From 36178ffb8704011db70bd6df232b1e8513bda785 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 29 May 2014 14:26:03 +0200 Subject: [PATCH 1/6] Add tests for asn1_write_octet_string() --- tests/CMakeLists.txt | 1 + tests/Makefile | 6 ++- tests/suites/test_suite_asn1write.data | 32 +++++++++++++++ tests/suites/test_suite_asn1write.function | 48 ++++++++++++++++++++++ 4 files changed, 86 insertions(+), 1 deletion(-) create mode 100644 tests/suites/test_suite_asn1write.data create mode 100644 tests/suites/test_suite_asn1write.function diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index d75752ceb..bc40eb173 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -40,6 +40,7 @@ add_test_suite(aes aes.cbc) add_test_suite(aes aes.cfb) add_test_suite(aes aes.rest) add_test_suite(arc4) +add_test_suite(asn1write) add_test_suite(base64) add_test_suite(blowfish) add_test_suite(camellia) diff --git a/tests/Makefile b/tests/Makefile index 61e38c413..dd9f205b4 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -32,7 +32,7 @@ endif APPS = test_suite_aes.ecb test_suite_aes.cbc \ test_suite_aes.cfb test_suite_aes.rest \ - test_suite_arc4 \ + test_suite_arc4 test_suite_asn1write \ test_suite_base64 test_suite_blowfish \ test_suite_camellia test_suite_ccm \ test_suite_cipher.aes \ @@ -192,6 +192,10 @@ test_suite_arc4: test_suite_arc4.c $(DEP) echo " CC $@.c" $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_asn1write: test_suite_asn1write.c $(DEP) + echo " CC $@.c" + $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ + test_suite_base64: test_suite_base64.c $(DEP) echo " CC $@.c" $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ diff --git a/tests/suites/test_suite_asn1write.data b/tests/suites/test_suite_asn1write.data new file mode 100644 index 000000000..c9b20d733 --- /dev/null +++ b/tests/suites/test_suite_asn1write.data @@ -0,0 +1,32 @@ +ASN.1 Write Octet String #0 (Empty string) +asn1_write_octet_string:"":"0400":2:2 + +ASN.1 Write Octet String #1 (Large buffer) +asn1_write_octet_string:"AABBCC":"0403AABBCC":10:5 + +ASN.1 Write Octet String #2 (Buffer just fits) +asn1_write_octet_string:"AABBCC":"0403AABBCC":5:5 + +ASN.1 Write Octet String #3 (Buffer too small for tag) +asn1_write_octet_string:"AABBCC":"0403AABBCC":4:POLARSSL_ERR_ASN1_BUF_TOO_SMALL + +ASN.1 Write Octet String #4 (Buffer too small for len) +asn1_write_octet_string:"AABBCC":"0403AABBCC":3:POLARSSL_ERR_ASN1_BUF_TOO_SMALL + +ASN.1 Write Octet String #5 (Buffer too small for string) +asn1_write_octet_string:"AABBCC":"0403AABBCC":2:POLARSSL_ERR_ASN1_BUF_TOO_SMALL + +ASN.1 Write Octet String #6 (l = 128, large buffer) +asn1_write_octet_string:"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"048180000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":140:131 + +ASN.1 Write Octet String #7 (l = 128, buffer just fits) +asn1_write_octet_string:"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"048180000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":131:131 + +ASN.1 Write Octet String #8 (l = 128, buffer too small for