fips_randtest.c 9.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245
  1. /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  2. * All rights reserved.
  3. *
  4. * This package is an SSL implementation written
  5. * by Eric Young (eay@cryptsoft.com).
  6. * The implementation was written so as to conform with Netscapes SSL.
  7. *
  8. * This library is free for commercial and non-commercial use as long as
  9. * the following conditions are aheared to. The following conditions
  10. * apply to all code found in this distribution, be it the RC4, RSA,
  11. * lhash, DES, etc., code; not just the SSL code. The SSL documentation
  12. * included with this distribution is covered by the same copyright terms
  13. * except that the holder is Tim Hudson (tjh@cryptsoft.com).
  14. *
  15. * Copyright remains Eric Young's, and as such any Copyright notices in
  16. * the code are not to be removed.
  17. * If this package is used in a product, Eric Young should be given attribution
  18. * as the author of the parts of the library used.
  19. * This can be in the form of a textual message at program startup or
  20. * in documentation (online or textual) provided with the package.
  21. *
  22. * Redistribution and use in source and binary forms, with or without
  23. * modification, are permitted provided that the following conditions
  24. * are met:
  25. * 1. Redistributions of source code must retain the copyright
  26. * notice, this list of conditions and the following disclaimer.
  27. * 2. Redistributions in binary form must reproduce the above copyright
  28. * notice, this list of conditions and the following disclaimer in the
  29. * documentation and/or other materials provided with the distribution.
  30. * 3. All advertising materials mentioning features or use of this software
  31. * must display the following acknowledgement:
  32. * "This product includes cryptographic software written by
  33. * Eric Young (eay@cryptsoft.com)"
  34. * The word 'cryptographic' can be left out if the rouines from the library
  35. * being used are not cryptographic related :-).
  36. * 4. If you include any Windows specific code (or a derivative thereof) from
  37. * the apps directory (application code) you must include an acknowledgement:
  38. * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
  39. *
  40. * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  41. * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  42. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  43. * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  44. * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  45. * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  46. * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  47. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  48. * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  49. * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  50. * SUCH DAMAGE.
  51. *
  52. * The licence and distribution terms for any publically available version or
  53. * derivative of this code cannot be changed. i.e. this code cannot simply be
  54. * copied and put under another distribution licence
  55. * [including the GNU Public Licence.]
  56. */
  57. /* ====================================================================
  58. * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
  59. *
  60. * Redistribution and use in source and binary forms, with or without
  61. * modification, are permitted provided that the following conditions
  62. * are met:
  63. *
  64. * 1. Redistributions of source code must retain the above copyright
  65. * notice, this list of conditions and the following disclaimer.
  66. *
  67. * 2. Redistributions in binary form must reproduce the above copyright
  68. * notice, this list of conditions and the following disclaimer in
  69. * the documentation and/or other materials provided with the
  70. * distribution.
  71. *
  72. * 3. All advertising materials mentioning features or use of this
  73. * software must display the following acknowledgment:
  74. * "This product includes software developed by the OpenSSL Project
  75. * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
  76. *
  77. * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  78. * endorse or promote products derived from this software without
  79. * prior written permission. For written permission, please contact
  80. * openssl-core@openssl.org.
  81. *
  82. * 5. Products derived from this software may not be called "OpenSSL"
  83. * nor may "OpenSSL" appear in their names without prior written
  84. * permission of the OpenSSL Project.
  85. *
  86. * 6. Redistributions of any form whatsoever must retain the following
  87. * acknowledgment:
  88. * "This product includes software developed by the OpenSSL Project
  89. * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
  90. *
  91. * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  92. * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  93. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  94. * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
  95. * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  96. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  97. * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  98. * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  99. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  100. * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  101. * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  102. * OF THE POSSIBILITY OF SUCH DAMAGE.
