fips_randtest.c 8.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254
  1. /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  2. * All rights reserved.
  3. *
  4. * This package is an SSL implementation written
  5. * by Eric Young (eay@cryptsoft.com).
  6. * The implementation was written so as to conform with Netscapes SSL.
  7. *
  8. * This library is free for commercial and non-commercial use as long as
  9. * the following conditions are aheared to. The following conditions
  10. * apply to all code found in this distribution, be it the RC4, RSA,
  11. * lhash, DES, etc., code; not just the SSL code. The SSL documentation
  12. * included with this distribution is covered by the same copyright terms
  13. * except that the holder is Tim Hudson (tjh@cryptsoft.com).
  14. *
  15. * Copyright remains Eric Young's, and as such any Copyright notices in
  16. * the code are not to be removed.
  17. * If this package is used in a product, Eric Young should be given attribution
  18. * as the author of the parts of the library used.
  19. * This can be in the form of a textual message at program startup or
  20. * in documentation (online or textual) provided with the package.
  21. *
  22. * Redistribution and use in source and binary forms, with or without
  23. * modification, are permitted provided that the following conditions
  24. * are met:
  25. * 1. Redistributions of source code must retain the copyright
  26. * notice, this list of conditions and the following disclaimer.
  27. * 2. Redistributions in binary form must reproduce the above copyright
  28. * notice, this list of conditions and the following disclaimer in the
  29. * documentation and/or other materials provided with the distribution.
  30. * 3. All advertising materials mentioning features or use of this software
  31. * must display the following acknowledgement:
  32. * "This product includes cryptographic software written by
  33. * Eric Young (eay@cryptsoft.com)"
  34. * The word 'cryptographic' can be left out if the rouines from the library
  35. * being used are not cryptographic related :-).
  36. * 4. If you include any Windows specific code (or a derivative thereof) from
  37. * the apps directory (application code) you must include an acknowledgement:
  38. * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
  39. *
  40. * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  41. * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  42. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  43. * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  44. * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  45. * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  46. * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  47. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  48. * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  49. * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  50. * SUCH DAMAGE.
  51. *
  52. * The licence and distribution terms for any publically available version or
  53. * derivative of this code cannot be changed. i.e. this code cannot simply be
  54. * copied and put under another distribution licence
  55. * [including the GNU Public Licence.]
  56. */
  57. /* ====================================================================
  58. * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
  59. *
  60. * Redistribution and use in source and binary forms, with or without
  61. * modification, are permitted provided that the following conditions
  62. * are met:
  63. *
  64. * 1. Redistributions of source code must retain the above copyright
  65. * notice, this list of conditions and the following disclaimer.
  66. *
  67. * 2. Redistributions in binary form must reproduce the above copyright
  68. * notice, this list of conditions and the following disclaimer in
  69. * the documentation and/or other materials provided with the
  70. * distribution.
  71. *
  72. * 3. All advertising materials mentioning features or use of this
  73. * software must display the following acknowledgment:
  74. * "This product includes software developed by the OpenSSL Project
  75. * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
  76. *
  77. * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  78. * endorse or promote products derived from this software without
  79. * prior written permission. For written permission, please contact
  80. * openssl-core@openssl.org.
  81. *
  82. * 5. Products derived from this software may not be called "OpenSSL"
  83. * nor may "OpenSSL" appear in their names without prior written
  84. * permission of the OpenSSL Project.
  85. *
  86. * 6. Redistributions of any form whatsoever must retain the following
  87. * acknowledgment:
  88. * "This product includes software developed by the OpenSSL Project
  89. * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
  90. *
  91. * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  92. * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  93. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  94. * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
  95. * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  96. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  97. * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  98. * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  99. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  100. * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  101. * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  102. * OF THE POSSIBILITY OF SUCH DAMAGE.