tag) +asn1_write_octet_string:"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"":130:POLARSSL_ERR_ASN1_BUF_TOO_SMALL + +ASN.1 Write Octet String #9 (l = 128, buffer too small for len) +asn1_write_octet_string:"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"":129:POLARSSL_ERR_ASN1_BUF_TOO_SMALL + +ASN.1 Write Octet String #9 (l = 128, buffer too small for string) +asn1_write_octet_string:"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"":127:POLARSSL_ERR_ASN1_BUF_TOO_SMALL diff --git a/tests/suites/test_suite_asn1write.function b/tests/suites/test_suite_asn1write.function new file mode 100644 index 000000000..53cb739a4 --- /dev/null +++ b/tests/suites/test_suite_asn1write.function @@ -0,0 +1,48 @@ +/* BEGIN_HEADER */ +#include + +#define GUARD_LEN 4 +#define GUARD_VAL 0x2a +/* END_HEADER */ + +/* BEGIN_DEPENDENCIES + * depends_on:POLARSSL_ASN1_WRITE_C + * END_DEPENDENCIES + */ + +/* BEGIN_CASE */ +void asn1_write_octet_string( char *hex_str, char *hex_asn1, + int buf_len, int result ) +{ + int ret; + unsigned char buf[150]; + unsigned char str[150] = { 0 }; + unsigned char asn1[150] = { 0 }; + size_t str_len, asn1_len, i; + unsigned char *p; + + memset( buf, GUARD_VAL, sizeof( buf ) ); + + str_len = unhexify( str, hex_str ); + asn1_len = unhexify( asn1, hex_asn1 ); + + p = buf + GUARD_LEN + buf_len; + + ret = asn1_write_octet_string( &p, buf + GUARD_LEN, str, str_len ); + + /* Check for buffer overwrite on both sides */ + for( i = 0; i < GUARD_LEN; i++ ) + { + TEST_ASSERT( buf[i] == GUARD_VAL ); + TEST_ASSERT( buf[GUARD_LEN + buf_len + i] == GUARD_VAL ); + } + + if( result >= 0 ) + { + TEST_ASSERT( (size_t) ret == asn1_len ); + TEST_ASSERT( p + asn1_len == buf + GUARD_LEN + buf_len ); + + TEST_ASSERT( memcmp( p, asn1, asn1_len ) == 0 ); + } +} +/* END_CASE */ From c22bb4994c3a16e10dc9e9cdf63ef6651427a3ea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 29 May 2014 17:16:45 +0200 Subject: [PATCH 2/6] Add tests for asn1_write_ia5_string() --- tests/suites/test_suite_asn1write.data | 18 +++++++++++ tests/suites/test_suite_asn1write.function | 36 ++++++++++++++++++++++ 2 files changed, 54 insertions(+) diff --git a/tests/suites/test_suite_asn1write.data b/tests/suites/test_suite_asn1write.data index c9b20d733..17f2067c6 100644 --- a/tests/suites/test_suite_asn1write.data +++ b/tests/suites/test_suite_asn1write.data @@ -30,3 +30,21 @@ asn1_write_octet_string:"000102030405060708090A0B0C0D0E0F000102030405060708090A0 ASN.1 Write Octet String #9 (l = 128, buffer too small for string) asn1_write_octet_string:"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"":127:POLARSSL_ERR_ASN1_BUF_TOO_SMALL + +ASN.1 Write IA5 String #0 (Empty string) +asn1_write_ia5_string:"":"1600":2:2 + +ASN.1 Write IA5 String #1 (Large buffer) +asn1_write_ia5_string:"ABC":"1603414243":10:5 + +ASN.1 Write IA5 String #2 (Buffer just fits) +asn1_write_ia5_string:"ABC":"1603414243":5:5 + +ASN.1 Write IA5 String #3 (Buffer too small for tag) +asn1_write_ia5_string:"ABC":"":4:POLARSSL_ERR_ASN1_BUF_TOO_SMALL + +ASN.1 Write IA5 String #4 (Buffer too small for len) +asn1_write_ia5_string:"ABC":"":3:POLARSSL_ERR_ASN1_BUF_TOO_SMALL + +ASN.1 