[thirdparty/openssl.git] / test / rdrand_sanitytest.c

/*
 * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "testutil.h"
#include <openssl/opensslconf.h>

#if (defined(__i386)   || defined(__i386__)   || defined(_M_IX86) || \
     defined(__x86_64) || defined(__x86_64__) || \
     defined(_M_AMD64) || defined (_M_X64)) && defined(OPENSSL_CPUID_OBJ)

size_t OPENSSL_ia32_rdrand_bytes(unsigned char *buf, size_t len);
size_t OPENSSL_ia32_rdseed_bytes(unsigned char *buf, size_t len);

void OPENSSL_cpuid_setup(void);

extern unsigned int OPENSSL_ia32cap_P[4];

static int sanity_check_bytes(size_t (*rng)(unsigned char *, size_t),
    int rounds, int min_failures, int max_retries, int max_zero_words)
{
    int testresult = 0;
    unsigned char prior[31] = {0}, buf[31] = {0}, check[7];
    int failures = 0, zero_words = 0;

    int i;
    for (i = 0; i < rounds; i++) {
        size_t generated = 0;

        int retry;
        for (retry = 0; retry < max_retries; retry++) {
            generated = rng(buf, sizeof(buf));
            if (generated == sizeof(buf))
                break;
            failures++;
        }

        /*-
         * Verify that we don't have too many unexpected runs of zeroes,
         * implying that we might be accidentally using the 32-bit RDRAND
         * instead of the 64-bit one on 64-bit systems.
         */
        size_t j;
        for (j = 0; j < sizeof(buf) - 1; j++) {
            if (buf[j] == 0 && buf[j+1] == 0) {
                zero_words++;
            }
        }

        if (!TEST_int_eq(generated, sizeof(buf)))
            goto end;
        if (!TEST_false(!memcmp(prior, buf, sizeof(buf))))
            goto end;

        /* Verify that the last 7 bytes of buf aren't all the same value */
        unsigned char *tail = &buf[sizeof(buf) - sizeof(check)];
        memset(check, tail[0], 7);
        if (!TEST_false(!memcmp(check, tail, sizeof(check))))
            goto end;

        /* Save the result and make sure it's different next time */
        memcpy(prior, buf, sizeof(buf));
    }

    if (!TEST_int_le(zero_words, max_zero_words))
        goto end;

    if (!TEST_int_ge(failures, min_failures))
        goto end;

    testresult = 1;
end:
    return testresult;
}

static int sanity_check_rdrand_bytes(void)
{
    return sanity_check_bytes(OPENSSL_ia32_rdrand_bytes, 1000, 0, 10, 10);
}

static int sanity_check_rdseed_bytes(void)
{
    /*-
     * RDSEED may take many retries to succeed; note that this is effectively
     * multiplied by the 8x retry loop in asm, and failure probabilities are
     * increased by the fact that we need either 4 or 8 samples depending on
     * the platform.
     */
    return sanity_check_bytes(OPENSSL_ia32_rdseed_bytes, 1000, 1, 10000, 10);
}

int setup_tests(void)
{
    OPENSSL_cpuid_setup();

    int have_rdseed = (OPENSSL_ia32cap_P[2] & (1 << 18)) != 0;
    int have_rdrand = (OPENSSL_ia32cap_P[1] & (1 << (62 - 32))) != 0;

