diff options
Diffstat (limited to 'netwerk/srtp/src/crypto/test')
-rw-r--r-- | netwerk/srtp/src/crypto/test/aes_calc.c | 154 | ||||
-rw-r--r-- | netwerk/srtp/src/crypto/test/auth_driver.c | 200 | ||||
-rw-r--r-- | netwerk/srtp/src/crypto/test/cipher_driver.c | 531 | ||||
-rw-r--r-- | netwerk/srtp/src/crypto/test/datatypes_driver.c | 237 | ||||
-rw-r--r-- | netwerk/srtp/src/crypto/test/env.c | 99 | ||||
-rw-r--r-- | netwerk/srtp/src/crypto/test/kernel_driver.c | 126 | ||||
-rw-r--r-- | netwerk/srtp/src/crypto/test/rand_gen.c | 140 | ||||
-rw-r--r-- | netwerk/srtp/src/crypto/test/sha1_driver.c | 550 | ||||
-rw-r--r-- | netwerk/srtp/src/crypto/test/stat_driver.c | 174 |
9 files changed, 2211 insertions, 0 deletions
diff --git a/netwerk/srtp/src/crypto/test/aes_calc.c b/netwerk/srtp/src/crypto/test/aes_calc.c new file mode 100644 index 000000000..a5b390dd3 --- /dev/null +++ b/netwerk/srtp/src/crypto/test/aes_calc.c @@ -0,0 +1,154 @@ +/* + * aes_calc.c + * + * A simple AES calculator for generating AES encryption values + * + * David A. McGrew + * Cisco Systems, Inc. + */ +/* + * + * Copyright (c) 2001-2006, Cisco Systems, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * Neither the name of the Cisco Systems, Inc. nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +/* + + Example usage (with first NIST FIPS 197 test case): + +[sh]$ test/aes_calc 000102030405060708090a0b0c0d0e0f 00112233445566778899aabbccddeeff -v + plaintext: 00112233445566778899aabbccddeeff + key: 000102030405060708090a0b0c0d0e0f + ciphertext: 69c4e0d86a7b0430d8cdb78070b4c55a + + */ + +#include "aes.h" +#include <stdio.h> +#include <string.h> + +void +usage(char *prog_name) { + printf("usage: %s <key> <plaintext> [-v]\n", prog_name); + exit(255); +} + +#define AES_MAX_KEY_LEN 32 + +int +main (int argc, char *argv[]) { + v128_t data; + uint8_t key[AES_MAX_KEY_LEN]; + aes_expanded_key_t exp_key; + int key_len, len; + int verbose; + err_status_t status; + + if (argc == 3) { + /* we're not in verbose mode */ + verbose = 0; + } else if (argc == 4) { + if (strncmp(argv[3], "-v", 2) == 0) { + /* we're in verbose mode */ + verbose = 1; + } else { + /* unrecognized flag, complain and exit */ + usage(argv[0]); + } + } else { + /* we've been fed the wrong number of arguments - compain and exit */ + usage(argv[0]); + } + + /* read in key, checking length */ + if (strlen(argv[1]) > AES_MAX_KEY_LEN*2) { + fprintf(stderr, + "error: too many digits in key " + "(should be at most %d hexadecimal digits, found %u)\n", + AES_MAX_KEY_LEN*2, (unsigned)strlen(argv[1])); + exit(1); + } + len = hex_string_to_octet_string((char*)key, argv[1], AES_MAX_KEY_LEN*2); + /* check that hex string is the right length */ + if (len != 32 && len != 48 && len != 64) { + fprintf(stderr, + "error: bad number of digits in key " + "(should be 32/48/64 hexadecimal digits, found %d)\n", + len); + exit(1); + } + key_len = len/2; + + /* read in plaintext, checking length */ + if (strlen(argv[2]) > 16*2) { + fprintf(stderr, + "error: too many digits in plaintext " + "(should be %d hexadecimal digits, found %u)\n", + 16*2, (unsigned)strlen(argv[2])); + exit(1); + } + len = hex_string_to_octet_string((char *)(&data), argv[2], 16*2); + /* check that hex string is the right length */ + if (len < 16*2) { + fprintf(stderr, + "error: too few digits in plaintext " + "(should be %d hexadecimal digits, found %d)\n", + 16*2, len); + exit(1); + } + + if (verbose) { + /* print out plaintext */ + printf("plaintext:\t%s\n", octet_string_hex_string((uint8_t *)&data, 16)); + } + + /* encrypt plaintext */ + status = aes_expand_encryption_key(key, key_len, &exp_key); + if (status) { + fprintf(stderr, + "error: AES key expansion failed.\n"); + exit(1); + } + + aes_encrypt(&data, &exp_key); + + /* write ciphertext to output */ + if (verbose) { + printf("key:\t\t%s\n", octet_string_hex_string(key, key_len)); + printf("ciphertext:\t"); + } + printf("%s\n", v128_hex_string(&data)); + + return 0; +} + diff --git a/netwerk/srtp/src/crypto/test/auth_driver.c b/netwerk/srtp/src/crypto/test/auth_driver.c new file mode 100644 index 000000000..cd8a75dd0 --- /dev/null +++ b/netwerk/srtp/src/crypto/test/auth_driver.c @@ -0,0 +1,200 @@ +/* + * auth_driver.c + * + * a driver for auth functions + * + * David A. McGrew + * Cisco Systems, Inc. + */ + +/* + * + * Copyright (c) 2001-2006, Cisco Systems, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * Neither the name of the Cisco Systems, Inc. nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + + +#include <stdio.h> /* for printf() */ +#include <stdlib.h> /* for xalloc() */ +#include <unistd.h> /* for getopt() */ + +#include "auth.h" +#include "null_auth.h" + +#define PRINT_DEBUG_DATA 0 + +extern auth_type_t tmmhv2; + +const uint16_t msg0[9] = { + 0x6015, 0xf141, 0x5ba1, 0x29a0, 0xf604, 0xd1c, 0x2d9, 0xaa8a, 0x7931 +}; + +/* key1 is for TAG_WORDS = 2 */ + +const uint16_t key1[47] = { + 0xe627, 0x6a01, 0x5ea7, 0xf27a, 0xc536, 0x2192, 0x11be, 0xea35, + 0xdb9d, 0x63d6, 0xfa8a, 0xfc45, 0xe08b, 0xd216, 0xced2, 0x7853, + 0x1a82, 0x22f5, 0x90fb, 0x1c29, 0x708e, 0xd06f, 0x82c3, 0xbee6, + 0x4f21, 0x6f33, 0x65c0, 0xd211, 0xc25e, 0x9138, 0x4fa3, 0x7c1f, + 0x61ac, 0x3489, 0x2976, 0x8c19, 0x8252, 0xddbf, 0xcad3, 0xc28f, + 0x68d6, 0x58dd, 0x504f, 0x2bbf, 0x0278, 0x70b7, 0xcfca +}; + +double +auth_bits_per_second(auth_t *h, int msg_len); + + +void +usage(char *prog_name) { + printf("usage: %s [ -t | -v ]\n", prog_name); + exit(255); +} + +#define MAX_MSG_LEN 2048 + +int +main (int argc, char *argv[]) { + auth_t *a = NULL; + err_status_t status; + int i; + int c; + unsigned do_timing_test = 0; + unsigned do_validation = 0; + + /* process input arguments */ + while (1) { + c = getopt(argc, argv, "tv"); + if (c == -1) + break; + switch (c) { + case 't': + do_timing_test = 1; + break; + case 'v': + do_validation = 1; + break; + default: + usage(argv[0]); + } + } + + printf("auth driver\nDavid A. McGrew\nCisco Systems, Inc.