  103. *
  104. */
  105. #include <stdio.h>
  106. #include <stdlib.h>
  107. #include <string.h>
  108. #include <ctype.h>
  109. #include <openssl/rand.h>
  110. #include <openssl/fips_rand.h>
  111. #include <openssl/err.h>
  112. #include <openssl/bn.h>
  113. #include "e_os.h"
  114. #ifndef OPENSSL_FIPS
  115. int main(int argc, char *argv[])
  116. {
  117. printf("No FIPS RAND support\n");
  118. return (0);
  119. }
  120. #else
  121. # include "fips_utl.h"
  122. typedef struct {
  123. unsigned char DT[16];
  124. unsigned char V[16];
  125. unsigned char R[16];
  126. } AES_PRNG_MCT;
  127. static unsigned char aes_128_mct_key[16] =
  128. { 0x9f, 0x5b, 0x51, 0x20, 0x0b, 0xf3, 0x34, 0xb5,
  129. 0xd8, 0x2b, 0xe8, 0xc3, 0x72, 0x55, 0xc8, 0x48
  130. };
  131. static AES_PRNG_MCT aes_128_mct_tv = {
  132. /* DT */
  133. {0x63, 0x76, 0xbb, 0xe5, 0x29, 0x02, 0xba, 0x3b,
  134. 0x67, 0xc9, 0x25, 0xfa, 0x70, 0x1f, 0x11, 0xac},
  135. /* V */
  136. {0x57, 0x2c, 0x8e, 0x76, 0x87, 0x26, 0x47, 0x97,
  137. 0x7e, 0x74, 0xfb, 0xdd, 0xc4, 0x95, 0x01, 0xd1},
  138. /* R */
  139. {0x48, 0xe9, 0xbd, 0x0d, 0x06, 0xee, 0x18, 0xfb,
  140. 0xe4, 0x57, 0x90, 0xd5, 0xc3, 0xfc, 0x9b, 0x73}
  141. };
  142. static unsigned char aes_192_mct_key[24] =
  143. { 0xb7, 0x6c, 0x34, 0xd1, 0x09, 0x67, 0xab, 0x73,
  144. 0x4d, 0x5a, 0xd5, 0x34, 0x98, 0x16, 0x0b, 0x91,
  145. 0xbc, 0x35, 0x51, 0x16, 0x6b, 0xae, 0x93, 0x8a
  146. };
  147. static AES_PRNG_MCT aes_192_mct_tv = {
  148. /* DT */
  149. {0x84, 0xce, 0x22, 0x7d, 0x91, 0x5a, 0xa3, 0xc9,
  150. 0x84, 0x3c, 0x0a, 0xb3, 0xa9, 0x63, 0x15, 0x52},
  151. /* V */
  152. {0xb6, 0xaf, 0xe6, 0x8f, 0x99, 0x9e, 0x90, 0x64,
  153. 0xdd, 0xc7, 0x7a, 0xc1, 0xbb, 0x90, 0x3a, 0x6d},
  154. /* R */
  155. {0xfc, 0x85, 0x60, 0x9a, 0x29, 0x6f, 0xef, 0x21,
  156. 0xdd, 0x86, 0x20, 0x32, 0x8a, 0x29, 0x6f, 0x47}
  157. };
  158. static unsigned char aes_256_mct_key[32] =
  159. { 0x9b, 0x05, 0xc8, 0x68, 0xff, 0x47, 0xf8, 0x3a,
  160. 0xa6, 0x3a, 0xa8, 0xcb, 0x4e, 0x71, 0xb2, 0xe0,
  161. 0xb8, 0x7e, 0xf1, 0x37, 0xb6, 0xb4, 0xf6, 0x6d,
  162. 0x86, 0x32, 0xfc, 0x1f, 0x5e, 0x1d, 0x1e, 0x50
  163. };
  164. static AES_PRNG_MCT aes_256_mct_tv = {
  165. /* DT */
  166. {0x31, 0x6e, 0x35, 0x9a, 0xb1, 0x44, 0xf0, 0xee,
  167. 0x62, 0x6d, 0x04, 0x46, 0xe0, 0xa3, 0x92, 0x4c},
  168. /* V */
  169. {0x4f, 0xcd, 0xc1, 0x87, 0x82, 0x1f, 0x4d, 0xa1,
  170. 0x3e, 0x0e, 0x56, 0x44, 0x59, 0xe8, 0x83, 0xca},
  171. /* R */
  172. {0xc8, 0x87, 0xc2, 0x61, 0x5b, 0xd0, 0xb9, 0xe1,
  173. 0xe7, 0xf3, 0x8b, 0xd7, 0x5b, 0xd5, 0xf1, 0x8d}
  174. };
  175. static void dump(const unsigned char *b, int n)
  176. {
  177. while (n-- > 0) {
  178. printf(" %02x", *b++);
  179. }
  180. }
  181. static void compare(const unsigned char *result,
  182. const unsigned char *expected, int n)
  183. {
  184. int i;
  185. for (i = 0; i < n; ++i)
  186. if (result[i] != expected[i]) {
  187. puts("Random test failed, got:");
  188. dump(result, n);
  189. puts("\n expected:");
  190. dump(expected, n);
  191. putchar('\n');
  192. EXIT(1);
  193. }
  194. }
  195. static void run_test(unsigned char *key, int keylen, AES_PRNG_MCT * tv)
  196. {
  197. unsigned char buf[16], dt[16];
  198. int i, j;
  199. FIPS_rand_reset();
  200. FIPS_rand_test_mode();
  201. FIPS_rand_set_key(key, keylen);
  202. FIPS_rand_seed(tv->V, 16);
  203. memcpy(dt, tv->DT, 16);
  204. for (i = 0; i < 10000; i++) {
  205. FIPS_rand_set_dt(dt);
  206. FIPS_rand_bytes(buf, 16);
  207. /* Increment DT */
  208. for (j = 15; j >= 0; j--) {
  209. dt[j]++;
  210. if (dt[j])
  211. break;
  212. }
  213. }
  214. compare(buf, tv->R, 16);
  215. }
  216. int main()
  217. {
  218. run_test(aes_128_mct_key, 16, &aes_128_mct_tv);
  219. printf("FIPS PRNG test 1 done\n");
  220. run_test(aes_192_mct_key, 24, &aes_192_mct_tv);
  221. printf("FIPS PRNG test 2 done\n");
  222. run_test(aes_256_mct_key, 32, &aes_256_mct_tv);
  223. printf("FIPS PRNG test 3 done\n");
  224. return 0;
  225. }
  226. #endif