TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mcuboot / f6f652e204d66bc73e34dec569574b299b68542f / . / ext / tinycrypt / tests / test_ctr_prng.c
blob: e95f7f1ab72d8b2c9d68723e1dfd652380cb65d7 [file] [log] [blame]
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]1/* test_ctr_prng.c - TinyCrypt implementation of some CTR-PRNG tests */
2
3/*
4 * Copyright (c) 2016, Chris Morrison, All Rights Reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions are met:
8 *
9 * * Redistributions of source code must retain the above copyright notice, this
10 * list of conditions and the following disclaimer.
11 *
12 * * Redistributions in binary form must reproduce the above copyright notice,
13 * this list of conditions and the following disclaimer in the documentation
14 * and/or other materials provided with the distribution.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
17 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
20 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
21 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
22 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
23 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
24 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
25 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
26 * POSSIBILITY OF SUCH DAMAGE.
27 */
28
29/*
30 DESCRIPTION
31 This module tests the CTR-PRNG routines
32*/
33
34#include <tinycrypt/ctr_prng.h>
35#include <tinycrypt/aes.h>
36#include <tinycrypt/constants.h>
37#include <test_utils.h>
38
39
40#include <stdio.h>
41#include <stdlib.h>
42#include <string.h>
43
44/* utility function to convert hex character representation to their nibble (4 bit) values */
45static uint8_t nibbleFromChar(char c)
46{
47 if(c >= '0' && c <= '9') return c - '0';
48 if(c >= 'a' && c <= 'f') return c - 'a' + 10U;
49 if(c >= 'A' && c <= 'F') return c - 'A' + 10U;
50 return 255U;
51}
52
53/*
54 * Convert a string of characters representing a hex buffer into a series of
55 * bytes of that real value
56 */
57uint8_t *hexStringToBytes(char *inhex)
58{
59 uint8_t *retval;
60 uint8_t *p;
61 int len, i;
62
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]63 len = strlen(inhex) / 2;
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]64 retval = (uint8_t *)malloc(len+1);
65 for(i=0, p = (uint8_t *) inhex; i<len; i++) {
66 retval[i] = (nibbleFromChar(*p) << 4) | nibbleFromChar(*(p+1));
67 p += 2;
68 }
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]69 retval[len] = 0;
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]70 return retval;
71}
72
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]73typedef struct {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]74 char * entropyString;
75 char * personalizationString; /* may be null */
76 char * additionalInputString1; /* may be null */
77 char * additionalInputString2; /* may be null */
78 char * expectedString;
79} PRNG_Vector;
80
81/* vectors taken from NIST CAVS 14.3 CTR_DRBG.rsp */
82PRNG_Vector vectors[] = {
83 /*
84 * AES-128 no df, PredictionResistance = False, EntropyInputLen = 256,
85 * NonceLen = 0, PersonalizationStringLen = 0, AdditionalInputLen = 0,
86 * ReturnedBitsLen = 512
87 */
88 { /* Count 0 */
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]89 "ce50f33da5d4c1d3d4004eb35244b7f2cd7f2e5076fbf6780a7ff634b249a5fc",
90 0,
91 0,
92 0,
93 "6545c0529d372443b392ceb3ae3a99a30f963eaf313280f1d1a1e87f9db373d361e75d18018266499cccd64d9bbb8de0185f213383080faddec46bae1f784e5a",
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]94 },
95
96 { /* Count 1 */
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]97 "a385f70a4d450321dfd18d8379ef8e7736fee5fbf0a0aea53b76696094e8aa93",
98 0,
99 0,
100 0,
101 "1a062553ab60457ed1f1c52f5aca5a3be564a27545358c112ed92c6eae2cb7597cfcc2e0a5dd81c5bfecc941da5e8152a9010d4845170734676c8c1b6b3073a5",
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]102 },
103
104 /*
105 * AES-128 no df, PredictionResistance = False, EntropyInputLen = 256,
106 * NonceLen = 0, PersonalizationStringLen = 0, AdditionalInputLen = 256,
107 * ReturnedBitsLen = 512
108 */
109 { /* Count 0 */
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]110 "6bd4f2ae649fc99350951ff0c5d460c1a9214154e7384975ee54b34b7cae0704",
