diff options
| author | lloyd <[email protected]> | 2008-06-27 17:00:56 +0000 |
|---|---|---|
| committer | lloyd <[email protected]> | 2008-06-27 17:00:56 +0000 |
| commit | 89382c8d6e8861e702def6a6e695fc2b783e7f09 (patch) | |
| tree | e479233393d84ee88c5ae2f08889f7117e8da911 | |
| parent | 09d2b6df9a2a680476160a6a0a56c4b4f2fb91aa (diff) | |
Remove uses of global PRNG from self-test and benchmark code. Assumes
access to /dev/random (will be cleaned up shortly)
| -rw-r--r-- | checks/bench.cpp | 5 | ||||
| -rw-r--r-- | checks/bigint.cpp | 5 | ||||
| -rw-r--r-- | checks/common.h | 2 | ||||
| -rw-r--r-- | checks/dolook2.cpp | 1 | ||||
| -rw-r--r-- | checks/pk.cpp | 21 | ||||
| -rw-r--r-- | checks/pk_bench.cpp | 29 | ||||
| -rw-r--r-- | checks/rng.cpp | 24 | ||||
| -rw-r--r-- | checks/validate.cpp | 4 | ||||
| -rw-r--r-- | checks/x509.cpp | 7 |
9 files changed, 59 insertions, 39 deletions
diff --git a/checks/bench.cpp b/checks/bench.cpp index 6345b7e2b..807e6db82 100644 --- a/checks/bench.cpp +++ b/checks/bench.cpp @@ -5,7 +5,6 @@ #include <string> #include <exception> -#include <botan/libstate.h> #include <botan/filters.h> using Botan::byte; using Botan::u64bit; @@ -34,7 +33,7 @@ double bench_filter(std::string name, Botan::Filter* filter, static const u32bit BUFFERSIZE = 32*1024; byte buf[BUFFERSIZE]; - Botan::global_state().randomize(buf, BUFFERSIZE); + global_rng().randomize(buf, BUFFERSIZE); u32bit iterations = 0; u64bit start = get_clock(), clocks_used = 0; @@ -79,7 +78,7 @@ double bench(const std::string& name, const std::string& filtername, bool html, std::vector<std::string> params; Botan::SecureVector<byte> key(keylen); - Botan::global_state().randomize(key, key.size()); + global_rng().randomize(key, key.size()); params.push_back(hex_encode(key, key.size())); //params.push_back(std::string(int(2*keylen), 'A')); diff --git a/checks/bigint.cpp b/checks/bigint.cpp index 84bee4eaa..518261580 100644 --- a/checks/bigint.cpp +++ b/checks/bigint.cpp @@ -7,7 +7,6 @@ #include <botan/bigint.h> #include <botan/exceptn.h> #include <botan/numthry.h> -#include <botan/libstate.h> using namespace Botan; #include "common.h" @@ -269,7 +268,7 @@ u32bit check_mod(const std::vector<std::string>& args) /* Won't work for us, just pick one at random */ while(b_word == 0) for(u32bit j = 0; j != 2*sizeof(word); j++) - b_word = (b_word << 4) ^ global_state().random(); + b_word = (b_word << 4) ^ global_rng().next_byte(); b = b_word; @@ -338,7 +337,7 @@ u32bit check_primetest(const std::vector<std::string>& args) bool should_be_prime = (args[1] == "1"); bool is_prime = Botan::verify_prime(n, - global_state().prng_reference()); + global_rng()); if(is_prime != should_be_prime) { diff --git a/checks/common.h b/checks/common.h index e42fa8e44..5a75c9059 100644 --- a/checks/common.h +++ b/checks/common.h @@ -55,6 +55,8 @@ Botan::Filter* lookup_s2k(const std::string&, const std::vector<std::string>&); Botan::Filter* lookup_kdf(const std::string&, const std::string&, const std::string&); +Botan::RandomNumberGenerator& global_rng(); + class Fixed_Output_RNG : public