blob: b006429463f8a7566c64e7b8f7ac42be2c0eb55e [file] [log] [blame]
Paul Bakkere07c4312013-07-03 14:00:49 +02001#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
2#include "polarssl/memory.h"
3#endif
4
Manuel Pégourié-Gonnard3d49b9d2014-06-06 14:48:09 +02005#if defined(POLARSSL_PLATFORM_C)
6#include "polarssl/platform.h"
7#else
8#define polarssl_malloc malloc
9#define polarssl_free free
10#endif
11
Paul Bakkerb3dcbc12011-03-13 16:57:25 +000012#ifdef _MSC_VER
13#include <basetsd.h>
14typedef UINT32 uint32_t;
15#else
16#include <inttypes.h>
17#endif
18
Paul Bakker19343182013-08-16 13:31:10 +020019#include <assert.h>
20#include <stdlib.h>
21#include <string.h>
22
Paul Bakkerb3dcbc12011-03-13 16:57:25 +000023/*
24 * 32-bit integer manipulation macros (big endian)
25 */
Paul Bakker5c2364c2012-10-01 14:41:15 +000026#ifndef GET_UINT32_BE
27#define GET_UINT32_BE(n,b,i) \
Paul Bakkerb3dcbc12011-03-13 16:57:25 +000028{ \
Paul Bakker5c2364c2012-10-01 14:41:15 +000029 (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
30 | ( (uint32_t) (b)[(i) + 1] << 16 ) \
31 | ( (uint32_t) (b)[(i) + 2] << 8 ) \
32 | ( (uint32_t) (b)[(i) + 3] ); \
Paul Bakkerb3dcbc12011-03-13 16:57:25 +000033}
34#endif
35
Paul Bakker5c2364c2012-10-01 14:41:15 +000036#ifndef PUT_UINT32_BE
37#define PUT_UINT32_BE(n,b,i) \
Paul Bakkerb3dcbc12011-03-13 16:57:25 +000038{ \
39 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
40 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
41 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
42 (b)[(i) + 3] = (unsigned char) ( (n) ); \
43}
44#endif
45
Paul Bakkerb6c5d2e2013-06-25 16:25:17 +020046static int unhexify(unsigned char *obuf, const char *ibuf)
Paul Bakker367dae42009-06-28 21:50:27 +000047{
48 unsigned char c, c2;
49 int len = strlen(ibuf) / 2;
50 assert(!(strlen(ibuf) %1)); // must be even number of bytes
51
52 while (*ibuf != 0)
53 {
54 c = *ibuf++;
55 if( c >= '0' && c <= '9' )
56 c -= '0';
57 else if( c >= 'a' && c <= 'f' )
58 c -= 'a' - 10;
59 else if( c >= 'A' && c <= 'F' )
60 c -= 'A' - 10;
61 else
62 assert( 0 );
63
64 c2 = *ibuf++;
65 if( c2 >= '0' && c2 <= '9' )
66 c2 -= '0';
67 else if( c2 >= 'a' && c2 <= 'f' )
68 c2 -= 'a' - 10;
69 else if( c2 >= 'A' && c2 <= 'F' )
70 c2 -= 'A' - 10;
71 else
72 assert( 0 );
73
74 *obuf++ = ( c << 4 ) | c2;
75 }
76
77 return len;
78}
79
Paul Bakkerb6c5d2e2013-06-25 16:25:17 +020080static void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
Paul Bakker367dae42009-06-28 21:50:27 +000081{
82 unsigned char l, h;
83
84 while (len != 0)
85 {
86 h = (*ibuf) / 16;
87 l = (*ibuf) % 16;
88
89 if( h < 10 )
90 *obuf++ = '0' + h;
91 else
92 *obuf++ = 'a' + h - 10;
93
94 if( l < 10 )
95 *obuf++ = '0' + l;
96 else
97 *obuf++ = 'a' + l - 10;
98
99 ++ibuf;
100 len--;
101 }
102}
Paul Bakker9dcc3222011-03-08 14:16:06 +0000103
104/**
Manuel Pégourié-Gonnard0dc5e0d2014-06-13 21:09:26 +0200105 * Allocate and zeroize a buffer.
106 *
107 * If the size if zero, a pointer to a zeroized 1-byte buffer is returned.
108 *
109 * For convenience, dies if allocation fails.
110 */
111static unsigned char *zero_alloc( size_t len )
112{
113 void *p;
114 size_t actual_len = len != 0 ? len : 1;
115
Paul Bakker4d0cfe82014-07-10 14:37:36 +0200116 p = polarssl_malloc( actual_len );
117 assert( p != NULL );
Manuel Pégourié-Gonnard0dc5e0d2014-06-13 21:09:26 +0200118
119 memset( p, 0x00, actual_len );
120
121 return( p );
122}
123
124/**
Manuel Pégourié-Gonnard3d49b9d2014-06-06 14:48:09 +0200125 * Allocate and fill a buffer from hex data.
