diff options
Diffstat (limited to 'src/tests/test_rng.cpp')
-rw-r--r-- | src/tests/test_rng.cpp | 66 |
1 files changed, 63 insertions, 3 deletions
diff --git a/src/tests/test_rng.cpp b/src/tests/test_rng.cpp index e815caf65..7f318426c 100644 --- a/src/tests/test_rng.cpp +++ b/src/tests/test_rng.cpp @@ -144,7 +144,10 @@ class HMAC_DRBG_Unit_Tests : public Test bool is_seeded() const override { return true; } - void clear() override {} + void clear() override + { + m_randomize_count = 0; + } void randomize(byte[], size_t) override { @@ -239,6 +242,61 @@ class HMAC_DRBG_Unit_Tests : public Test return result; } + Test::Result test_max_number_of_bytes_per_request() + { + Test::Result result("HMAC_DRBG max_number_of_bytes_per_request"); + + std::string mac_string = "HMAC(SHA-256)"; + auto mac = Botan::MessageAuthenticationCode::create(mac_string); + if(!mac) + { + result.note_missing(mac_string); + return result; + } + + Request_Counting_RNG counting_rng; + + result.test_throws("HMAC_DRBG does not accept 0 for max_number_of_bytes_per_request", [&mac_string, &counting_rng ]() + { + Botan::HMAC_DRBG rng(Botan::MessageAuthenticationCode::create(mac_string), counting_rng, 2, 0); + }); + + result.test_throws("HMAC_DRBG does not accept values higher than 64KB for max_number_of_bytes_per_request", [ &mac_string, + &counting_rng ]() + { + Botan::HMAC_DRBG rng(Botan::MessageAuthenticationCode::create(mac_string), counting_rng, 2, 64 * 1024 + 1); + }); + + // set reseed_interval to 1 so we can test that a long request is split + // into multiple, max_number_of_bytes_per_request long requests + // for each smaller request, reseed_check() calls counting_rng::randomize(), + // which we can compare with + Botan::HMAC_DRBG rng(std::move(mac), counting_rng, 1, 64); + + rng.random_vec(63); + result.test_eq("one request", counting_rng.randomize_count(), 1); + + rng.clear(); + counting_rng.clear(); + + rng.random_vec(64); + result.test_eq("one request", counting_rng.randomize_count(), 1); + + rng.clear(); + counting_rng.clear(); + + rng.random_vec(65); + result.test_eq("two requests", counting_rng.randomize_count(), 2); + + rng.clear(); + counting_rng.clear(); + + rng.random_vec(1025); + result.test_eq("17 requests", counting_rng.randomize_count(), 17); + + return result; + } + Test::Result test_broken_entropy_input() { Test::Result result("HMAC_DRBG Broken Entropy Input"); @@ -447,7 +505,7 @@ class HMAC_DRBG_Unit_Tests : public Test ::close(fd[0]); // close read end in child rng.randomize(&child_bytes[0], child_bytes.size()); count = counting_rng.randomize_count(); - ::write(fd[1], &count, sizeof(count)); + ssize_t written = ::write(fd[1], &count, sizeof(count)); try { rng.randomize(&child_bytes[0], child_bytes.size()); } @@ -455,7 +513,8 @@ class HMAC_DRBG_Unit_Tests : public Test { fprintf(stderr, "%s", e.what()); } - ::write(fd[1], &child_bytes[0], child_bytes.size()); + written = ::write(fd[1], &child_bytes[0], child_bytes.size()); + BOTAN_UNUSED(written); ::close(fd[1]); // close write end in child ::_exit(0); } @@ -506,6 +565,7 @@ class HMAC_DRBG_Unit_Tests : public Test std::vector<Test::Result> results; results.push_back(test_reseed_kat()); results.push_back(test_reseed()); + results.push_back(test_max_number_of_bytes_per_request()); results.push_back(test_broken_entropy_input()); results.push_back(test_check_nonce()); results.push_back(test_prediction_resistance()); |