diff options
Diffstat (limited to 'src/charon/plugins/unit_tester')
-rw-r--r-- | src/charon/plugins/unit_tester/Makefile.am | 4 | ||||
-rw-r--r-- | src/charon/plugins/unit_tester/Makefile.in | 42 | ||||
-rw-r--r-- | src/charon/plugins/unit_tester/tests.h | 6 | ||||
-rw-r--r-- | src/charon/plugins/unit_tester/tests/test_cert.c | 108 | ||||
-rw-r--r-- | src/charon/plugins/unit_tester/tests/test_enumerator.c | 52 | ||||
-rw-r--r-- | src/charon/plugins/unit_tester/tests/test_pool.c | 2 | ||||
-rw-r--r-- | src/charon/plugins/unit_tester/tests/test_rng.c | 221 |
7 files changed, 414 insertions, 21 deletions
diff --git a/src/charon/plugins/unit_tester/Makefile.am b/src/charon/plugins/unit_tester/Makefile.am index 238e5a1dc..9c86aa69f 100644 --- a/src/charon/plugins/unit_tester/Makefile.am +++ b/src/charon/plugins/unit_tester/Makefile.am @@ -14,11 +14,13 @@ libstrongswan_unit_tester_la_SOURCES = unit_tester.c unit_tester.h tests.h \ tests/test_sqlite.c \ tests/test_mutex.c \ tests/test_rsa_gen.c \ + tests/test_cert.c \ tests/test_med_db.c \ tests/test_aes.c \ tests/test_chunk.c \ tests/test_pool.c \ - tests/test_agent.c + tests/test_agent.c \ + tests/test_rng.c libstrongswan_unit_tester_la_LDFLAGS = -module diff --git a/src/charon/plugins/unit_tester/Makefile.in b/src/charon/plugins/unit_tester/Makefile.in index 837dcd73c..537ec127e 100644 --- a/src/charon/plugins/unit_tester/Makefile.in +++ b/src/charon/plugins/unit_tester/Makefile.in @@ -53,8 +53,8 @@ libstrongswan_unit_tester_la_LIBADD = am_libstrongswan_unit_tester_la_OBJECTS = unit_tester.lo \ test_enumerator.lo test_auth_info.lo test_fips_prf.lo \ test_curl.lo test_mysql.lo test_sqlite.lo test_mutex.lo \ - test_rsa_gen.lo test_med_db.lo test_aes.lo test_chunk.lo \ - test_pool.lo test_agent.lo + test_rsa_gen.lo test_cert.lo test_med_db.lo test_aes.lo \ + test_chunk.lo test_pool.lo test_agent.lo test_rng.lo libstrongswan_unit_tester_la_OBJECTS = \ $(am_libstrongswan_unit_tester_la_OBJECTS) libstrongswan_unit_tester_la_LINK = $(LIBTOOL) --tag=CC \ @@ -90,22 +90,17 @@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXDEPMODE = @CXXDEPMODE@ -CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ DSYMUTIL = @DSYMUTIL@ -ECHO = @ECHO@ +DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ +FGREP = @FGREP@ GPERF = @GPERF@ GREP = @GREP@ INSTALL = @INSTALL@ @@ -115,6 +110,7 @@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ +LD = @LD@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ @@ -123,12 +119,16 @@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ LINUX_HEADERS = @LINUX_HEADERS@ +LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ +NM = @NM@ NMEDIT = @NMEDIT@ OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ @@ -151,8 +151,7 @@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ @@ -191,6 +190,7 @@ libstrongswan_plugins = @libstrongswan_plugins@ linuxdir = @linuxdir@ localedir = @localedir@ localstatedir = @localstatedir@ +lt_ECHO = @lt_ECHO@ mandir = @mandir@ mkdir_p = @mkdir_p@ nm_CFLAGS = @nm_CFLAGS@ @@ -226,11 +226,13 @@ libstrongswan_unit_tester_la_SOURCES = unit_tester.c unit_tester.h tests.h \ tests/test_sqlite.c \ tests/test_mutex.c \ tests/test_rsa_gen.c \ + tests/test_cert.c \ tests/test_med_db.c \ tests/test_aes.c \ tests/test_chunk.c \ tests/test_pool.c \ - tests/test_agent.c + tests/test_agent.c \ + tests/test_rng.c libstrongswan_unit_tester_la_LDFLAGS = -module all: all-am @@ -305,6 +307,7 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_aes.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_agent.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_auth_info.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_cert.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_chunk.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_curl.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_enumerator.Plo@am__quote@ @@ -313,6 +316,7 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_mutex.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_mysql.