summaryrefslogtreecommitdiffstats
path: root/test/drbgtest.c
diff options
context:
space:
mode:
Diffstat (limited to 'test/drbgtest.c')
-rw-r--r--test/drbgtest.c164
1 files changed, 141 insertions, 23 deletions
diff --git a/test/drbgtest.c b/test/drbgtest.c
index c1887d659d..4e0c76fc49 100644
--- a/test/drbgtest.c
+++ b/test/drbgtest.c
@@ -99,6 +99,10 @@ typedef struct drbg_selftest_data_st {
#define make_drbg_test_data_no_df(nid, pr, p) \
make_drbg_test_data(nid, RAND_DRBG_FLAG_CTR_NO_DF, pr, p)
+#define make_drbg_test_data_hash(nid, pr, p) \
+ make_drbg_test_data(nid, RAND_DRBG_FLAG_HMAC, hmac_##pr, p), \
+ make_drbg_test_data(nid, 0, pr, p)
+
static DRBG_SELFTEST_DATA drbg_test[] = {
make_drbg_test_data_no_df (NID_aes_128_ctr, aes_128_no_df, 0),
make_drbg_test_data_no_df (NID_aes_192_ctr, aes_192_no_df, 0),
@@ -106,6 +110,11 @@ static DRBG_SELFTEST_DATA drbg_test[] = {
make_drbg_test_data_use_df(NID_aes_128_ctr, aes_128_use_df, 0),
make_drbg_test_data_use_df(NID_aes_192_ctr, aes_192_use_df, 0),
make_drbg_test_data_use_df(NID_aes_256_ctr, aes_256_use_df, 1),
+ make_drbg_test_data_hash(NID_sha1, sha1, 0),
+ make_drbg_test_data_hash(NID_sha224, sha224, 0),
+ make_drbg_test_data_hash(NID_sha256, sha256, 1),
+ make_drbg_test_data_hash(NID_sha384, sha384, 0),
+ make_drbg_test_data_hash(NID_sha512, sha512, 0),
};
static int app_data_index;
@@ -283,10 +292,10 @@ static int error_check(DRBG_SELFTEST_DATA *td)
RAND_DRBG *drbg = NULL;
TEST_CTX t;
unsigned char buff[1024];
- unsigned int generate_counter_tmp;
+ unsigned int reseed_counter_tmp;
int ret = 0;
- if (!TEST_ptr(drbg = RAND_DRBG_new(0, 0, NULL)))
+ if (!TEST_ptr(drbg = RAND_DRBG_new(td->nid, td->flags, NULL)))
goto err;
/*
@@ -302,7 +311,7 @@ static int error_check(DRBG_SELFTEST_DATA *td)
* Entropy source tests
*/
- /* Test entropy source failure detecion: i.e. returns no data */
+ /* Test entropy source failure detection: i.e. returns no data */
t.entropylen = 0;
if (TEST_int_le(RAND_DRBG_instantiate(drbg, td->pers, td->perslen), 0))
goto err;
@@ -378,15 +387,15 @@ static int error_check(DRBG_SELFTEST_DATA *td)
/* Instantiate again with valid data */
if (!instantiate(drbg, td, &t))
goto err;
- generate_counter_tmp = drbg->generate_counter;
- drbg->generate_counter = drbg->reseed_interval;
+ reseed_counter_tmp = drbg->reseed_gen_counter;
+ drbg->reseed_gen_counter = drbg->reseed_interval;
/* Generate output and check entropy has been requested for reseed */
t.entropycnt = 0;
if (!TEST_true(RAND_DRBG_generate(drbg, buff, td->exlen, 0,
td->adin, td->adinlen))
|| !TEST_int_eq(t.entropycnt, 1)
- || !TEST_int_eq(drbg->generate_counter, generate_counter_tmp + 1)
+ || !TEST_int_eq(drbg->reseed_gen_counter, reseed_counter_tmp + 1)
|| !uninstantiate(drbg))
goto err;
@@ -403,15 +412,15 @@ static int error_check(DRBG_SELFTEST_DATA *td)
/* Test reseed counter works */
if (!instantiate(drbg, td, &t))
goto err;
- generate_counter_tmp = drbg->generate_counter;
- drbg->generate_counter = drbg->reseed_interval;
+ reseed_counter_tmp = drbg->reseed_gen_counter;
+ drbg->reseed_gen_counter = drbg->reseed_interval;
/* Generate output and check entropy has been requested for reseed */
t.entropycnt = 0;
if (!TEST_true(RAND_DRBG_generate(drbg, buff, td->exlen, 0,
td->adin, td->adinlen))
|| !TEST_int_eq(t.entropycnt, 1)
- || !TEST_int_eq(drbg->generate_counter, generate_counter_tmp + 1)
+ || !TEST_int_eq(drbg->reseed_gen_counter, reseed_counter_tmp + 1)
|| !uninstantiate(drbg))
goto err;
@@ -591,14 +600,14 @@ static int test_drbg_reseed(int expect_success,
*/
/* Test whether seed propagation is enabled */
- if (!TEST_int_ne(master->reseed_counter, 0)
- || !TEST_int_ne(public->reseed_counter, 0)
- || !TEST_int_ne(private->reseed_counter, 0))
+ if (!TEST_int_ne(master->reseed_prop_counter, 0)
+ || !TEST_int_ne(public->reseed_prop_counter, 0)
+ || !TEST_int_ne(private->reseed_prop_counter, 0))
return 0;
/* Check whether the master DRBG's reseed counter is the largest one */
- if (!TEST_int_le(public->reseed_counter, master->reseed_counter)
- || !TEST_int_le(private->reseed_counter, master->reseed_counter))
+ if (!TEST_int_le(public->reseed_prop_counter, master->reseed_prop_counter)
+ || !TEST_int_le(private->reseed_prop_counter, master->reseed_prop_counter))
return 0;
/*
@@ -643,8 +652,8 @@ static int test_drbg_reseed(int expect_success,
if (expect_success == 1) {
/* Test whether all three reseed counters are synchronized */
- if (!TEST_int_eq(public->reseed_counter, master->reseed_counter)
- || !TEST_int_eq(private->reseed_counter, master->reseed_counter))
+ if (!TEST_int_eq(public->reseed_prop_counter, master->reseed_prop_counter)
+ || !TEST_int_eq(private->reseed_prop_counter, master->reseed_prop_counter))
return 0;
/* Test whether reseed time of master DRBG is set correctly */
@@ -723,7 +732,7 @@ static int test_rand_reseed(void)
* Test whether the public and private DRBG are both reseeded when their
* reseed counters differ from the master's reseed counter.