126 *
127 * The buffer is sized exactly as needed. This allows to detect buffer
128 * overruns (including overreads) when running the test suite under valgrind.
129 *
Manuel Pégourié-Gonnard0dc5e0d2014-06-13 21:09:26 +0200130 * If the size if zero, a pointer to a zeroized 1-byte buffer is returned.
131 *
Manuel Pégourié-Gonnard3d49b9d2014-06-06 14:48:09 +0200132 * For convenience, dies if allocation fails.
133 */
134static unsigned char *unhexify_alloc( const char *ibuf, size_t *olen )
135{
136 unsigned char *obuf;
137
138 *olen = strlen(ibuf) / 2;
139
Manuel Pégourié-Gonnard0dc5e0d2014-06-13 21:09:26 +0200140 if( *olen == 0 )
141 return( zero_alloc( *olen ) );
142
Paul Bakker4d0cfe82014-07-10 14:37:36 +0200143 obuf = polarssl_malloc( *olen );
144 assert( obuf != NULL );
Manuel Pégourié-Gonnard3d49b9d2014-06-06 14:48:09 +0200145
146 (void) unhexify( obuf, ibuf );
147
148 return( obuf );
149}
150
151/**
Paul Bakker9dcc3222011-03-08 14:16:06 +0000152 * This function just returns data from rand().
Paul Bakker997bbd12011-03-13 15:45:42 +0000153 * Although predictable and often similar on multiple
154 * runs, this does not result in identical random on
155 * each run. So do not use this if the results of a
156 * test depend on the random data that is generated.
Paul Bakker9dcc3222011-03-08 14:16:06 +0000157 *
158 * rng_state shall be NULL.
159 */
Paul Bakkera3d195c2011-11-27 21:07:34 +0000160static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len )
Paul Bakker9dcc3222011-03-08 14:16:06 +0000161{
Paul Bakkerf96f7b62014-04-30 16:02:38 +0200162#if !defined(__OpenBSD__)
Paul Bakkera3d195c2011-11-27 21:07:34 +0000163 size_t i;
164
Paul Bakker9dcc3222011-03-08 14:16:06 +0000165 if( rng_state != NULL )
166 rng_state = NULL;
167
Paul Bakkera3d195c2011-11-27 21:07:34 +0000168 for( i = 0; i < len; ++i )
169 output[i] = rand();
Paul Bakkerf96f7b62014-04-30 16:02:38 +0200170#else
171 if( rng_state != NULL )
172 rng_state = NULL;
173
174 arc4random_buf( output, len );
175#endif /* !OpenBSD */
Paul Bakkera3d195c2011-11-27 21:07:34 +0000176
177 return( 0 );
Paul Bakker9dcc3222011-03-08 14:16:06 +0000178}
179
180/**
181 * This function only returns zeros
182 *
183 * rng_state shall be NULL.
184 */
Paul Bakkera3d195c2011-11-27 21:07:34 +0000185static int rnd_zero_rand( void *rng_state, unsigned char *output, size_t len )
Paul Bakker9dcc3222011-03-08 14:16:06 +0000186{
187 if( rng_state != NULL )
188 rng_state = NULL;
189
Paul Bakkera3d195c2011-11-27 21:07:34 +0000190 memset( output, 0, len );
191
Paul Bakker9dcc3222011-03-08 14:16:06 +0000192 return( 0 );
193}
194
195typedef struct
196{
197 unsigned char *buf;
Paul Bakkera3d195c2011-11-27 21:07:34 +0000198 size_t length;
Paul Bakker997bbd12011-03-13 15:45:42 +0000199} rnd_buf_info;
Paul Bakker9dcc3222011-03-08 14:16:06 +0000200
201/**
202 * This function returns random based on a buffer it receives.
203 *
Paul Bakker997bbd12011-03-13 15:45:42 +0000204 * rng_state shall be a pointer to a rnd_buf_info structure.
