/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* lib/crypto/krb/t_fortuna.c - Fortuna test program */ /* * Copyright (c) 2007 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * 3. Neither the name of the Institute nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ /* * Copyright (C) 2011 by the Massachusetts Institute of Technology. * All rights reserved. * * Export of this software from the United States of America may * require a specific license from the United States Government. * It is the responsibility of any person or organization contemplating * export to obtain such a license before exporting. * * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and * distribute this software and its documentation for any purpose and * without fee is hereby granted, provided that the above copyright * notice appear in all copies and that both that copyright notice and * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior * permission. Furthermore if you modify this software you must label * your software as modified software and not distribute it in such a * fashion that it might be confused with the original M.I.T. software. * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ #include "k5-int.h" #ifdef FORTUNA /* Include most of prng_fortuna.c so we can test the PRNG internals. */ #define TEST #include "prng_fortuna.c" static void display(const unsigned char *data, size_t len) { size_t i; for (i = 0; i < len; i++) printf("%02X", data[i]); printf("\n"); } /* * Generate data from st with its current internal state and check for * significant bias in each bit of the resulting bytes. This test would have a * small chance of failure on random inputs, but we have a predictable state * after all the other tests have been run, so it will never fail if the PRNG * operates the way we expect. */ static void head_tail_test(struct fortuna_state *st) { static unsigned char buffer[1024 * 1024]; unsigned char c; int i, len = sizeof(buffer); int bit, bits[8] = { 0, 0, 0, 0, 0, 0, 0, 0 }; double res; memset(buffer, 0, len); generator_output(st, buffer, len); for (i = 0; i < len; i++) { c = buffer[i]; for (bit = 0; bit < 8 && c; bit++) { if (c & 1) bits[bit]++; c = c >> 1; } } for (bit = 0; bit < 8; bit++) { res = ((double)abs(len - bits[bit] * 2)) / (double)len; if (res > 0.005){ fprintf(stderr, "Bit %d: %d zero, %d one exceeds 0.5%% variance (%f)\n", bit, (int)len - bits[bit], bits[bit], res); exit(1); } } } int main(int argc, char **argv) { struct fortuna_state test_state; struct fortuna_state *st = &test_state; static unsigned char buf[2 * 1024 * 1024]; unsigned int i; /* Seed the generator with a known state. */ init_state(&test_state); generator_reseed(st, (unsigned char *)"test", 4); /* Generate two pieces of output; key should change for each request. */ generator_output(st, buf, 32); display(buf, 32); generator_output(st, buf, 32); display(buf, 32); /* Generate a lot of output to test key changes during request. */ generator_output(st, buf, sizeof(buf)); display(buf, 32); display(buf + sizeof(buf) - 32, 32); /* Reseed the generator and generate more output. */ generator_reseed(st, (unsigned char *)"retest", 6); generator_output(st, buf, 32); display(buf, 32); /* Add sample data to accumulator pools. */ for (i = 0; i < 44; i++) { store_32_be(i, buf); accumulator_add_event(st, buf, 4); } assert(st->pool_index == 12); assert(st->pool0_bytes == 8); /* Exercise accumulator reseeds. */ accumulator_reseed(st); generator_output(st, buf, 32); display(buf, 32); accumulator_reseed(st); generator_output(st, buf, 32); display(buf, 32); accumulator_reseed(st); generator_output(st, buf, 32); display(buf, 32); for (i = 0; i < 1000; i++) accumulator_reseed(st); assert(st->reseed_count == 1003); generator_output(st, buf, 32); display(buf, 32); head_tail_test(st); return 0; } #else /* FORTUNA */ int main() { return 0; } #endif /* FORTUNA */