  103. *
  104. */
  105. #define OPENSSL_FIPSAPI
  106. #include <stdio.h>
  107. #include <stdlib.h>
  108. #include <string.h>
  109. #include <ctype.h>
  110. #include <openssl/rand.h>
  111. #include <openssl/fips_rand.h>
  112. #include <openssl/err.h>
  113. #include <openssl/bn.h>
  114. #include "e_os.h"
  115. #ifndef OPENSSL_FIPS
  116. int main(int argc, char *argv[])
  117. {
  118. printf("No FIPS RAND support\n");
  119. return(0);
  120. }
  121. #else
  122. #define OPENSSL_FIPSAPI
  123. #include "fips_utl.h"
  124. #include <openssl/fips.h>
  125. typedef struct
  126. {
  127. unsigned char DT[16];
  128. unsigned char V[16];
  129. unsigned char R[16];
  130. } AES_PRNG_MCT;
  131. static unsigned char aes_128_mct_key[16] =
  132. {0x9f,0x5b,0x51,0x20,0x0b,0xf3,0x34,0xb5,
  133. 0xd8,0x2b,0xe8,0xc3,0x72,0x55,0xc8,0x48};
  134. static AES_PRNG_MCT aes_128_mct_tv = {
  135. /* DT */
  136. {0x63,0x76,0xbb,0xe5,0x29,0x02,0xba,0x3b,
  137. 0x67,0xc9,0x25,0xfa,0x70,0x1f,0x11,0xac},
  138. /* V */
  139. {0x57,0x2c,0x8e,0x76,0x87,0x26,0x47,0x97,
  140. 0x7e,0x74,0xfb,0xdd,0xc4,0x95,0x01,0xd1},
  141. /* R */
  142. {0x48,0xe9,0xbd,0x0d,0x06,0xee,0x18,0xfb,
  143. 0xe4,0x57,0x90,0xd5,0xc3,0xfc,0x9b,0x73}
  144. };
  145. static unsigned char aes_192_mct_key[24] =
  146. {0xb7,0x6c,0x34,0xd1,0x09,0x67,0xab,0x73,
  147. 0x4d,0x5a,0xd5,0x34,0x98,0x16,0x0b,0x91,
  148. 0xbc,0x35,0x51,0x16,0x6b,0xae,0x93,0x8a};
  149. static AES_PRNG_MCT aes_192_mct_tv = {
  150. /* DT */
  151. {0x84,0xce,0x22,0x7d,0x91,0x5a,0xa3,0xc9,
  152. 0x84,0x3c,0x0a,0xb3,0xa9,0x63,0x15,0x52},
  153. /* V */
  154. {0xb6,0xaf,0xe6,0x8f,0x99,0x9e,0x90,0x64,
  155. 0xdd,0xc7,0x7a,0xc1,0xbb,0x90,0x3a,0x6d},
  156. /* R */
  157. {0xfc,0x85,0x60,0x9a,0x29,0x6f,0xef,0x21,
  158. 0xdd,0x86,0x20,0x32,0x8a,0x29,0x6f,0x47}
  159. };
  160. static unsigned char aes_256_mct_key[32] =
  161. {0x9b,0x05,0xc8,0x68,0xff,0x47,0xf8,0x3a,
  162. 0xa6,0x3a,0xa8,0xcb,0x4e,0x71,0xb2,0xe0,
  163. 0xb8,0x7e,0xf1,0x37,0xb6,0xb4,0xf6,0x6d,
  164. 0x86,0x32,0xfc,0x1f,0x5e,0x1d,0x1e,0x50};
  165. static AES_PRNG_MCT aes_256_mct_tv = {
  166. /* DT */
  167. {0x31,0x6e,0x35,0x9a,0xb1,0x44,0xf0,0xee,
  168. 0x62,0x6d,0x04,0x46,0xe0,0xa3,0x92,0x4c},
  169. /* V */
  170. {0x4f,0xcd,0xc1,0x87,0x82,0x1f,0x4d,0xa1,
  171. 0x3e,0x0e,0x56,0x44,0x59,0xe8,0x83,0xca},
  172. /* R */
  173. {0xc8,0x87,0xc2,0x61,0x5b,0xd0,0xb9,0xe1,
  174. 0xe7,0xf3,0x8b,0xd7,0x5b,0xd5,0xf1,0x8d}
  175. };
  176. static void dump(const unsigned char *b,int n)
  177. {
  178. while(n-- > 0)
  179. {
  180. printf(" %02x",*b++);
  181. }
  182. }
  183. static void compare(const unsigned char *result,const unsigned char *expected,
  184. int n)
  185. {
  186. int i;
  187. for(i=0 ; i < n ; ++i)
  188. if(result[i] != expected[i])
  189. {
  190. puts("Random test failed, got:");
  191. dump(result,n);
  192. puts("\n expected:");
  193. dump(expected,n);
  194. putchar('\n');
  195. EXIT(1);
  196. }
  197. }
  198. static void run_test(unsigned char *key, int keylen, AES_PRNG_MCT *tv)
  199. {
  200. unsigned char buf[16], dt[16];
  201. int i, j;
  202. FIPS_x931_reset();
  203. FIPS_x931_test_mode();
  204. FIPS_x931_set_key(key, keylen);
  205. FIPS_x931_seed(tv->V, 16);
  206. memcpy(dt, tv->DT, 16);
  207. for (i = 0; i < 10000; i++)
  208. {
  209. FIPS_x931_set_dt(dt);
  210. FIPS_x931_bytes(buf, 16);
  211. /* Increment DT */
  212. for (j = 15; j >= 0; j--)
  213. {
  214. dt[j]++;
  215. if (dt[j])
  216. break;
  217. }
  218. }
  219. compare(buf,tv->R, 16);
  220. }
  221. int main()
  222. {
  223. fips_algtest_init();
  224. run_test(aes_128_mct_key, 16, &aes_128_mct_tv);
  225. printf("FIPS PRNG test 1 done\n");
  226. run_test(aes_192_mct_key, 24, &aes_192_mct_tv);
  227. printf("FIPS PRNG test 2 done\n");
  228. run_test(aes_256_mct_key, 32, &aes_256_mct_tv);
  229. printf("FIPS PRNG test 3 done\n");
  230. return 0;
  231. }
  232. #endif