fips/rand/fips_rngvs.c

   1 /*
   2  * Crude test driver for processing the VST and MCT testvector files
   3  * generated by the CMVP RNGVS product.
   4  *
   5  * Note the input files are assumed to have a _very_ specific format
   6  * as described in the NIST document "The Random Number Generator
   7  * Validation System (RNGVS)", May 25, 2004.
   8  *
   9  */
  10
  11 #define OPENSSL_FIPSAPI
  12
  13 #include <openssl/opensslconf.h>
  14
  15 #ifndef OPENSSL_FIPS
  16 #include <stdio.h>
  17
  18 int main(int argc, char **argv)
  19 {
  20     printf("No FIPS RNG support\n");
  21     return 0;
  22 }
  23 #else
  24
  25 #include <openssl/bn.h>
  26 #include <openssl/dsa.h>
  27 #include <openssl/fips.h>
  28 #include <openssl/err.h>
  29 #include <openssl/rand.h>
  30 #include <openssl/fips_rand.h>
  31 #include <openssl/x509v3.h>
  32 #include <string.h>
  33 #include <ctype.h>
  34
  35 #include "fips_utl.h"
  36
  37 static void vst()
  38     {
  39     unsigned char *key = NULL;
  40     unsigned char *v = NULL;
  41     unsigned char *dt = NULL;
  42     unsigned char ret[16];
  43     char buf[1024];
  44     char lbuf[1024];
  45     char *keyword, *value;
  46     long i, keylen;
  47
  48     keylen = 0;
  49
  50     while(fgets(buf,sizeof buf,stdin) != NULL)
  51         {
  52         fputs(buf,stdout);
  53         if(!strncmp(buf,"[AES 128-Key]", 13))
  54                 keylen = 16;
  55         else if(!strncmp(buf,"[AES 192-Key]", 13))
  56                 keylen = 24;
  57         else if(!strncmp(buf,"[AES 256-Key]", 13))
  58                 keylen = 32;
  59         if (!parse_line(&keyword, &value, lbuf, buf))
  60                 continue;
  61         if(!strcmp(keyword,"Key"))
  62             {
  63             key=hex2bin_m(value,&i);
  64             if (i != keylen)
  65                 {
  66                 fprintf(stderr, "Invalid key length, expecting %ld\n", keylen);
  67                 return;
  68                 }
  69             }
  70         else if(!strcmp(keyword,"DT"))
  71             {
  72             dt=hex2bin_m(value,&i);
  73             if (i != 16)
  74                 {
  75                 fprintf(stderr, "Invalid DT length\n");
  76                 return;
  77                 }
  78             }
  79         else if(!strcmp(keyword,"V"))
  80             {
  81             v=hex2bin_m(value,&i);
  82             if (i != 16)
  83                 {
  84                 fprintf(stderr, "Invalid V length\n");
  85                 return;
  86                 }
  87
  88             if (!key || !dt)
  89                 {
  90                 fprintf(stderr, "Missing key or DT\n");
  91                 return;
  92                 }
  93
  94             FIPS_rand_set_key(key, keylen);
  95             FIPS_rand_seed(v,16);
  96             FIPS_rand_set_dt(dt);
  97             if (FIPS_rand_bytes(ret,16) <= 0)
  98                 {
  99                 fprintf(stderr, "Error getting PRNG value\n");
 100                 return;
 101                 }
 102
 103             pv("R",ret,16);
 104             OPENSSL_free(key);
 105             key = NULL;
 106             OPENSSL_free(dt);
 107             dt = NULL;
 108             OPENSSL_free(v);
 109             v = NULL;
 110             }
 111         }
 112     }
 113
 114 static void mct()
 115     {
 116     unsigned char *key = NULL;
 117     unsigned char *v = NULL;
 118     unsigned char *dt = NULL;
 119     unsigned char ret[16];
 120     char buf[1024];
 121     char lbuf[1024];
 122     char *keyword, *value;
 123     long i, keylen;
 124     int j;
 125
 126     keylen = 0;
 127
 128     while(fgets(buf,sizeof buf,stdin) != NULL)
 129         {
 130         fputs(buf,stdout);
 131         if(!strncmp(buf,"[AES 128-Key]", 13))
 132                 keylen = 16;
 133         else if(!strncmp(buf,"[AES 192-Key]", 13))
 134                 keylen = 24;
 135         else if(!strncmp(buf,"[AES 256-Key]", 13))
 136                 keylen = 32;
 137         if (!parse_line(&keyword, &value, lbuf, buf))
 138                 continue;
 139         if(!strcmp(keyword,"Key"))
 140             {
 141             key=hex2bin_m(value,&i);
 142             if (i != keylen)
 143                 {
 144                 fprintf(stderr, "Invalid key length, expecting %ld\n", keylen);
 145                 return;
 146                 }
 147             }
 148         else if(!strcmp(keyword,"DT"))
 149             {
 150             dt=hex2bin_m(value,&i);
 151             if (i != 16)
 152                 {
 153                 fprintf(stderr, "Invalid DT length\n");
 154                 return;
 155                 }
 156             }
 157         else if(!strcmp(keyword,"V"))
 158             {
 159             v=hex2bin_m(value,&i);
 160             if (i != 16)
 161                 {
 162                 fprintf(stderr, "Invalid V length\n");
 163                 return;
 164                 }
 165
 166             if (!key || !dt)
 167                 {
 168                 fprintf(stderr, "Missing key or DT\n");
 169                 return;
 170                 }
 171
 172             FIPS_rand_set_key(key, keylen);
 173             FIPS_rand_seed(v,16);
 174             for (i = 0; i < 10000; i++)
 175                 {
 176                     FIPS_rand_set_dt(dt);
 177                     if (FIPS_rand_bytes(ret,16) <= 0)
 178                         {
 179                         fprintf(stderr, "Error getting PRNG value\n");
 180                         return;
 181                         }
 182                     /* Increment DT */
 183                     for (j = 15; j >= 0; j--)
 184                         {
 185                         dt[j]++;
 186                         if (dt[j])
 187                                 break;
 188                         }
 189                 }
 190
 191             pv("R",ret,16);
 192             OPENSSL_free(key);
 193             key = NULL;
 194             OPENSSL_free(dt);
 195             dt = NULL;
 196             OPENSSL_free(v);
 197             v = NULL;
 198             }
 199         }
 200     }
 201
 202 int main(int argc,char **argv)
 203     {
 204     if(argc != 2)
 205         {
 206         fprintf(stderr,"%s [mct|vst]\n",argv[0]);
 207         exit(1);
 208         }
 209     fips_set_error_print();
 210     if(!FIPS_mode_set(1))
 211         exit(1);
 212     FIPS_rand_reset();
 213     if (!FIPS_rand_test_mode())
 214         {
 215         fprintf(stderr, "Error setting PRNG test mode\n");
 216         exit(1);
 217         }
 218     if(!strcmp(argv[1],"mct"))
 219         mct();
 220     else if(!strcmp(argv[1],"vst"))
 221         vst();
 222     else
 223         {
 224         fprintf(stderr,"Don't know how to %s.\n",argv[1]);
 225         exit(1);
 226         }
 227
 228     return 0;
 229     }
 230 #endif