diff options
| author | Sam Hartman <hartmans@mit.edu> | 2001-11-19 19:49:30 +0000 |
|---|---|---|
| committer | Sam Hartman <hartmans@mit.edu> | 2001-11-19 19:49:30 +0000 |
| commit | 6a9d87ee8e57694f6f75b065e4699ede378f557f (patch) | |
| tree | 6b6998689de222e29fcdf1dd2684cfd6068766aa | |
| parent | 25b3725bd3ba37dd869e5484cb44d0434db24289 (diff) | |
| download | krb5-6a9d87ee8e57694f6f75b065e4699ede378f557f.tar.gz krb5-6a9d87ee8e57694f6f75b065e4699ede378f557f.tar.xz krb5-6a9d87ee8e57694f6f75b065e4699ede378f557f.zip | |
Add t_prng.reseedtest
Fix t_prng not to output random data if 0 bytes requested
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14003 dc483132-0cff-0310-8789-dd5450dbe970
| -rw-r--r-- | src/lib/crypto/ChangeLog | 7 | ||||
| -rw-r--r-- | src/lib/crypto/t_prng.c | 26 | ||||
| -rw-r--r-- | src/lib/crypto/t_prng.reseedtest | 31 | ||||
| -rw-r--r-- | src/lib/crypto/t_prng.reseedtest-comments | 21 | ||||
| -rw-r--r-- | src/lib/crypto/t_prng.reseedtest-expected | 1 |
5 files changed, 74 insertions, 12 deletions
diff --git a/src/lib/crypto/ChangeLog b/src/lib/crypto/ChangeLog index 295728927..344a036d2 100644 --- a/src/lib/crypto/ChangeLog +++ b/src/lib/crypto/ChangeLog @@ -1,3 +1,10 @@ +2001-11-19 Sam Hartman <hartmans@mit.edu> + + * t_prng.reseedtest: New test; description in t_prng.reseedtest-comments + + * t_prng.c (main): If we request 0 bytes of output don't try to + get output + 2001-11-15 Sam Hartman <hartmans@mit.edu> * t_prng.c: New file for PRNG tests diff --git a/src/lib/crypto/t_prng.c b/src/lib/crypto/t_prng.c index 74fc84a9c..4da6e0f0b 100644 --- a/src/lib/crypto/t_prng.c +++ b/src/lib/crypto/t_prng.c @@ -66,20 +66,22 @@ int main () { } if (scanf ("%u", &i) == EOF) break; - assert ((output.data = malloc (i)) != NULL); - output.length = i; - ret = krb5_c_random_make_octets (0, &output); - if (ret) - printf ("failed\n"); - else { - for (; i > 0; i--) { - printf ("%2x", - (unsigned int) ((unsigned char ) output.data[output.length-i])); + if (i) { + assert ((output.data = malloc (i)) != NULL); + output.length = i; + ret = krb5_c_random_make_octets (0, &output); + if (ret) + printf ("failed\n"); + else { + for (; i > 0; i--) { + printf ("%02x", + (unsigned int) ((unsigned char ) output.data[output.length-i])); + } + printf ("\n"); } - printf ("\n"); + free (output.data); + output.data = NULL; } - free (output.data); - output.data = NULL; } return (0); } diff --git a/src/lib/crypto/t_prng.reseedtest b/src/lib/crypto/t_prng.reseedtest new file mode 100644 index 000000000..5eee0c064 --- /dev/null +++ b/src/lib/crypto/t_prng.reseedtest @@ -0,0 +1,31 @@ +1 +160 + cb 12 70 40 ee fb 76 2e 32 0d f1 0c a7 a9 36 f8 + c8 f3 35 4e 0f 51 18 cd 25 0f 48 5b e4 97 aa 4f + be 7e 93 af dd 15 29 fc 24 4f 0b 9a 9b 1d ad 7f + 32 c8 a6 96 d4 34 aa 83 d2 d7 33 b0 2f aa ba f6 + cf 8c 78 ad 8a 52 e1 48 e4 7c a7 c5 57 49 31 ea + db b7 9b 6b ab 13 f3 12 a5 ec 67 db 1e 83 73 be + ca 59 fc ed 29 8c f3 ef ca fd 81 55 fa 91 3b 31 + da 24 d2 8b c1 a5 c1 3a 9c 50 a6 3c a1 60 31 0f + 62 c7 88 9b 1a e9 9f 3c 0f 04 d0 35 11 45 f0 8b + 84 a2 26 85 67 f1 e6 2b 34 6b ab 9b 3f c1 a1 0e +0 +1 +40 + f4 fc ab 98 45 a0 41 e4 4d 65 9c eb c2 c9 74 a4 + 55 df 6c 78 78 bc db ae e7 63 b8 a7 33 3b d7 50 + f6 33 c4 a0 1d 14 45 04 +0 +0 +40 + 16 80 1d 78 39 4b 3a 27 80 87 08 6c a9 37 59 74 + 60 f8 fc 37 10 4a 8a c4 d6 3e 6a 41 1a e1 5f 69 + 92 12 5a e1 3b 86 f1 5d +0 +0 +40 + a3 c8 78 4a a0 4d ce 3c 2a 8e 34 bf f7 06 dc d7 + 92 13 bd 74 45 72 40 b6 1c d6 55 28 47 1e f4 70 + 74 e4 94 d7 17 a6 7e 3b +20 diff --git a/src/lib/crypto/t_prng.reseedtest-comments b/src/lib/crypto/t_prng.reseedtest-comments new file mode 100644 index 000000000..e50e09602 --- /dev/null +++ b/src/lib/crypto/t_prng.reseedtest-comments @@ -0,0 +1,21 @@ +The reseedtest is intended to allow confirmation that if sufficient +entropy is provided then the PRNG will reseed (well initially seed) +itself before the first random data is requested. This test is not +useful to run in an automated manner because the point is to look at +internal function call order. + +To test this, set a break point at krb5int_yarrow_reseed and +krb5_c_random_make_octets and run the test. The reseed function +should be called with a pool of 1 (YARROW_SLOW_POOL) before +krb5_c_random_make_octets is called. + +A slow reseed should require two sources to reach sufficient entropy. +Sources start out sending entropy to fast pool then alternate with +slow pool. So this test does the following: +* Seed source 1 +* Seed source 1 (this time to slow pool) +* Seed source 0 +* Seed source 0 (to slow pool triggering reseed) +* Output some random data + + diff --git a/src/lib/crypto/t_prng.reseedtest-expected b/src/lib/crypto/t_prng.reseedtest-expected new file mode 100644 index 000000000..aa8893384 --- /dev/null +++ b/src/lib/crypto/t_prng.reseedtest-expected @@ -0,0 +1 @@ +8466373deab3992f57e7a96624b26973c7b32c51 |