Write IA5 String #5 (Buffer too small for string) +asn1_write_ia5_string:"ABC":"":2:POLARSSL_ERR_ASN1_BUF_TOO_SMALL diff --git a/tests/suites/test_suite_asn1write.function b/tests/suites/test_suite_asn1write.function index 53cb739a4..72e9b4bfb 100644 --- a/tests/suites/test_suite_asn1write.function +++ b/tests/suites/test_suite_asn1write.function @@ -46,3 +46,39 @@ void asn1_write_octet_string( char *hex_str, char *hex_asn1, } } /* END_CASE */ + +/* BEGIN_CASE */ +void asn1_write_ia5_string( char *str, char *hex_asn1, + int buf_len, int result ) +{ + int ret; + unsigned char buf[150]; + unsigned char asn1[150] = { 0 }; + size_t str_len, asn1_len, i; + unsigned char *p; + + memset( buf, GUARD_VAL, sizeof( buf ) ); + + str_len = strlen( str ); + asn1_len = unhexify( asn1, hex_asn1 ); + + p = buf + GUARD_LEN + buf_len; + + ret = asn1_write_ia5_string( &p, buf + GUARD_LEN, str, str_len ); + + /* Check for buffer overwrite on both sides */ + for( i = 0; i < GUARD_LEN; i++ ) + { + TEST_ASSERT( buf[i] == GUARD_VAL ); + TEST_ASSERT( buf[GUARD_LEN + buf_len + i] == GUARD_VAL ); + } + + if( result >= 0 ) + { + TEST_ASSERT( (size_t) ret == asn1_len ); + TEST_ASSERT( p + asn1_len == buf + GUARD_LEN + buf_len ); + + TEST_ASSERT( memcmp( p, asn1, asn1_len ) == 0 ); + } +} +/* END_CASE */ From 7b4919c3999f2cdd808911043346ba2aaa28c2c7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 29 May 2014 18:26:53 +0200 Subject: [PATCH 3/6] Add test vectors for XTEA CBC Generate using an independent implementation found at: https://code.google.com/p/zzt-code-base/source/browse/trunk/src/python/xtea.py --- tests/suites/test_suite_xtea.data | 37 ++++++++++++++++ tests/suites/test_suite_xtea.function | 62 +++++++++++++++++++++++++++ 2 files changed, 99 insertions(+) diff --git a/tests/suites/test_suite_xtea.data b/tests/suites/test_suite_xtea.data index 37d065cd0..109e6b65d 100644 --- a/tests/suites/test_suite_xtea.data +++ b/tests/suites/test_suite_xtea.data @@ -34,6 +34,43 @@ xtea_decrypt_ecb:"00000000000000000000000000000000":"ed23375a821a8c2d":"41414141 XTEA Decrypt_ecb #6 xtea_decrypt_ecb:"00000000000000000000000000000000":"4141414141414141":"70e1225d6e4e7655" +XTEA Encrypt CBC #1 +xtea_encrypt_cbc:"000102030405060708090a0b0c0d0e0f":"6162636465666768":"4142434445464748":"6b982bec15a7b558" + +XTEA Encrypt CBC #2 +xtea_encrypt_cbc:"000102030405060708090a0b0c0d0e0f":"4142434445464748":"41414141414141414141414141414141":"2c6aeb799561c8e973b0927f072e3801" + +XTEA Encrypt CBC #3 +xtea_encrypt_cbc:"000102030405060708090a0b0c0d0e0f":"0000000000000000":"5a5b6e278948d77f70e1225d6e4e7655e78f2d13744341d8":"41414141414141415fee100fe2c030025d8a557f2677cb33" + +XTEA Encrypt CBC #4 +xtea_encrypt_cbc:"00000000000000000000000000000000":"6162636465666768":"4142434445464748":"5b0c065a3803900d" + +XTEA Encrypt CBC #5 +xtea_encrypt_cbc:"00000000000000000000000000000000":"4142434445464748":"41414141414141414141414141414141":"bdae508aa320aa5caa7cd79dbc9c38aa" + +XTEA Encrypt CBC #6 +xtea_encrypt_cbc:"00000000000000000000000000000000":"0000000000000000":"5a5b6e278948d77f70e1225d6e4e7655e78f2d13744341d8":"61f5082a2c996f632da3ea16ff8e06558b69f069d8637b31" + +XTEA