diff options
| author | Rich Salz <rsalz@openssl.org> | 2017-08-03 15:23:28 +0200 |
|---|---|---|
| committer | Rich Salz <rsalz@openssl.org> | 2017-08-03 15:23:28 +0200 |
| commit | 75e2c877650444fb829547bdb58d46eb1297bc1a (patch) | |
| tree | 67ad6280bccdca4ae95cc269b1994ea4c1557aa7 /test | |
| parent | Move ossl_assert (diff) | |
| download | openssl-75e2c877650444fb829547bdb58d46eb1297bc1a.tar.xz openssl-75e2c877650444fb829547bdb58d46eb1297bc1a.zip | |
Switch from ossl_rand to DRBG rand
If RAND_add wraps around, XOR with existing. Add test to drbgtest that
does the wrap-around.
Re-order seeding and stop after first success.
Add RAND_poll_ex()
Use the DF and therefore lower RANDOMNESS_NEEDED. Also, for child DRBG's,
mix in the address as the personalization bits.
Centralize the entropy callbacks, from drbg_lib to rand_lib.
(Conceptually, entropy is part of the enclosing application.)
Thanks to Dr. Matthias St Pierre for the suggestion.
Various code cleanups:
-Make state an enum; inline RANDerr calls.
-Add RAND_POLL_RETRIES (thanks Pauli for the idea)
-Remove most RAND_seed calls from rest of library
-Rename DRBG_CTX to RAND_DRBG, etc.
-Move some code from drbg_lib to drbg_rand; drbg_lib is now only the
implementation of NIST DRBG.
-Remove blocklength
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/4019)
Diffstat (limited to 'test')
| -rw-r--r-- | test/bntest.c | 3 | ||||
| -rw-r--r-- | test/build.info | 6 | ||||
| -rw-r--r-- | test/dhtest.c | 5 | ||||
| -rw-r--r-- | test/drbgtest.c | 206 | ||||
| -rw-r--r-- | test/dsatest.c | 5 | ||||
| -rw-r--r-- | test/ecdsatest.c | 6 | ||||
| -rw-r--r-- | test/ectest.c | 5 | ||||
| -rw-r--r-- | test/randtest.c | 110 | ||||
| -rw-r--r-- | test/recipes/05-test_rand.t | 3 | ||||
| -rw-r--r-- | test/ssltest_old.c | 4 |
10 files changed, 112 insertions, 241 deletions
diff --git a/test/bntest.c b/test/bntest.c index a570d0099b..4dae6601c2 100644 --- a/test/bntest.c +++ b/test/bntest.c @@ -2035,11 +2035,8 @@ static int run_file_tests(int i) int setup_tests(void) { - static const char rnd_seed[] = - "If not seeded, BN_generate_prime might fail"; int n = test_get_argument_count(); - RAND_seed(rnd_seed, sizeof(rnd_seed)); if (!TEST_ptr(ctx = BN_CTX_new())) return 0; diff --git a/test/build.info b/test/build.info index db34a5fbe7..34d72d74b0 100644 --- a/test/build.info +++ b/test/build.info @@ -32,7 +32,7 @@ INCLUDE_MAIN___test_libtestutil_OLB = /INCLUDE=MAIN hmactest \ rc2test rc4test rc5test \ destest mdc2test \ - randtest dhtest enginetest casttest \ + dhtest enginetest casttest \ bftest ssltest_old dsatest exptest rsa_test \ evp_test evp_extra_test igetest v3nametest v3ext \ crltest danetest bad_dtls_test lhash_test \ @@ -119,10 +119,6 @@ INCLUDE_MAIN___test_libtestutil_OLB = /INCLUDE=MAIN INCLUDE[mdc2test]=../include DEPEND[mdc2test]=../libcrypto libtestutil.a - SOURCE[randtest]=randtest.c - INCLUDE[randtest]=../include - DEPEND[randtest]=../libcrypto