Add misc tests for HMAC_DRBG
diff --git a/tests/suites/test_suite_hmac_drbg.function b/tests/suites/test_suite_hmac_drbg.function
index 09e55b7..a5e9739 100644
--- a/tests/suites/test_suite_hmac_drbg.function
+++ b/tests/suites/test_suite_hmac_drbg.function
@@ -28,6 +28,82 @@
* END_DEPENDENCIES
*/
+/* BEGIN_CASE */
+void hmac_drbg_entropy_usage( int md_alg )
+{
+ unsigned char out[16];
+ unsigned char buf[1024];
+ const md_info_t *md_info;
+ hmac_drbg_context ctx;
+ entropy_ctx entropy;
+ size_t last_len, i, reps = 10;
+
+ memset( buf, 0, sizeof( buf ) );
+ memset( out, 0, sizeof( out ) );
+
+ entropy.len = sizeof( buf );
+ entropy.p = buf;
+
+ TEST_ASSERT( ( md_info = md_info_from_type( md_alg ) ) != NULL );
+
+ /* Init must use entropy */
+ last_len = entropy.len;
+ TEST_ASSERT( hmac_drbg_init( &ctx, md_info, entropy_func, &entropy,
+ NULL, 0 ) == 0 );
+ TEST_ASSERT( entropy.len < last_len );
+
+ /* By default, PR is off and reseed_interval is large,
+ * so the next few calls should not use entropy */
+ last_len = entropy.len;
+ for( i = 0; i < reps; i++ )
+ {
+ TEST_ASSERT( hmac_drbg_random( &ctx, out, sizeof( out ) - 4 ) == 0 );
+ TEST_ASSERT( hmac_drbg_random_with_add( &ctx, out, sizeof( out ) - 4,
+ buf, 16 ) == 0 );
+ }
+ TEST_ASSERT( entropy.len == last_len );
+
+ /* While at it, make sure we didn't write past the requested length */
+ TEST_ASSERT( out[sizeof( out ) - 4] == 0 );
+ TEST_ASSERT( out[sizeof( out ) - 3] == 0 );
+ TEST_ASSERT( out[sizeof( out ) - 2] == 0 );
+ TEST_ASSERT( out[sizeof( out ) - 1] == 0 );
+
+ /* Set reseed_interval to the number of calls done,
+ * so the next call should reseed */
+ hmac_drbg_set_reseed_interval( &ctx, 2 * reps );
+ TEST_ASSERT( hmac_drbg_random( &ctx, out, sizeof( out ) ) == 0 );
+ TEST_ASSERT( entropy.len < last_len );
+
+ /* The new few calls should not reseed */
+ last_len = entropy.len;
+ for( i = 0; i < reps / 2; i++ )
+ {
+ TEST_ASSERT( hmac_drbg_random( &ctx, out, sizeof( out ) ) == 0 );
+ TEST_ASSERT( hmac_drbg_random_with_add( &ctx, out, sizeof( out ) ,
+ buf, 16 ) == 0 );
+ }
+ TEST_ASSERT( entropy.len == last_len );
+
+ /* Now enable PR, so the next few calls should all reseed */
+ hmac_drbg_set_prediction_resistance( &ctx, POLARSSL_HMAC_DRBG_PR_ON );
+ TEST_ASSERT( hmac_drbg_random( &ctx, out, sizeof( out ) ) == 0 );
+ TEST_ASSERT( entropy.len < last_len );
+
+ /* Finally, check setting entropy_len */
+ hmac_drbg_set_entropy_len( &ctx, 42 );
+ last_len = entropy.len;
+ TEST_ASSERT( hmac_drbg_random( &ctx, out, sizeof( out ) ) == 0 );
+ TEST_ASSERT( (int) last_len - entropy.len == 42 );
+
+ hmac_drbg_set_entropy_len( &ctx, 13 );
+ last_len = entropy.len;
+ TEST_ASSERT( hmac_drbg_random( &ctx, out, sizeof( out ) ) == 0 );