*/
- master->reseed_counter++;
+ master->reseed_prop_counter++;
if (!TEST_true(test_drbg_reseed(1, master, public, private, 0, 1, 1)))
goto error;
reset_drbg_hook_ctx();
@@ -732,8 +741,8 @@ static int test_rand_reseed(void)
* Test whether the public DRBG is reseeded when its reseed counter differs
* from the master's reseed counter.
*/
- master->reseed_counter++;
- private->reseed_counter++;
+ master->reseed_prop_counter++;
+ private->reseed_prop_counter++;
if (!TEST_true(test_drbg_reseed(1, master, public, private, 0, 1, 0)))
goto error;
reset_drbg_hook_ctx();
@@ -742,8 +751,8 @@ static int test_rand_reseed(void)
* Test whether the private DRBG is reseeded when its reseed counter differs
* from the master's reseed counter.
*/
- master->reseed_counter++;
- public->reseed_counter++;
+ master->reseed_prop_counter++;
+ public->reseed_prop_counter++;
if (!TEST_true(test_drbg_reseed(1, master, public, private, 0, 0, 1)))
goto error;
reset_drbg_hook_ctx();
@@ -765,7 +774,7 @@ static int test_rand_reseed(void)
* Test whether none of the DRBGs is reseed if the master fails to reseed
*/
master_ctx.fail = 1;
- master->reseed_counter++;
+ master->reseed_prop_counter++;
RAND_add(rand_add_buf, sizeof(rand_add_buf), sizeof(rand_add_buf));
if (!TEST_true(test_drbg_reseed(0, master, public, private, 0, 0, 0)))
goto error;
@@ -921,7 +930,7 @@ static int test_rand_add(void)
master->get_entropy = get_pool_entropy;
master->cleanup_entropy = cleanup_pool_entropy;
- master->reseed_counter++;
+ master->reseed_prop_counter++;
RAND_DRBG_uninstantiate(master);
memset(rand_add_buf, 0xCD, sizeof(rand_add_buf));
RAND_add(rand_add_buf, sizeof(rand_add_buf), sizeof(rand_add_buf));
@@ -936,6 +945,113 @@ error:
return rv;
}
+static int test_multi_set(void)
+{
+ int rv = 0;
+ RAND_DRBG *drbg = NULL;
+
+ /* init drbg with default CTR initializer */
+ if (!TEST_ptr(drbg = RAND_DRBG_new(0, 0, NULL)))
+ goto err;
+ /* change it to use hmac */
+ if (!TEST_true(RAND_DRBG_set(drbg, NID_sha1, RAND_DRBG_FLAG_HMAC)))
+ goto err;
+ /* use same type */
+ if (!TEST_true(RAND_DRBG_set(drbg, NID_sha1, RAND_DRBG_FLAG_HMAC)))
+ goto err;
+ /* change it to use hash */
+ if (!TEST_true(RAND_DRBG_set(drbg, NID_sha256, 0)))
+ goto err;
+ /* use same type */
+ if (!TEST_true(RAND_DRBG_set(drbg, NID_sha256, 0)))
+ goto err;
+ /* change it to use ctr */
+ if (!TEST_true(RAND_DRBG_set(drbg, NID_aes_192_ctr, 0)))
+ goto err;
+ /* use same type */
+ if (!TEST_true(RAND_DRBG_set(drbg, NID_aes_192_ctr, 0)))
+ goto err;
+ if (!TEST_int_gt(RAND_DRBG_instantiate(drbg, NULL, 0), 0))
+ goto err;
+
+ rv = 1;
+err:
+ uninstantiate(drbg);
+ RAND_DRBG_free(drbg);
+ return rv;
+}
+
+static int test_set_defaults(void)
+{
+ RAND_DRBG *master, *public, *private;
+
+ master = RAND_DRBG_get0_master();
+ public = RAND_DRBG_get0_public();
+ private = RAND_DRBG_get0_private();
+
+ /* Check the default type and flags for master, public and private */
+ return TEST_int_eq(master->type, RAND_DRBG_TYPE)