111 0,
112 "ecd4893b979ac92db1894ae3724518a2f78cf2dbe2f6bbc6fda596df87c7a4ae",
113 "b23e9188687c88768b26738862c4791fa52f92502e1f94bf66af017c4228a0dc",
114 "5b2bf7a5c60d8ab6591110cbd61cd387b02de19784f496d1a109123d8b3562a5de2dd6d5d1aef957a6c4f371cecd93c15799d82e34d6a0dba7e915a27d8e65f3",
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]115 },
116
117 { /* Count 1 */
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]118 "e2addbde2a76e769fc7aa3f45b31402f482b73bbe7067ad6254621f06d3ef68b",
119 0,
120 "ad11643b019e31245e4ea41f18f7680458310580fa6efad275c5833e7f800dae",
121 "b5d849616b3123c9725d188cd0005003220768d1200f9e7cc29ef6d88afb7b9a",
122 "132d0d50c8477a400bb8935be5928f916a85da9ffcf1a8f6e9f9a14cca861036cda14cf66d8953dab456b632cf687cd539b4b807926561d0b3562b9d3334fb61",
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]123 },
124
125 /*
126 * AES-128 no df, PredictionResistance = False, EntropyInputLen = 256,
127 * NonceLen = 0, PersonalizationStringLen = 256, AdditionalInputLen = 0,
128 * ReturnedBitsLen = 512
129 */
130 { /* Count 0 */
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]131 "cee23de86a69c7ef57f6e1e12bd16e35e51624226fa19597bf93ec476a44b0f2",
132 "a2ef16f226ea324f23abd59d5e3c660561c25e73638fe21c87566e86a9e04c3e",
133 0,
134 0,
135 "2a76d71b329f449c98dc08fff1d205a2fbd9e4ade120c7611c225c984eac8531288dd3049f3dc3bb3671501ab8fbf9ad49c86cce307653bd8caf29cb0cf07764",
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]136 },
137
138 { /* Count 1 */
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]139 "b09eb4a82a39066ec945bb7c6aef6a0682a62c3e674bd900297d4271a5f25b49",
140 "a3b768adcfe76d61c972d900da8dffeeb2a42e740247aa719ed1c924d2d10bd4",
141 0,
142 0,
143 "5a1c26803f3ffd4daf32042fdcc32c3812bb5ef13bc208cef82ea047d2890a6f5dcecf32bcc32a2585775ac5e1ffaa8de00664c54fe00a7674b985619e953c3a",
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]144 },
145
146 /*
147 * AES-128 no df, PredictionResistance = False, EntropyInputLen = 256,
148 * NonceLen = 0, PersonalizationStringLen = 256, AdditionalInputLen = 256,
149 * ReturnedBitsLen = 512
150 */
151 { /* Count 0 */
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]152 "50b96542a1f2b8b05074051fe8fb0e45adbbd5560e3594e12d485fe1bfcb741f",
153 "820c3030f97b3ead81a93b88b871937278fd3d711d2085d9280cba394673b17e",
154 "1f1632058806d6d8e231288f3b15a3c324e90ccef4891bd595f09c3e80e27469",
155 "5cadc8bfd86d2a5d44f921f64c7d153001b9bdd7caa6618639b948ebfad5cb8a",
156 "02b76a66f103e98d450e25e09c35337747d987471d2b3d81e03be24c7e985417a32acd72bc0a6eddd9871410dacb921c659249b4e2b368c4ac8580fb5db559bc",
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]157 },
158
159 { /* Count 1 */
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]160 "ff5f4b754e8b364f6df0c5effba5f1c036de49c4b38cd8d230ee1f14d7234ef5",
161 "994eb339f64034005d2e18352899e77df446e285c3430631d557498aac4f4280",
162 "e1824832d5fc2a6dea544cac2ab73306d6566bde98cc8f9425d064b860a9b218",
163 "c08b42433a78fd393a34ffc24724d479af08c36882799c134165d98b2866dc0a",
164 "1efa34aed07dd57bde9741b8d1907d28e8c1ac71601df37ef4295e6ffb67f6a1c4c13e5def65d505e2408aeb82948999ca1f9c9113b99a6b59ff7f0cc3dc6e92",
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]165 },
166
167 /*
168 * AES-128 no df, PredictionResistance = False, EntropyInputLen = 256,
169 * NonceLen = 0, PersonalizationStringLen = 0, AdditionalInputLen = 0,
170 * ReturnedBitsLen = 512
171 */
172 { /* Count 0 */
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]173 "69a09f6bf5dda15cd4af29e14cf5e0cddd7d07ac39bba587f8bc331104f9c448",
174 0,
175 0,
176 0,
177 "f78a4919a6ec899f7b6c69381febbbe083315f3d289e70346db0e4ec4360473ae0b3d916e9b6b964309f753ed66ae59de48da316cc1944bc8dfd0e2575d0ff6d",
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]178 },
179
180 { /* Count 1 */
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]181 "80bfbd340d79888f34f043ed6807a9f28b72b6644d9d9e9d777109482b80788a",
182 0,
183 0,
184 0,
185 "80db048d2f130d864b19bfc547c92503e580cb1a8e1f74f3d97fdda6501fb1aa81fcedac0dd18b6ccfdc183ca28a44fc9f3a08834ba8751a2f4495367c54a185",
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]186 },
187
188 /*
189 * AES-128 no df, PredictionResistance = False, EntropyInputLen = 256,