\n"); + + if (!do_validation && !do_timing_test) + usage(argv[0]); + + if (do_validation) { + printf("running self-test for %s...", tmmhv2.description); + status = tmmhv2_add_big_test(); + if (status) { + printf("tmmhv2_add_big_test failed with error code %d\n", status); + exit(status); + } + status = auth_type_self_test(&tmmhv2); + if (status) { + printf("failed with error code %d\n", status); + exit(status); + } + printf("passed\n"); + } + + if (do_timing_test) { + + /* tmmhv2 timing test */ + status = auth_type_alloc(&tmmhv2, &a, 94, 4); + if (status) { + fprintf(stderr, "can't allocate tmmhv2\n"); + exit(status); + } + status = auth_init(a, (uint8_t *)key1); + if (status) { + printf("error initializaing auth function\n"); + exit(status); + } + + printf("timing %s (tag length %d)\n", + tmmhv2.description, auth_get_tag_length(a)); + for (i=8; i <= MAX_MSG_LEN; i *= 2) + printf("msg len: %d\tgigabits per second: %f\n", + i, auth_bits_per_second(a, i) / 1E9); + + status = auth_dealloc(a); + if (status) { + printf("error deallocating auth function\n"); + exit(status); + } + + } + + return 0; +} + +#define NUM_TRIALS 100000 + +#include <time.h> + +double +auth_bits_per_second(auth_t *a, int msg_len_octets) { + int i; + clock_t timer; + uint8_t *result; + int msg_len = (msg_len_octets + 1)/2; + uint16_t *msg_string; + + /* create random message */ + msg_string = (uint16_t *) crypto_alloc(msg_len_octets); + if (msg_string == NULL) + return 0.0; /* indicate failure */ + for (i=0; i < msg_len; i++) + msg_string[i] = (uint16_t) random(); + + /* allocate temporary storage for authentication tag */ + result = crypto_alloc(auth_get_tag_length(a)); + if (result == NULL) { + free(msg_string); + return 0.0; /* indicate failure */ + } + + timer = clock(); + for (i=0; i < NUM_TRIALS; i++) { + auth_compute(a, (uint8_t *)msg_string, msg_len_octets, (uint8_t *)result); + } + timer = clock() - timer; + + free(msg_string); + free(result); + + return (double) NUM_TRIALS * 8 * msg_len_octets * CLOCKS_PER_SEC / timer; +} + + diff --git a/netwerk/srtp/src/crypto/test/cipher_driver.c b/netwerk/srtp/src/crypto/test/cipher_driver.c new file mode 100644 index 000000000..ea41ff5a4 --- /dev/null +++ b/netwerk/srtp/src/crypto/test/cipher_driver.c @@ -0,0 +1,531 @@ +/* + * cipher_driver.c + * + * A driver for the generic cipher type + * + * David A. McGrew + * Cisco Systems, Inc. + */ + +/* + * + * Copyright (c) 2001-2006, Cisco Systems, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * Neither the name of the Cisco Systems, Inc. nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#include <stdio.h> /* for printf() */ +#include <stdlib.h> /* for rand() */ +#include <string.h> /* for memset() */ +#include <unistd.h> /* for getopt() */ +#include "cipher.h" +#include "aes_icm.h" +#include "null_cipher.h" + +#define PRINT_DEBUG 0 + +void +cipher_driver_test_throughput(cipher_t *c); + +err_status_t +cipher_driver_self_test(cipher_type_t *ct); + + +/* + * cipher_driver_test_buffering(ct) tests the cipher's output + * buffering for correctness by checking the consistency of succesive + * calls + */ + +err_status_t +cipher_driver_test_buffering(cipher_t *c); + + +/* + * functions for testing cipher cache thrash + */ +err_status_t +cipher_driver_test_array_throughput(cipher_type_t *ct, + int klen, int num_cipher); + +void +cipher_array_test_throughput(cipher_t *ca[], int num_cipher); + +uint64_t +cipher_array_bits_per_second(cipher_t *cipher_array[], int num_cipher, + unsigned octets_in_buffer, int num_trials); + +err_status_t +cipher_array_delete(cipher_t *cipher_array[], int num_cipher); + +err_status_t +cipher_array_alloc_init(cipher_t ***cipher_array, int num_ciphers, + cipher_type_t *ctype, int klen); + +void +usage(char *prog_name) { + printf("usage: %s [ -t | -v | -a ]\n", prog_name); + exit(255); +} + +void +check_status(err_status_t s) { + if (s) { + printf("error (code %d)\n", s); + exit(s); + } + return; +} + +/* + * null_cipher, aes_icm, and aes_cbc are the cipher meta-objects + * defined in the files in crypto/cipher subdirectory. these are + * declared external so that we can use these cipher types here + */ + +extern cipher_type_t null_cipher; +extern cipher_type_t aes_icm; +extern cipher_type_t aes_cbc; + +int +main(int argc, char *argv[]) { + cipher_t *c = NULL; + err_status_t status; + unsigned char test_key[48] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, + 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, + }; + int q; + unsigned do_timing_test = 0; + unsigned do_validation = 0; + unsigned do_array_timing_test = 0; + + /* process input arguments */ + while (1) { + q = getopt(argc, argv, "tva"); + if (q == -1) + break; + switch (q) { + case 't': + do_timing_test = 1; + break; + case 'v': + do_validation = 1; + break; + case 'a': + do_array_timing_test = 1; + break; + default: + usage(argv[0]); + } + } + + printf("cipher test driver\n" + "David A. McGrew\n" + "Cisco Systems, Inc.\n"); + + if (!do_validation && !do_timing_test && !do_array_timing_test) + usage(argv[0]); + + /* arry timing (cache thrash) test */ + if (do_array_timing_test) { + int max_num_cipher = 1 << 16; /* number of ciphers in cipher_array */ + int num_cipher; + + for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8) + cipher_driver_test_array_throughput(&null_cipher, 0, num_cipher); + + for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8) + cipher_driver_test_array_throughput(&aes_icm, 30, num_cipher); + + for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8) + cipher_driver_test_array_throughput(&aes_icm, 46, num_cipher); + + for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8) + cipher_driver_test_array_throughput(&aes_cbc, 16, num_cipher); + + for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8) + cipher_driver_test_array_throughput(&aes_cbc, 32, num_cipher); + } + + if (do_validation) { + cipher_driver_self_test(&null_cipher); + cipher_driver_self_test(&aes_icm); + cipher_driver_self_test(&aes_cbc); + } + + /* do timing and/or buffer_test on null_cipher */ + status = cipher_type_alloc(&null_cipher, &c, 0); + check_status(status); + + status = cipher_init(c, NULL, direction_encrypt); + check_status(status); + + if (do_timing_test) + cipher_driver_test_throughput(c); + if (do_validation) { + status = cipher_driver_test_buffering(c); + check_status(status); + } + status = cipher_dealloc(c); + check_status(status); + + + /* run the throughput test on the aes_icm cipher (128-bit key) */ + status = cipher_type_alloc(&aes_icm, &c, 30); + if (status) { + fprintf(stderr, "error: can't allocate cipher\n"); + exit(status); + } + + status = cipher_init(c, test_key, direction_encrypt); + check_status(status); + + if (do_timing_test) + cipher_driver_test_throughput(c); + + if (do_validation) { + status = cipher_driver_test_buffering(c); + check_status(status); + } + + status = cipher_dealloc(c); + check_status(status); + + /* repeat the tests with 256-bit keys */ + status = cipher_type_alloc(&aes_icm, &c, 46); + if (status) { + fprintf(stderr, "error: can't allocate cipher\n"); + exit(status); + } + + status = cipher_init(c, test_key, direction_encrypt); + check_status(status); + + if (do_timing_test) + cipher_driver_test_throughput(c); + + if (do_validation) { + status = cipher_driver_test_buffering(c); + check_status(status); + } + + status = cipher_dealloc(c); + check_status(status); + + return 0; +} + +void +cipher_driver_test_throughput(cipher_t *c) { + int i; + int min_enc_len = 32; + int max_enc_len = 2048; /* should be a power of two */ + int num_trials = 1000000; + + printf("timing %s throughput, key length %d:\n", c->type->description, c->key_len); + fflush(stdout); + for (i=min_enc_len; i <= max_enc_len; i = i * 2) + printf("msg len: %d\tgigabits per second: %f\n", + i, cipher_bits_per_second(c, i, num_trials) / 1e9); + +} + +err_status_t +cipher_driver_self_test(cipher_type_t *ct) { + err_status_t status; + + printf("running cipher self-test for %s...", ct->description); + status = cipher_type_self_test(ct); + if (status) { + printf("failed with error code %d\n", status); + exit(status); + } + printf("passed\n"); + + return err_status_ok; +} + +/* + * cipher_driver_test_buffering(ct) tests the cipher's output + * buffering for correctness by checking the consistency of succesive + * calls + */ + +err_status_t +cipher_driver_test_buffering(cipher_t *c) { + int i, j, num_trials = 1000; + unsigned len, buflen = 1024; + uint8_t buffer0[buflen], buffer1[buflen], *current, *end; + uint8_t idx[16] = { + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x12, 0x34 + }; + err_status_t status; + + printf("testing output buffering for cipher %s...", + c->type->description); + + for (i=0; i < num_trials; i++) { + + /* set buffers to zero */ + for (j=0; j < buflen; j++) + buffer0[j] = buffer1[j] = 0; + + /* initialize cipher */ + status = cipher_set_iv(c, idx); + if (status) + return status; + + /* generate 'reference' value by encrypting all at once */ + status = cipher_encrypt(c, buffer0, &buflen); + if (status) + return status; + + /* re-initialize cipher */ + status = cipher_set_iv(c, idx); + if (status) + return status; + + /* now loop over short lengths until buffer1 is encrypted */ + current = buffer1; + end = buffer1 + buflen; + while (current < end) { + + /* choose a short length */ + len = rand() & 0x01f; + + /* make sure that len doesn't cause us to overreach the buffer */ + if (current + len > end) + len = end - current; + + status = cipher_encrypt(c, current, &len); + if (status) + return status; + + /* advance pointer into buffer1 to reflect encryption */ + current += len; + + /* if buffer1 is all encrypted, break out of loop */ + if (current == end) + break; + } + + /* compare buffers */ + for (j=0; j < buflen; j++) + if (buffer0[j] != buffer1[j]) { +#if PRINT_DEBUG + printf("test case %d failed at byte %d\n", i, j); + printf("computed: %s\n", octet_string_hex_string(buffer1, buflen)); + printf("expected: %s\n", octet_string_hex_string(buffer0, buflen)); +#endif + return err_status_algo_fail; + } + } + + printf("passed\n"); + + return err_status_ok; +} + + +/* + * The function cipher_test_throughput_array() tests the effect of CPU + * cache thrash on cipher throughput. + * + * cipher_array_alloc_init(ctype, array, num_ciphers) creates an array + * of cipher_t of type ctype + */ + +err_status_t +cipher_array_alloc_init(cipher_t ***ca, int num_ciphers, + cipher_type_t *ctype, int klen) { + int i, j; + err_status_t status; + uint8_t *key; + cipher_t **cipher_array; + /* pad klen allocation, to handle aes_icm reading 16 bytes for the + 14-byte salt */ + int klen_pad = ((klen + 15) >> 4) << 4; + + /* allocate array of pointers to ciphers */ + cipher_array = (cipher_t **) malloc(sizeof(cipher_t *) * num_ciphers); + if (cipher_array == NULL) + return err_status_alloc_fail; + + /* set ca to location of cipher_array */ + *ca = cipher_array; + + /* allocate key */ + key = crypto_alloc(klen_pad); + if (key == NULL) { + free(cipher_array); + return err_status_alloc_fail; + } + + /* allocate and initialize an array of ciphers */ + for (i=0; i < num_ciphers; i++) { + + /* allocate cipher */ + status = cipher_type_alloc(ctype, cipher_array, klen); + if (status) + return status; + + /* generate random key and initialize cipher */ + for (j=0; j < klen; j++) + key[j] = (uint8_t) rand(); + for (; j < klen_pad; j++) + key[j] = 0; + status = cipher_init(*cipher_array, key, direction_encrypt); + if (status) + return status; + +/* printf("%dth cipher is at %p\n", i, *cipher_array); */ +/* printf("%dth cipher description: %s\n", i, */ +/* (*cipher_array)->type->description); */ + + /* advance cipher array pointer */ + cipher_array++; + } + + crypto_free(key); + + return err_status_ok; +} + +err_status_t +cipher_array_delete(cipher_t *cipher_array[], int num_cipher) { + int i; + + for (i=0; i < num_cipher; i++) { + cipher_dealloc(cipher_array[i]); + } + + free(cipher_array); + + return err_status_ok; +} + + +/* + * cipher_array_bits_per_second(c, l, t) computes (an estimate of) the + * number of bits that a cipher implementation can encrypt in a second + * when distinct keys are used to encrypt distinct messages + * + * c is a cipher (which MUST be allocated an initialized already), l + * is the length in octets of the test data to be encrypted, and t is + * the number of trials + * + * if an error is encountered, the value 0 is returned + */ + +uint64_t +cipher_array_bits_per_second(cipher_t *cipher_array[], int num_cipher, + unsigned octets_in_buffer, int num_trials) { + int i; + v128_t nonce; + clock_t timer; + unsigned char *enc_buf; + int cipher_index = rand() % num_cipher; + + /* Over-alloc, for NIST CBC padding */ + enc_buf = crypto_alloc(octets_in_buffer+17); + if (enc_buf == NULL) + return 0; /* indicate bad parameters by returning null */ + memset(enc_buf, 0, octets_in_buffer); + + /* time repeated trials */ + v128_set_to_zero(&nonce); + timer = clock(); + for(i=0; i < num_trials; i++, nonce.v32[3] = i) { + /* length parameter to cipher_encrypt is in/out -- out is total, padded + * length -- so reset it each time. */ + unsigned octets_to_encrypt = octets_in_buffer; + + /* encrypt buffer with cipher */ + cipher_set_iv(cipher_array[cipher_index], &nonce); + cipher_encrypt(cipher_array[cipher_index], enc_buf, &octets_to_encrypt); + + /* choose a cipher at random from the array*/ + cipher_index = (*((uint32_t *)enc_buf)) % num_cipher; + } + timer = clock() - timer; + + free(enc_buf); + + if (timer == 0) { + /* Too fast! */ + return 0; + } + + return (uint64_t)CLOCKS_PER_SEC * num_trials * 8 * octets_in_buffer / timer; +} + +void +cipher_array_test_throughput(cipher_t *ca[], int num_cipher) { + int i; + int min_enc_len = 16; + int max_enc_len = 2048; /* should be a power of two */ + int num_trials = 1000000; + + printf("timing %s throughput with key length %d, array size %d:\n", + (ca[0])->type->description, (ca[0])->key_len, num_cipher); + fflush(stdout); + for (i=min_enc_len; i <= max_enc_len; i = i * 4) + printf("msg len: %d\tgigabits per second: %f\n", i, + cipher_array_bits_per_second(ca, num_cipher, i, num_trials) / 1e9); + +} + +err_status_t +cipher_driver_test_array_throughput(cipher_type_t *ct, + int klen, int num_cipher) { + cipher_t **ca = NULL; + err_status_t status; + + status = cipher_array_alloc_init(&ca, num_cipher, ct, klen); + if (status) { + printf("error: cipher_array_alloc_init() failed with error code %d\n", + status); + return status; + } + + cipher_array_test_throughput(ca, num_cipher); + + cipher_array_delete(ca, num_cipher); + + return err_status_ok; +} diff --git a/netwerk/srtp/src/crypto/test/datatypes_driver.c b/netwerk/srtp/src/crypto/test/datatypes_driver.c new file mode 100644 index 000000000..f1866524c --- /dev/null +++ b/netwerk/srtp/src/crypto/test/datatypes_driver.c @@ -0,0 +1,237 @@ +/* + * datatypes_driver.c + * + * a test driver for crypto/math datatypes + * + * David A. McGrew + * Cisco Systems, Inc. + */ + +/* + * + * Copyright (c) 2001-2006, Cisco Systems, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * Neither the name of the Cisco Systems, Inc. nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + + +#include <stdio.h> /* for printf() */ +#include <string.h> /* for strlen() */ +#include "datatypes.h" + +void +byte_order(void); + +void +test_hex_string_funcs(void); + +void +print_string(char *s); + +void +test_bswap(void); + +int +main (void) { + + /* + * this program includes various and sundry tests for fundamental + * datatypes. it's a grab-bag of throwaway code, retained only in + * case of future problems + */ + + int i, j; + v128_t x; + char *r = + "The Moving Finger writes; and, having writ,\n" + "Moves on: nor all thy Piety nor Wit\n" + "Shall lure it back to cancel half a Line,\n" + "Nor all thy Tears wash out a Word of it."; + char *s = "incomplet"; + + print_string(r); + print_string(s); + + byte_order(); + test_hex_string_funcs(); + + for (j=0; j < 128; j++) { + v128_set_to_zero(&x); + /* x.v32[0] = (1 << j); */ + v128_set_bit(&x, j); + printf("%s\n", v128_bit_string(&x)); + v128_clear_bit(&x, j); + printf("%s\n", v128_bit_string(&x)); + + } + + printf("----------------------------------------------\n"); + v128_set_to_zero(&x); + for (i=0; i < 128; i++) { + v128_set_bit(&x, i); + } + printf("%s\n", v128_bit_string(&x)); + + printf("----------------------------------------------\n"); + v128_set_to_zero(&x); + v128_set_bit(&x, 0); + for (i=0; i < 128; i++) { + printf("%s\n", v128_bit_string(&x)); + v128_right_shift(&x, 1); + } + printf("----------------------------------------------\n"); + v128_set_to_zero(&x); + v128_set_bit(&x, 127); + for (i=0; i < 128; i++) { + printf("%s\n", v128_bit_string(&x)); + v128_left_shift(&x, 1); + } + printf("----------------------------------------------\n"); + for (i=0; i < 128; i++) { + v128_set_to_zero(&x); + v128_set_bit(&x, 127); + v128_left_shift(&x, i); + printf("%s\n", v128_bit_string(&x)); + } + printf("----------------------------------------------\n"); + v128_set_to_zero(&x); + for (i=0; i < 128; i+=2) { + v128_set_bit(&x, i); + } + printf("bit_string: { %s }\n", v128_bit_string(&x)); + printf("get_bit: { "); + for (i=0; i < 128; i++) { + if (v128_get_bit(&x, i) == 1) + printf("1"); + else + printf("0"); + } + printf(" } \n"); + + test_bswap(); + + return 0; +} + + +/* byte_order() prints out byte ordering of datatypes */ + +void +byte_order(void) { + int i; + v128_t e; +#if 0 + v16_t b; + v32_t c; + v64_t d; + + for (i=0; i < sizeof(b); i++) + b.octet[i] = i; + for (i=0; i < sizeof(c); i++) + c.octet[i] = i; + for (i=0; i < sizeof(d); i++) + d.octet[i] = i; + + printf("v128_t:\t%s\n", v128_hex_string(&e)); + printf("v64_t:\t%s\n", v64_hex_string(&d)); + printf("v32_t:\t%s\n", v32_hex_string(c)); + printf("v16_t:\t%s\n", v16_hex_string(b)); + + c.value = 0x01020304; + printf("v32_t:\t%s\n", v32_hex_string(c)); + b.value = 0x0102; + printf("v16_t:\t%s\n", v16_hex_string(b)); + + printf("uint16_t ordering:\n"); + + c.value = 0x00010002; + printf("v32_t:\t%x%x\n", c.v16[0], c.v16[1]); +#endif + + printf("byte ordering of crypto/math datatypes:\n"); + for (i=0; i < sizeof(e); i++) + e.v8[i] = i; + printf("v128_t: %s\n", v128_hex_string(&e)); + +} + +void +test_hex_string_funcs(void) { + char hex1[] = "abadcafe"; + char hex2[] = "0123456789abcdefqqqqq"; + char raw[10]; + int len; + + len = hex_string_to_octet_string(raw, hex1, strlen(hex1)); + printf("computed length: %d\tstring: %s\n", len, + octet_string_hex_string(raw, len/2)); + printf("expected length: %u\tstring: %s\n", (unsigned)strlen(hex1), hex1); + + len = hex_string_to_octet_string(raw, hex2, strlen(hex2)); + printf("computed length: %d\tstring: %s\n", len, + octet_string_hex_string(raw, len/2)); + printf("expected length: %d\tstring: %s\n", 16, "0123456789abcdef"); + +} + +void +print_string(char *s) { + int i; + printf("%s\n", s); + printf("strlen(s) = %u\n", (unsigned)strlen(s)); + printf("{ "); + for (i=0; i < strlen(s); i++) { + printf("0x%x, ", s[i]); + if (((i+1) % 8) == 0) + printf("\n "); + } + printf("}\n"); +} + +void +test_bswap(void) { + uint32_t x = 0x11223344; + uint64_t y = 0x1122334455667788LL; + + printf("before: %0x\nafter: %0x\n", x, be32_to_cpu(x)); + printf("before: %0llx\nafter: %0llx\n", (unsigned long long)y, + (unsigned long long)be64_to_cpu(y)); + + y = 1234; + + printf("1234: %0llx\n", (unsigned long long)y); + printf("as octet string: %s\n", + octet_string_hex_string((uint8_t *) &y, 8)); + y = be64_to_cpu(y); + printf("bswapped octet string: %s\n", + octet_string_hex_string((uint8_t *) &y, 8)); +} diff --git a/netwerk/srtp/src/crypto/test/env.c b/netwerk/srtp/src/crypto/test/env.c new file mode 100644 index 000000000..37a6e2731 --- /dev/null +++ b/netwerk/srtp/src/crypto/test/env.c @@ -0,0 +1,99 @@ +/* + * env.c + * + * prints out a brief report on the build environment + * + * David McGrew + * Cisco Systems, Inc. + */ +/* + * + * Copyright (c) 2001-2006 Cisco Systems, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * Neither the name of the Cisco Systems, Inc. nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#include <stdio.h> +#include <string.h> /* for srtcmp() */ +#include "config.h" + +int +main(void) { + int err_count = 0; + char *str; + +#ifdef WORDS_BIGENDIAN + printf("CPU set to big-endian\t\t\t(WORDS_BIGENDIAN == 1)\n"); +#else + printf("CPU set to little-endian\t\t(WORDS_BIGENDIAN == 0)\n"); +#endif + +#ifdef CPU_RISC + printf("CPU set to RISC\t\t\t\t(CPU_RISC == 1)\n"); +#elif defined(CPU_CISC) + printf("CPU set to CISC\t\t\t\t(CPU_CISC == 1)\n"); +#else + printf("CPU set to an unknown type, probably due to a configuration error\n"); + err_count++; +#endif + +#ifdef CPU_ALTIVEC + printf("CPU set to ALTIVEC\t\t\t\t(CPU_ALTIVEC == 0)\n"); +#endif + +#ifndef NO_64BIT_MATH + printf("using native 64-bit type\t\t(NO_64_BIT_MATH == 0)\n"); +#else + printf("using built-in 64-bit math\t\t(NO_64_BIT_MATH == 1)\n"); +#endif + +#ifdef ERR_REPORTING_STDOUT + printf("using stdout for error reporting\t(ERR_REPORTING_STDOUT == 1)\n"); +#endif + +#ifdef DEV_URANDOM + str = DEV_URANDOM; +#else + str = ""; +#endif + printf("using %s as a random source\t(DEV_URANDOM == %s)\n", + str, str); + if (strcmp("", str) == 0) { + err_count++; + } + + if (err_count) + printf("warning: configuration is probably in error " + "(found %d problems)\n", err_count); + + return err_count; +} diff --git a/netwerk/srtp/src/crypto/test/kernel_driver.c b/netwerk/srtp/src/crypto/test/kernel_driver.c new file mode 100644 index 000000000..8ef8a5f4b --- /dev/null +++ b/netwerk/srtp/src/crypto/test/kernel_driver.c @@ -0,0 +1,126 @@ +/* + * kernel_driver.c + * + * a test driver for the crypto_kernel + * + * David A. McGrew + * Cisco Systems, Inc. + */ +/* + * + * Copyright(c) 2001-2006 Cisco Systems, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * Neither the name of the Cisco Systems, Inc. nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + + +#include <stdio.h> /* for printf() */ +#include <unistd.h> /* for getopt() */ +#include "crypto_kernel.h" + +void +usage(char *prog_name) { + printf("usage: %s [ -v ][ -d debug_module ]*\n", prog_name); + exit(255); +} + +int +main (int argc, char *argv[]) { + extern char *optarg; + int q; + int do_validation = 0; + err_status_t status; + + if (argc == 1) + usage(argv[0]); + + /* initialize kernel - we need to do this before anything else */ + status = crypto_kernel_init(); + if (status) { + printf("error: crypto_kernel init failed\n"); + exit(1); + } + printf("crypto_kernel successfully initalized\n"); + + /* process input arguments */ + while (1) { + q = getopt(argc, argv, "vd:"); + if (q == -1) + break; + switch (q) { + case 'v': + do_validation = 1; + break; + case 'd': + status = crypto_kernel_set_debug_module(optarg, 1); + if (status) { + printf("error: set debug module (%s) failed\n", optarg); + exit(1); + } + break; + default: + usage(argv[0]); + } + } + + if (do_validation) { + printf("checking crypto_kernel status...\n"); + status = crypto_kernel_status(); + if (status) { + printf("failed\n"); + exit(1); + } + printf("crypto_kernel passed self-tests\n"); + } + + status = crypto_kernel_shutdown(); + if (status) { + printf("error: crypto_kernel shutdown failed\n"); + exit(1); + } + printf("crypto_kernel successfully shut down\n"); + + return 0; +} + +/* + * crypto_kernel_cipher_test() is a test of the cipher interface + * of the crypto_kernel + */ + +err_status_t +crypto_kernel_cipher_test(void) { + + /* not implemented yet! */ + + return err_status_ok; +} diff --git a/netwerk/srtp/src/crypto/test/rand_gen.c b/netwerk/srtp/src/crypto/test/rand_gen.c new file mode 100644 index 000000000..ccea097f2 --- /dev/null +++ b/netwerk/srtp/src/crypto/test/rand_gen.c @@ -0,0 +1,140 @@ +/* + * rand_gen.c + * + * a random source (random number generator) + * + * David A. McGrew + * Cisco Systems, Inc. + */ +/* + * + * Copyright(c) 2001-2006 Cisco Systems, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * Neither the name of the Cisco Systems, Inc. nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + + +#include <stdio.h> /* for printf() */ +#include <unistd.h> /* for getopt() */ +#include "crypto_kernel.h" + +/* + * MAX_PRINT_STRING_LEN is defined in datatypes.h, and is the length + * of the largest hexadecimal string that can be generated by the + * function octet_string_hex_string(). + */ + +#define BUF_LEN (MAX_PRINT_STRING_LEN/2) + +void +usage(char *prog_name) { + printf("usage: %s -n <num_bytes> [-l][ -d debug_module ]*\n" + " -n <num> output <num> random bytes, where <num>" + " is between zero and %d\n" + " -l list the avaliable debug modules\n" + " -d <mod> turn on debugging module <mod>\n", + prog_name, BUF_LEN); + exit(255); +} + +int +main (int argc, char *argv[]) { + extern char *optarg; + int q; + int num_octets = 0; + unsigned do_list_mods = 0; + err_status_t status; + + if (argc == 1) + usage(argv[0]); + + /* initialize kernel - we need to do this before anything else */ + status = crypto_kernel_init(); + if (status) { + printf("error: crypto_kernel init failed\n"); + exit(1); + } + + /* process input arguments */ + while (1) { + q = getopt(argc, argv, "ld:n:"); + if (q == -1) + break; + switch (q) { + case 'd': + status = crypto_kernel_set_debug_module(optarg, 1); + if (status) { + printf("error: set debug module (%s) failed\n", optarg); + exit(1); + } + break; + case 'l': + do_list_mods = 1; + break; + case 'n': + num_octets = atoi(optarg); + if (num_octets < 0 || num_octets > BUF_LEN) + usage(argv[0]); + break; + default: + usage(argv[0]); + } + } + + if (do_list_mods) { + status = crypto_kernel_list_debug_modules(); + if (status) { + printf("error: list of debug modules failed\n"); + exit(1); + } + } + + if (num_octets > 0) { + uint8_t buffer[BUF_LEN]; + + status = crypto_get_random(buffer, num_octets); + if (status) { + printf("error: failure in random source\n"); + } else { + printf("%s\n", octet_string_hex_string(buffer, num_octets)); + } + } + + status = crypto_kernel_shutdown(); + if (status) { + printf("error: crypto_kernel shutdown failed\n"); + exit(1); + } + + return 0; +} + diff --git a/netwerk/srtp/src/crypto/test/sha1_driver.c b/netwerk/srtp/src/crypto/test/sha1_driver.c new file mode 100644 index 000000000..6036022e9 --- /dev/null +++ b/netwerk/srtp/src/crypto/test/sha1_driver.c @@ -0,0 +1,550 @@ +/* + * sha1_driver.c + * + * a test driver for SHA-1 + * + * David A. McGrew + * Cisco Systems, Inc. + */ + +/* + * + * Copyright (c) 2001-2006, Cisco Systems, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * Neither the name of the Cisco Systems, Inc. nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#include <stdio.h> +#include "sha1.h" + +#define SHA_PASS 0 +#define SHA_FAIL 1 + +#define MAX_HASH_DATA_LEN 1024 +#define MAX_HASH_OUT_LEN 20 + +typedef struct hash_test_case_t { + unsigned data_len; /* number of octets in data */ + unsigned hash_len; /* number of octets output by hash */ + uint8_t data[MAX_HASH_DATA_LEN]; /* message data */ + uint8_t hash[MAX_HASH_OUT_LEN]; /* expected hash output */ + struct hash_test_case_t *next_test_case; +} hash_test_case_t; + +hash_test_case_t *sha1_test_case_list; + +err_status_t +hash_test_case_add(hash_test_case_t **list_ptr, + char *hex_data, + unsigned data_len, + char *hex_hash, + unsigned hash_len) { + hash_test_case_t *list_head = *list_ptr; + hash_test_case_t *test_case; + unsigned tmp_len; + + test_case = malloc(sizeof(hash_test_case_t)); + if (test_case == NULL) + return err_status_alloc_fail; + + tmp_len = hex_string_to_octet_string((char *)test_case->data, hex_data, data_len*2); + if (tmp_len != data_len*2) + return err_status_parse_err; + + tmp_len = hex_string_to_octet_string((char *)test_case->hash, hex_hash, hash_len*2); + if (tmp_len != hash_len*2) + return err_status_parse_err; + + test_case->data_len = data_len; + test_case->hash_len = hash_len; + + /* add the new test case to the head of the list */ + test_case->next_test_case = list_head; + *list_ptr = test_case; + + return err_status_ok; +} + +err_status_t +sha1_test_case_validate(const hash_test_case_t *test_case) { + sha1_ctx_t ctx; + uint32_t hash_value[5]; + + if (test_case == NULL) + return err_status_bad_param; + + if (test_case->hash_len != 20) + return err_status_bad_param; + if (test_case->data_len > MAX_HASH_DATA_LEN) + return err_status_bad_param; + + sha1_init(&ctx); + sha1_update(&ctx, test_case->data, test_case->data_len); + sha1_final(&ctx, hash_value); + if (0 == memcmp(test_case->hash, hash_value, 20)) { +#if VERBOSE + printf("PASSED: reference value: %s\n", + octet_string_hex_string((const uint8_t *)test_case->hash, 20)); + printf("PASSED: computed value: %s\n", + octet_string_hex_string((const uint8_t *)hash_value, 20)); +#endif + return err_status_ok; + } + + printf("reference value: %s\n", + octet_string_hex_string((const uint8_t *)test_case->hash, 20)); + printf("computed value: %s\n", + octet_string_hex_string((const uint8_t *)hash_value, 20)); + + return err_status_algo_fail; + +} + +struct hex_sha1_test_case_t { + unsigned bit_len; + char hex_data[MAX_HASH_DATA_LEN*2]; + char hex_hash[40]; +}; + +err_status_t +sha1_add_test_cases(void) { + int i; + err_status_t err; + + /* + * these test cases are taken from the "SHA-1 Sample Vectors" + * provided by NIST at http://csrc.nist.gov/cryptval/shs.html + */ + + struct hex_sha1_test_case_t tc[] = { + { + 0, + "", + "da39a3ee5e6b4b0d3255bfef95601890afd80709" + }, + { + 8, + "a8", + "99f2aa95e36f95c2acb0eaf23998f030638f3f15" + }, + { + 16, + "3000", + "f944dcd635f9801f7ac90a407fbc479964dec024" + }, + { + 24, + "42749e", + "a444319e9b6cc1e8464c511ec0969c37d6bb2619" + }, + { + 32, + "9fc3fe08", + "16a0ff84fcc156fd5d3ca3a744f20a232d172253" + }, + { + 40, + "b5c1c6f1af", + "fec9deebfcdedaf66dda525e1be43597a73a1f93" + }, + { + 48, + "e47571e5022e", + "8ce051181f0ed5e9d0c498f6bc4caf448d20deb5" + }, + { + 56, + "3e1b28839fb758", + "67da53837d89e03bf652ef09c369a3415937cfd3" + }, + { + 64, + "a81350cbb224cb90", + "305e4ff9888ad855a78573cddf4c5640cce7e946" + }, + { + 72, "c243d167923dec3ce1", + "5902b77b3265f023f9bbc396ba1a93fa3509bde7" + }, + { + 80, + "50ac18c59d6a37a29bf4", + "fcade5f5d156bf6f9af97bdfa9c19bccfb4ff6ab" + }, + { + 88, + "98e2b611ad3b1cccf634f6", + "1d20fbe00533c10e3cbd6b27088a5de0c632c4b5" + }, + { + 96, + "73fe9afb68e1e8712e5d4eec", + "7e1b7e0f7a8f3455a9c03e9580fd63ae205a2d93" + }, + { + 104, + "9e701ed7d412a9226a2a130e66", + "706f0677146307b20bb0e8d6311e329966884d13" + }, + { + 112, + "6d3ee90413b0a7cbf69e5e6144ca", + "a7241a703aaf0d53fe142f86bf2e849251fa8dff" + }, + { + 120, + "fae24d56514efcb530fd4802f5e71f", + "400f53546916d33ad01a5e6df66822dfbdc4e9e6" + }, + { + 128, + "c5a22dd6eda3fe2bdc4ddb3ce6b35fd1", + "fac8ab93c1ae6c16f0311872b984f729dc928ccd" + }, + { + 136, + "d98cded2adabf08fda356445c781802d95", + "fba6d750c18da58f6e2aab10112b9a5ef3301b3b" + }, + { + 