blob: 4e1bac1ee032d327ace97d52b09697e818ec8098 [file] [log] [blame]
Manuel Pégourié-Gonnard3d49b9d2014-06-06 14:48:09 +02001#if defined(POLARSSL_PLATFORM_C)
2#include "polarssl/platform.h"
3#else
Rich Evans00ab4702015-02-06 13:43:58 +00004#include <stdio.h>
5#define polarssl_printf printf
6#define polarssl_fprintf fprintf
Manuel Pégourié-Gonnard3d49b9d2014-06-06 14:48:09 +02007#define polarssl_malloc malloc
8#define polarssl_free free
9#endif
10
Paul Bakkerb3dcbc12011-03-13 16:57:25 +000011#ifdef _MSC_VER
12#include <basetsd.h>
13typedef UINT32 uint32_t;
14#else
15#include <inttypes.h>
16#endif
17
Paul Bakker19343182013-08-16 13:31:10 +020018#include <assert.h>
19#include <stdlib.h>
20#include <string.h>
21
Paul Bakkerb3dcbc12011-03-13 16:57:25 +000022/*
23 * 32-bit integer manipulation macros (big endian)
24 */
Paul Bakker5c2364c2012-10-01 14:41:15 +000025#ifndef GET_UINT32_BE
26#define GET_UINT32_BE(n,b,i) \
Paul Bakkerb3dcbc12011-03-13 16:57:25 +000027{ \
Paul Bakker5c2364c2012-10-01 14:41:15 +000028 (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
29 | ( (uint32_t) (b)[(i) + 1] << 16 ) \
30 | ( (uint32_t) (b)[(i) + 2] << 8 ) \
31 | ( (uint32_t) (b)[(i) + 3] ); \
Paul Bakkerb3dcbc12011-03-13 16:57:25 +000032}
33#endif
34
Paul Bakker5c2364c2012-10-01 14:41:15 +000035#ifndef PUT_UINT32_BE
36#define PUT_UINT32_BE(n,b,i) \
Paul Bakkerb3dcbc12011-03-13 16:57:25 +000037{ \
38 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
39 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
40 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
41 (b)[(i) + 3] = (unsigned char) ( (n) ); \
42}
43#endif
44
Paul Bakkerb6c5d2e2013-06-25 16:25:17 +020045static int unhexify(unsigned char *obuf, const char *ibuf)
Paul Bakker367dae42009-06-28 21:50:27 +000046{
47 unsigned char c, c2;
48 int len = strlen(ibuf) / 2;
Rich Evans1fef5ff2015-02-02 11:57:21 +000049 assert( strlen(ibuf) % 2 == 0 ); // must be even number of bytes
Paul Bakker367dae42009-06-28 21:50:27 +000050
51 while (*ibuf != 0)
52 {
53 c = *ibuf++;
54 if( c >= '0' && c <= '9' )
55 c -= '0';
56 else if( c >= 'a' && c <= 'f' )
57 c -= 'a' - 10;
58 else if( c >= 'A' && c <= 'F' )
59 c -= 'A' - 10;
60 else
61 assert( 0 );
62
63 c2 = *ibuf++;
64 if( c2 >= '0' && c2 <= '9' )
65 c2 -= '0';
66 else if( c2 >= 'a' && c2 <= 'f' )
67 c2 -= 'a' - 10;
68 else if( c2 >= 'A' && c2 <= 'F' )
69 c2 -= 'A' - 10;
70 else
71 assert( 0 );
72
73 *obuf++ = ( c << 4 ) | c2;
74 }
75
76 return len;
77}
78
Rich Evans42914452015-02-02 12:09:25 +000079static void hexify( unsigned char *obuf, const unsigned char *ibuf, int len )
Paul Bakker367dae42009-06-28 21:50:27 +000080{
81 unsigned char l, h;
82
Rich Evans42914452015-02-02 12:09:25 +000083 while( len != 0 )
Paul Bakker367dae42009-06-28 21:50:27 +000084 {
Rich Evans42914452015-02-02 12:09:25 +000085 h = *ibuf / 16;
86 l = *ibuf % 16;
Paul Bakker367dae42009-06-28 21:50:27 +000087
88 if( h < 10 )
89 *obuf++ = '0' + h;
90 else
91 *obuf++ = 'a' + h - 10;
92
93 if( l < 10 )
94 *obuf++ = '0' + l;
95 else
96 *obuf++ = 'a' + l - 10;
97
98 ++ibuf;
99 len--;
100 }
101}
Paul Bakker9dcc3222011-03-08 14:16:06 +0000102
103/**
Manuel Pégourié-Gonnard0dc5e0d2014-06-13 21:09:26 +0200104 * Allocate and zeroize a buffer.
