From 08a65d9686b131cb4193feaaf1d5cef941fa349c Mon Sep 17 00:00:00 2001 From: "Dr. Matthias St. Pierre" Date: Fri, 24 Nov 2017 15:24:51 +0100 Subject: Implement automatic reseeding of DRBG after a specified time interval Every DRBG now supports automatic reseeding not only after a given number of generate requests, but also after a specified time interval. Signed-off-by: Dr. Matthias St. Pierre Reviewed-by: Paul Dale Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/4402) --- test/drbgtest.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'test') diff --git a/test/drbgtest.c b/test/drbgtest.c index b1fc751cd9..68c169793c 100644 --- a/test/drbgtest.c +++ b/test/drbgtest.c @@ -573,6 +573,7 @@ static int test_drbg_reseed(int expect_success, ) { unsigned char buf[32]; + time_t before_reseed, after_reseed; int expected_state = (expect_success ? DRBG_READY : DRBG_ERROR); /* @@ -595,9 +596,11 @@ static int test_drbg_reseed(int expect_success, */ /* Generate random output from the public and private DRBG */ + before_reseed = expect_master_reseed == 1 ? time(NULL) : 0; if (!TEST_int_eq(RAND_bytes(buf, sizeof(buf)), expect_success) || !TEST_int_eq(RAND_priv_bytes(buf, sizeof(buf)), expect_success)) return 0; + after_reseed = time(NULL); /* @@ -633,6 +636,16 @@ static int test_drbg_reseed(int expect_success, if (!TEST_int_eq(public->reseed_counter, master->reseed_counter) || !TEST_int_eq(private->reseed_counter, master->reseed_counter)) return 0; + + /* Test whether reseed time of master DRBG is set correctly */ + if (!TEST_time_t_le(before_reseed, master->reseed_time) + || !TEST_time_t_le(master->reseed_time, after_reseed)) + return 0; + + /* Test whether reseed times of child DRBGs are synchronized with master */ + if (!TEST_time_t_ge(public->reseed_time, master->reseed_time) + || !TEST_time_t_ge(private->reseed_time, master->reseed_time)) + return 0; } else { ERR_clear_error(); } -- cgit v1.2.3