_info;
254
255/**
256 * This function returns random based on a pseudo random function.
257 * This means the results should be identical on all systems.
258 * Pseudo random is based on the XTEA encryption algorithm to
259 * generate pseudorandom.
260 *
261 * rng_state shall be a pointer to a rnd_pseudo_info structure.
262 */
Paul Bakkera3d195c2011-11-27 21:07:34 +0000263static int rnd_pseudo_rand( void *rng_state, unsigned char *output, size_t len )
Paul Bakker997bbd12011-03-13 15:45:42 +0000264{
265 rnd_pseudo_info *info = (rnd_pseudo_info *) rng_state;
Paul Bakkera3d195c2011-11-27 21:07:34 +0000266 uint32_t i, *k, sum, delta=0x9E3779B9;
Manuel Pégourié-Gonnard217a29c2014-01-03 11:59:09 +0100267 unsigned char result[4], *out = output;
Paul Bakker997bbd12011-03-13 15:45:42 +0000268
269 if( rng_state == NULL )
Paul Bakkera3d195c2011-11-27 21:07:34 +0000270 return( rnd_std_rand( NULL, output, len ) );
Paul Bakker997bbd12011-03-13 15:45:42 +0000271
Paul Bakkerb3dcbc12011-03-13 16:57:25 +0000272 k = info->key;
Paul Bakkera3d195c2011-11-27 21:07:34 +0000273
274 while( len > 0 )
Paul Bakker997bbd12011-03-13 15:45:42 +0000275 {
Paul Bakker40dd5302012-05-15 15:02:38 +0000276 size_t use_len = ( len > 4 ) ? 4 : len;
Paul Bakkera3d195c2011-11-27 21:07:34 +0000277 sum = 0;
278
Paul Bakkera3d195c2011-11-27 21:07:34 +0000279 for( i = 0; i < 32; i++ )
280 {
Rich Evans42914452015-02-02 12:09:25 +0000281 info->v0 += ( ( ( info->v1 << 4 ) ^ ( info->v1 >> 5 ) )
282 + info->v1 ) ^ ( sum + k[sum & 3] );
Paul Bakkera3d195c2011-11-27 21:07:34 +0000283 sum += delta;
Rich Evans42914452015-02-02 12:09:25 +0000284 info->v1 += ( ( ( info->v0 << 4 ) ^ ( info->v0 >> 5 ) )
285 + info->v0 ) ^ ( sum + k[( sum>>11 ) & 3] );
Paul Bakkera3d195c2011-11-27 21:07:34 +0000286 }
287
Paul Bakker5c2364c2012-10-01 14:41:15 +0000288 PUT_UINT32_BE( info->v0, result, 0 );
Manuel Pégourié-Gonnard217a29c2014-01-03 11:59:09 +0100289 memcpy( out, result, use_len );
Paul Bakkera3d195c2011-11-27 21:07:34 +0000290 len -= use_len;
Manuel Pégourié-Gonnard217a29c2014-01-03 11:59:09 +0100291 out += 4;
Paul Bakker997bbd12011-03-13 15:45:42 +0000292 }
293
Paul Bakkera3d195c2011-11-27 21:07:34 +0000294 return( 0 );
Paul Bakker997bbd12011-03-13 15:45:42 +0000295}