/*
* Copyright 2011-2018 The OpenSSL Project Authors. All Rights Reserved.
*
- * Licensed under the OpenSSL license (the "License"). You may not use
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
* 1: it is expected that the specified DRBG is reseeded
* 0: it is expected that the specified DRBG is not reseeded
* -1: don't check whether the specified DRBG was reseeded or not
+ * |reseed_time|: if nonzero, used instead of time(NULL) to set the
+ * |before_reseed| time.
*/
static int test_drbg_reseed(int expect_success,
RAND_DRBG *master,
RAND_DRBG *private,
int expect_master_reseed,
int expect_public_reseed,
- int expect_private_reseed
+ int expect_private_reseed,
+ time_t reseed_time
)
{
unsigned char buf[32];
* step 2: generate random output
*/
+ if (reseed_time == 0)
+ reseed_time = time(NULL);
+
/* Generate random output from the public and private DRBG */
- before_reseed = expect_master_reseed == 1 ? time(NULL) : 0;
+ before_reseed = expect_master_reseed == 1 ? reseed_time : 0;
if (!TEST_int_eq(RAND_bytes(buf, sizeof(buf)), expect_success)
|| !TEST_int_eq(RAND_priv_bytes(buf, sizeof(buf)), expect_success))
return 0;
RAND_DRBG *master, *public, *private;
unsigned char rand_add_buf[256];
int rv=0;
+ time_t before_reseed;
/* Check whether RAND_OpenSSL() is the default method */
if (!TEST_ptr_eq(RAND_get_rand_method(), RAND_OpenSSL()))
/*
* Test initial seeding of shared DRBGs
*/
- if (!TEST_true(test_drbg_reseed(1, master, public, private, 1, 1, 1)))
+ if (!TEST_true(test_drbg_reseed(1, master, public, private, 1, 1, 1, 0)))
goto error;
reset_drbg_hook_ctx();
/*
* Test initial state of shared DRBGs
*/
- if (!TEST_true(test_drbg_reseed(1, master, public, private, 0, 0, 0)))
+ if (!TEST_true(test_drbg_reseed(1, master, public, private, 0, 0, 0, 0)))
goto error;
reset_drbg_hook_ctx();
* reseed counters differ from the master's reseed counter.
*/
master->reseed_prop_counter++;
- if (!TEST_true(test_drbg_reseed(1, master, public, private, 0, 1, 1)))
+ if (!TEST_true(test_drbg_reseed(1, master, public, private, 0, 1, 1, 0)))
goto error;
reset_drbg_hook_ctx();
*/
master->reseed_prop_counter++;
private->reseed_prop_counter++;
- if (!TEST_true(test_drbg_reseed(1, master, public, private, 0, 1, 0)))
+ if (!TEST_true(test_drbg_reseed(1, master, public, private, 0, 1, 0, 0)))
goto error;
reset_drbg_hook_ctx();
*/
master->reseed_prop_counter++;
public->reseed_prop_counter++;
- if (!TEST_true(test_drbg_reseed(1, master, public, private, 0, 0, 1)))
+ if (!TEST_true(test_drbg_reseed(1, master, public, private, 0, 0, 1, 0)))
goto error;
reset_drbg_hook_ctx();
memset(rand_add_buf, 'r', sizeof(rand_add_buf));
/*
- * Test whether all three DRBGs are reseeded by RAND_add()
+ * Test whether all three DRBGs are reseeded by RAND_add().
+ * The before_reseed time has to be measured here and passed into the
+ * test_drbg_reseed() test, because the master DRBG gets already reseeded
+ * in RAND_add(), whence the check for the condition
+ * before_reseed <= master->reseed_time will fail if the time value happens
+ * to increase between the RAND_add() and the test_drbg_reseed() call.