144, + "bcc6d7087a84f00103ccb32e5f5487a751a2", + "29d27c2d44c205c8107f0351b05753ac708226b6" + }, + { + 152, + "36ecacb1055434190dbbc556c48bafcb0feb0d", + "b971bfc1ebd6f359e8d74cb7ecfe7f898d0ba845" + }, + { + 160, + "5ff9edb69e8f6bbd498eb4537580b7fba7ad31d0", + "96d08c430094b9fcc164ad2fb6f72d0a24268f68" + }, + { + 168, "c95b441d8270822a46a798fae5defcf7b26abace36", + "a287ea752a593d5209e287881a09c49fa3f0beb1" + }, + { + 176, + "83104c1d8a55b28f906f1b72cb53f68cbb097b44f860", + "a06c713779cbd88519ed4a585ac0cb8a5e9d612b" + }, + { + 184, + "755175528d55c39c56493d697b790f099a5ce741f7754b", + "bff7d52c13a3688132a1d407b1ab40f5b5ace298" + }, + { + 192, + "088fc38128bbdb9fd7d65228b3184b3faac6c8715f07272f", + "c7566b91d7b6f56bdfcaa9781a7b6841aacb17e9" + }, + { + 200, + "a4a586eb9245a6c87e3adf1009ac8a49f46c07e14185016895", + "ffa30c0b5c550ea4b1e34f8a60ec9295a1e06ac1" + }, + { + 208, + "8e7c555270c006092c2a3189e2a526b873e2e269f0fb28245256", + "29e66ed23e914351e872aa761df6e4f1a07f4b81" + }, + { + 216, + "a5f3bfa6bb0ba3b59f6b9cbdef8a558ec565e8aa3121f405e7f2f0", + "b28cf5e5b806a01491d41f69bd9248765c5dc292" + }, + { + 224, + "589054f0d2bd3c2c85b466bfd8ce18e6ec3e0b87d944cd093ba36469", + "60224fb72c46069652cd78bcd08029ef64da62f3" + }, + { + 232, + "a0abb12083b5bbc78128601bf1cbdbc0fdf4b862b24d899953d8da0ff3", + "b72c4a86f72608f24c05f3b9088ef92fba431df7" + }, + { + 240, + "82143f4cea6fadbf998e128a8811dc75301cf1db4f079501ea568da68eeb", + "73779ad5d6b71b9b8328ef7220ff12eb167076ac" + }, + { + 248, + "9f1231dd6df1ff7bc0b0d4f989d048672683ce35d956d2f57913046267e6f3", + "a09671d4452d7cf50015c914a1e31973d20cc1a0" + }, + { + 256, + "041c512b5eed791f80d3282f3a28df263bb1df95e1239a7650e5670fc2187919", + "e88cdcd233d99184a6fd260b8fca1b7f7687aee0" + }, + { + 264, + "17e81f6ae8c2e5579d69dafa6e070e7111461552d314b691e7a3e7a4feb3fae418", + "010def22850deb1168d525e8c84c28116cb8a269" + }, + { + 272, + "d15976b23a1d712ad28fad04d805f572026b54dd64961fda94d5355a0cc98620cf77", + "aeaa40ba1717ed5439b1e6ea901b294ba500f9ad" + }, + { + 280, + "09fce4d434f6bd32a44e04b848ff50ec9f642a8a85b37a264dc73f130f22838443328f", + "c6433791238795e34f080a5f1f1723f065463ca0" + }, + { + 288, "f17af27d776ec82a257d8d46d2b46b639462c56984cc1be9c1222eadb8b26594a25c709d", + "e21e22b89c1bb944a32932e6b2a2f20d491982c3" + }, + { + 296, + "b13ce635d6f8758143ffb114f2f601cb20b6276951416a2f94fbf4ad081779d79f4f195b22", + "575323a9661f5d28387964d2ba6ab92c17d05a8a" + }, + { + 304, + "5498793f60916ff1c918dde572cdea76da8629ba4ead6d065de3dfb48de94d234cc1c5002910", + "feb44494af72f245bfe68e86c4d7986d57c11db7" + }, + { + 312, + "498a1e0b39fa49582ae688cd715c86fbaf8a81b8b11b4d1594c49c902d197c8ba8a621fd6e3be5", + "cff2290b3648ba2831b98dde436a72f9ebf51eee" + }, + { + 320, + "3a36ae71521f9af628b3e34dcb0d4513f84c78ee49f10416a98857150b8b15cb5c83afb4b570376e", + "9b4efe9d27b965905b0c3dab67b8d7c9ebacd56c" + }, + { + 328, + "dcc76b40ae0ea3ba253e92ac50fcde791662c5b6c948538cffc2d95e9de99cac34dfca38910db2678f", + "afedb0ff156205bcd831cbdbda43db8b0588c113" + }, + { + 336, + "5b5ec6ec4fd3ad9c4906f65c747fd4233c11a1736b6b228b92e90cddabb0c7c2fcf9716d3fad261dff33", + "8deb1e858f88293a5e5e4d521a34b2a4efa70fc4" + }, + { + 344, + "df48a37b29b1d6de4e94717d60cdb4293fcf170bba388bddf7a9035a15d433f20fd697c3e4c8b8c5f590ab", + "95cbdac0f74afa69cebd0e5c7defbc6faf0cbeaf" + }, + { + 352, + "1f179b3b82250a65e1b0aee949e218e2f45c7a8dbfd6ba08de05c55acfc226b48c68d7f7057e5675cd96fcfc", + "f0307bcb92842e5ae0cd4f4f14f3df7f877fbef2" + }, + { + 360, + "ee3d72da3a44d971578972a8e6780ce64941267e0f7d0179b214fa97855e1790e888e09fbe3a70412176cb3b54", + "7b13bb0dbf14964bd63b133ac85e22100542ef55" + }, + { + 368, + "d4d4c7843d312b30f610b3682254c8be96d5f6684503f8fbfbcd15774fc1b084d3741afb8d24aaa8ab9c104f7258", + "c314d2b6cf439be678d2a74e890d96cfac1c02ed" + }, + { + 376, + "32c094944f5936a190a0877fb9178a7bf60ceae36fd530671c5b38c5dbd5e6a6c0d615c2ac8ad04b213cc589541cf6", + "4d0be361e410b47a9d67d8ce0bb6a8e01c53c078" + }, + { + 384, + "e5d3180c14bf27a5409fa12b104a8fd7e9639609bfde6ee82bbf9648be2546d29688a65e2e3f3da47a45ac14343c9c02", + "e5353431ffae097f675cbf498869f6fbb6e1c9f2" + }, + { + 392, + "e7b6e4b69f724327e41e1188a37f4fe38b1dba19cbf5a7311d6e32f1038e97ab506ee05aebebc1eed09fc0e357109818b9", + "b8720a7068a085c018ab18961de2765aa6cd9ac4" + }, + { + 400, + "bc880cb83b8ac68ef2fedc2da95e7677ce2aa18b0e2d8b322701f67af7d5e7a0d96e9e33326ccb7747cfff0852b961bfd475", + "b0732181568543ba85f2b6da602b4b065d9931aa" + }, + { + 408, + "235ea9c2ba7af25400f2e98a47a291b0bccdaad63faa2475721fda5510cc7dad814bce8dabb611790a6abe56030b798b75c944", + "9c22674cf3222c3ba921672694aafee4ce67b96b" + }, + { + 416, + "07e3e29fed63104b8410f323b975fd9fba53f636af8c4e68a53fb202ca35dd9ee07cb169ec5186292e44c27e5696a967f5e67709", + "d128335f4cecca9066cdae08958ce656ff0b4cfc" + }, + { + 424, + "65d2a1dd60a517eb27bfbf530cf6a5458f9d5f4730058bd9814379547f34241822bf67e6335a6d8b5ed06abf8841884c636a25733f", + "0b67c57ac578de88a2ae055caeaec8bb9b0085a0" + }, + { + 432, + "dcc86b3bd461615bab739d8daafac231c0f462e819ad29f9f14058f3ab5b75941d4241ea2f17ebb8a458831b37a9b16dead4a76a9b0e", + "c766f912a89d4ccda88e0cce6a713ef5f178b596" + }, + { + 440, + "4627d54f0568dc126b62a8c35fb46a9ac5024400f2995e51635636e1afc4373dbb848eb32df23914230560b82477e9c3572647a7f2bb92", + "9aa3925a9dcb177b15ccff9b78e70cf344858779" + }, + { + 448, + "ba531affd4381168ef24d8b275a84d9254c7f5cc55fded53aa8024b2c5c5c8aa7146fe1d1b83d62b70467e9a2e2cb67b3361830adbab28d7", + "4811fa30042fc076acf37c8e2274d025307e5943" + }, + { + 456, + "8764dcbcf89dcf4282eb644e3d568bdccb4b13508bfa7bfe0ffc05efd1390be22109969262992d377691eb4f77f3d59ea8466a74abf57b2ef4", + "6743018450c9730761ee2b130df9b91c1e118150" + }, + { + 464, + "497d9df9ddb554f3d17870b1a31986c1be277bc44feff713544217a9f579623d18b5ffae306c25a45521d2759a72c0459b58957255ab592f3be4", + "71ad4a19d37d92a5e6ef3694ddbeb5aa61ada645" + }, + { + 472, + "72c3c2e065aefa8d9f7a65229e818176eef05da83f835107ba90ec2e95472e73e538f783b416c04654ba8909f26a12db6e5c4e376b7615e4a25819", + "a7d9dc68dacefb7d6116186048cb355cc548e11d" + }, + { + 480, + "7cc9894454d0055ab5069a33984e2f712bef7e3124960d33559f5f3b81906bb66fe64da13c153ca7f5cabc89667314c32c01036d12ecaf5f9a78de98", + "142e429f0522ba5abf5131fa81df82d355b96909" + }, + { + 