Decrypt CBC #1 +xtea_decrypt_cbc:"000102030405060708090a0b0c0d0e0f":"6162636465666768":"4142434445464748":"359def46515c71b2" + +XTEA Decrypt CBC #2 +xtea_decrypt_cbc:"000102030405060708090a0b0c0d0e0f":"4142434445464748":"41414141414141414141414141414141":"1b192d63cc0e90371b1a2f66c809963e" + +XTEA Decrypt CBC #3 +xtea_decrypt_cbc:"000102030405060708090a0b0c0d0e0f":"0000000000000000":"5a5b6e278948d77f70e1225d6e4e7655e78f2d13744341d8":"2e76e5cc03543cdc40ca03358a5764c331a0631c2f0f3714" + +XTEA Decrypt CBC #4 +xtea_decrypt_cbc:"00000000000000000000000000000000":"6162636465666768":"4142434445464748":"81476a15138174dc" + +XTEA Decrypt CBC #5 +xtea_decrypt_cbc:"00000000000000000000000000000000":"4142434445464748":"41414141414141414141414141414141":"31a361192b08311d31a0631c2f0f3714" + +XTEA Decrypt CBC #6 +xtea_decrypt_cbc:"00000000000000000000000000000000":"0000000000000000":"5a5b6e278948d77f70e1225d6e4e7655e78f2d13744341d8":"c1e2dbbf67ee786e29e051bea18c6abc66f1de5c2daefc2a" + XTEA Selftest depends_on:POLARSSL_SELF_TEST xtea_selftest: + diff --git a/tests/suites/test_suite_xtea.function b/tests/suites/test_suite_xtea.function index 091752fdc..74ca6787a 100644 --- a/tests/suites/test_suite_xtea.function +++ b/tests/suites/test_suite_xtea.function @@ -59,6 +59,68 @@ void xtea_decrypt_ecb( char *hex_key_string, char *hex_src_string, } /* END_CASE */ +/* BEGIN_CASE */ +void xtea_encrypt_cbc( char *hex_key_string, char *hex_iv_string, + char *hex_src_string, char *hex_dst_string ) +{ + unsigned char key_str[100]; + unsigned char src_str[100]; + unsigned char dst_str[100]; + unsigned char iv_str[100]; + unsigned char output[100]; + size_t len; + xtea_context ctx; + + memset(key_str, 0x00, 100); + memset(src_str, 0x00, 100); + memset(dst_str, 0x00, 100); + memset(iv_str, 0x00, 100); + memset(output, 0x00, 100); + + unhexify( key_str, hex_key_string ); + unhexify( iv_str, hex_iv_string ); + len = unhexify( src_str, hex_src_string ); + + xtea_setup( &ctx, key_str ); + TEST_ASSERT( xtea_crypt_cbc( &ctx, XTEA_ENCRYPT, len, iv_str, + src_str, output ) == 0 ); + hexify( dst_str, output, len ); + + TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void xtea_decrypt_cbc( char *hex_key_string, char *hex_iv_string, + char *hex_src_string, char *hex_dst_string ) +{ + unsigned char key_str[100]; + unsigned char src_str[100]; + unsigned char dst_str[100]; + unsigned char iv_str[100]; + unsigned char output[100]; + size_t len; + xtea_context ctx; + + memset(key_str, 0x00, 100); + memset(src_str, 0x00, 100); + memset(dst_str, 0x00, 100); + memset(iv_str, 0x00, 100); + memset(output, 0x00, 100); + + unhexify( key_str, hex_key_string ); + unhexify( iv_str, hex_iv_string ); + len = unhexify( src_str, hex_src_string ); + + xtea_setup( &ctx, key_str ); + TEST_ASSERT( xtea_crypt_cbc( &ctx, XTEA_DECRYPT, len, iv_str, + src_str, output ) == 0 ); + hexify( dst_str, output, len ); + + TEST_ASSERT( strcmp( (char *) dst_str, hex_dst_string ) == 0 ); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:POLARSSL_SELF_TEST */ void xtea_selftest() { From 