Home | History | Annotate | Line # | Download | only in test 
      1 /*
      2  * Copyright 2018-2022 The OpenSSL Project Authors. All Rights Reserved.
      3  *
      4  * Licensed under the Apache License 2.0 (the "License").  You may not use
      5  * this file except in compliance with the License.  You can obtain a copy
      6  * in the file LICENSE in the source distribution or at
      7  * https://www.openssl.org/source/license.html
      8  */
      9 
     10 #include <stdio.h>
     11 #include <stdlib.h>
     12 #include <string.h>
     13 #include "testutil.h"
     14 #include "internal/cryptlib.h"
     15 
     16 #if (defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) || defined(_M_X64)) && defined(OPENSSL_CPUID_OBJ)
     17 #define IS_X_86 1
     18 size_t OPENSSL_ia32_rdrand_bytes(unsigned char *buf, size_t len);
     19 size_t OPENSSL_ia32_rdseed_bytes(unsigned char *buf, size_t len);
     20 #else
     21 #define IS_X_86 0
     22 #endif
     23 
     24 #if defined(__aarch64__) && defined(OPENSSL_CPUID_OBJ)
     25 #define IS_AARCH_64 1
     26 #include "arm_arch.h"
     27 
     28 size_t OPENSSL_rndr_bytes(unsigned char *buf, size_t len);
     29 size_t OPENSSL_rndrrs_bytes(unsigned char *buf, size_t len);
     30 #else
     31 #define IS_AARCH_64 0
     32 #endif
     33 
     34 #if (IS_X_86 || IS_AARCH_64)
     35 static int sanity_check_bytes(size_t (*rng)(unsigned char *, size_t),
     36     int rounds, int min_failures, int max_retries, int max_zero_words)
     37 {
     38     int testresult = 0;
     39     unsigned char prior[31] = { 0 }, buf[31] = { 0 }, check[7];
     40     int failures = 0, zero_words = 0;
     41 
     42     int i;
     43     for (i = 0; i < rounds; i++) {
     44         size_t generated = 0;
     45 
     46         int retry;
     47         for (retry = 0; retry < max_retries; retry++) {
     48             generated = rng(buf, sizeof(buf));
     49             if (generated == sizeof(buf))
     50                 break;
     51             failures++;
     52         }
     53 
     54         /*-
     55          * Verify that we don't have too many unexpected runs of zeroes,
     56          * implying that we might be accidentally using the 32-bit RDRAND
     57          * instead of the 64-bit one on 64-bit systems.
     58          */
     59         size_t j;
     60         for (j = 0; j < sizeof(buf) - 1; j++) {
     61             if (buf[j] == 0 && buf[j + 1] == 0) {
     62                 zero_words++;
     63             }
     64         }
     65 
     66         if (!TEST_int_eq(generated, sizeof(buf)))
     67             goto end;
     68         if (!TEST_false(!memcmp(prior, buf, sizeof(buf))))
     69             goto end;
     70 
     71         /* Verify that the last 7 bytes of buf aren't all the same value */
     72         unsigned char *tail = &buf[sizeof(buf) - sizeof(check)];
     73         memset(check, tail[0], 7);
     74         if (!TEST_false(!memcmp(check, tail, sizeof(check))))
     75             goto end;
     76 
     77         /* Save the result and make sure it's different next time */
     78         memcpy(prior, buf, sizeof(buf));
     79     }
     80 
     81     if (!TEST_int_le(zero_words, max_zero_words))
     82         goto end;
     83 
     84     if (!TEST_int_ge(failures, min_failures))
     85         goto end;
     86 
     87     testresult = 1;
     88 end:
     89     return testresult;
     90 }
     91 #endif
     92 
     93 #if IS_X_86
     94 static int sanity_check_rdrand_bytes(void)
     95 {
     96     return sanity_check_bytes(OPENSSL_ia32_rdrand_bytes, 1000, 0, 10, 10);
     97 }
     98 
     99 static int sanity_check_rdseed_bytes(void)
    100 {
    101     /*-
    102      * RDSEED may take many retries to succeed; note that this is effectively
    103      * multiplied by the 8x retry loop in asm, and failure probabilities are
    104      * increased by the fact that we need either 4 or 8 samples depending on
    105      * the platform.
    106      */
    107     return sanity_check_bytes(OPENSSL_ia32_rdseed_bytes, 1000, 1, 10000, 10);
    108 }
    109 #elif IS_AARCH_64
    110 static int sanity_check_rndr_bytes(void)
    111 {
    112     return sanity_check_bytes(OPENSSL_rndr_bytes, 1000, 0, 10, 10);
    113 }
    114 
    115 static int sanity_check_rndrrs_bytes(void)
    116 {
    117     return sanity_check_bytes(OPENSSL_rndrrs_bytes, 1000, 0, 10000, 10);
    118 }
    119 #endif
    120 
    121 int setup_tests(void)
    122 {
    123 #if (IS_X_86 || IS_AARCH_64)
    124     OPENSSL_cpuid_setup();
    125 
    126 #if IS_X_86
    127     int have_rdseed = (OPENSSL_ia32cap_P[2] & (1 << 18)) != 0;
    128     int have_rdrand = (OPENSSL_ia32cap_P[1] & (1 << (62 - 32))) != 0;
    129 
    130     if (have_rdrand) {
    131         ADD_TEST(sanity_check_rdrand_bytes);
    132     }
    133 
    134     if (have_rdseed) {
    135         ADD_TEST(sanity_check_rdseed_bytes);
    136     }
    137 #elif IS_AARCH_64
    138     int have_rndr_rndrrs = (OPENSSL_armcap_P & (1 << 8)) != 0;
    139 
    140     if (have_rndr_rndrrs) {
    141         ADD_TEST(sanity_check_rndr_bytes);
    142         ADD_TEST(sanity_check_rndrrs_bytes);
    143     }
    144 #endif
    145 #endif
    146 
    147     return 1;
    148 }
    149