1 /* 2 * Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the OpenSSL license (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #include <stdio.h> 11 #include <stdlib.h> 12 #include <string.h> 13 #include "testutil.h" 14 #include <openssl/opensslconf.h> 15 16 #if (defined(__i386) || defined(__i386__) || defined(_M_IX86) || \ 17 defined(__x86_64) || defined(__x86_64__) || \ 18 defined(_M_AMD64) || defined (_M_X64)) && defined(OPENSSL_CPUID_OBJ) 19 20 size_t OPENSSL_ia32_rdrand_bytes(unsigned char *buf, size_t len); 21 size_t OPENSSL_ia32_rdseed_bytes(unsigned char *buf, size_t len); 22 23 void OPENSSL_cpuid_setup(void); 24 25 extern unsigned int OPENSSL_ia32cap_P[4]; 26 27 static int sanity_check_bytes(size_t (*rng)(unsigned char *, size_t), 28 int rounds, int min_failures, int max_retries, int max_zero_words) 29 { 30 int testresult = 0; 31 unsigned char prior[31] = {0}, buf[31] = {0}, check[7]; 32 int failures = 0, zero_words = 0; 33 34 int i; 35 for (i = 0; i < rounds; i++) { 36 size_t generated = 0; 37 38 int retry; 39 for (retry = 0; retry < max_retries; retry++) { 40 generated = rng(buf, sizeof(buf)); 41 if (generated == sizeof(buf)) 42 break; 43 failures++; 44 } 45 46 /*- 47 * Verify that we don't have too many unexpected runs of zeroes, 48 * implying that we might be accidentally using the 32-bit RDRAND 49 * instead of the 64-bit one on 64-bit systems. 50 */ 51 size_t j; 52 for (j = 0; j < sizeof(buf) - 1; j++) { 53 if (buf[j] == 0 && buf[j+1] == 0) { 54 zero_words++; 55 } 56 } 57 58 if (!TEST_int_eq(generated, sizeof(buf))) 59 goto end; 60 if (!TEST_false(!memcmp(prior, buf, sizeof(buf)))) 61 goto end; 62 63 /* Verify that the last 7 bytes of buf aren't all the same value */ 64 unsigned char *tail = &buf[sizeof(buf) - sizeof(check)]; 65 memset(check, tail[0], 7); 66 if (!TEST_false(!memcmp(check, tail, sizeof(check)))) 67 goto end; 68 69 /* Save the result and make sure it's different next time */ 70 memcpy(prior, buf, sizeof(buf)); 71 } 72 73 if (!TEST_int_le(zero_words, max_zero_words)) 74 goto end; 75 76 if (!TEST_int_ge(failures, min_failures)) 77 goto end; 78 79 testresult = 1; 80 end: 81 return testresult; 82 } 83 84 static int sanity_check_rdrand_bytes(void) 85 { 86 return sanity_check_bytes(OPENSSL_ia32_rdrand_bytes, 1000, 0, 10, 10); 87 } 88 89 static int sanity_check_rdseed_bytes(void) 90 { 91 /*- 92 * RDSEED may take many retries to succeed; note that this is effectively 93 * multiplied by the 8x retry loop in asm, and failure probabilities are 94 * increased by the fact that we need either 4 or 8 samples depending on 95 * the platform. 96 */ 97 return sanity_check_bytes(OPENSSL_ia32_rdseed_bytes, 1000, 1, 10000, 10); 98 } 99 100 int setup_tests(void) 101 { 102 OPENSSL_cpuid_setup(); 103 104 int have_rdseed = (OPENSSL_ia32cap_P[2] & (1 << 18)) != 0; 105 int have_rdrand = (OPENSSL_ia32cap_P[1] & (1 << (62 - 32))) != 0; 106 107 if (have_rdrand) { 108 ADD_TEST(sanity_check_rdrand_bytes); 109 } 110 111 if (have_rdseed) { 112 ADD_TEST(sanity_check_rdseed_bytes); 113 } 114 115 return 1; 116 } 117 118 119 #else 120 121 int setup_tests(void) 122 { 123 return 1; 124 } 125 126 #endif 127
Indexes created Sat Feb 28 05:31:39 UTC 2026