Add a full set of tests for the ANSI X9.31 PRNG, using data taken

from the NIST CAVS dataset, taken on June 7 2008 from http://csrc.nist.gov/groups/STM/cavp/standards.html AES-128, AES-192, AES-256, and 2 and 3-key TripleDES variants are all tested.
author: lloyd <[email protected]> 2008-06-07 16:56:21 +0000
committer: lloyd <[email protected]> 2008-06-07 16:56:21 +0000
commit: 0875f4f0d1f16814b784a4ac08f4d631890b3d6e (patch)
tree: 16d04004d253f4d6408e9221dd4bc39d47841067 /checks/dolook2.cpp
parent: b0c6cb743534d68ec1af45dc5104da4bf152173d (diff)
1 files changed, 36 insertions, 16 deletions
diff --git a/checks/dolook2.cpp b/checks/dolook2.cpp
index 1571e5db2..e24436a6c 100644
--- a/checks/dolook2.cpp
+++ b/checks/dolook2.cpp
@@ -9,8 +9,10 @@
 #include <botan/randpool.h>
 #include <botan/x931_rng.h>
 #include <botan/libstate.h>
+#include "common.h"
 using namespace Botan;
 
+
 /* A weird little hack to fit S2K algorithms into the validation suite
    You probably wouldn't ever want to actually use the S2K algorithms like
    this, the raw S2K interface is more convenient for actually using them
@@ -47,15 +49,11 @@ class RNG_Filter : public Filter
    {
    public:
       void write(const byte[], u32bit);
-      RNG_Filter(RandomNumberGenerator* r) : rng(r), buffer(1024)
-         {
-         global_state().randomize(buffer, buffer.size());
-         rng->add_entropy(buffer, buffer.size());
-         }
+
+      RNG_Filter(RandomNumberGenerator* r) : rng(r) {}
       ~RNG_Filter() { delete rng; }
    private:
       RandomNumberGenerator* rng;
-      SecureVector<byte> buffer;
    };
 
 class KDF_Filter : public Filter
@@ -102,21 +100,43 @@ Filter* lookup_s2k(const std::string& algname,
 
 void RNG_Filter::write(const byte[], u32bit length)
    {
-   while(length)
+   if(length)
       {
-      u32bit gen = std::min(buffer.size(), length);
-      rng->randomize(buffer, gen);
-      length -= gen;
+      SecureVector<byte> out(length);
+      rng->randomize(out, out.size());
+      send(out);
       }
    }
 
-Filter* lookup_rng(const std::string& algname)
+Filter* lookup_rng(const std::string& algname,
+                   const std::string& key)
    {
-   if(algname == "X9.31-RNG")
-      return new RNG_Filter(new ANSI_X931_RNG("AES-256",
-                                              new Randpool("AES-256", "HMAC(SHA-256)")));
-   if(algname == "Randpool")
-      return new RNG_Filter(new Randpool("AES-256", "HMAC(SHA-256)"));
+   RandomNumberGenerator* prng = 0;
+
+   if(algname == "X9.31-RNG(TripleDES)")
+      prng = new ANSI_X931_RNG("TripleDES", new Fixed_Output_RNG);
+   else if(algname == "X9.31-RNG(AES-128)")
+      prng = new ANSI_X931_RNG("AES-128", new Fixed_Output_RNG);
+   else if(algname == "X9.31-RNG(AES-192)")
+      prng = new ANSI_X931_RNG("AES-192", new Fixed_Output_RNG);
+   else if(algname == "X9.31-RNG(AES-256)")
+      prng = new ANSI_X931_RNG("AES-256", new Fixed_Output_RNG);
+
+   // these are used for benchmarking: AES-256/SHA-256 matches library
+   // defaults, so benchmark reflects real-world performance (maybe)
+   else if(algname == "Randpool")
+      prng = new Randpool("AES-256", "HMAC(SHA-256)");
+   else if(algname == "X9.31-RNG")
+      prng = new ANSI_X931_RNG("AES-256",
+                               new Randpool("AES-256", "HMAC(SHA-256)"));
+
+   if(prng)
+      {
+      SecureVector<byte> seed = decode_hex(key);
+      prng->add_entropy(seed.begin(), seed.size());
+      return new RNG_Filter(prng);
+      }
+
    return 0;
    }
author	lloyd <[email protected]>	2008-06-07 16:56:21 +0000
committer	lloyd <[email protected]>	2008-06-07 16:56:21 +0000
commit	0875f4f0d1f16814b784a4ac08f4d631890b3d6e (patch)
tree	16d04004d253f4d6408e9221dd4bc39d47841067 /checks/dolook2.cpp
parent	b0c6cb743534d68ec1af45dc5104da4bf152173d (diff)