libtestutil.a - SOURCE[dhtest]=dhtest.c INCLUDE[dhtest]=.. ../include DEPEND[dhtest]=../libcrypto libtestutil.a diff --git a/test/dhtest.c b/test/dhtest.c index 6403f77b44..595732c673 100644 --- a/test/dhtest.c +++ b/test/dhtest.c @@ -24,9 +24,6 @@ static int cb(int p, int n, BN_GENCB *arg); -static const char rnd_seed[] = - "string to make the random number generator think it has randomness"; - static int dh_test(void) { BN_GENCB *_cb = NULL; @@ -40,8 +37,6 @@ static int dh_test(void) int i, alen, blen, aout, bout; int ret = 0; - RAND_seed(rnd_seed, sizeof rnd_seed); - if (!TEST_ptr(_cb = BN_GENCB_new())) goto err; BN_GENCB_set(_cb, &cb, NULL); diff --git a/test/drbgtest.c b/test/drbgtest.c index 90ed2ef1d1..f28cd48dd1 100644 --- a/test/drbgtest.c +++ b/test/drbgtest.c @@ -92,18 +92,18 @@ typedef struct drbg_selftest_data_st { make_drbg_test_data(nid, RAND_DRBG_FLAG_CTR_USE_DF, pr, p) static DRBG_SELFTEST_DATA drbg_test[] = { - make_drbg_test_data_df(NID_aes_128_ctr, aes_128_use_df, 0), - make_drbg_test_data_df(NID_aes_192_ctr, aes_192_use_df, 0), - make_drbg_test_data_df(NID_aes_256_ctr, aes_256_use_df, 1), make_drbg_test_data (NID_aes_128_ctr, 0, aes_128_no_df, 0), make_drbg_test_data (NID_aes_192_ctr, 0, aes_192_no_df, 0), make_drbg_test_data (NID_aes_256_ctr, 0, aes_256_no_df, 1), + make_drbg_test_data_df(NID_aes_128_ctr, aes_128_use_df, 0), + make_drbg_test_data_df(NID_aes_192_ctr, aes_192_use_df, 0), + make_drbg_test_data_df(NID_aes_256_ctr, aes_256_use_df, 1), }; static int app_data_index; /* - * Test context data, attached as appdata to the DRBG_CTX + * Test context data, attached as EXDATA to the RAND_DRBG */ typedef struct test_ctx_st { const unsigned char *ent; @@ -114,29 +114,29 @@ typedef struct test_ctx_st { int noncecnt; } TEST_CTX; -static size_t kat_entropy(DRBG_CTX *dctx, unsigned char **pout, +static size_t kat_entropy(RAND_DRBG *drbg, unsigned char **pout, int entropy, size_t min_len, size_t max_len) { - TEST_CTX *t = (TEST_CTX *)RAND_DRBG_get_ex_data(dctx, app_data_index); + TEST_CTX *t = (TEST_CTX *)RAND_DRBG_get_ex_data(drbg, app_data_index); t->entcnt++; *pout = (unsigned char *)t->ent; return t->entlen; } -static size_t kat_nonce(DRBG_CTX *dctx, unsigned char **pout, +static size_t kat_nonce(RAND_DRBG *drbg, unsigned char **pout, int entropy, size_t min_len, size_t max_len) { - TEST_CTX *t = (TEST_CTX *)RAND_DRBG_get_ex_data(dctx, app_data_index); + TEST_CTX *t = (TEST_CTX *)RAND_DRBG_get_ex_data(drbg, app_data_index); t->noncecnt++; *pout = (unsigned char *)t->nonce; return t->noncelen; } -static int uninstantiate(DRBG_CTX *dctx) +static int uninstantiate(RAND_DRBG *drbg) { - int ret = dctx == NULL ? 1 : RAND_DRBG_uninstantiate(dctx); + int ret = drbg == NULL ? 