xref: /openssl/test/rdcpu_sanitytest.c (revision fecb3aae)
1 /*
2  * Copyright 2018-2022 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the Apache License 2.0 (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9 
10 #include <stdio.h>
11 #include <stdlib.h>
12 #include <string.h>
13 #include "testutil.h"
14 #include "internal/cryptlib.h"
15 
16 #if (defined(__i386)   || defined(__i386__)   || defined(_M_IX86) || \
17      defined(__x86_64) || defined(__x86_64__) || \
18      defined(_M_AMD64) || defined (_M_X64)) && defined(OPENSSL_CPUID_OBJ)
19 # define IS_X_86 1
20 size_t OPENSSL_ia32_rdrand_bytes(unsigned char *buf, size_t len);
21 size_t OPENSSL_ia32_rdseed_bytes(unsigned char *buf, size_t len);
22 #else
23 # define IS_X_86 0
24 #endif
25 
26 #if defined(__aarch64__) && defined(OPENSSL_CPUID_OBJ)
27 # define IS_AARCH_64 1
28 # include "arm_arch.h"
29 
30 size_t OPENSSL_rndr_bytes(unsigned char *buf, size_t len);
31 size_t OPENSSL_rndrrs_bytes(unsigned char *buf, size_t len);
32 #else
33 # define IS_AARCH_64 0
34 #endif
35 
36 #if (IS_X_86 || IS_AARCH_64)
sanity_check_bytes(size_t (* rng)(unsigned char *,size_t),int rounds,int min_failures,int max_retries,int max_zero_words)37 static int sanity_check_bytes(size_t (*rng)(unsigned char *, size_t),
38     int rounds, int min_failures, int max_retries, int max_zero_words)
39 {
40     int testresult = 0;
41     unsigned char prior[31] = {0}, buf[31] = {0}, check[7];
42     int failures = 0, zero_words = 0;
43 
44     int i;
45     for (i = 0; i < rounds; i++) {
46         size_t generated = 0;
47 
48         int retry;
49         for (retry = 0; retry < max_retries; retry++) {
50             generated = rng(buf, sizeof(buf));
51             if (generated == sizeof(buf))
52                 break;
53             failures++;
54         }
55 
56         /*-
57          * Verify that we don't have too many unexpected runs of zeroes,
58          * implying that we might be accidentally using the 32-bit RDRAND
59          * instead of the 64-bit one on 64-bit systems.
60          */
61         size_t j;
62         for (j = 0; j < sizeof(buf) - 1; j++) {
63             if (buf[j] == 0 && buf[j+1] == 0) {
64                 zero_words++;
65             }
66         }
67 
68         if (!TEST_int_eq(generated, sizeof(buf)))
69             goto end;
70         if (!TEST_false(!memcmp(prior, buf, sizeof(buf))))
71             goto end;
72 
73         /* Verify that the last 7 bytes of buf aren't all the same value */
74         unsigned char *tail = &buf[sizeof(buf) - sizeof(check)];
75         memset(check, tail[0], 7);
76         if (!TEST_false(!memcmp(check, tail, sizeof(check))))
77             goto end;
78 
79         /* Save the result and make sure it's different next time */
80         memcpy(prior, buf, sizeof(buf));
81     }
82 
83     if (!TEST_int_le(zero_words, max_zero_words))
84         goto end;
85 
86     if (!TEST_int_ge(failures, min_failures))
87         goto end;
88 
89     testresult = 1;
90 end:
91     return testresult;
92 }
93 #endif
94 
95 #if IS_X_86
sanity_check_rdrand_bytes(void)96 static int sanity_check_rdrand_bytes(void)
97 {
98     return sanity_check_bytes(OPENSSL_ia32_rdrand_bytes, 1000, 0, 10, 10);
99 }
100 
sanity_check_rdseed_bytes(void)101 static int sanity_check_rdseed_bytes(void)
102 {
103     /*-
104      * RDSEED may take many retries to succeed; note that this is effectively
105      * multiplied by the 8x retry loop in asm, and failure probabilities are
106      * increased by the fact that we need either 4 or 8 samples depending on
107      * the platform.
108      */
109     return sanity_check_bytes(OPENSSL_ia32_rdseed_bytes, 1000, 1, 10000, 10);
110 }
111 #elif IS_AARCH_64
sanity_check_rndr_bytes(void)112 static int sanity_check_rndr_bytes(void)
113 {
114     return sanity_check_bytes(OPENSSL_rndr_bytes, 1000, 0, 10, 10);
115 }
116 
sanity_check_rndrrs_bytes(void)117 static int sanity_check_rndrrs_bytes(void)
118 {
119     return sanity_check_bytes(OPENSSL_rndrrs_bytes, 1000, 0, 10000, 10);
120 }
121 #endif
122 
setup_tests(void)123 int setup_tests(void)
124 {
125 #if (IS_X_86 || IS_AARCH_64)
126     OPENSSL_cpuid_setup();
127 
128 # if IS_X_86
129     int have_rdseed = (OPENSSL_ia32cap_P[2] & (1 << 18)) != 0;
130     int have_rdrand = (OPENSSL_ia32cap_P[1] & (1 << (62 - 32))) != 0;
131 
132     if (have_rdrand) {
133         ADD_TEST(sanity_check_rdrand_bytes);
134     }
135 
136     if (have_rdseed) {
137         ADD_TEST(sanity_check_rdseed_bytes);
138     }
139 # elif IS_AARCH_64
140     int have_rndr_rndrrs = (OPENSSL_armcap_P & (1 << 8)) != 0;
141 
142     if (have_rndr_rndrrs) {
143         ADD_TEST(sanity_check_rndr_bytes);
144         ADD_TEST(sanity_check_rndrrs_bytes);
145     }
146 # endif
147 #endif
148 
149     return 1;
150 }
151