+ && TEST_int_eq(master->flags,
+ RAND_DRBG_FLAGS | RAND_DRBG_FLAG_MASTER)
+ && TEST_int_eq(public->type, RAND_DRBG_TYPE)
+ && TEST_int_eq(public->flags,
+ RAND_DRBG_FLAGS | RAND_DRBG_FLAG_PUBLIC)
+ && TEST_int_eq(private->type, RAND_DRBG_TYPE)
+ && TEST_int_eq(private->flags,
+ RAND_DRBG_FLAGS | RAND_DRBG_FLAG_PRIVATE)
+
+ /* change master DRBG and check again */
+ && TEST_true(RAND_DRBG_set_defaults(NID_sha256,
+ RAND_DRBG_FLAG_MASTER))
+ && TEST_true(RAND_DRBG_uninstantiate(master))
+ && TEST_int_eq(master->type, NID_sha256)
+ && TEST_int_eq(master->flags, RAND_DRBG_FLAG_MASTER)
+ && TEST_int_eq(public->type, RAND_DRBG_TYPE)
+ && TEST_int_eq(public->flags,
+ RAND_DRBG_FLAGS | RAND_DRBG_FLAG_PUBLIC)
+ && TEST_int_eq(private->type, RAND_DRBG_TYPE)
+ && TEST_int_eq(private->flags,
+ RAND_DRBG_FLAGS | RAND_DRBG_FLAG_PRIVATE)
+ /* change private DRBG and check again */
+ && TEST_true(RAND_DRBG_set_defaults(NID_sha256,
+ RAND_DRBG_FLAG_PRIVATE|RAND_DRBG_FLAG_HMAC))
+ && TEST_true(RAND_DRBG_uninstantiate(private))
+ && TEST_int_eq(master->type, NID_sha256)
+ && TEST_int_eq(master->flags, RAND_DRBG_FLAG_MASTER)
+ && TEST_int_eq(public->type, RAND_DRBG_TYPE)
+ && TEST_int_eq(public->flags,
+ RAND_DRBG_FLAGS | RAND_DRBG_FLAG_PUBLIC)
+ && TEST_int_eq(private->type, NID_sha256)
+ && TEST_int_eq(private->flags,
+ RAND_DRBG_FLAG_PRIVATE | RAND_DRBG_FLAG_HMAC)
+ /* change public DRBG and check again */
+ && TEST_true(RAND_DRBG_set_defaults(NID_sha1,
+ RAND_DRBG_FLAG_PUBLIC
+ | RAND_DRBG_FLAG_HMAC))
+ && TEST_true(RAND_DRBG_uninstantiate(public))
+ && TEST_int_eq(master->type, NID_sha256)
+ && TEST_int_eq(master->flags, RAND_DRBG_FLAG_MASTER)
+ && TEST_int_eq(public->type, NID_sha1)
+ && TEST_int_eq(public->flags,
+ RAND_DRBG_FLAG_PUBLIC | RAND_DRBG_FLAG_HMAC)
+ && TEST_int_eq(private->type, NID_sha256)
+ && TEST_int_eq(private->flags,
+ RAND_DRBG_FLAG_PRIVATE | RAND_DRBG_FLAG_HMAC)
+ /* Change DRBG defaults and change public and check again */
+ && TEST_true(RAND_DRBG_set_defaults(NID_sha256, 0))
+ && TEST_true(RAND_DRBG_uninstantiate(public))
+ && TEST_int_eq(public->type, NID_sha256)
+ && TEST_int_eq(public->flags, RAND_DRBG_FLAG_PUBLIC)
+
+ /* Change DRBG defaults and change master and check again */
+ && TEST_true(RAND_DRBG_set_defaults(NID_aes_256_ctr,
+ RAND_DRBG_FLAG_CTR_NO_DF))
+ && TEST_true(RAND_DRBG_uninstantiate(master))
+ && TEST_int_eq(master->type, NID_aes_256_ctr)
+ && TEST_int_eq(master->flags,
+ RAND_DRBG_FLAG_MASTER|RAND_DRBG_FLAG_CTR_NO_DF);
+}
+
int setup_tests(void)
{
app_data_index = RAND_DRBG_get_ex_new_index(0L, NULL, NULL, NULL, NULL);
@@ -944,6 +1060,8 @@ int setup_tests(void)
ADD_ALL_TESTS(test_error_checks, OSSL_NELEM(drbg_test));
ADD_TEST(test_rand_reseed);
ADD_TEST(test_rand_add);
+ ADD_TEST(test_multi_set);
+ ADD_TEST(test_set_defaults);
#if defined(OPENSSL_THREADS)
ADD_TEST(test_multi_thread);
#endif
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-12 08:15:34 +0000