190 * NonceLen = 0, PersonalizationStringLen = 0, AdditionalInputLen = 256,
191 * ReturnedBitsLen = 512
192 */
193 { /* Count 0 */
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]194 "7f40804693552e317523fda6935a5bc814353b1fbb7d334964ac4d1d12ddccce",
195 0,
196 "95c04259f64fcd1fe00c183aa3fb76b8a73b4d1243b800d770e38515bc41143c",
197 "5523102dbd7fe1228436b91a765b165ae6405eb0236e237afad4759cf0888941",
198 "1abf6bccb4c2d64e5187b1e2e34e493eca204ee4eef0d964267e38228f5f20efba376430a266f3832916d0a45b2703f46401dfd145e447a0a1667ebd8b6ee748",
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]199 },
200
201 { /* Count 1 */
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]202 "350df677409a1dc297d01d3716a2abdfa6272cd030ab75f76839648582b47113",
203 0,
204 "ba5709a12ae6634a5436b7ea06838b48f7b847a237f6654a0e27c776ebee9511",
205 "f1b2c717c5e3a934127e10471d67accc65f4a45010ca53b35f54c88833dbd8e7",
206 "1ef1ea279812e8abe54f7ffd12d04c80ae40741f4ccfe232a5fba3a78dfd3e2ed419b88ee9188df724160cbb3aea0f276e84a3c0ff01e3b89fe30ebcfa64cb86",
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]207 },
208
209 /*
210 * AES-128 no df, PredictionResistance = False, EntropyInputLen = 256,
211 * NonceLen = 0, PersonalizationStringLen = 256, AdditionalInputLen = 0,
212 * ReturnedBitsLen = 512
213 */
214 { /* Count 0 */
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]215 "3fef762f0aa0677f61c65d749eeb10b013ff68ccc6314f150cfee752dcd8f987",
216 "f56db099240c7590dac396372b8737404d418b2864a3df96a8a397967245735f",
217 0,
218 0,
219 "af0afe0837442136fbb1959a1c91a9291c1d8188ede07c67d0e4dd6541303415e7a67999c302ba0df555324c26077514592a9b6db6be2f153fad2250161164e4",
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]220 },
221
222 { /* Count 1 */
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]223 "3eebe77db4631862e3eb7e39370515b8baa1cdd71a5b1b0cda79c14d0b5f48ea",
224 "4be56a9b9c21242739c985ef12aa4d98e8c7da07c4c1dc6829f2e06833cfa148",
225 0,
226 0,
227 "be9e18a753df261927473c8bb5fb7c3ea6e821df5ab49adc566a4ebf44f75fa825b1f9d8c154bcd469134c0bb688e07e3c3e45407ca350d540e1528cc2e64068",
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]228 },
229
230 /*
231 * AES-128 no df, PredictionResistance = False, EntropyInputLen = 256,
232 * NonceLen = 0, PersonalizationStringLen = 256, AdditionalInputLen = 256,
233 * ReturnedBitsLen = 512
234 */
235 { /* Count 0 */
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]236 "c129c2732003bbf1d1dec244a933cd04cb47199bbce98fe080a1be880afb2155",
237 "64e2b9ac5c20642e3e3ee454b7463861a7e93e0dd1bbf8c4a0c28a6cb3d811ba",
238 "f94f0975760d52f47bd490d1623a9907e4df701f601cf2d573aba803a29d2b51",
239 "6f99720b186e2028a5fcc586b3ea518458e437ff449c7c5a318e6d13f75b5db7",
240 "7b8b3378b9031ab3101cec8af5b8ba5a9ca2a9af41432cd5f2e5e19716140bb219ed7f4ba88fc37b2d7e146037d2cac1128ffe14131c8691e581067a29cacf80",
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]241 },
242
243 { /* Count 1 */
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]244 "7667643670254b3530e80a17b16b22406e84efa6a4b5ceef3ebc877495fc6048",
245 "40b92969953acde756747005117e46eff6893d7132a8311ffb1062280367326b",
246 "797a02ffbe8ff2c94ed0e5d39ebdc7847adaa762a88238242ed8f71f5635b194",
247 "d617f0f0e609e90d814192ba2e5214293d485402cdf9f789cc78b05e8c374f18",
248 "e8d6f89dca9825aed8927b43187492a98ca8648db30f0ac709556d401a8ac2b959c81350fc64332c4c0deb559a286a72e65dbb462bd872f9b28c0728f353dc10",
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]249 }
250};
251
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]252static unsigned int executePRNG_TestVector(PRNG_Vector vector, unsigned int idx)
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]253{
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]254 unsigned int result = TC_PASS;
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]255 uint8_t * entropy = hexStringToBytes(vector.entropyString);
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]256 unsigned int entropylen = strlen(vector.entropyString) / 2U;
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]257
258 uint8_t * expected = hexStringToBytes(vector.expectedString);
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]259 unsigned int expectedlen = strlen(vector.expectedString) / 2U;