+ TEST_ASSERT( (int) last_len - entropy.len == 13 );
+ hmac_drbg_free( &ctx );
+}
+/* END_CASE */
+
/* BEGIN_CASE depends_on:POLARSSL_FS_IO */
void hmac_drbg_seed_file( int md_alg, char *path, int ret )
{
@@ -46,6 +122,32 @@
/* END_CASE */
/* BEGIN_CASE */
+void hmac_drbg_buf( int md_alg )
+{
+ unsigned char out[16];
+ unsigned char buf[100];
+ const md_info_t *md_info;
+ hmac_drbg_context ctx;
+ size_t i;
+
+ memset( buf, 0, sizeof( buf ) );
+ memset( out, 0, sizeof( out ) );
+
+ TEST_ASSERT( ( md_info = md_info_from_type( md_alg ) ) != NULL );
+ TEST_ASSERT( hmac_drbg_init_buf( &ctx, md_info, buf, sizeof( buf ) ) == 0 );
+
+ /* Make sure it never tries to reseed (would segfault otherwise) */
+ hmac_drbg_set_reseed_interval( &ctx, 3 );
+ hmac_drbg_set_prediction_resistance( &ctx, POLARSSL_HMAC_DRBG_PR_ON );
+
+ for( i = 0; i < 30; i++ )
+ TEST_ASSERT( hmac_drbg_random( &ctx, out, sizeof( out ) ) == 0 );
+
+ hmac_drbg_free( &ctx );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
void hmac_drbg_no_reseed( int md_alg,
char *entropy_hex, char *custom_hex,
char *add1_hex, char *add2_hex,
diff --git a/tests/suites/test_suite_hmac_drbg.misc.data b/tests/suites/test_suite_hmac_drbg.misc.data
index b88bcc4..63758d9 100644
--- a/tests/suites/test_suite_hmac_drbg.misc.data
+++ b/tests/suites/test_suite_hmac_drbg.misc.data
@@ -1,3 +1,23 @@
+HMAC_DRBG entropy usage SHA-1
+depends_on:POLARSSL_SHA1_C
+hmac_drbg_entropy_usage:POLARSSL_MD_SHA1
+
+HMAC_DRBG entropy usage SHA-224
+depends_on:POLARSSL_SHA256_C
+hmac_drbg_entropy_usage:POLARSSL_MD_SHA224
+
+HMAC_DRBG entropy usage SHA-256
+depends_on:POLARSSL_SHA256_C
+hmac_drbg_entropy_usage:POLARSSL_MD_SHA256
+
+HMAC_DRBG entropy usage SHA-384
+depends_on:POLARSSL_SHA512_C
+hmac_drbg_entropy_usage:POLARSSL_MD_SHA384
+
+HMAC_DRBG entropy usage SHA-512
+depends_on:POLARSSL_SHA512_C
+hmac_drbg_entropy_usage:POLARSSL_MD_SHA512
+
HMAC_DRBG write/update seed file SHA-1
depends_on:POLARSSL_SHA1_C
hmac_drbg_seed_file:POLARSSL_MD_SHA1:"data_files/hmac_drbg_seed":0
@@ -38,3 +58,23 @@
depends_on:POLARSSL_SHA512_C
hmac_drbg_seed_file:POLARSSL_MD_SHA512:"no_such_dir/file":POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR
+HMAC_DRBG from buffer SHA-1
+depends_on:POLARSSL_SHA1_C
+hmac_drbg_buf:POLARSSL_MD_SHA1
+
+HMAC_DRBG from buffer SHA-224
+depends_on:POLARSSL_SHA256_C
+hmac_drbg_buf:POLARSSL_MD_SHA224
+
+HMAC_DRBG from buffer SHA-256
+depends_on:POLARSSL_SHA256_C
+hmac_drbg_buf:POLARSSL_MD_SHA256
+
+HMAC_DRBG from buffer SHA-384
+depends_on:POLARSSL_SHA512_C
+hmac_drbg_buf:POLARSSL_MD_SHA384
+
+HMAC_DRBG from buffer SHA-512
+depends_on:POLARSSL_SHA512_C
+hmac_drbg_buf:POLARSSL_MD_SHA512
+