fips_rngvs.c revision 296465
1/* 2 * Crude test driver for processing the VST and MCT testvector files 3 * generated by the CMVP RNGVS product. 4 * 5 * Note the input files are assumed to have a _very_ specific format 6 * as described in the NIST document "The Random Number Generator 7 * Validation System (RNGVS)", May 25, 2004. 8 * 9 */ 10#include <openssl/opensslconf.h> 11 12#ifndef OPENSSL_FIPS 13# include <stdio.h> 14 15int main(int argc, char **argv) 16{ 17 printf("No FIPS RNG support\n"); 18 return 0; 19} 20#else 21 22# include <openssl/bn.h> 23# include <openssl/dsa.h> 24# include <openssl/fips.h> 25# include <openssl/err.h> 26# include <openssl/rand.h> 27# include <openssl/fips_rand.h> 28# include <openssl/x509v3.h> 29# include <string.h> 30# include <ctype.h> 31 32# include "fips_utl.h" 33 34static void vst() 35{ 36 unsigned char *key = NULL; 37 unsigned char *v = NULL; 38 unsigned char *dt = NULL; 39 unsigned char ret[16]; 40 char buf[1024]; 41 char lbuf[1024]; 42 char *keyword, *value; 43 long i, keylen; 44 45 keylen = 0; 46 47 while (fgets(buf, sizeof buf, stdin) != NULL) { 48 fputs(buf, stdout); 49 if (!strncmp(buf, "[AES 128-Key]", 13)) 50 keylen = 16; 51 else if (!strncmp(buf, "[AES 192-Key]", 13)) 52 keylen = 24; 53 else if (!strncmp(buf, "[AES 256-Key]", 13)) 54 keylen = 32; 55 if (!parse_line(&keyword, &value, lbuf, buf)) 56 continue; 57 if (!strcmp(keyword, "Key")) { 58 key = hex2bin_m(value, &i); 59 if (i != keylen) { 60 fprintf(stderr, "Invalid key length, expecting %ld\n", 61 keylen); 62 return; 63 } 64 } else if (!strcmp(keyword, "DT")) { 65 dt = hex2bin_m(value, &i); 66 if (i != 16) { 67 fprintf(stderr, "Invalid DT length\n"); 68 return; 69 } 70 } else if (!strcmp(keyword, "V")) { 71 v = hex2bin_m(value, &i); 72 if (i != 16) { 73 fprintf(stderr, "Invalid V length\n"); 74 return; 75 } 76 77 if (!key || !dt) { 78 fprintf(stderr, "Missing key or DT\n"); 79 return; 80 } 81 82 FIPS_rand_set_key(key, keylen); 83 FIPS_rand_seed(v, 16); 84 FIPS_rand_set_dt(dt); 85 if (FIPS_rand_bytes(ret, 16) <= 0) { 86 fprintf(stderr, "Error getting PRNG value\n"); 87 return; 88 } 89 90 pv("R", ret, 16); 91 OPENSSL_free(key); 92 key = NULL; 93 OPENSSL_free(dt); 94 dt = NULL; 95 OPENSSL_free(v); 96 v = NULL; 97 } 98 } 99} 100 101static void mct() 102{ 103 unsigned char *key = NULL; 104 unsigned char *v = NULL; 105 unsigned char *dt = NULL; 106 unsigned char ret[16]; 107 char buf[1024]; 108 char lbuf[1024]; 109 char *keyword, *value; 110 long i, keylen; 111 int j; 112 113 keylen = 0; 114 115 while (fgets(buf, sizeof buf, stdin) != NULL) { 116 fputs(buf, stdout); 117 if (!strncmp(buf, "[AES 128-Key]", 13)) 118 keylen = 16; 119 else if (!strncmp(buf, "[AES 192-Key]", 13)) 120 keylen = 24; 121 else if (!strncmp(buf, "[AES 256-Key]", 13)) 122 keylen = 32; 123 if (!parse_line(&keyword, &value, lbuf, buf)) 124 continue; 125 if (!strcmp(keyword, "Key")) { 126 key = hex2bin_m(value, &i); 127 if (i != keylen) { 128 fprintf(stderr, "Invalid key length, expecting %ld\n", 129 keylen); 130 return; 131 } 132 } else if (!strcmp(keyword, "DT")) { 133 dt = hex2bin_m(value, &i); 134 if (i != 16) { 135 fprintf(stderr, "Invalid DT length\n"); 136 return; 137 } 138 } else if (!strcmp(keyword, "V")) { 139 v = hex2bin_m(value, &i); 140 if (i != 16) { 141 fprintf(stderr, "Invalid V length\n"); 142 return; 143 } 144 145 if (!key || !dt) { 146 fprintf(stderr, "Missing key or DT\n"); 147 return; 148 } 149 150 FIPS_rand_set_key(key, keylen); 151 FIPS_rand_seed(v, 16); 152 for (i = 0; i < 10000; i++) { 153 FIPS_rand_set_dt(dt); 154 if (FIPS_rand_bytes(ret, 16) <= 0) { 155 fprintf(stderr, "Error getting PRNG value\n"); 156 return; 157 } 158 /* Increment DT */ 159 for (j = 15; j >= 0; j--) { 160 dt[j]++; 161 if (dt[j]) 162 break; 163 } 164 } 165 166 pv("R", ret, 16); 167 OPENSSL_free(key); 168 key = NULL; 169 OPENSSL_free(dt); 170 dt = NULL; 171 OPENSSL_free(v); 172 v = NULL; 173 } 174 } 175} 176 177int main(int argc, char **argv) 178{ 179 if (argc != 2) { 180 fprintf(stderr, "%s [mct|vst]\n", argv[0]); 181 exit(1); 182 } 183 if (!FIPS_mode_set(1)) { 184 do_print_errors(); 185 exit(1); 186 } 187 FIPS_rand_reset(); 188 if (!FIPS_rand_test_mode()) { 189 fprintf(stderr, "Error setting PRNG test mode\n"); 190 do_print_errors(); 191 exit(1); 192 } 193 if (!strcmp(argv[1], "mct")) 194 mct(); 195 else if (!strcmp(argv[1], "vst")) 196 vst(); 197 else { 198 fprintf(stderr, "Don't know how to %s.\n", argv[1]); 199 exit(1); 200 } 201 202 return 0; 203} 204#endif 205