105 *
106 * If the size if zero, a pointer to a zeroized 1-byte buffer is returned.
107 *
108 * For convenience, dies if allocation fails.
109 */
110static unsigned char *zero_alloc( size_t len )
111{
112 void *p;
Rich Evans42914452015-02-02 12:09:25 +0000113 size_t actual_len = ( len != 0 ) ? len : 1;
Manuel Pégourié-Gonnard0dc5e0d2014-06-13 21:09:26 +0200114
Paul Bakker4d0cfe82014-07-10 14:37:36 +0200115 p = polarssl_malloc( actual_len );
116 assert( p != NULL );
Manuel Pégourié-Gonnard0dc5e0d2014-06-13 21:09:26 +0200117
118 memset( p, 0x00, actual_len );
119
120 return( p );
121}
122
123/**
Manuel Pégourié-Gonnard3d49b9d2014-06-06 14:48:09 +0200124 * Allocate and fill a buffer from hex data.
125 *
126 * The buffer is sized exactly as needed. This allows to detect buffer
127 * overruns (including overreads) when running the test suite under valgrind.
128 *
Manuel Pégourié-Gonnard0dc5e0d2014-06-13 21:09:26 +0200129 * If the size if zero, a pointer to a zeroized 1-byte buffer is returned.
130 *
Manuel Pégourié-Gonnard3d49b9d2014-06-06 14:48:09 +0200131 * For convenience, dies if allocation fails.
132 */
133static unsigned char *unhexify_alloc( const char *ibuf, size_t *olen )
134{
135 unsigned char *obuf;
136
Rich Evans42914452015-02-02 12:09:25 +0000137 *olen = strlen( ibuf ) / 2;
Manuel Pégourié-Gonnard3d49b9d2014-06-06 14:48:09 +0200138
Manuel Pégourié-Gonnard0dc5e0d2014-06-13 21:09:26 +0200139 if( *olen == 0 )
140 return( zero_alloc( *olen ) );
141
Paul Bakker4d0cfe82014-07-10 14:37:36 +0200142 obuf = polarssl_malloc( *olen );
143 assert( obuf != NULL );
Manuel Pégourié-Gonnard3d49b9d2014-06-06 14:48:09 +0200144
145 (void) unhexify( obuf, ibuf );
146
147 return( obuf );
148}
149
150/**
Paul Bakker9dcc3222011-03-08 14:16:06 +0000151 * This function just returns data from rand().
Paul Bakker997bbd12011-03-13 15:45:42 +0000152 * Although predictable and often similar on multiple
153 * runs, this does not result in identical random on
154 * each run. So do not use this if the results of a
155 * test depend on the random data that is generated.
Paul Bakker9dcc3222011-03-08 14:16:06 +0000156 *
157 * rng_state shall be NULL.
