2 * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 #include "internal/nelem.h"
12 #include <openssl/crypto.h>
13 #include <openssl/err.h>
14 #include <openssl/rand.h>
15 #include <openssl/obj_mac.h>
16 #include <openssl/evp.h>
17 #include <openssl/aes.h>
18 #include "../crypto/rand/rand_lcl.h"
21 #include "drbg_cavs_data.h"
23 static int app_data_index;
25 typedef struct test_ctx_st {
26 const unsigned char *entropy;
29 const unsigned char *nonce;
34 static size_t kat_entropy(RAND_DRBG *drbg, unsigned char **pout,
35 int entropy, size_t min_len, size_t max_len,
36 int prediction_resistance)
38 TEST_CTX *t = (TEST_CTX *)RAND_DRBG_get_ex_data(drbg, app_data_index);
41 *pout = (unsigned char *)t->entropy;
45 static size_t kat_nonce(RAND_DRBG *drbg, unsigned char **pout,
46 int entropy, size_t min_len, size_t max_len)
48 TEST_CTX *t = (TEST_CTX *)RAND_DRBG_get_ex_data(drbg, app_data_index);
51 *pout = (unsigned char *)t->nonce;
56 * Do a single NO_RESEED KAT:
59 * Generate Random Bits (pr=false)
60 * Generate Random Bits (pr=false)
63 * Return 0 on failure.
65 static int single_kat_no_reseed(const struct drbg_kat *td)
67 struct drbg_kat_no_reseed *data = (struct drbg_kat_no_reseed *)td->t;
68 RAND_DRBG *drbg = NULL;
69 unsigned char *buff = NULL;
70 unsigned int flags = 0;
75 flags |= RAND_DRBG_FLAG_CTR_NO_DF;
77 if (!TEST_ptr(drbg = RAND_DRBG_new(td->nid, flags, NULL)))
80 if (!TEST_true(RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL,
85 memset(&t, 0, sizeof(t));
86 t.entropy = data->entropyin;
87 t.entropylen = td->entropyinlen;
88 t.nonce = data->nonce;
89 t.noncelen = td->noncelen;
90 RAND_DRBG_set_ex_data(drbg, app_data_index, &t);
92 buff = OPENSSL_malloc(td->retbyteslen);
96 if (!TEST_true(RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen))
97 || !TEST_true(RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0,
98 data->addin1, td->addinlen))
99 || !TEST_true(RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0,
100 data->addin2, td->addinlen))
101 || !TEST_true(RAND_DRBG_uninstantiate(drbg))
102 || !TEST_mem_eq(data->retbytes, td->retbyteslen, buff,
110 RAND_DRBG_uninstantiate(drbg);
111 RAND_DRBG_free(drbg);
113 return failures == 0;
117 * Do a single PR_FALSE KAT:
121 * Generate Random Bits (pr=false)
122 * Generate Random Bits (pr=false)
125 * Return 0 on failure.
127 static int single_kat_pr_false(const struct drbg_kat *td)
129 struct drbg_kat_pr_false *data = (struct drbg_kat_pr_false *)td->t;
130 RAND_DRBG *drbg = NULL;
131 unsigned char *buff = NULL;
132 unsigned int flags = 0;
136 if (td->df != USE_DF)
137 flags |= RAND_DRBG_FLAG_CTR_NO_DF;
139 if (!TEST_ptr(drbg = RAND_DRBG_new(td->nid, flags, NULL)))
142 if (!TEST_true(RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL,
147 memset(&t, 0, sizeof(t));
148 t.entropy = data->entropyin;
149 t.entropylen = td->entropyinlen;
150 t.nonce = data->nonce;
151 t.noncelen = td->noncelen;
152 RAND_DRBG_set_ex_data(drbg, app_data_index, &t);
154 buff = OPENSSL_malloc(td->retbyteslen);
158 if (!TEST_true(RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen)))
161 t.entropy = data->entropyinreseed;
162 t.entropylen = td->entropyinlen;
164 if (!TEST_true(RAND_DRBG_reseed(drbg, data->addinreseed, td->addinlen, 0))
165 || !TEST_true(RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0,
166 data->addin1, td->addinlen))
167 || !TEST_true(RAND_DRBG_generate(drbg, buff, td->retbyteslen, 0,
168 data->addin2, td->addinlen))
169 || !TEST_true(RAND_DRBG_uninstantiate(drbg))
170 || !TEST_mem_eq(data->retbytes, td->retbyteslen, buff,
178 RAND_DRBG_uninstantiate(drbg);
179 RAND_DRBG_free(drbg);
181 return failures == 0;
185 * Do a single PR_TRUE KAT:
188 * Generate Random Bits (pr=true)
189 * Generate Random Bits (pr=true)
192 * Return 0 on failure.
194 static int single_kat_pr_true(const struct drbg_kat *td)
196 struct drbg_kat_pr_true *data = (struct drbg_kat_pr_true *)td->t;
197 RAND_DRBG *drbg = NULL;
198 unsigned char *buff = NULL;
199 unsigned int flags = 0;
203 if (td->df != USE_DF)
204 flags |= RAND_DRBG_FLAG_CTR_NO_DF;
206 if (!TEST_ptr(drbg = RAND_DRBG_new(td->nid, flags, NULL)))
209 if (!TEST_true(RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL,
214 memset(&t, 0, sizeof(t));
215 t.nonce = data->nonce;
216 t.noncelen = td->noncelen;
217 t.entropy = data->entropyin;
218 t.entropylen = td->entropyinlen;
219 RAND_DRBG_set_ex_data(drbg, app_data_index, &t);
221 buff = OPENSSL_malloc(td->retbyteslen);
225 if (!TEST_true(RAND_DRBG_instantiate(drbg, data->persstr, td->persstrlen)))
228 t.entropy = data->entropyinpr1;
229 t.entropylen = td->entropyinlen;
231 if (!TEST_true(RAND_DRBG_generate(drbg, buff, td->retbyteslen, 1,
232 data->addin1, td->addinlen)))
235 t.entropy = data->entropyinpr2;
236 t.entropylen = td->entropyinlen;
238 if (!TEST_true(RAND_DRBG_generate(drbg, buff, td->retbyteslen, 1,
239 data->addin2, td->addinlen))
240 || !TEST_true(RAND_DRBG_uninstantiate(drbg))
241 || !TEST_mem_eq(data->retbytes, td->retbyteslen, buff,
249 RAND_DRBG_uninstantiate(drbg);
250 RAND_DRBG_free(drbg);
252 return failures == 0;
255 static int test_cavs_kats(int i)
257 const struct drbg_kat *td = drbg_test[i];
262 if (!single_kat_no_reseed(td))
266 if (!single_kat_pr_false(td))
270 if (!single_kat_pr_true(td))
273 default: /* cant happen */
281 int setup_tests(void)
283 app_data_index = RAND_DRBG_get_ex_new_index(0L, NULL, NULL, NULL, NULL);
285 ADD_ALL_TESTS(test_cavs_kats, drbg_test_nelem);