4dd73925ab091bff24e014936a84cc9b50a70daa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 30 May 2014 10:34:15 +0200 Subject: [PATCH 4/6] Add entropy_self_test() --- include/polarssl/entropy.h | 9 ++++ library/entropy.c | 93 ++++++++++++++++++++++++++++++++++++++ programs/test/selftest.c | 6 +++ 3 files changed, 108 insertions(+) diff --git a/include/polarssl/entropy.h b/include/polarssl/entropy.h index 55b262f8f..3b5d692bc 100644 --- a/include/polarssl/entropy.h +++ b/include/polarssl/entropy.h @@ -230,6 +230,15 @@ int entropy_write_seed_file( entropy_context *ctx, const char *path ); int entropy_update_seed_file( entropy_context *ctx, const char *path ); #endif /* POLARSSL_FS_IO */ +#if defined(POLARSSL_SELF_TEST) +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if a test failed + */ +int entropy_self_test( int verbose ); +#endif /* POLARSSL_SELF_TEST */ + #ifdef __cplusplus } #endif diff --git a/library/entropy.c b/library/entropy.c index b50049188..c01acf38d 100644 --- a/library/entropy.c +++ b/library/entropy.c @@ -372,4 +372,97 @@ int entropy_update_seed_file( entropy_context *ctx, const char *path ) } #endif /* POLARSSL_FS_IO */ +#if defined(POLARSSL_SELF_TEST) + +#if defined(POLARSSL_PLATFORM_C) +#include "polarssl/platform.h" +#else +#define polarssl_printf printf +#endif + +/* + * Dummy source function + */ +static int entropy_dummy_source( void *data, unsigned char *output, + size_t len, size_t *olen ) +{ + ((void) data); + + memset( output, 0x2a, len ); + *olen = len; + + return( 0 ); +} + +/* + * The actual entropy quality is hard to test, but we can at least + * test that the functions don't cause errors and write the correct + * amount of data to buffers. + */ +int entropy_self_test( int verbose ) +{ + int ret = 0; + entropy_context ctx; + unsigned char buf[ENTROPY_BLOCK_SIZE] = { 0 }; + unsigned char acc[ENTROPY_BLOCK_SIZE] = { 0 }; + size_t i, j; + + if( verbose != 0 ) + polarssl_printf( " ENTROPY test: " ); + + entropy_init( &ctx ); + + ret = entropy_add_source( &ctx, entropy_dummy_source, NULL, 16 ); + if( ret != 0 ) + goto cleanup; + + if( ( ret = entropy_gather( &ctx ) ) != 0 ) + goto cleanup; + + if( ( ret = entropy_update_manual( &ctx, buf, sizeof buf ) ) != 0 ) + goto cleanup; + + /* + * To test that entropy_func writes correct number of bytes: + * - use the whole buffer and rely on ASan to detect overruns + * - collect entropy 8 times and OR the result in an accumulator: + * any byte should then be 0 with probably 2^(-64), so requiring + * each of the 32 or 64 bytes to be non-zero has a false failure rate + * of at most 2^(-58) which is acceptable. + */ + for( i = 0; i < 8; i++ ) + { + if( ( ret = entropy_func( &ctx, buf, sizeof( buf ) ) ) != 0 ) + goto cleanup; + + for( j = 0; j < sizeof( buf ); j++ ) + acc[j] |= buf[j]; + } + + for( j = 0; j < sizeof( buf ); j++ ) + { + if( acc[j] == 0 ) + { + ret = 1; + goto cleanup; + } + } + +cleanup: + entropy_free( &ctx ); + + if( verbose != 0 ) + { + if( ret != 0 ) + polarssl_printf( "failed\n" ); + else + polarssl_printf( "passed\n" ); + + polarssl_printf( "\n" ); + } + + return( ret != 