diff options
| author | Kurt Roeckx <kurt@roeckx.be> | 2018-03-03 23:19:03 +0100 |
|---|---|---|
| committer | Kurt Roeckx <kurt@roeckx.be> | 2018-04-01 21:11:26 +0200 |
| commit | 2a70d65b99e1f2376be705d18bca88703b7e774a (patch) | |
| tree | 644756e297bba6b57f675749e9fc972c968212c7 /test | |
| parent | 2f6f913e9e02441245c974d7c5abe57f37c0420e (diff) | |
| download | openssl-new-2a70d65b99e1f2376be705d18bca88703b7e774a.tar.gz | |
Make sure we use a nonce when a nonce is required
If a nonce is required and the get_nonce callback is NULL, request 50%
more entropy following NIST SP800-90Ar1 section 9.1.
Reviewed-by: Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
GH: #5503
Diffstat (limited to 'test')
| -rw-r--r-- | test/drbgtest.c | 63 |
1 files changed, 63 insertions, 0 deletions
diff --git a/test/drbgtest.c b/test/drbgtest.c index bef504ebd1..5426046854 100644 --- a/test/drbgtest.c +++ b/test/drbgtest.c @@ -16,6 +16,7 @@ #include <openssl/evp.h> #include <openssl/aes.h> #include "../crypto/rand/rand_lcl.h" +#include "../crypto/include/internal/rand_int.h" #if defined(_WIN32) # include <windows.h> @@ -864,6 +865,67 @@ static int test_multi_thread(void) } #endif +/* + * This function only returns the entropy already added with RAND_add(), + * and does not get entropy from the OS. + * + * Returns 0 on failure and the size of the buffer on success. + */ +static size_t get_pool_entropy(RAND_DRBG *drbg, + unsigned char **pout, + int entropy, size_t min_len, size_t max_len, + int prediction_resistance) +{ + if (drbg->pool == NULL) + return 0; + + if (drbg->pool->entropy < (size_t)entropy || drbg->pool->len < min_len + || drbg->pool->len > max_len) + return 0; + + *pout = drbg->pool->buffer; + return drbg->pool->len; +} + +/* + * Clean up the entropy that get_pool_entropy() returned. + */ +static void cleanup_pool_entropy(RAND_DRBG *drbg, unsigned char *out, size_t outlen) +{ + OPENSSL_secure_clear_free(drbg->pool->buffer, drbg->pool->max_len); + OPENSSL_free(drbg->pool); + drbg->pool = NULL; +} + +/* + * Test that instantiating works when OS entropy is not available and that + * RAND_add() is enough to reseed it. + */ +static int test_rand_add(void) +{ + RAND_DRBG *master = RAND_DRBG_get0_master(); + RAND_DRBG_get_entropy_fn old_get_entropy = master->get_entropy; + RAND_DRBG_cleanup_entropy_fn old_cleanup_entropy = master->cleanup_entropy; + int rv = 0; + unsigned char rand_add_buf[256]; + + master->get_entropy = get_pool_entropy; + master->cleanup_entropy = cleanup_pool_entropy; + master->reseed_counter++; + RAND_DRBG_uninstantiate(master); + memset(rand_add_buf, 0xCD, sizeof(rand_add_buf)); + RAND_add(rand_add_buf, sizeof(rand_add_buf), sizeof(rand_add_buf)); + if (!TEST_true(RAND_DRBG_instantiate(master, NULL, 0))) + goto error; + + rv = 1; + +error: + master->get_entropy = old_get_entropy; + master->cleanup_entropy = old_cleanup_entropy; + return rv; +} + int setup_tests(void) { app_data_index = RAND_DRBG_get_ex_new_index(0L, NULL, NULL, NULL, NULL); @@ -871,6 +933,7 @@ int setup_tests(void) ADD_ALL_TESTS(test_kats, OSSL_NELEM(drbg_test)); ADD_ALL_TESTS(test_error_checks, OSSL_NELEM(drbg_test)); ADD_TEST(test_rand_reseed); + ADD_TEST(test_rand_add); #if defined(OPENSSL_THREADS) ADD_TEST(test_multi_thread); #endif |