diff options
| author | Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> | 2017-11-24 15:24:51 +0100 |
|---|---|---|
| committer | Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> | 2017-12-17 23:12:10 +0100 |
| commit | 08a65d9686b131cb4193feaaf1d5cef941fa349c (patch) | |
| tree | 6467db5ba5045774298f462969fb139489953793 /test | |
| parent | a93ba405b0327db9106f8f224112a2b64fb264e7 (diff) | |
Implement automatic reseeding of DRBG after a specified time interval
Every DRBG now supports automatic reseeding not only after a given
number of generate requests, but also after a specified time interval.
Signed-off-by: Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/4402)
Diffstat (limited to 'test')
| -rw-r--r-- | test/drbgtest.c | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/test/drbgtest.c b/test/drbgtest.c index b1fc751cd9..68c169793c 100644 --- a/test/drbgtest.c +++ b/test/drbgtest.c @@ -573,6 +573,7 @@ static int test_drbg_reseed(int expect_success, ) { unsigned char buf[32]; + time_t before_reseed, after_reseed; int expected_state = (expect_success ? DRBG_READY : DRBG_ERROR); /* @@ -595,9 +596,11 @@ static int test_drbg_reseed(int expect_success, */ /* Generate random output from the public and private DRBG */ + before_reseed = expect_master_reseed == 1 ? time(NULL) : 0; if (!TEST_int_eq(RAND_bytes(buf, sizeof(buf)), expect_success) || !TEST_int_eq(RAND_priv_bytes(buf, sizeof(buf)), expect_success)) return 0; + after_reseed = time(NULL); /* @@ -633,6 +636,16 @@ static int test_drbg_reseed(int expect_success, if (!TEST_int_eq(public->reseed_counter, master->reseed_counter) || !TEST_int_eq(private->reseed_counter, master->reseed_counter)) return 0; + + /* Test whether reseed time of master DRBG is set correctly */ + if (!TEST_time_t_le(before_reseed, master->reseed_time) + || !TEST_time_t_le(master->reseed_time, after_reseed)) + return 0; + + /* Test whether reseed times of child DRBGs are synchronized with master */ + if (!TEST_time_t_ge(public->reseed_time, master->reseed_time) + || !TEST_time_t_ge(private->reseed_time, master->reseed_time)) + return 0; } else { ERR_clear_error(); } |