1 : RAND_DRBG_uninstantiate(drbg); ERR_clear_error(); return ret; @@ -147,7 +147,7 @@ static int uninstantiate(DRBG_CTX *dctx) */ static int single_kat(DRBG_SELFTEST_DATA *td) { - DRBG_CTX *dctx = NULL; + RAND_DRBG *drbg = NULL; TEST_CTX t; int failures = 0; unsigned char buff[1024]; @@ -156,9 +156,9 @@ static int single_kat(DRBG_SELFTEST_DATA *td) * Test without PR: Instantiate DRBG with test entropy, nonce and * personalisation string. */ - if (!TEST_ptr(dctx = RAND_DRBG_new(td->nid, td->flags, NULL))) + if (!TEST_ptr(drbg = RAND_DRBG_new(td->nid, td->flags, NULL))) return 0; - if (!TEST_true(RAND_DRBG_set_callbacks(dctx, kat_entropy, NULL, + if (!TEST_true(RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL, kat_nonce, NULL))) { failures++; goto err; @@ -168,10 +168,10 @@ static int single_kat(DRBG_SELFTEST_DATA *td) t.entlen = td->entlen; t.nonce = td->nonce; t.noncelen = td->noncelen; - RAND_DRBG_set_ex_data(dctx, app_data_index, &t); + RAND_DRBG_set_ex_data(drbg, app_data_index, &t); - if (!TEST_true(RAND_DRBG_instantiate(dctx, td->pers, td->perslen)) - || !TEST_true(RAND_DRBG_generate(dctx, buff, td->exlen, 0, + if (!TEST_true(RAND_DRBG_instantiate(drbg, td->pers, td->perslen)) + || !TEST_true(RAND_DRBG_generate(drbg, buff, td->exlen, 0, td->adin, td->adinlen)) || !TEST_mem_eq(td->expected, td->exlen, buff, td->exlen)) failures++; @@ -179,29 +179,29 @@ static int single_kat(DRBG_SELFTEST_DATA *td) /* Reseed DRBG with test entropy and additional input */ t.ent = td->entreseed; t.entlen = td->entreseedlen; - if (!TEST_true(RAND_DRBG_reseed(dctx, td->adinreseed, td->adinreseedlen) - || !TEST_true(RAND_DRBG_generate(dctx, buff, td->kat2len, 0, + if (!TEST_true(RAND_DRBG_reseed(drbg, td->adinreseed, td->adinreseedlen) + || !TEST_true(RAND_DRBG_generate(drbg, buff, td->kat2len, 0, td->adin2, td->adin2len)) || !TEST_mem_eq(td->kat2, td->kat2len, buff, td->kat2len))) failures++; - uninstantiate(dctx); + uninstantiate(drbg); /* * Now test with PR: Instantiate DRBG with test entropy, nonce and * personalisation string. */ - if (!TEST_true(RAND_DRBG_set(dctx, td->nid, td->flags)) - || !TEST_true(RAND_DRBG_set_callbacks(dctx, kat_entropy, NULL, + if (!TEST_true(RAND_DRBG_set(drbg, td->nid, td->flags)) + || !TEST_true(RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL, kat_nonce, NULL))) failures++; - RAND_DRBG_set_ex_data(dctx, app_data_index, &t); + RAND_DRBG_set_ex_data(drbg, app_data_index, &t); t.ent = td->ent_pr; t.entlen = td->entlen_pr; t.nonce = td->nonce_pr; t.noncelen = td->noncelen_pr; t.entcnt = 0; t.noncecnt = 0; - if (!TEST_true(RAND_DRBG_instantiate(dctx, td->pers_pr, td->perslen_pr))) + if (!TEST_true(RAND_DRBG_instantiate(drbg, td->pers_pr, td->perslen_pr))) failures++; /* @@ -210,7 +210,7 @@ static int single_kat(DRBG_SELFTEST_DATA *td) */ t.ent = td->entpr_pr; t.entlen = td->entprlen_pr; - if (!TEST_true(RAND_DRBG_generate(dctx, buff, td->katlen_pr, 1, + if (!TEST_true(RAND_DRBG_generate(drbg, buff, td->katlen_pr, 1, td->adin_pr, td->adinlen_pr)) || !TEST_mem_eq(td->kat_pr, td->katlen_pr, buff, td->katlen_pr)) failures++; @@ -221,28 +221,28 @@ static