0 ); +} +#endif /* POLARSSL_SELF_TEST */ + #endif /* POLARSSL_ENTROPY_C */ diff --git a/programs/test/selftest.c b/programs/test/selftest.c index 07e2b122a..edb133150 100644 --- a/programs/test/selftest.c +++ b/programs/test/selftest.c @@ -32,6 +32,7 @@ #include #include +#include "polarssl/entropy.h" #include "polarssl/hmac_drbg.h" #include "polarssl/ctr_drbg.h" #include "polarssl/dhm.h" @@ -193,6 +194,11 @@ int main( int argc, char *argv[] ) return( ret ); #endif +#if defined(POLARSSL_ENTROPY_C) + if( ( ret = entropy_self_test( v ) ) != 0 ) + return( ret ); +#endif + /* Slow tests last */ #if defined(POLARSSL_PBKDF2_C) From 2c25eb0b0a9ed089c60b3e16728805b32b60fd2b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 30 May 2014 10:38:18 +0200 Subject: [PATCH 5/6] Add test_suite_entropy --- tests/.gitignore | 1 + tests/CMakeLists.txt | 1 + tests/Makefile | 6 ++++- tests/suites/test_suite_entropy.data | 8 +++++++ tests/suites/test_suite_entropy.function | 29 ++++++++++++++++++++++++ 5 files changed, 44 insertions(+), 1 deletion(-) create mode 100644 tests/suites/test_suite_entropy.data create mode 100644 tests/suites/test_suite_entropy.function diff --git a/tests/.gitignore b/tests/.gitignore index a83ad32ac..6590f0fca 100644 --- a/tests/.gitignore +++ b/tests/.gitignore @@ -3,3 +3,4 @@ data_files/mpi_write data_files/hmac_drbg_seed data_files/ctr_drbg_seed +data_files/entropy_seed diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index bc40eb173..44904fa3b 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -61,6 +61,7 @@ add_test_suite(dhm) add_test_suite(ecp) add_test_suite(ecdh) add_test_suite(ecdsa) +add_test_suite(entropy) add_test_suite(error) add_test_suite(gcm gcm.aes128_en) add_test_suite(gcm gcm.aes192_en) diff --git a/tests/Makefile b/tests/Makefile index dd9f205b4..c37b790fa 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -46,7 +46,7 @@ APPS = test_suite_aes.ecb test_suite_aes.cbc \ test_suite_des test_suite_dhm \ test_suite_ecdh test_suite_ecdsa \ test_suite_ecp \ - test_suite_error \ + test_suite_error test_suite_entropy \ test_suite_gcm.aes128_de \ test_suite_gcm.aes192_de \ test_suite_gcm.aes256_de \ @@ -272,6 +272,10 @@ test_suite_ecp: test_suite_ecp.c $(DEP) echo " CC $@.c" $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ +test_suite_entropy: test_suite_entropy.c $(DEP) + echo " CC $@.c" + $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ + test_suite_error: test_suite_error.c $(DEP) echo " CC $@.c" $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@ diff --git a/tests/suites/test_suite_entropy.data b/tests/suites/test_suite_entropy.data new file mode 100644 index 000000000..5a43ffdc9 --- /dev/null +++ b/tests/suites/test_suite_entropy.data @@ -0,0 +1,8 @@ +Entropy write/update seed file +entropy_seed_file:"data_files/entropy_seed":0 + +Entropy write/update seed file +entropy_seed_file:"no_such_dir/file":POLARSSL_ERR_ENTROPY_FILE_IO_ERROR + +Entropy self test +entropy_selftest: diff --git a/tests/suites/test_suite_entropy.function b/tests/suites/test_suite_entropy.function new file mode 100644 index 000000000..31286ba19 --- /dev/null +++ b/tests/suites/test_suite_entropy.function @@ -0,0 +1,29 @@ +/* BEGIN_HEADER */ +#include +/* END_HEADER */ + +/* BEGIN_DEPENDENCIES + * depends_on:POLARSSL_ENTROPY_C + * END_DEPENDENCIES + */ + +/* BEGIN_CASE depends_on:POLARSSL_FS_IO */ +void entropy_seed_file( char *path, int ret ) +{ + entropy_context ctx; + + entropy_init( &ctx ); + + TEST_ASSERT( entropy_write_seed_file( &ctx, path ) == ret ); + TEST_ASSERT( entropy_update_seed_file( &ctx, path ) == ret ); + + entropy_free( &ctx ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:POLARSSL_SELF_TEST */ +void entropy_selftest( ) +{ + TEST_ASSERT( entropy_self_test( 0 ) == 0 ); +} +/* END_CASE */ From c7c56b2e82a63412e1db771ddf5f1ae9847afe31 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 30 May 2014 11:42:01 +0200 Subject: [PATCH 6/6] Add more tests for the entropy module --- include/polarssl/entropy.h | 2 +- tests/suites/test_suite_entropy.data | 33 ++++++ tests/suites/test_suite_entropy.function | 142 +++++++++++++++++++++++ 3 files changed, 176 insertions(+), 1 deletion(-) diff --git a/include/polarssl/entropy.h b/include/polarssl/entropy.h index 3b5d692bc..f5fa92808 100644 --- a/include/polarssl/entropy.h +++ b/include/polarssl/entropy.h @@ -183,7 +183,7 @@ int entropy_gather( entropy_context *ctx ); * * \param data Entropy context * \param output Buffer to fill - * \param len Length of buffer + * \param len Number of bytes desired, must be at most ENTROPY_BLOCK_SIZE * * \return 0 if successful, or POLARSSL_ERR_ENTROPY_SOURCE_FAILED */ diff --git a/tests/suites/test_suite_entropy.data b/tests/suites/test_suite_entropy.data index 5a43ffdc9..d81061cf1 100644 --- a/tests/suites/test_suite_entropy.data +++ b/tests/suites/test_suite_entropy.data @@ -4,5 +4,38 @@ entropy_seed_file:"data_files/entropy_seed":0 Entropy write/update seed file entropy_seed_file:"no_such_dir/file":POLARSSL_ERR_ENTROPY_FILE_IO_ERROR +Entropy too many sources +entropy_too_many_sources: + +Entropy output length #1 +entropy_func_len:0:0 + +Entropy output length #2 +entropy_func_len:1:0 + +Entropy output length #3 +entropy_func_len:2:0 + +Entropy output length #4 +entropy_func_len:31:0 + +Entropy output length #5 +entropy_func_len:65:POLARSSL_ERR_ENTROPY_SOURCE_FAILED + +Entropy failing source +entropy_source_fail:"data_files/entropy_seed" + +Entropy threshold #1 +entropy_threshold:16:2:8 + +Entropy threshold #2 +entropy_threshold:32:1:32 + +Entropy thershold #3 +entropy_threshold:16:0:POLARSSL_ERR_ENTROPY_SOURCE_FAILED + +Entropy thershold #4 +entropy_threshold:1024:1:POLARSSL_ERR_ENTROPY_SOURCE_FAILED + Entropy self test entropy_selftest: diff --git a/tests/suites/test_suite_entropy.function b/tests/suites/test_suite_entropy.function index 31286ba19..844eb96a9 100644 --- a/tests/suites/test_suite_entropy.function +++ b/tests/suites/test_suite_entropy.function @@ -1,5 +1,38 @@ /* BEGIN_HEADER */ #include + +/* + * Number of calls made to entropy_dummy_source() + */ +static size_t entropy_dummy_calls; + +/* + * Dummy entropy source + * + * If data is NULL, write exactly the requested length. + * Otherwise, write