205 *
206 * The number of bytes released from the buffer on each call to
207 * the random function is specified by per_call. (Can be between
208 * 1 and 4)
Paul Bakker9dcc3222011-03-08 14:16:06 +0000209 *
210 * After the buffer is empty it will return rand();
211 */
Paul Bakkera3d195c2011-11-27 21:07:34 +0000212static int rnd_buffer_rand( void *rng_state, unsigned char *output, size_t len )
Paul Bakker9dcc3222011-03-08 14:16:06 +0000213{
Paul Bakker997bbd12011-03-13 15:45:42 +0000214 rnd_buf_info *info = (rnd_buf_info *) rng_state;
Paul Bakkera3d195c2011-11-27 21:07:34 +0000215 size_t use_len;
Paul Bakker9dcc3222011-03-08 14:16:06 +0000216
217 if( rng_state == NULL )
Paul Bakkera3d195c2011-11-27 21:07:34 +0000218 return( rnd_std_rand( NULL, output, len ) );
Paul Bakker9dcc3222011-03-08 14:16:06 +0000219
Paul Bakkera3d195c2011-11-27 21:07:34 +0000220 use_len = len;
221 if( len > info->length )
222 use_len = info->length;
Paul Bakker997bbd12011-03-13 15:45:42 +0000223
Paul Bakkera3d195c2011-11-27 21:07:34 +0000224 if( use_len )
Paul Bakker9dcc3222011-03-08 14:16:06 +0000225 {
Paul Bakkera3d195c2011-11-27 21:07:34 +0000226 memcpy( output, info->buf, use_len );
227 info->buf += use_len;
228 info->length -= use_len;
Paul Bakker9dcc3222011-03-08 14:16:06 +0000229 }
230
Paul Bakkera3d195c2011-11-27 21:07:34 +0000231 if( len - use_len > 0 )
232 return( rnd_std_rand( NULL, output + use_len, len - use_len ) );
233
234 return( 0 );
Paul Bakker9dcc3222011-03-08 14:16:06 +0000235}
Paul Bakker997bbd12011-03-13 15:45:42 +0000236
237/**
238 * Info structure for the pseudo random function
239 *
240 * Key should be set at the start to a test-unique value.
Paul Bakkerb3dcbc12011-03-13 16:57:25 +0000241 * Do not forget endianness!
Paul Bakker997bbd12011-03-13 15:45:42 +0000242 * State( v0, v1 ) should be set to zero.
243 */
244typedef struct
245{
Paul Bakkerb3dcbc12011-03-13 16:57:25 +0000246 uint32_t key[16];
Paul Bakker997bbd12011-03-13 15:45:42 +0000247 uint32_t v0, v1;
248} rnd_pseudo_info;
249
250/**
251 * This function returns random based on a pseudo random function.
252 * This means the results should be identical on all systems.
253 * Pseudo random is based on the XTEA encryption algorithm to
254 * generate pseudorandom.
255 *
256 * rng_state shall be a pointer to a rnd_pseudo_info structure.
257 */
Paul Bakkera3d195c2011-11-27 21:07:34 +0000258static int rnd_pseudo_rand( void *rng_state, unsigned char *output, size_t len )
Paul Bakker997bbd12011-03-13 15:45:42 +0000259{
260 rnd_pseudo_info *info = (rnd_pseudo_info *) rng_state;
Paul Bakkera3d195c2011-11-27 21:07:34 +0000261 uint32_t i, *k, sum, delta=0x9E3779B9;
Manuel Pégourié-Gonnard217a29c2014-01-03 11:59:09 +0100262 unsigned char result[4], *out = output;
Paul Bakker997bbd12011-03-13 15:45:42 +0000263
264 if( rng_state == NULL )
Paul Bakkera3d195c2011-11-27 21:07:34 +0000265 return( rnd_std_rand( NULL, output, len ) );
Paul Bakker997bbd12011-03-13 15:45:42 +0000266
Paul Bakkerb3dcbc12011-03-13 16:57:25 +0000267 k = info->key;
Paul Bakkera3d195c2011-11-27 21:07:34 +0000268
269 while( len > 0 )
Paul Bakker997bbd12011-03-13 15:45:42 +0000270 {
Paul Bakker40dd5302012-05-15 15:02:38 +0000271 size_t use_len = ( len > 4 ) ? 4 : len;
Paul Bakkera3d195c2011-11-27 21:07:34 +0000272 sum = 0;
273
Paul Bakkera3d195c2011-11-27 21:07:34 +0000274 for( i = 0; i < 32; i++ )
275 {
276 info->v0 += (((info->v1 << 4) ^ (info->v1 >> 5)) + info->v1) ^ (sum + k[sum & 3]);
277 sum += delta;
278 info->v1 += (((info->v0 << 4) ^ (info->v0 >> 5)) + info->v0) ^ (sum + k[(sum>>11) & 3]);
279 }
280
Paul Bakker5c2364c2012-10-01 14:41:15 +0000281 PUT_UINT32_BE( info->v0, result, 0 );
Manuel Pégourié-Gonnard217a29c2014-01-03 11:59:09 +0100282 memcpy( out, result, use_len );
Paul Bakkera3d195c2011-11-27 21:07:34 +0000283 len -= use_len;
Manuel Pégourié-Gonnard217a29c2014-01-03 11:59:09 +0100284 out += 4;
Paul Bakker997bbd12011-03-13 15:45:42 +0000285 }
286
Paul Bakkera3d195c2011-11-27 21:07:34 +0000287 return( 0 );
Paul Bakker997bbd12011-03-13 15:45:42 +0000288}