    if (have_rdrand) {
        ADD_TEST(sanity_check_rdrand_bytes);
    }

    if (have_rdseed) {
        ADD_TEST(sanity_check_rdseed_bytes);
    }

    return 1;
}


#else

int setup_tests(void)
{
    return 1;
}

#endif
Commit	Line	Data
082193ef	1	/*
b0edda11	2	* Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
df443918	3	*
909f1a2e	4	* Licensed under the Apache License 2.0 (the "License"). You may not use
082193ef BD	5	* this file except in compliance with the License. You can obtain a copy
	6	* in the file LICENSE in the source distribution or at
	7	* https://www.openssl.org/source/license.html
	8	*/
	9
	10	#include <stdio.h>
	11	#include <stdlib.h>
	12	#include <string.h>
	13	#include "testutil.h"
	14	#include <openssl/opensslconf.h>
	15
	16	#if (defined(__i386) \|\| defined(__i386__) \|\| defined(_M_IX86) \|\| \
	17	defined(__x86_64) \|\| defined(__x86_64__) \|\| \
	18	defined(_M_AMD64) \|\| defined (_M_X64)) && defined(OPENSSL_CPUID_OBJ)
	19
	20	size_t OPENSSL_ia32_rdrand_bytes(unsigned char *buf, size_t len);
	21	size_t OPENSSL_ia32_rdseed_bytes(unsigned char *buf, size_t len);
	22
3cb7c5cf	23	void OPENSSL_cpuid_setup(void);
082193ef BD	24
	25	extern unsigned int OPENSSL_ia32cap_P[4];
	26
df443918	27	static int sanity_check_bytes(size_t (rng)(unsigned char , size_t),
082193ef BD	28	int rounds, int min_failures, int max_retries, int max_zero_words)
	29	{
	30	int testresult = 0;
	31	unsigned char prior[31] = {0}, buf[31] = {0}, check[7];
	32	int failures = 0, zero_words = 0;
	33
	34	int i;
	35	for (i = 0; i < rounds; i++) {
	36	size_t generated = 0;
	37
	38	int retry;
	39	for (retry = 0; retry < max_retries; retry++) {
	40	generated = rng(buf, sizeof(buf));
	41	if (generated == sizeof(buf))
	42	break;
	43	failures++;
	44	}
	45
	46	/*-
	47	* Verify that we don't have too many unexpected runs of zeroes,
	48	* implying that we might be accidentally using the 32-bit RDRAND
	49	* instead of the 64-bit one on 64-bit systems.
	50	*/
	51	size_t j;
	52	for (j = 0; j < sizeof(buf) - 1; j++) {
	53	if (buf[j] == 0 && buf[j+1] == 0) {
	54	zero_words++;
	55	}
	56	}
	57
	58	if (!TEST_int_eq(generated, sizeof(buf)))
	59	goto end;
	60	if (!TEST_false(!memcmp(prior, buf, sizeof(buf))))
	61	goto end;
	62
	63	/* Verify that the last 7 bytes of buf aren't all the same value */
	64	unsigned char *tail = &buf[sizeof(buf) - sizeof(check)];
	65	memset(check, tail[0], 7);
	66	if (!TEST_false(!memcmp(check, tail, sizeof(check))))
	67	goto end;
	68
	69	/* Save the result and make sure it's different next time */
	70	memcpy(prior, buf, sizeof(buf));
	71	}
	72
	73	if (!TEST_int_le(zero_words, max_zero_words))
	74	goto end;
	75
	76	if (!TEST_int_ge(failures, min_failures))
	77	goto end;
	78
	79	testresult = 1;
	80	end:
	81	return testresult;
	82	}
	83
3cb7c5cf	84	static int sanity_check_rdrand_bytes(void)
082193ef BD	85	{
	86	return sanity_check_bytes(OPENSSL_ia32_rdrand_bytes, 1000, 0, 10, 10);
	87	}
	88
3cb7c5cf	89	static int sanity_check_rdseed_bytes(void)
082193ef BD	90	{
	91	/*-
	92	* RDSEED may take many retries to succeed; note that this is effectively
	93	* multiplied by the 8x retry loop in asm, and failure probabilities are
	94	* increased by the fact that we need either 4 or 8 samples depending on
	95	* the platform.
	96	*/
	97	return sanity_check_bytes(OPENSSL_ia32_rdseed_bytes, 1000, 1, 10000, 10);
	98	}
	99
3cb7c5cf KR	100	int setup_tests(void)
3cb7c5cf KR	101	{
082193ef BD	102	OPENSSL_cpuid_setup();
	103
	104	int have_rdseed = (OPENSSL_ia32cap_P[2] & (1 << 18)) != 0;
	105	int have_rdrand = (OPENSSL_ia32cap_P[1] & (1 << (62 - 32))) != 0;
	106
	107	if (have_rdrand) {
	108	ADD_TEST(sanity_check_rdrand_bytes);
	109	}
	110
	111	if (have_rdseed) {
	112	ADD_TEST(sanity_check_rdseed_bytes);
	113	}
	114
	115	return 1;
	116	}
	117
	118
	119	#else
	120
3cb7c5cf	121	int setup_tests(void)
082193ef BD	122	{
	123	return 1;
	124	}
	125
	126	#endif