488, + "74e8404d5a453c5f4d306f2cfa338ca65501c840ddab3fb82117933483afd6913c56aaf8a0a0a6b2a342fc3d9dc7599f4a850dfa15d06c61966d74ea59", + "ef72db70dcbcab991e9637976c6faf00d22caae9" + }, + { + 496, + "46fe5ed326c8fe376fcc92dc9e2714e2240d3253b105adfbb256ff7a19bc40975c604ad7c0071c4fd78a7cb64786e1bece548fa4833c04065fe593f6fb10", + "f220a7457f4588d639dc21407c942e9843f8e26b" + }, + { + 504, + "836dfa2524d621cf07c3d2908835de859e549d35030433c796b81272fd8bc0348e8ddbc7705a5ad1fdf2155b6bc48884ac0cd376925f069a37849c089c8645", + "ddd2117b6e309c233ede85f962a0c2fc215e5c69" + }, + { + 512, + "7e3a4c325cb9c52b88387f93d01ae86d42098f5efa7f9457388b5e74b6d28b2438d42d8b64703324d4aa25ab6aad153ae30cd2b2af4d5e5c00a8a2d0220c6116", + "a3054427cdb13f164a610b348702724c808a0dcc" + } + }; + + + for (i=0; i < 65; i++) { + err = hash_test_case_add(&sha1_test_case_list, + tc[i].hex_data, + tc[i].bit_len/8, + tc[i].hex_hash, 20); + if (err) { + printf("error adding hash test case (code %d)\n", err); + return err; + } + } + + return err_status_ok; +} + +err_status_t +sha1_dealloc_test_cases(void) { + hash_test_case_t *t, *next; + + for (t = sha1_test_case_list; t != NULL; t = next) { + next = t->next_test_case; + free(t); + } + + sha1_test_case_list = NULL; + + return err_status_ok; +} + + + +err_status_t +sha1_validate(void) { + hash_test_case_t *test_case; + err_status_t err; + + err = sha1_add_test_cases(); + if (err) { + printf("error adding SHA1 test cases (error code %d)\n", err); + return err; + } + + if (sha1_test_case_list == NULL) + return err_status_cant_check; + + test_case = sha1_test_case_list; + while (test_case != NULL) { + err = sha1_test_case_validate(test_case); + if (err) { + printf("error validating hash test case (error code %d)\n", err); + return err; + } + test_case = test_case->next_test_case; + } + + sha1_dealloc_test_cases(); + + return err_status_ok; +} + + + +int +main (void) { + err_status_t err; + + printf("sha1 test driver\n"); + + err = sha1_validate(); + if (err) { + printf("SHA1 did not pass validation testing\n"); + return 1; + } + printf("SHA1 passed validation tests\n"); + + return 0; + +} diff --git a/netwerk/srtp/src/crypto/test/stat_driver.c b/netwerk/srtp/src/crypto/test/stat_driver.c new file mode 100644 index 000000000..4ff2b1426 --- /dev/null +++ b/netwerk/srtp/src/crypto/test/stat_driver.c @@ -0,0 +1,174 @@ +/* + * stat-driver.c + * + * test driver for the stat_test functions + * + * David A. McGrew + * Cisco Systems, Inc. + */ + +/* + * + * Copyright (c) 2001-2006, Cisco Systems, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * Neither the name of the Cisco Systems, Inc. nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#include <stdio.h> /* for printf() */ + +#include "err.h" +#include "stat.h" + +#include "cipher.h" + +typedef struct { + void *state; +} random_source_t; + +err_status_t +random_source_alloc(void); + +void +err_check(err_status_t s) { + if (s) { + printf("error (code %d)\n", s); + exit(1); + } +} + +int +main (int argc, char *argv[]) { + uint8_t buffer[2500]; + unsigned int buf_len = 2500; + int i, j; + extern cipher_type_t aes_icm; + cipher_t *c; + uint8_t key[46] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05 + }; + v128_t nonce; + int num_trials = 500; + int num_fail; + + printf("statistical tests driver\n"); + + for (i=0; i < 2500; i++) + buffer[i] = 0; + + /* run tests */ + printf("running stat_tests on all-null buffer, expecting failure\n"); + printf("monobit %d\n", stat_test_monobit(buffer)); + printf("poker %d\n", stat_test_poker(buffer)); + printf("runs %d\n", stat_test_runs(buffer)); + + for (i=0; i < 2500; i++) + buffer[i] = rand(); + printf("running stat_tests on rand(), expecting success\n"); + printf("monobit %d\n", stat_test_monobit(buffer)); + printf("poker %d\n", stat_test_poker(buffer)); + printf("runs %d\n", stat_test_runs(buffer)); + + printf("running stat_tests on AES-128-ICM, expecting success\n"); + /* set buffer to cipher output */ + for (i=0; i < 2500; i++) + buffer[i] = 0; + err_check(cipher_type_alloc(&aes_icm, &c, 30)); + err_check(cipher_init(c, key, direction_encrypt)); + err_check(cipher_set_iv(c, &nonce)); + err_check(cipher_encrypt(c, buffer, &buf_len)); + /* run tests on cipher outout */ + printf("monobit %d\n", stat_test_monobit(buffer)); + printf("poker %d\n", stat_test_poker(buffer)); + printf("runs %d\n", stat_test_runs(buffer)); + + printf("runs test (please be patient): "); + fflush(stdout); + num_fail = 0; + v128_set_to_zero(&nonce); + for(j=0; j < num_trials; j++) { + for (i=0; i < 2500; i++) + buffer[i] = 0; + nonce.v32[3] = i; + err_check(cipher_set_iv(c, &nonce)); + err_check(cipher_encrypt(c, buffer, &buf_len)); + if (stat_test_runs(buffer)) { + num_fail++; + } + } + + printf("%d failures in %d tests\n", num_fail, num_trials); + printf("(nota bene: a small fraction of stat_test failures does not \n" + "indicate that the random source is invalid)\n"); + + err_check(cipher_dealloc(c)); + + printf("running stat_tests on AES-256-ICM, expecting success\n"); + /* set buffer to cipher output */ + for (i=0; i < 2500; i++) + buffer[i] = 0; + err_check(cipher_type_alloc(&aes_icm, &c, 46)); + err_check(cipher_init(c, key, direction_encrypt)); + err_check(cipher_set_iv(c, &nonce)); + err_check(cipher_encrypt(c, buffer, &buf_len)); + /* run tests on cipher outout */ + printf("monobit %d\n", stat_test_monobit(buffer)); + printf("poker %d\n", stat_test_poker(buffer)); + printf("runs %d\n", stat_test_runs(buffer)); + + printf("runs test (please be patient): "); + fflush(stdout); + num_fail = 0; + v128_set_to_zero(&nonce); + for(j=0; j < num_trials; j++) { + for (i=0; i < 2500; i++) + buffer[i] = 0; + nonce.v32[3] = i; + err_check(cipher_set_iv(c, &nonce)); + err_check(cipher_encrypt(c, buffer, &buf_len)); + if (stat_test_runs(buffer)) { + num_fail++; + } + } + + printf("%d failures in %d tests\n", num_fail, num_trials); + printf("(nota bene: a small fraction of stat_test failures does not \n" + "indicate that the random source is invalid)\n"); + + err_check(cipher_dealloc(c)); + + return 0; +} |