Botan::RandomNumberGenerator { public: diff --git a/checks/dolook2.cpp b/checks/dolook2.cpp index e24436a6c..f52d1fc09 100644 --- a/checks/dolook2.cpp +++ b/checks/dolook2.cpp @@ -8,7 +8,6 @@ #include <botan/filters.h> #include <botan/randpool.h> #include <botan/x931_rng.h> -#include <botan/libstate.h> #include "common.h" using namespace Botan; diff --git a/checks/pk.cpp b/checks/pk.cpp index f7199c86d..989daf54f 100644 --- a/checks/pk.cpp +++ b/checks/pk.cpp @@ -6,7 +6,6 @@ #include <memory> #include <botan/botan.h> -#include <botan/libstate.h> #include <botan/rsa.h> #include <botan/dsa.h> #include <botan/dh.h> @@ -152,7 +151,7 @@ u32bit validate_rsa_enc_pkcs8(const std::string& algo, str[0].length()); Private_Key* privkey = PKCS8::load_key(keysource, - global_state().prng_reference(), + global_rng(), pass); RSA_PrivateKey* rsapriv = dynamic_cast<RSA_PrivateKey*>(privkey); @@ -178,7 +177,7 @@ u32bit validate_rsa_enc(const std::string& algo, if(str.size() != 6) throw Exception("Invalid input from pk_valid.dat"); - RandomNumberGenerator& rng = global_state().prng_reference(); + RandomNumberGenerator& rng = global_rng(); RSA_PrivateKey privkey(rng, to_bigint(str[1]), to_bigint(str[2]), @@ -202,7 +201,7 @@ u32bit validate_elg_enc(const std::string& algo, if(str.size() != 6 && str.size() != 7) throw Exception("Invalid input from pk_valid.dat"); - RandomNumberGenerator& rng = global_state().prng_reference(); + RandomNumberGenerator& rng = global_rng(); DL_Group domain(to_bigint(str[0]), to_bigint(str[1])); ElGamal_PrivateKey privkey(rng, domain, to_bigint(str[2])); @@ -231,7 +230,7 @@ u32bit validate_rsa_sig(const std::string& algo, if(str.size() != 6) throw Exception("Invalid input from pk_valid.dat"); - RandomNumberGenerator& rng = global_state().prng_reference(); + RandomNumberGenerator& rng = global_rng(); RSA_PrivateKey privkey(rng, to_bigint(str[1]), to_bigint(str[2]), @@ -330,7 +329,7 @@ u32bit validate_rw_sig(const std::string& algo, if(str.size() != 6) throw Exception("Invalid input from pk_valid.dat"); - RandomNumberGenerator& rng = global_state().prng_reference(); + RandomNumberGenerator& rng = global_rng(); RW_PrivateKey privkey(rng, to_bigint(str[1]), to_bigint(str[2]), to_bigint(str[0])); @@ -361,7 +360,7 @@ u32bit validate_dsa_sig(const std::string& algo, str[0].length()); Private_Key* privkey = PKCS8::load_key(keysource, - global_state().prng_reference(), + global_rng(), pass); DSA_PrivateKey* dsapriv = dynamic_cast<DSA_PrivateKey*>(privkey); @@ -419,7 +418,7 @@ u32bit validate_nr_sig(const std::string& algo, if(str.size() != 8) throw Exception("Invalid input from pk_valid.dat"); - RandomNumberGenerator& rng = global_state().prng_reference(); + RandomNumberGenerator& rng = global_rng(); DL_Group domain(to_bigint(str[0]), to_bigint(str[1]), to_bigint(str[2])); NR_PrivateKey privkey(rng, domain, to_bigint(str[4])); @@ -441,7 +440,7 @@ u32bit validate_dh(const std::string& algo, if(str.size() != 5 && str.size() != 6) throw Exception("Invalid input from pk_valid.dat"); - RandomNumberGenerator& rng = global_state().prng_reference(); + RandomNumberGenerator& rng = global_rng(); DL_Group domain(to_bigint(str[0]), to_bigint(str[1])); @@ -468,7 +467,7 @@ u32bit validate_dlies(const std::string& algo, if(str.size() != 6) throw Exception("Invalid input from pk_valid.dat"); - RandomNumberGenerator& rng = global_state().prng_reference(); + RandomNumberGenerator& rng = global_rng(); DL_Group domain(to_bigint(str[0]), to_bigint(str[1])); @@ -529,7 +528,7 @@ void do_pk_keygen_tests() std::cout << '.' << std::flush; \ } - RandomNumberGenerator& rng = global_state().prng_reference(); + RandomNumberGenerator& rng = global_rng(); IF_SIG_KEY(RSA_PrivateKey, 1024); IF_SIG_KEY(RW_PrivateKey, 1024); diff --git a/checks/pk_bench.cpp b/checks/pk_bench.cpp index a0ac7d0ab..31f1d3073 100644 --- a/checks/pk_bench.cpp +++ b/checks/pk_bench.cpp @@ -8,7 +8,6 @@ #include <botan/pkcs8.h> #include <botan/look_pk.h> -#include <botan/libstate.h> using namespace Botan; @@ -55,7 +54,7 @@ void bench_pk(const std::string& algo, bool html, double seconds) ad-hoc format (the RW algorithm has no assigned OID that I know of, so there is no way to encode a RW key into a PKCS #8 structure). */ - RandomNumberGenerator& rng = global_state().prng_reference(); + RandomNumberGenerator& rng = global_rng(); if(algo == "All" || algo == "RSA") { @@ -227,10 +226,10 @@ void bench_enc(PK_Encryptor* enc, const std::string& algo_name, while(clocks_used < seconds * ticks) { runs++; - global_state().randomize(msg, MSG_SIZE); + global_rng().randomize(msg, MSG_SIZE); u64bit start = get_clock(); - enc->encrypt(msg, MSG_SIZE, global_state().prng_reference()); + enc->encrypt(msg, MSG_SIZE, global_rng()); clocks_used += get_clock() - start; } @@ -245,24 +244,24 @@ void bench_dec(PK_Encryptor* enc, PK_Decryptor* dec, { static const u32bit MSG_SIZE = 16; byte msg[MSG_SIZE]; - global_state().randomize(msg, MSG_SIZE); + global_rng().randomize(msg, MSG_SIZE); SecureVector<byte> output; u32bit runs = 0; u64bit clocks_used = 0; SecureVector<byte> encrypted_msg = enc->encrypt(msg, MSG_SIZE, - global_state().prng_reference()); + global_rng()); const u64bit ticks = get_ticks(); while(clocks_used < seconds * ticks) { runs++; - global_state().randomize(msg, MSG_SIZE); + global_rng().randomize(msg, MSG_SIZE); msg[0] |= 0x80; // make sure it works with "Raw" padding encrypted_msg = enc->encrypt(msg, MSG_SIZE, - global_state().prng_reference()); + global_rng()); u64bit start = get_clock(); output = dec->decrypt(encrypted_msg); @@ -296,10 +295,10 @@ void bench_sig(PK_Signer* sig, const std::string& algo_name, while(clocks_used < seconds * ticks) { runs++; - global_state().randomize(msg, MSG_SIZE); + global_rng().randomize(msg, MSG_SIZE); u64bit start = get_clock(); sig->update(msg, MSG_SIZE); - sig->signature(global_state().prng_reference()); + sig->signature(global_rng()); clocks_used += get_clock() - start; } @@ -314,10 +313,10 @@ void bench_ver(PK_Signer* sig, PK_Verifier* ver, { static const u32bit MSG_SIZE = 16; byte msg[MSG_SIZE]; - global_state().randomize(msg, MSG_SIZE); + global_rng().randomize(msg, MSG_SIZE); sig->update(msg, MSG_SIZE); - SecureVector<byte> signature = sig->signature(global_state().prng_reference()); + SecureVector<byte> signature = sig->signature(global_rng()); u32bit runs = 0; u64bit clocks_used = 0; @@ -327,9 +326,9 @@ void bench_ver(PK_Signer* sig, PK_Verifier* ver, // feel free to tweak, but make sure this always runs when runs == 0 if(runs % 100 == 0) { - global_state().randomize(msg, MSG_SIZE); + global_rng().randomize(msg, MSG_SIZE); sig->update(msg, MSG_SIZE); - signature = sig->signature(global_state().prng_reference()); + signature = sig->signature(global_rng()); } runs++; @@ -362,7 +361,7 @@ void bench_kas(PK_Key_Agreement* kas, const std::string& algo_name, while(clocks_used < seconds * ticks) { runs++; - global_state().randomize(key, REMOTE_KEY_SIZE); + global_rng().randomize(key, REMOTE_KEY_SIZE); u64bit start = get_clock(); kas->derive_key(0, key, REMOTE_KEY_SIZE); diff --git a/checks/rng.cpp b/checks/rng.cpp new file mode 100644 index 000000000..03c4d9990 --- /dev/null +++ b/checks/rng.cpp @@ -0,0 +1,24 @@ + +#include "common.h" +#include <botan/x931_rng.h> +#include <botan/randpool.h> +#include <botan/es_dev.h> +#include <botan/parsing.h> + +using namespace Botan; + +RandomNumberGenerator& global_rng() + { + static RandomNumberGenerator* rng = 0; + + if(!rng) + { + rng = new ANSI_X931_RNG("AES-256", new Randpool("AES-256", "HMAC(SHA-256)")); + + Device_EntropySource dev(split_on("/dev/random:/dev/srandom:/dev/urandom", ':')); + + rng->add_entropy(dev); + } + + return *rng; + } diff --git a/checks/validate.cpp b/checks/validate.cpp index 2910f0b37..1871abedd 100644 --- a/checks/validate.cpp +++ b/checks/validate.cpp @@ -10,10 +10,10 @@ #include <botan/filters.h> #include <botan/exceptn.h> -#include <botan/libstate.h> using namespace Botan; #include "validate.h" +#include "common.h" #define EXTRA_TESTS 0 #define DEBUG 0 @@ -35,7 +35,7 @@ u32bit random_word(u32bit max) /* normal version */ u32bit r = 0; for(u32bit j = 0; j != 4; j++) - r = (r << 8) | Botan::global_state().random(); + r = (r << 8) | global_rng().next_byte(); return ((r % max) + 1); // return between 1 and max inclusive #endif } diff --git a/checks/x509.cpp b/checks/x509.cpp index 015b050f6..3c802356b 100644 --- a/checks/x509.cpp +++ b/checks/x509.cpp @@ -6,14 +6,13 @@ #include <botan/pkcs10.h> #include <botan/rsa.h> #include <botan/dsa.h> - -#include <botan/libstate.h> using namespace Botan; #include <iostream> #include <memory> #include "validate.h" +#include "common.h" X509_Cert_Options ca_opts(); X509_Cert_Options req_opts1(); @@ -47,7 +46,7 @@ u64bit key_id(const Public_Key* key) u32bit check_against_copy(const Private_Key& orig) { - RandomNumberGenerator& rng = global_state().prng_reference(); + RandomNumberGenerator& rng = global_rng(); Private_Key* copy_priv = PKCS8::copy_key(orig, rng); Public_Key* copy_pub = X509::copy_key(orig); @@ -78,7 +77,7 @@ u32bit check_against_copy(const Private_Key& orig) void do_x509_tests() { - RandomNumberGenerator& rng = global_state().prng_reference(); + RandomNumberGenerator& rng = global_rng(); std::cout << "Testing X.509 CA/CRL/cert/cert request: " << std::flush; |