int single_kat(DRBG_SELFTEST_DATA *td) t.ent = td->entg_pr; t.entlen = td->entglen_pr; - if (!TEST_true(RAND_DRBG_generate(dctx, buff, td->kat2len_pr, 1, + if (!TEST_true(RAND_DRBG_generate(drbg, buff, td->kat2len_pr, 1, td->ading_pr, td->adinglen_pr)) || !TEST_mem_eq(td->kat2_pr, td->kat2len_pr, buff, td->kat2len_pr)) failures++; err: - uninstantiate(dctx); - RAND_DRBG_free(dctx); + uninstantiate(drbg); + RAND_DRBG_free(drbg); return failures == 0; } /* * Initialise a DRBG based on selftest data */ -static int init(DRBG_CTX *dctx, DRBG_SELFTEST_DATA *td, TEST_CTX *t) +static int init(RAND_DRBG *drbg, DRBG_SELFTEST_DATA *td, TEST_CTX *t) { - if (!TEST_true(RAND_DRBG_set(dctx, td->nid, td->flags)) - || !TEST_true(RAND_DRBG_set_callbacks(dctx, kat_entropy, NULL, + if (!TEST_true(RAND_DRBG_set(drbg, td->nid, td->flags)) + || !TEST_true(RAND_DRBG_set_callbacks(drbg, kat_entropy, NULL, kat_nonce, NULL))) return 0; - RAND_DRBG_set_ex_data(dctx, app_data_index, t); + RAND_DRBG_set_ex_data(drbg, app_data_index, t); t->ent = td->ent; t->entlen = td->entlen; t->nonce = td->nonce; @@ -255,11 +255,11 @@ static int init(DRBG_CTX *dctx, DRBG_SELFTEST_DATA *td, TEST_CTX *t) /* * Initialise and instantiate DRBG based on selftest data */ -static int instantiate(DRBG_CTX *dctx, DRBG_SELFTEST_DATA *td, +static int instantiate(RAND_DRBG *drbg, DRBG_SELFTEST_DATA *td, TEST_CTX *t) { - if (!TEST_true(init(dctx, td, t)) - || !TEST_true(RAND_DRBG_instantiate(dctx, td->pers, td->perslen))) + if (!TEST_true(init(drbg, td, t)) + || !TEST_true(RAND_DRBG_instantiate(drbg, td->pers, td->perslen))) return 0; return 1; } @@ -270,14 +270,14 @@ static int instantiate(DRBG_CTX *dctx, DRBG_SELFTEST_DATA *td, */ static int error_check(DRBG_SELFTEST_DATA *td) { - static char zero[sizeof(DRBG_CTX)]; - DRBG_CTX *dctx = NULL; + static char zero[sizeof(RAND_DRBG)]; + RAND_DRBG *drbg = NULL; TEST_CTX t; unsigned char buff[1024]; unsigned int reseed_counter_tmp; int ret = 0; - if (!TEST_ptr(dctx = RAND_DRBG_new(0, 0, NULL))) + if (!TEST_ptr(drbg = RAND_DRBG_new(0, 0, NULL))) goto err; /* @@ -285,8 +285,8 @@ static int error_check(DRBG_SELFTEST_DATA *td) */ /* Test detection of too large personlisation string */ - if (!init(dctx, td, &t) - || RAND_DRBG_instantiate(dctx, td->pers, dctx->max_pers + 1) > 0) + if (!init(drbg, td, &t) + || RAND_DRBG_instantiate(drbg, td->pers, drbg->max_pers + 1) > 0) goto err; /* @@ -295,27 +295,27 @@ static int error_check(DRBG_SELFTEST_DATA *td) /* Test entropy source failure detecion: i.e. returns no data */ t.entlen = 0; - if (TEST_int_le(RAND_DRBG_instantiate(dctx, td->pers, td->perslen), 0)) + if (TEST_int_le(RAND_DRBG_instantiate(drbg, td->pers, td->perslen), 0)) goto err; /* Try to generate output from uninstantiated DRBG */ - if (!TEST_false(RAND_DRBG_generate(dctx, buff, td->exlen, 0, + if (!TEST_false(RAND_DRBG_generate(drbg, buff, td->exlen, 