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]260
261 uint8_t * personalization = 0;
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]262 unsigned int plen = 0U;
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]263
264 uint8_t * additional_input1 = 0;
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]265 unsigned int additionallen1 = 0U;
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]266
267 uint8_t * additional_input2 = 0;
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]268 unsigned int additionallen2 = 0U;
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]269
270 uint8_t * output = (uint8_t *)malloc(expectedlen);
271
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]272 unsigned int i;
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]273 TCCtrPrng_t ctx;
274
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]275 if (0 != vector.personalizationString) {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]276 personalization = hexStringToBytes(vector.personalizationString);
277 plen = strlen(vector.personalizationString) / 2U;
278 }
279
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]280 if (0 != vector.additionalInputString1) {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]281 additional_input1 = hexStringToBytes(vector.additionalInputString1);
282 additionallen1 = strlen(vector.additionalInputString1) / 2U;
283 }
284
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]285 if (0 != vector.additionalInputString2) {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]286 additional_input2 = hexStringToBytes(vector.additionalInputString2);
287 additionallen2 = strlen(vector.additionalInputString2) / 2U;
288 }
289
290 (void)tc_ctr_prng_init(&ctx, entropy, entropylen, personalization, plen);
291
292 (void)tc_ctr_prng_generate(&ctx, additional_input1, additionallen1, output, expectedlen);
293 (void)tc_ctr_prng_generate(&ctx, additional_input2, additionallen2, output, expectedlen);
294
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]295 for (i = 0U; i < expectedlen; i++) {
296 if (output[i] != expected[i]) {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]297 TC_ERROR("CTR PRNG test #%d failed\n", idx);
298 result = TC_FAIL;
299 break;
300 }
301 }
302
303 free(entropy);
304 free(expected);
305 free(personalization);
306 free(additional_input1);
307 free(additional_input2);
308 free(output);
309
310 return result;
311}
312
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]313static int test_reseed(void)
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]314{
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]315 int result = TC_PASS;
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]316 uint8_t entropy[32U] = {0U}; /* value not important */
317 uint8_t additional_input[32] = {0U};
318 uint8_t output[32];
319 TCCtrPrng_t ctx;
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]320 int ret;
321 unsigned int i;
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]322
323 (void)tc_ctr_prng_init(&ctx, entropy, sizeof entropy, 0, 0U);
324
325 /* force internal state to max allowed count */
326 ctx.reseedCount = 0x1000000000000ULL;
327
328 ret = tc_ctr_prng_generate(&ctx, 0, 0, output, sizeof output);
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]329 if (1 != ret) {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]330 result = TC_FAIL;
331 goto exitTest;
332 }
333
334 /* expect further attempts to fail due to reaching reseed threshold */
335 ret = tc_ctr_prng_generate(&ctx, 0, 0, output, sizeof output);
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]336 if (-1 != ret) {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]337 result = TC_FAIL;
338 goto exitTest;
339 }
340
341 /* reseed and confirm generate works again */
342 /* make entropy different from original value - not really important for the purpose of this test */
343 memset(entropy, 0xFF, sizeof entropy);
344 ret = tc_ctr_prng_reseed(&ctx, entropy, sizeof entropy, additional_input, sizeof additional_input);
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]345 if (1 != ret) {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]346 result = TC_FAIL;
347 goto exitTest;
348 }
349