the length indicated by data or error if negative + */ +static int entropy_dummy_source( void *data, unsigned char *output, + size_t len, size_t *olen ) +{ + entropy_dummy_calls++; + + if( data == NULL ) + *olen = len; + else + { + int *d = (int *) data; + + if( *d < 0 ) + return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED ); + else + *olen = *d; + } + + memset( output, 0x2a, *olen ); + + return( 0 ); +} /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -21,6 +54,115 @@ void entropy_seed_file( char *path, int ret ) } /* END_CASE */ +/* BEGIN_CASE */ +void entropy_too_many_sources( ) +{ + entropy_context ctx; + size_t i; + + entropy_init( &ctx ); + + /* + * It's hard to tell precisely when the error will occur, + * since we don't know how many sources were automatically added. + */ + for( i = 0; i < ENTROPY_MAX_SOURCES; i++ ) + (void) entropy_add_source( &ctx, entropy_dummy_source, NULL, 16 ); + + TEST_ASSERT( entropy_add_source( &ctx, entropy_dummy_source, NULL, 16 ) + == POLARSSL_ERR_ENTROPY_MAX_SOURCES ); + + entropy_free( &ctx ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void entropy_func_len( int len, int ret ) +{ + entropy_context ctx; + unsigned char buf[ENTROPY_BLOCK_SIZE + 10] = { 0 }; + unsigned char acc[ENTROPY_BLOCK_SIZE + 10] = { 0 }; + size_t i, j; + + entropy_init( &ctx ); + + /* + * See comments in entropy_self_test() + */ + for( i = 0; i < 8; i++ ) + { + TEST_ASSERT( entropy_func( &ctx, buf, len ) == ret ); + for( j = 0; j < sizeof( buf ); j++ ) + acc[j] |= buf[j]; + } + + if( ret == 0 ) + for( j = 0; j < (size_t) len; j++ ) + TEST_ASSERT( acc[j] != 0 ); + + for( j = len; j < sizeof( buf ); j++ ) + TEST_ASSERT( acc[j] == 0 ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void entropy_source_fail( char *path ) +{ + entropy_context ctx; + int fail = -1; + unsigned char buf[16]; + + entropy_init( &ctx ); + + TEST_ASSERT( entropy_add_source( &ctx, entropy_dummy_source, &fail, 16 ) + == 0 ); + + TEST_ASSERT( entropy_func( &ctx, buf, sizeof( buf ) ) + == POLARSSL_ERR_ENTROPY_SOURCE_FAILED ); + TEST_ASSERT( entropy_gather( &ctx ) + == POLARSSL_ERR_ENTROPY_SOURCE_FAILED ); +#if defined(POLARSSL_FS_IO) + TEST_ASSERT( entropy_write_seed_file( &ctx, path ) + == POLARSSL_ERR_ENTROPY_SOURCE_FAILED ); + TEST_ASSERT( entropy_update_seed_file( &ctx, path ) + == POLARSSL_ERR_ENTROPY_SOURCE_FAILED ); +#else + ((void) path); +#endif + + entropy_free( &ctx ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void entropy_threshold( int threshold, int chunk_size, int result ) +{ + entropy_context ctx; + unsigned char buf[ENTROPY_BLOCK_SIZE] = { 0 }; + int ret; + + entropy_init( &ctx ); + + TEST_ASSERT( entropy_add_source( &ctx, entropy_dummy_source, + &chunk_size, threshold ) == 0 ); + + entropy_dummy_calls = 0; + ret = entropy_func( &ctx, buf, sizeof( buf ) ); + + if( result >= 0 ) + { + TEST_ASSERT( ret == 0 ); + TEST_ASSERT( entropy_dummy_calls == (size_t) result ); + } + else + { + TEST_ASSERT( ret == result ); + } + + entropy_free( &ctx ); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:POLARSSL_SELF_TEST */ void entropy_selftest( ) {