0, td->adin, td->adinlen)) - || !uninstantiate(dctx)) + || !uninstantiate(drbg)) goto err; /* Test insufficient entropy */ - t.entlen = dctx->min_entropy - 1; - if (!init(dctx, td, &t) - || RAND_DRBG_instantiate(dctx, td->pers, td->perslen) > 0 - || !uninstantiate(dctx)) + t.entlen = drbg->min_entropy - 1; + if (!init(drbg, td, &t) + || RAND_DRBG_instantiate(drbg, td->pers, td->perslen) > 0 + || !uninstantiate(drbg)) goto err; /* Test too much entropy */ - t.entlen = dctx->max_entropy + 1; - if (!init(dctx, td, &t) - || RAND_DRBG_instantiate(dctx, td->pers, td->perslen) > 0 - || !uninstantiate(dctx)) + t.entlen = drbg->max_entropy + 1; + if (!init(drbg, td, &t) + || RAND_DRBG_instantiate(drbg, td->pers, td->perslen) > 0 + || !uninstantiate(drbg)) goto err; /* @@ -323,37 +323,37 @@ static int error_check(DRBG_SELFTEST_DATA *td) */ /* Test too small nonce */ - if (dctx->min_nonce) { - t.noncelen = dctx->min_nonce - 1; - if (!init(dctx, td, &t) - || RAND_DRBG_instantiate(dctx, td->pers, td->perslen) > 0 - || !uninstantiate(dctx)) + if (drbg->min_nonce) { + t.noncelen = drbg->min_nonce - 1; + if (!init(drbg, td, &t) + || RAND_DRBG_instantiate(drbg, td->pers, td->perslen) > 0 + || !uninstantiate(drbg)) goto err; } /* Test too large nonce */ - if (dctx->max_nonce) { - t.noncelen = dctx->max_nonce + 1; - if (!init(dctx, td, &t) - || RAND_DRBG_instantiate(dctx, td->pers, td->perslen) > 0 - || !uninstantiate(dctx)) + if (drbg->max_nonce) { + t.noncelen = drbg->max_nonce + 1; + if (!init(drbg, td, &t) + || RAND_DRBG_instantiate(drbg, td->pers, td->perslen) > 0 + || !uninstantiate(drbg)) goto err; } /* Instantiate with valid data, Check generation is now OK */ - if (!instantiate(dctx, td, &t) - || !TEST_true(RAND_DRBG_generate(dctx, buff, td->exlen, 0, + if (!instantiate(drbg, td, &t) + || !TEST_true(RAND_DRBG_generate(drbg, buff, td->exlen, 0, td->adin, td->adinlen))) goto err; /* Request too much data for one request */ - if (!TEST_false(RAND_DRBG_generate(dctx, buff, dctx->max_request + 1, 0, + if (!TEST_false(RAND_DRBG_generate(drbg, buff, drbg->max_request + 1, 0, td->adin, td->adinlen))) goto err; /* Try too large additional input */ - if (!TEST_false(RAND_DRBG_generate(dctx, buff, td->exlen, 0, - td->adin, dctx->max_adin + 1))) + if (!TEST_false(RAND_DRBG_generate(drbg, buff, td->exlen, 0, + td->adin, drbg->max_adin + 1))) goto err; /* @@ -361,24 +361,24 @@ static int error_check(DRBG_SELFTEST_DATA *td) * failure. */ t.entlen = 0; - if (TEST_false(RAND_DRBG_generate(dctx, buff, td->exlen, 1, + if (TEST_false(RAND_DRBG_generate(drbg, buff, td->exlen, 1, td->adin, td->adinlen)) - || !uninstantiate(dctx)) + || !uninstantiate(drbg)) goto err; /* Instantiate again with valid data */ - if (!instantiate(dctx, td, &t)) + if (!instantiate(drbg, td, &t)) goto err; - reseed_counter_tmp = dctx->reseed_counter; - dctx->reseed_counter = dctx->reseed_interval; + reseed_counter_tmp = drbg->reseed_counter; + drbg->reseed_counter = drbg->reseed_interval; /* Generate output and check entropy has been requested for reseed */ t.entcnt = 0; - if (!TEST_true(RAND_DRBG_generate(dctx, buff, td->exlen, 0, + if (!TEST_true(RAND_DRBG_generate(drbg, buff, td->exlen, 0, td->adin, td->adinlen)) || !TEST_int_eq(t.entcnt, 1) - || !TEST_int_eq(dctx->reseed_counter, reseed_counter_tmp + 1) - || !uninstantiate(dctx)) + || !TEST_int_eq(drbg->reseed_counter, reseed_counter_tmp + 1) + || !uninstantiate(drbg)) goto err; /* @@ -386,24 +386,24 @@ static int error_check(DRBG_SELFTEST_DATA *td) * failure. */ t.entlen = 0; - if (!TEST_false(RAND_DRBG_generate(dctx, buff, td->exlen, 1, + if (!TEST_false(RAND_DRBG_generate(drbg, buff, td->exlen, 1, td->adin, td->adinlen)) - || !uninstantiate(dctx)) + || !uninstantiate(drbg)) goto err; /* Test reseed counter works */ - if (!instantiate(dctx, td, &t)) + if (!instantiate(drbg, td, &t)) goto err; - reseed_counter_tmp = dctx->reseed_counter; - dctx->reseed_counter = dctx->reseed_interval; + reseed_counter_tmp = drbg->reseed_counter; + drbg->reseed_counter = drbg->reseed_interval; /* Generate output and check entropy has been requested for reseed */ t.entcnt = 0; - if (!TEST_true(RAND_DRBG_generate(dctx, buff, td->exlen, 0, + if (!TEST_true(RAND_DRBG_generate(drbg, buff, td->exlen, 0, td->adin, td->adinlen)) || !TEST_int_eq(t.entcnt, 1) - || !TEST_int_eq(dctx->reseed_counter, reseed_counter_tmp + 1) - || !uninstantiate(dctx)) + || !TEST_int_eq(drbg->reseed_counter, reseed_counter_tmp + 1) + || !uninstantiate(drbg)) goto err; /* @@ -411,41 +411,41 @@ static int error_check(DRBG_SELFTEST_DATA *td) */ /* Test explicit reseed with too large additional input */ - if (!init(dctx, td, &t) - || RAND_DRBG_reseed(dctx, td->adin, dctx->max_adin + 1) > 0) + if (!init(drbg, td, &t) + || RAND_DRBG_reseed(drbg, td->adin, drbg->max_adin + 1) > 0) goto err; /* Test explicit reseed with entropy source failure */ t.entlen = 0; - if (!TEST_int_le(RAND_DRBG_reseed(dctx, td->adin, td->adinlen), 0) - || !uninstantiate(dctx)) + if (!TEST_int_le(RAND_DRBG_reseed(drbg, td->adin, td->adinlen), 0) + || !uninstantiate(drbg)) goto err; /* Test explicit reseed with too much entropy */ - if (!init(dctx, td, &t)) + if (!init(drbg, td, &t)) goto err; - t.entlen = dctx->max_entropy + 1; - if (!TEST_int_le(RAND_DRBG_reseed(dctx, td->adin, td->adinlen), 0) - || !uninstantiate(dctx)) + t.entlen = drbg->max_entropy + 1; + if (!TEST_int_le(RAND_DRBG_reseed(drbg, td->adin, td->adinlen), 0) + || !uninstantiate(drbg)) goto err; /* Test explicit reseed with too little entropy */ - if (!init(dctx, td, &t)) + if (!init(drbg, td, &t)) goto err; - t.entlen = dctx->min_entropy - 1; - if (!TEST_int_le(RAND_DRBG_reseed(dctx, td->adin, td->adinlen), 0) - || !uninstantiate(dctx)) + t.entlen = drbg->min_entropy - 1; + if (!TEST_int_le(RAND_DRBG_reseed(drbg, td->adin, td->adinlen), 0) + || !uninstantiate(drbg)) goto err; /* Standard says we have to check uninstantiate