350 ret = tc_ctr_prng_generate(&ctx, 0, 0, output, sizeof output);
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]351 if (1 != ret) {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]352 result = TC_FAIL;
353 goto exitTest;
354 }
355
356 /* confirm entropy and additional_input are being used correctly */
357 /* first, entropy only */
358 memset(&ctx, 0x0, sizeof ctx);
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]359 for (i = 0U; i < sizeof entropy; i++) {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]360 entropy[i] = i;
361 }
362 ret = tc_ctr_prng_reseed(&ctx, entropy, sizeof entropy, 0, 0U);
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]363 if (1 != ret) {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]364 result = TC_FAIL;
365 goto exitTest;
366 }
367 {
368 uint8_t expectedV[] =
369 {0x7EU, 0xE3U, 0xA0U, 0xCBU, 0x6DU, 0x5CU, 0x4BU, 0xC2U,
370 0x4BU, 0x7EU, 0x3CU, 0x48U, 0x88U, 0xC3U, 0x69U, 0x70U};
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]371 for (i = 0U; i < sizeof expectedV; i++) {
372 if (ctx.V[i] != expectedV[i]) {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]373 result = TC_FAIL;
374 goto exitTest;
375 }
376 }
377 }
378
379 /* now, entropy and additional_input */
380 memset(&ctx, 0x0, sizeof ctx);
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]381 for (i = 0U; i < sizeof additional_input; i++) {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]382 additional_input[i] = i * 2U;
383 }
384 ret = tc_ctr_prng_reseed(&ctx, entropy, sizeof entropy, additional_input, sizeof additional_input);
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]385 if (1 != ret) {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]386 result = TC_FAIL;
387 goto exitTest;
388 }
389 {
390 uint8_t expectedV[] =
391 {0x5EU, 0xC1U, 0x84U, 0xEDU, 0x45U, 0x76U, 0x67U, 0xECU,
392 0x7BU, 0x4CU, 0x08U, 0x7EU, 0xB0U, 0xF9U, 0x55U, 0x4EU};
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]393 for (i = 0U; i < sizeof expectedV; i++) {
394 if (ctx.V[i] != expectedV[i]) {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]395 result = TC_FAIL;
396 goto exitTest;
397 }
398 }
399 }
400
401 exitTest:
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]402 if (TC_FAIL == result) {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]403 TC_ERROR("CTR PRNG reseed tests failed\n");
404 }
405 return result;
406}
407
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]408static int test_uninstantiate(void)
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]409{
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]410 unsigned int i;
411 int result = TC_PASS;
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]412 uint8_t entropy[32U] = {0U}; /* value not important */
413 TCCtrPrng_t ctx;
414
415 (void)tc_ctr_prng_init(&ctx, entropy, sizeof entropy, 0, 0U);
416
417 tc_ctr_prng_uninstantiate(&ctx);
418 /* show that state has been zeroised */
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]419 for (i = 0U; i < sizeof ctx.V; i++) {
420 if (0U != ctx.V[i]) {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]421 TC_ERROR("CTR PRNG uninstantiate tests failed\n");
422 result = TC_FAIL;
423 break;
424 }
425 }
426
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]427 for (i = 0U; i < sizeof ctx.key.words / sizeof ctx.key.words[0]; i++) {
428 if (0U != ctx.key.words[i]) {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]429 TC_ERROR("CTR PRNG uninstantiate tests failed\n");
430 result = TC_FAIL;
431 break;
432 }
433 }
434
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]435 if (0U != ctx.reseedCount) {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]436 TC_ERROR("CTR PRNG uninstantiate tests failed\n");
437 result = TC_FAIL;
438 }
439
440 return result;
441}
442
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]443static int test_robustness(void)
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]444{
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]445 int result = TC_PASS;
446 int ret;
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]447 uint8_t entropy[32U] = {0U}; /* value not important */
448 uint8_t output[32];
449 TCCtrPrng_t ctx;
450
451
452 /* show that the CTR PRNG is robust to invalid inputs */