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_pool.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_rng.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_rsa_gen.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_sqlite.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/unit_tester.Plo@am__quote@ @@ -394,6 +398,13 @@ test_rsa_gen.lo: tests/test_rsa_gen.c @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o test_rsa_gen.lo `test -f 'tests/test_rsa_gen.c' || echo '$(srcdir)/'`tests/test_rsa_gen.c +test_cert.lo: tests/test_cert.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT test_cert.lo -MD -MP -MF $(DEPDIR)/test_cert.Tpo -c -o test_cert.lo `test -f 'tests/test_cert.c' || echo '$(srcdir)/'`tests/test_cert.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/test_cert.Tpo $(DEPDIR)/test_cert.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='tests/test_cert.c' object='test_cert.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o test_cert.lo `test -f 'tests/test_cert.c' || echo '$(srcdir)/'`tests/test_cert.c + test_med_db.lo: tests/test_med_db.c @am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT test_med_db.lo -MD -MP -MF $(DEPDIR)/test_med_db.Tpo -c -o test_med_db.lo `test -f 'tests/test_med_db.c' || echo '$(srcdir)/'`tests/test_med_db.c @am__fastdepCC_TRUE@ mv -f $(DEPDIR)/test_med_db.Tpo $(DEPDIR)/test_med_db.Plo @@ -429,6 +440,13 @@ test_agent.lo: tests/test_agent.c @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o test_agent.lo `test -f 'tests/test_agent.c' || echo '$(srcdir)/'`tests/test_agent.c +test_rng.lo: tests/test_rng.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT test_rng.lo -MD -MP -MF $(DEPDIR)/test_rng.Tpo -c -o test_rng.lo `test -f 'tests/test_rng.c' || echo '$(srcdir)/'`tests/test_rng.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/test_rng.Tpo $(DEPDIR)/test_rng.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='tests/test_rng.c' object='test_rng.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o test_rng.lo `test -f 'tests/test_rng.c' || echo '$(srcdir)/'`tests/test_rng.c + mostlyclean-libtool: -rm -f *.lo diff --git a/src/charon/plugins/unit_tester/tests.h b/src/charon/plugins/unit_tester/tests.h index 058d1987d..0673c309a 100644 --- a/src/charon/plugins/unit_tester/tests.h +++ b/src/charon/plugins/unit_tester/tests.h @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * $Id: tests.h 4317 2008-09-02 11:00:13Z martin $ + * $Id: tests.h 4815 2008-12-18 16:24:22Z martin $ */ /** @@ -33,9 +33,11 @@ DEFINE_TEST("SQLite operations", test_sqlite, FALSE) DEFINE_TEST("mutex primitive", test_mutex, FALSE) DEFINE_TEST("RSA key generation", test_rsa_gen, FALSE) DEFINE_TEST("RSA subjectPublicKeyInfo loading", test_rsa_load_any, FALSE) +DEFINE_TEST("X509 certificate", test_cert_x509, FALSE) DEFINE_TEST("Mediation database key fetch", test_med_db, FALSE) DEFINE_TEST("AES-128 encryption", test_aes128, FALSE) DEFINE_TEST("AES-XCBC", test_aes_xcbc, FALSE) DEFINE_TEST("Base64 converter", test_chunk_base64, FALSE) DEFINE_TEST("IP pool", test_pool, FALSE) -DEFINE_TEST("SSH agent", test_agent, TRUE) +DEFINE_TEST("SSH agent", test_agent, FALSE) +DEFINE_TEST("RNG quality", test_rng, FALSE) diff --git a/src/charon/plugins/unit_tester/tests/test_cert.c b/src/charon/plugins/unit_tester/tests/test_cert.c new file mode 100644 index 000000000..95ab289df --- /dev/null +++ b/src/charon/plugins/unit_tester/tests/test_cert.c @@ -0,0 +1,108 @@ +/* + * Copyright (C) 2008 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <library.h> +#include <daemon.h> +#include <credentials/certificates/x509.h> + +/******************************************************************************* + * X509 certificate generation and parsing + ******************************************************************************/ +bool test_cert_x509() +{ + private_key_t *ca_key, *peer_key; + public_key_t *public; + certificate_t *ca_cert, *peer_cert, *parsed; + identification_t *issuer, *subject; + u_int32_t serial = htonl(0); + chunk_t encoding; + + issuer = identification_create_from_string("CN=CA, OU=Test, O=strongSwan"); + subject = identification_create_from_string("CN=Peer, OU=Test, O=strongSwan"); + + ca_key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_RSA, + BUILD_KEY_SIZE, 1024, BUILD_END); + peer_key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_RSA, + BUILD_KEY_SIZE, 1024, BUILD_END); + if (!ca_key) + { + return FALSE; + } + ca_cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509, + BUILD_SIGNING_KEY, ca_key, + BUILD_SUBJECT, issuer, + BUILD_SERIAL, chunk_from_thing(serial), + BUILD_X509_FLAG, X509_CA, + BUILD_END); + if (!ca_cert) + { + return FALSE; + } + + encoding = ca_cert->get_encoding(ca_cert); + parsed = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509, + BUILD_BLOB_ASN1_DER, encoding, + BUILD_END); + chunk_free(&encoding); + if (!parsed) + { + return FALSE; + } + if (!parsed->issued_by(parsed, ca_cert)) + { + return FALSE; + } + parsed->destroy(parsed); + + serial = htonl(ntohl(serial) + 1); + public = peer_key->get_public_key(peer_key); + peer_cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509, + BUILD_SIGNING_KEY, ca_key, + BUILD_SIGNING_CERT, ca_cert, + BUILD_PUBLIC_KEY, public, + BUILD_SUBJECT, subject, + BUILD_SERIAL, chunk_from_thing(serial), + BUILD_END); + public->destroy(public); + if (!peer_cert) + { + return FALSE; + } + + encoding = peer_cert->get_encoding(peer_cert); + parsed = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509, + BUILD_BLOB_ASN1_DER, encoding, + BUILD_END); + chunk_free(&encoding); + if (!parsed) + { + return FALSE; + } + if (!parsed->issued_by(parsed, ca_cert)) + { + return FALSE; + } + parsed->destroy(parsed); + + ca_cert->destroy(ca_cert); + ca_key->destroy(ca_key); + peer_cert->destroy(peer_cert); + peer_key->destroy(peer_key); + issuer->destroy(issuer); + subject->destroy(subject); + return TRUE; +} + + diff --git a/src/charon/plugins/unit_tester/tests/test_enumerator.c b/src/charon/plugins/unit_tester/tests/test_enumerator.c index a7f3dd822..6898084fc 100644 --- a/src/charon/plugins/unit_tester/tests/test_enumerator.c +++ b/src/charon/plugins/unit_tester/tests/test_enumerator.c @@ -226,18 +226,26 @@ bool test_enumerate_token() char *string; char *sep; char *trim; - } tests[] = { + } tests1[] = { {"abc, cde, efg", ",", " "}, {" abc 1:2 cde;3 4efg5. ", ":;.,", " 12345"}, {"abc.cde,efg", ",.", ""}, {" abc cde efg ", " ", " "}, + {"a'abc' c 'cde' cefg", " ", " abcd"}, + {"'abc' abc 'cde'd 'efg'", " ", " abcd"}, + }, tests2[] = { + {"a, b, c", ",", " "}, + {"a,b,c", ",", " "}, + {" a 1:2 b;3 4c5. ", ":;.,", " 12345"}, + {"a.b,c", ",.", ""}, + {" a b c ", " ", " "}, }; - for (num = 0; num < countof(tests); num++) + for (num = 0; num < countof(tests1); num++) { i = 0; - enumerator = enumerator_create_token( - tests[num].string, tests[num].sep, tests[num].trim); + enumerator = enumerator_create_token(tests1[num].string, + tests1[num].sep, tests1[num].trim); while (enumerator->enumerate(enumerator, &token)) { switch (i) @@ -256,9 +264,43 @@ bool test_enumerate_token() } i++; } + if (i != 3) + { + return FALSE; + } enumerator->destroy(enumerator); } - + + for (num = 0; num < countof(tests2); num++) + { + i = 0; + enumerator = enumerator_create_token(tests2[num].string, + tests2[num].sep, tests2[num].trim); + while (enumerator->enumerate(enumerator, &token)) + { + switch (i) + { + case 0: + if (!streq(token, "a")) return FALSE; + break; + case 1: + if (!streq(token, "b")) return FALSE; + break; + case 2: + if (!streq(token, "c")) return FALSE; + break; + default: + return FALSE; + } + i++; + } + if (i != 3) + { + return FALSE; + } + enumerator->destroy(enumerator); + } + return TRUE; } diff --git a/src/charon/plugins/unit_tester/tests/test_pool.c b/src/charon/plugins/unit_tester/tests/test_pool.c index 40334335d..b11f71704 100644 --- a/src/charon/plugins/unit_tester/tests/test_pool.c +++ b/src/charon/plugins/unit_tester/tests/test_pool.c @@ -60,7 +60,7 @@ static void* testing(void *thread) /* release addresses */ for (i = 0; i < ALLOCS; i++) { - charon->attributes->release_address(charon->attributes, "test", addr[i]); + charon->attributes->release_address(charon->attributes, "test", addr[i], id[i]); } /* cleanup */ diff --git a/src/charon/plugins/unit_tester/tests/test_rng.c b/src/charon/plugins/unit_tester/tests/test_rng.c new file mode 100644 index 000000000..60cbf2d36 --- /dev/null +++ b/src/charon/plugins/unit_tester/tests/test_rng.c @@ -0,0 +1,221 @@ +/* + * Copyright (C) 2008 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <daemon.h> +#include <library.h> +#include <utils/mutex.h> + +#include <unistd.h> +#include <sched.h> +#include <pthread.h> + +static bool test_monobit(chunk_t data) +{ + int i, j, bits = 0; + + for (i = 0; i < data.len; i++) + { + for (j = 0; j < 8; j++) + { + if (data.ptr[i] & (1<<j)) + { + bits++; + } + } + } + DBG1(DBG_CFG, " Monobit: %d/%d bits set", bits, data.len * 8); + if (bits > 9654 && bits < 10346) + { + return TRUE; + } + return FALSE; +} + +static bool test_poker(chunk_t data) +{ + int i, counter[16]; + double sum = 0.0; + + memset(counter, 0, sizeof(counter)); + + for (i = 0; i < data.len; i++) + { + counter[data.ptr[i] & 0x0F]++; + counter[(data.ptr[i] & 0xF0) >> 4]++; + } + + for (i = 0; i < countof(counter); i++) + { + sum += (counter[i] * counter[i]) / 5000.0 * 16.0; + } + sum -= 5000.0; + DBG1(DBG_CFG, " Poker: %f", sum); + if (sum > 1.03 && sum < 57.4) + { + return TRUE; + } + return FALSE; +} + +static bool test_runs(chunk_t data) +{ + int i, j, zero_runs[7], one_runs[7], zero = 0, one = 0, longrun = 0; + bool ok = TRUE; + + memset(one_runs, 0, sizeof(zero_runs)); + memset(zero_runs, 0, sizeof(one_runs)); + + for (i = 0; i < data.len; i++) + { + for (j = 0; j < 8; j++) + { + if (data.ptr[i] & (1<<j)) + { + if (one) + { + if (++one >= 34) + { + longrun++; + break; + } + } + else + { + zero_runs[min(6, zero)]++; + zero = 0; + one = 1; + } + } + else + { + if (zero) + { + if (++zero >= 34) + { + longrun++; + break; + } + } + else + { + one_runs[min(6, one)]++; + one = 0; + zero = 1; + } + } + } + } + + DBG1(DBG_CFG, " Runs: zero: %d/%d/%d/%d/%d/%d, one: %d/%d/%d/%d/%d/%d, " + "longruns: %d", + zero_runs[1], zero_runs[2], zero_runs[3], + zero_runs[4], zero_runs[5], zero_runs[6], + one_runs[1], one_runs[2], one_runs[3], + one_runs[4], one_runs[5], one_runs[6], + longrun); + + if (longrun) + { + return FALSE; + } + + for (i = 1; i < countof(zero_runs); i++) + { + switch (i) + { + case 1: + ok &= zero_runs[i] > 2267 && zero_runs[i] < 2733; + ok &= one_runs[i] > 2267 && one_runs[i] < 2733; + break; + case 2: + ok &= zero_runs[i] > 1079 && zero_runs[i] < 1421; + ok &= one_runs[i] > 1079 && one_runs[i] < 1421; + break; + case 3: + ok &= zero_runs[i] > 502 && zero_runs[i] < 748; + ok &= one_runs[i] > 502 && one_runs[i] < 748; + break; + case 4: + ok &= zero_runs[i] > 223 && zero_runs[i] < 402; + ok &= one_runs[i] > 223 && one_runs[i] < 402; + break; + case 5: + ok &= zero_runs[i] > 90 && zero_runs[i] < 223; + ok &= one_runs[i] > 90 && one_runs[i] < 223; + break; + case 6: + ok &= zero_runs[i] > 90 && zero_runs[i] < 223; + ok &= one_runs[i] > 90 && one_runs[i] < 223; + break; + } + if (!ok) + { + return FALSE; + } + } + return TRUE; +} + +static bool test_rng_quality(rng_quality_t quality) +{ + rng_t *rng; + chunk_t chunk; + + rng = lib->crypto->create_rng(lib->crypto, quality); + if (!rng) + { + return FALSE; + } + DBG1(DBG_CFG, "%N", rng_quality_names, quality); + rng->allocate_bytes(rng, 2500, &chunk); + + if (!test_monobit(chunk)) + { + return FALSE; + } + if (!test_poker(chunk)) + { + return FALSE; + } + if (!test_runs(chunk)) + { + return FALSE; + } + + free(chunk.ptr); + rng->destroy(rng); + return TRUE; +} + +/** + * run a test using given values + */ +bool test_rng() +{ + if (!test_rng_quality(RNG_WEAK)) + { + return FALSE; + } + if (!test_rng_quality(RNG_STRONG)) + { + return FALSE; + } + if (!test_rng_quality(RNG_REAL)) + { + return FALSE; + } + return TRUE; +} + |