*/
+ before_reseed = time(NULL);
RAND_add(rand_add_buf, sizeof(rand_add_buf), sizeof(rand_add_buf));
- if (!TEST_true(test_drbg_reseed(1, master, public, private, 1, 1, 1)))
+ if (!TEST_true(test_drbg_reseed(1, master, public, private, 1, 1, 1,
+ before_reseed)))
goto error;
reset_drbg_hook_ctx();
master_ctx.fail = 1;
master->reseed_prop_counter++;
RAND_add(rand_add_buf, sizeof(rand_add_buf), sizeof(rand_add_buf));
- if (!TEST_true(test_drbg_reseed(0, master, public, private, 0, 0, 0)))
+ if (!TEST_true(test_drbg_reseed(0, master, public, private, 0, 0, 0, 0)))
goto error;
reset_drbg_hook_ctx();
{
unsigned char buf[256];
time_t start = time(NULL);
- RAND_DRBG *public, *private;
+ RAND_DRBG *public = NULL, *private = NULL;
- public = RAND_DRBG_get0_public();
- private = RAND_DRBG_get0_private();
- RAND_DRBG_set_reseed_time_interval(public, 1);
+ if (!TEST_ptr(public = RAND_DRBG_get0_public())
+ || !TEST_ptr(private = RAND_DRBG_get0_private())) {
+ multi_thread_rand_bytes_succeeded = 0;
+ return;
+ }
RAND_DRBG_set_reseed_time_interval(private, 1);
+ RAND_DRBG_set_reseed_time_interval(public, 1);
do {
if (RAND_bytes(buf, sizeof(buf)) <= 0)
}
#endif
-#ifdef OPENSSL_RAND_SEED_NONE
-/*
- * Calculates the minimum buffer length which needs to be
- * provided to RAND_seed() in order to successfully
- * instantiate the DRBG.
- *
- * Copied from rand_drbg_seedlen() in rand_drbg.c
- */
-static size_t rand_drbg_seedlen(RAND_DRBG *drbg)
-{
- /*
- * If no os entropy source is available then RAND_seed(buffer, bufsize)
- * is expected to succeed if and only if the buffer length satisfies
- * the following requirements, which follow from the calculations
- * in RAND_DRBG_instantiate().
- */
- size_t min_entropy = drbg->strength;
- size_t min_entropylen = drbg->min_entropylen;
-
- /*
- * Extra entropy for the random nonce in the absence of a
- * get_nonce callback, see comment in RAND_DRBG_instantiate().
- */
- if (drbg->min_noncelen > 0 && drbg->get_nonce == NULL) {
- min_entropy += drbg->strength / 2;
- min_entropylen += drbg->min_noncelen;
- }
-
- /*
- * Convert entropy requirement from bits to bytes
- * (dividing by 8 without rounding upwards, because
- * all entropy requirements are divisible by 8).
- */
- min_entropy >>= 3;
-
- /* Return a value that satisfies both requirements */
- return min_entropy > min_entropylen ? min_entropy : min_entropylen;
-}
-#endif /*OPENSSL_RAND_SEED_NONE*/
-
/*
* Test that instantiation with RAND_seed() works as expected
*
*/
static int test_rand_seed(void)
{
- RAND_DRBG *master = RAND_DRBG_get0_master();
+ RAND_DRBG *master = NULL;
unsigned char rand_buf[256];
size_t rand_buflen;
-#ifdef OPENSSL_RAND_SEED_NONE
- size_t required_seed_buflen = rand_drbg_seedlen(master);
-#else
size_t required_seed_buflen = 0;
+
+ if (!TEST_ptr(master = RAND_DRBG_get0_master()))
+ return 0;
+
+#ifdef OPENSSL_RAND_SEED_NONE
+ required_seed_buflen = rand_drbg_seedlen(master);
#endif
memset(rand_buf, 0xCD, sizeof(rand_buf));
static int test_set_defaults(void)
{
- RAND_DRBG *master, *public, *private;
-
- master = RAND_DRBG_get0_master();
- public = RAND_DRBG_get0_public();
- private = RAND_DRBG_get0_private();
+ RAND_DRBG *master = NULL, *public = NULL, *private = NULL;
/* Check the default type and flags for master, public and private */
- return TEST_int_eq(master->type, RAND_DRBG_TYPE)
+ return TEST_ptr(master = RAND_DRBG_get0_master())
+ && TEST_ptr(public = RAND_DRBG_get0_public())
+ && TEST_ptr(private = RAND_DRBG_get0_private())
+ && TEST_int_eq(master->type, RAND_DRBG_TYPE)
&& TEST_int_eq(master->flags,
RAND_DRBG_FLAGS | RAND_DRBG_FLAG_MASTER)
&& TEST_int_eq(public->type, RAND_DRBG_TYPE)