453 tc_ctr_prng_uninstantiate(0);
454
455 ret = tc_ctr_prng_generate(&ctx, 0, 0, 0, 0);
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]456 if (0 != ret) {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]457 result = TC_FAIL;
458 goto exitTest;
459 }
460
461 ret = tc_ctr_prng_generate(0, 0, 0, output, sizeof output);
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]462 if (0 != ret) {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]463 result = TC_FAIL;
464 goto exitTest;
465 }
466
467 ret = tc_ctr_prng_generate(0, 0, 0, 0, 0);
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]468 if (0 != ret) {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]469 result = TC_FAIL;
470 goto exitTest;
471 }
472
473 ret = tc_ctr_prng_reseed(&ctx, 0, 0, 0, 0);
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]474 if (0 != ret) {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]475 result = TC_FAIL;
476 goto exitTest;
477 }
478
479 /* too little entropy */
480 ret = tc_ctr_prng_reseed(&ctx, entropy, (sizeof entropy) - 1U, 0, 0);
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]481 if (0 != ret) {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]482 result = TC_FAIL;
483 goto exitTest;
484 }
485
486 ret = tc_ctr_prng_reseed(0, entropy, sizeof entropy, 0, 0);
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]487 if (0 != ret) {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]488 result = TC_FAIL;
489 goto exitTest;
490 }
491
492 ret = tc_ctr_prng_reseed(0, 0, 0, 0, 0);
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]493 if (0 != ret) {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]494 result = TC_FAIL;
495 goto exitTest;
496 }
497
498 ret = tc_ctr_prng_init(&ctx, 0, 0, 0, 0);
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]499 if (0 != ret) {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]500 result = TC_FAIL;
501 goto exitTest;
502 }
503
504 /* too little entropy */
505 ret = tc_ctr_prng_init(&ctx, entropy, (sizeof entropy) - 1U, 0, 0);
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]506 if (0 != ret) {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]507 result = TC_FAIL;
508 goto exitTest;
509 }
510
511 ret = tc_ctr_prng_init(0, entropy, sizeof entropy, 0, 0);
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]512 if (0 != ret) {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]513 result = TC_FAIL;
514 goto exitTest;
515 }
516
517 ret = tc_ctr_prng_init(0, 0, 0, 0, 0);
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]518 if (0 != ret) {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]519 result = TC_FAIL;
520 goto exitTest;
521 }
522
523 exitTest:
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]524 if (TC_FAIL == result) {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]525 TC_ERROR("CTR PRNG reseed tests failed\n");
526 }
527
528
529 return result;
530}
531
532/*
533 * Main task to test CTR PRNG
534 */
535int main(void)
536{
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]537 int result = TC_PASS;
538 unsigned int i;
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]539 TC_START("Performing CTR-PRNG tests:");
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]540 for (i = 0U; i < sizeof vectors / sizeof vectors[0]; i++) {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]541 result = executePRNG_TestVector(vectors[i], i);
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]542 if (TC_PASS != result) {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]543 goto exitTest;
544 }
545 }
546
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]547 if (TC_PASS != test_reseed()) {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]548 goto exitTest;
549 }
550
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]551 if (TC_PASS != test_uninstantiate()) {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]552 goto exitTest;
553 }
554
Fabio Utzig3efe6b62017-09-22 16:03:24 -0300[diff] [blame]555 if (TC_PASS != test_robustness()) {
David Brownfecda2d2017-09-07 10:20:34 -0600[diff] [blame]556 goto exitTest;
557 }
558
559 TC_PRINT("All CTR PRNG tests succeeded!\n");
560
561 exitTest:
562 TC_END_RESULT(result);
563 TC_END_REPORT(result);
564
565}