158 */
Paul Bakkera3d195c2011-11-27 21:07:34 +0000159static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len )
Paul Bakker9dcc3222011-03-08 14:16:06 +0000160{
Paul Bakkerf96f7b62014-04-30 16:02:38 +0200161#if !defined(__OpenBSD__)
Paul Bakkera3d195c2011-11-27 21:07:34 +0000162 size_t i;
163
Paul Bakker9dcc3222011-03-08 14:16:06 +0000164 if( rng_state != NULL )
165 rng_state = NULL;
166
Paul Bakkera3d195c2011-11-27 21:07:34 +0000167 for( i = 0; i < len; ++i )
168 output[i] = rand();
Paul Bakkerf96f7b62014-04-30 16:02:38 +0200169#else
170 if( rng_state != NULL )
171 rng_state = NULL;
172
173 arc4random_buf( output, len );
174#endif /* !OpenBSD */
Paul Bakkera3d195c2011-11-27 21:07:34 +0000175
176 return( 0 );
Paul Bakker9dcc3222011-03-08 14:16:06 +0000177}
178
179/**
180 * This function only returns zeros
181 *
182 * rng_state shall be NULL.
183 */
Paul Bakkera3d195c2011-11-27 21:07:34 +0000184static int rnd_zero_rand( void *rng_state, unsigned char *output, size_t len )
Paul Bakker9dcc3222011-03-08 14:16:06 +0000185{
186 if( rng_state != NULL )
187 rng_state = NULL;
188
Paul Bakkera3d195c2011-11-27 21:07:34 +0000189 memset( output, 0, len );
190
Paul Bakker9dcc3222011-03-08 14:16:06 +0000191 return( 0 );
192}
193
194typedef struct
195{
196 unsigned char *buf;
Paul Bakkera3d195c2011-11-27 21:07:34 +0000197 size_t length;
Paul Bakker997bbd12011-03-13 15:45:42 +0000198} rnd_buf_info;
Paul Bakker9dcc3222011-03-08 14:16:06 +0000199
200/**
201 * This function returns random based on a buffer it receives.
202 *
Paul Bakker997bbd12011-03-13 15:45:42 +0000203 * rng_state shall be a pointer to a rnd_buf_info structure.
204 *
205 * The number of bytes released from the buffer on each call to
206 * the random function is specified by per_call. (Can be between
207 * 1 and 4)
Paul Bakker9dcc3222011-03-08 14:16:06 +0000208 *
209 * After the buffer is empty it will return rand();
210 */
Paul Bakkera3d195c2011-11-27 21:07:34 +0000211static int rnd_buffer_rand( void *rng_state, unsigned char *output, size_t len )
Paul Bakker9dcc3222011-03-08 14:16:06 +0000212{
Paul Bakker997bbd12011-03-13 15:45:42 +0000213 rnd_buf_info *info = (rnd_buf_info *) rng_state;
Paul Bakkera3d195c2011-11-27 21:07:34 +0000214 size_t use_len;
Paul Bakker9dcc3222011-03-08 14:16:06 +0000215
216 if( rng_state == NULL )
Paul Bakkera3d195c2011-11-27 21:07:34 +0000217 return( rnd_std_rand( NULL, output, len ) );
Paul Bakker9dcc3222011-03-08 14:16:06 +0000218
Paul Bakkera3d195c2011-11-27 21:07:34 +0000219 use_len = len;
220 if( len > info->length )
221 use_len = info->length;
Paul Bakker997bbd12011-03-13 15:45:42 +0000222
Paul Bakkera3d195c2011-11-27 21:07:34 +0000223 if( use_len )
Paul Bakker9dcc3222011-03-08 14:16:06 +0000224 {
Paul Bakkera3d195c2011-11-27 21:07:34 +0000225 memcpy( output, info->buf, use_len );
226 info->buf += use_len;
227 info->length -= use_len;
Paul Bakker9dcc3222011-03-08 14:16:06 +0000228 }
229
Paul Bakkera3d195c2011-11-27 21:07:34 +0000230 if( len - use_len > 0 )
231 return( rnd_std_rand( NULL, output + use_len, len - use_len ) );
232
233 return( 0 );
Paul Bakker9dcc3222011-03-08 14:16:06 +0000234}
Paul Bakker997bbd12011-03-13 15:45:42 +0000235
236/**
237 * Info structure for the pseudo random function
238 *
239 * Key should be set at the start to a test-unique value.