really zeroes */ - if (!TEST_mem_eq(zero, sizeof(dctx->ctr), &dctx->ctr, sizeof(dctx->ctr))) + if (!TEST_mem_eq(zero, sizeof(drbg->ctr), &drbg->ctr, sizeof(drbg->ctr))) goto err; ret = 1; err: - uninstantiate(dctx); - RAND_DRBG_free(dctx); + uninstantiate(drbg); + RAND_DRBG_free(drbg); return ret; } @@ -475,6 +475,19 @@ err: return rv; } +#define RAND_ADD_SIZE 500 + +static int test_rand_add() +{ + char *p; + + if (!TEST_ptr(p = malloc(RAND_ADD_SIZE))) + return 0; + RAND_add(p, RAND_ADD_SIZE, RAND_ADD_SIZE); + free(p); + return 1; +} + int setup_tests(void) { @@ -482,5 +495,6 @@ int setup_tests(void) ADD_ALL_TESTS(test_kats, OSSL_NELEM(drbg_test)); ADD_ALL_TESTS(test_error_checks, OSSL_NELEM(drbg_test)); + ADD_TEST(test_rand_add); return 1; } diff --git a/test/dsatest.c b/test/dsatest.c index 09a49fc369..7c58731df8 100644 --- a/test/dsatest.c +++ b/test/dsatest.c @@ -63,9 +63,6 @@ static unsigned char out_g[] = { static const unsigned char str1[] = "12345678901234567890"; -static const char rnd_seed[] = - "string to make the random number generator think it has randomness"; - static int dsa_test(void) { BN_GENCB *cb; @@ -77,8 +74,6 @@ static int dsa_test(void) unsigned int siglen; const BIGNUM *p = NULL, *q = NULL, *g = NULL; - RAND_seed(rnd_seed, sizeof rnd_seed); - if (!TEST_ptr(cb = BN_GENCB_new())) goto end; diff --git a/test/ecdsatest.c b/test/ecdsatest.c index ed29bc7e22..8bd9e6c4db 100644 --- a/test/ecdsatest.c +++ b/test/ecdsatest.c @@ -28,10 +28,6 @@ # include <openssl/err.h> # include <openssl/rand.h> -static const char rnd_seed[] = - "string to make the random number generator think it has randomness"; - - /* functions to change the RAND_METHOD */ static int fbytes(unsigned char *buf, int num); @@ -401,8 +397,6 @@ int setup_tests(void) #ifdef OPENSSL_NO_EC TEST_note("Elliptic curves are disabled."); #else - /* initialize the prng */ - RAND_seed(rnd_seed, sizeof(rnd_seed)); ADD_TEST(x9_62_tests); ADD_TEST(test_builtin); #endif diff --git a/test/ectest.c b/test/ectest.c index 85bb46212b..fb6027b8e5 100644 --- a/test/ectest.c +++ b/test/ectest.c @@ -1425,9 +1425,6 @@ static int parameter_test(void) ECPARAMETERS_free(ecparameters); return r; } - -static const char rnd_seed[] = - "string to make the random number generator think it has randomness"; #endif int setup_tests(void) @@ -1438,8 +1435,6 @@ int setup_tests(void) || !TEST_true(EC_get_builtin_curves(curves, crv_len))) return 0; - RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_generate_prime may fail */ - ADD_TEST(parameter_test); ADD_TEST(prime_field_tests); # ifndef OPENSSL_NO_EC2M diff --git a/test/randtest.c b/test/randtest.c deleted file mode 100644 index 47d28f471d..0000000000 --- a/test/randtest.c +++ /dev/null @@ -1,110 +0,0 @@ -/* - * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include <openssl/rand.h> -#include "testutil.h" - -/* some FIPS 140-1 random number test */ -/* some simple tests */ - -static int fips_random_tests(void) -{ - unsigned char buf[2500]; - int i, j, k, s, sign, nsign, ret = 1; - unsigned long n1; - unsigned long n2[16]; - unsigned long runs[2][34]; - long d; - - if (!TEST_int_ge(RAND_bytes(buf, sizeof(buf)), 0)) - return 0; - - n1 = 0; - for (i = 0; i < 16; i++) - n2[i] = 0; - for (i = 0; i < 34; i++) - runs[0][i] = runs[1][i] = 0; - - /* test 1 and 2 */ - sign = 0; - nsign = 0; - for (i = 0; i < 2500; i++) { - j = buf[i]; - - n2[j & 0x0f]++; - n2[(j >> 4) & 0x0f]++; - - for (k = 0; k < 8; k++) { - s = (j & 0x01); - if (s == sign) - nsign++; - else { - if (nsign > 34) - nsign = 34; - if (nsign != 0) { - runs[sign][nsign - 1]++; - if (nsign > 6) - runs[sign][5]++; - } - sign = s; - nsign = 1; - } - - if (s) - n1++; - j >>= 1; - } - } - if (nsign > 34) - nsign = 34; - if (nsign != 0) - runs[sign][nsign - 1]++; - - /* test 1 */ - if (!TEST_true(9654 < n1 && n1 < 10346)) { - TEST_info("test 1 failed, X=%lu", n1); - ret = 0; - } - - /* test 2 */ - d = 0; - for (i = 0; i < 16; i++) - d += n2[i] * n2[i]; - d = (d * 8) / 25 - 500000; - if (!TEST_true(103 < d && d < 5740)) { - TEST_info("test 2 failed, X=%ld.%02ld", d / 100L, d % 100L); - ret = 0; - } - - /* test 3 */ - for (i = 0; i < 2; i++) { - if (!TEST_true(2267 < runs[i][0] && runs[i][0] < 2733) - || !TEST_true(1079 < runs[i][1] && runs[i][1] < 1421) - || !TEST_true(502 < runs[i][2] && runs[i][2] < 748) - || !TEST_true(223 < runs[i][3] && runs[i][3] < 402) - || !TEST_true(90 < runs[i][4] && runs[i][4] < 223) - || !TEST_true(90 < runs[i][5] && runs[i][5] < 223)) { - TEST_info("During run %d", i); - ret = 0; - } - } - - /* test 4 */ - if (!TEST_int_eq(runs[0][33], 0) - || !TEST_int_eq(runs[1][33], 0)) - ret = 0; - - return ret; -} - -int setup_tests(void) -{ - ADD_TEST(fips_random_tests); - return 1; -} diff --git a/test/recipes/05-test_rand.t b/test/recipes/05-test_rand.t index 64840dbe1d..69c92ffe37 100644 --- a/test/recipes/05-test_rand.t +++ b/test/recipes/05-test_rand.t @@ -10,8 +10,7 @@ use strict; use warnings; use OpenSSL::Test; -plan tests => 2; +plan tests => 1; setup("test_rand"); -ok(run(test(["randtest"]))); ok(run(test(["drbgtest"]))); diff --git a/test/ssltest_old.c b/test/ssltest_old.c index 7cfddd2ace..37e980d38f 100644 --- a/test/ssltest_old.c +++ b/test/ssltest_old.c @@ -613,8 +613,6 @@ static int custom_ext_3_srv_add_cb(SSL *s, unsigned int ext_type, static char *cipher = NULL; static int verbose = 0; static int debug = 0; -static const char rnd_seed[] = - "string to make the random number generator think it has randomness"; int doit_localhost(SSL *s_ssl, SSL *c_ssl, int family, long bytes, clock_t *s_time, clock_t *c_time); @@ -928,8 +926,6 @@ int main(int argc, char *argv[]) CRYPTO_set_mem_debug(1); CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); - RAND_seed(rnd_seed, sizeof rnd_seed); - bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT); s_cctx = SSL_CONF_CTX_new(); |