1 /*
2 * Copyright 2021-2024 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the >License>). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <openssl/evp.h>
11 #include <openssl/rand.h>
12 #include <openssl/bio.h>
13 #include <openssl/core_names.h>
14 #include <openssl/params.h>
15 #include "crypto/rand.h"
16 #include "testutil.h"
17
test_rand(void)18 static int test_rand(void)
19 {
20 EVP_RAND_CTX *privctx;
21 const OSSL_PROVIDER *prov;
22 int indicator = 1;
23 OSSL_PARAM params[2], *p = params;
24 unsigned char entropy1[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05 };
25 unsigned char entropy2[] = { 0xff, 0xfe, 0xfd };
26 unsigned char outbuf[3];
27
28 *p++ = OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_ENTROPY,
29 entropy1, sizeof(entropy1));
30 *p = OSSL_PARAM_construct_end();
31
32 if (!TEST_ptr(privctx = RAND_get0_private(NULL))
33 || !TEST_true(EVP_RAND_CTX_set_params(privctx, params))
34 || !TEST_int_gt(RAND_priv_bytes(outbuf, sizeof(outbuf)), 0)
35 || !TEST_mem_eq(outbuf, sizeof(outbuf), entropy1, sizeof(outbuf))
36 || !TEST_int_le(RAND_priv_bytes(outbuf, sizeof(outbuf) + 1), 0)
37 || !TEST_int_gt(RAND_priv_bytes(outbuf, sizeof(outbuf)), 0)
38 || !TEST_mem_eq(outbuf, sizeof(outbuf),
39 entropy1 + sizeof(outbuf), sizeof(outbuf)))
40 return 0;
41
42 *params = OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_ENTROPY,
43 entropy2, sizeof(entropy2));
44 if (!TEST_true(EVP_RAND_CTX_set_params(privctx, params))
45 || !TEST_int_gt(RAND_priv_bytes(outbuf, sizeof(outbuf)), 0)
46 || !TEST_mem_eq(outbuf, sizeof(outbuf), entropy2, sizeof(outbuf)))
47 return 0;
48
49 if (fips_provider_version_lt(NULL, 3, 4, 0)) {
50 /* Skip the rest and pass the test */
51 return 1;
52 }
53 /* Verify that the FIPS indicator can be read and is false */
54 prov = EVP_RAND_get0_provider(EVP_RAND_CTX_get0_rand(privctx));
55 if (prov != NULL
56 && strcmp(OSSL_PROVIDER_get0_name(prov), "fips") == 0) {
57 params[0] = OSSL_PARAM_construct_int(OSSL_RAND_PARAM_FIPS_APPROVED_INDICATOR,
58 &indicator);
59 if (!TEST_true(EVP_RAND_CTX_get_params(privctx, params))
60 || !TEST_int_eq(indicator, 0))
61 return 0;
62 }
63 return 1;
64 }
65
test_rand_uniform(void)66 static int test_rand_uniform(void)
67 {
68 uint32_t x, i, j;
69 int err = 0, res = 0;
70 OSSL_LIB_CTX *ctx;
71
72 if (!test_get_libctx(&ctx, NULL, NULL, NULL, NULL))
73 goto err;
74
75 for (i = 1; i < 100; i += 13) {
76 x = ossl_rand_uniform_uint32(ctx, i, &err);
77 if (!TEST_int_eq(err, 0)
78 || !TEST_uint_ge(x, 0)
79 || !TEST_uint_lt(x, i))
80 return 0;
81 }
82 for (i = 1; i < 100; i += 17)
83 for (j = i + 1; j < 150; j += 11) {
84 x = ossl_rand_range_uint32(ctx, i, j, &err);
85 if (!TEST_int_eq(err, 0)
86 || !TEST_uint_ge(x, i)
87 || !TEST_uint_lt(x, j))
88 return 0;
89 }
90
91 res = 1;
92 err:
93 OSSL_LIB_CTX_free(ctx);
94 return res;
95 }
96
97 /* Test the FIPS health tests */
fips_health_test_one(const uint8_t * buf,size_t n,size_t gen)98 static int fips_health_test_one(const uint8_t *buf, size_t n, size_t gen)
99 {
100 int res = 0;
101 EVP_RAND *crngt_alg = NULL, *parent_alg = NULL;
102 EVP_RAND_CTX *crngt = NULL, *parent = NULL;
103 OSSL_PARAM p[2];
104 uint8_t out[1000];
105 int indicator = -1;
106
107 p[0] = OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_ENTROPY,
108 (void *)buf, n);
109 p[1] = OSSL_PARAM_construct_end();
110
111 if (!TEST_ptr(parent_alg = EVP_RAND_fetch(NULL, "TEST-RAND", "-fips"))
112 || !TEST_ptr(crngt_alg = EVP_RAND_fetch(NULL, "CRNG-TEST", "-fips"))
113 || !TEST_ptr(parent = EVP_RAND_CTX_new(parent_alg, NULL))
114 || !TEST_ptr(crngt = EVP_RAND_CTX_new(crngt_alg, parent))
115 || !TEST_true(EVP_RAND_instantiate(parent, 0, 0,
116 (unsigned char *)"abc", 3, p))
117 || !TEST_true(EVP_RAND_instantiate(crngt, 0, 0,
118 (unsigned char *)"def", 3, NULL))
119 || !TEST_size_t_le(gen, sizeof(out)))
120 goto err;
121
122 /* Verify that the FIPS indicator is negative */
123 p[0] = OSSL_PARAM_construct_int(OSSL_RAND_PARAM_FIPS_APPROVED_INDICATOR,
124 &indicator);
125 if (!TEST_true(EVP_RAND_CTX_get_params(crngt, p))
126 || !TEST_int_le(indicator, 0))
127 goto err;
128
129 ERR_set_mark();
130 res = EVP_RAND_generate(crngt, out, gen, 0, 0, NULL, 0);
131 ERR_pop_to_mark();
132 err:
133 EVP_RAND_CTX_free(crngt);
134 EVP_RAND_CTX_free(parent);
135 EVP_RAND_free(crngt_alg);
136 EVP_RAND_free(parent_alg);
137 return res;
138 }
139
fips_health_tests(void)140 static int fips_health_tests(void)
141 {
142 uint8_t buf[1000];
143 size_t i;
144
145 /* Verify tests can pass */
146 for (i = 0; i < sizeof(buf); i++)
147 buf[i] = 0xff & i;
148 if (!TEST_true(fips_health_test_one(buf, i, i)))
149 return 0;
150
151 /* Verify RCT can fail */
152 for (i = 0; i < 20; i++)
153 buf[i] = 0xff & (i > 10 ? 200 : i);
154 if (!TEST_false(fips_health_test_one(buf, i, i)))
155 return 0;
156
157 /* Verify APT can fail */
158 for (i = 0; i < sizeof(buf); i++)
159 buf[i] = 0xff & (i >= 512 && i % 8 == 0 ? 0x80 : i);
160 if (!TEST_false(fips_health_test_one(buf, i, i)))
161 return 0;
162 return 1;
163 }
164
setup_tests(void)165 int setup_tests(void)
166 {
167 char *configfile;
168
169 if (!TEST_ptr(configfile = test_get_argument(0))
170 || !TEST_true(RAND_set_DRBG_type(NULL, "TEST-RAND", "fips=no",
171 NULL, NULL))
172 || (fips_provider_version_ge(NULL, 3, 0, 8)
173 && !TEST_true(OSSL_LIB_CTX_load_config(NULL, configfile))))
174 return 0;
175
176 ADD_TEST(test_rand);
177 ADD_TEST(test_rand_uniform);
178
179 if (OSSL_PROVIDER_available(NULL, "fips")
180 && fips_provider_version_ge(NULL, 3, 4, 0))
181 ADD_TEST(fips_health_tests);
182
183 return 1;
184 }
185