Paul Bakkerb3dcbc12011-03-13 16:57:25 +0000240 * Do not forget endianness!
Paul Bakker997bbd12011-03-13 15:45:42 +0000241 * State( v0, v1 ) should be set to zero.
242 */
243typedef struct
244{
Paul Bakkerb3dcbc12011-03-13 16:57:25 +0000245 uint32_t key[16];
Paul Bakker997bbd12011-03-13 15:45:42 +0000246 uint32_t v0, v1;
247} rnd_pseudo_info;
248
249/**
250 * This function returns random based on a pseudo random function.
251 * This means the results should be identical on all systems.
252 * Pseudo random is based on the XTEA encryption algorithm to
253 * generate pseudorandom.
254 *
255 * rng_state shall be a pointer to a rnd_pseudo_info structure.
256 */
Paul Bakkera3d195c2011-11-27 21:07:34 +0000257static int rnd_pseudo_rand( void *rng_state, unsigned char *output, size_t len )
Paul Bakker997bbd12011-03-13 15:45:42 +0000258{
259 rnd_pseudo_info *info = (rnd_pseudo_info *) rng_state;
Paul Bakkera3d195c2011-11-27 21:07:34 +0000260 uint32_t i, *k, sum, delta=0x9E3779B9;
Manuel Pégourié-Gonnard217a29c2014-01-03 11:59:09 +0100261 unsigned char result[4], *out = output;
Paul Bakker997bbd12011-03-13 15:45:42 +0000262
263 if( rng_state == NULL )
Paul Bakkera3d195c2011-11-27 21:07:34 +0000264 return( rnd_std_rand( NULL, output, len ) );
Paul Bakker997bbd12011-03-13 15:45:42 +0000265
Paul Bakkerb3dcbc12011-03-13 16:57:25 +0000266 k = info->key;
Paul Bakkera3d195c2011-11-27 21:07:34 +0000267
268 while( len > 0 )
Paul Bakker997bbd12011-03-13 15:45:42 +0000269 {
Paul Bakker40dd5302012-05-15 15:02:38 +0000270 size_t use_len = ( len > 4 ) ? 4 : len;
Paul Bakkera3d195c2011-11-27 21:07:34 +0000271 sum = 0;
272
Paul Bakkera3d195c2011-11-27 21:07:34 +0000273 for( i = 0; i < 32; i++ )
274 {
Rich Evans42914452015-02-02 12:09:25 +0000275 info->v0 += ( ( ( info->v1 << 4 ) ^ ( info->v1 >> 5 ) )
276 + info->v1 ) ^ ( sum + k[sum & 3] );
Paul Bakkera3d195c2011-11-27 21:07:34 +0000277 sum += delta;
Rich Evans42914452015-02-02 12:09:25 +0000278 info->v1 += ( ( ( info->v0 << 4 ) ^ ( info->v0 >> 5 ) )
279 + info->v0 ) ^ ( sum + k[( sum>>11 ) & 3] );
Paul Bakkera3d195c2011-11-27 21:07:34 +0000280 }
281
Paul Bakker5c2364c2012-10-01 14:41:15 +0000282 PUT_UINT32_BE( info->v0, result, 0 );
Manuel Pégourié-Gonnard217a29c2014-01-03 11:59:09 +0100283 memcpy( out, result, use_len );
Paul Bakkera3d195c2011-11-27 21:07:34 +0000284 len -= use_len;
Manuel Pégourié-Gonnard217a29c2014-01-03 11:59:09 +0100285 out += 4;
Paul Bakker997bbd12011-03-13 15:45:42 +0000286 }
287
Paul Bakkera3d195c2011-11-27 21:07:34 +0000288 return( 0 );
Paul Bakker997bbd12011-03-13 15:45:42 +0000289}