From 997bbd10d8a3e14187146cee6d46460a97c4887e Mon Sep 17 00:00:00 2001
From: Paul Bakker <p.j.bakker@polarssl.org>
Date: Sun, 13 Mar 2011 15:45:42 +0000
Subject: [PATCH]  - Removed dependency of tests on rand()  - Added
 pseudo-random helper function

---
 tests/suites/helpers.function        | 58 ++++++++++++++++++++++++++--
 tests/suites/test_suite_dhm.function | 15 ++-----
 tests/suites/test_suite_rsa.data     |  2 +-
 tests/suites/test_suite_rsa.function | 15 +++----
 4 files changed, 65 insertions(+), 25 deletions(-)

diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function
index 6c983a795..d8dbb13ea 100644
--- a/tests/suites/helpers.function
+++ b/tests/suites/helpers.function
@@ -58,6 +58,10 @@ void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
 
 /**
  * This function just returns data from rand().
+ * Although predictable and often similar on multiple
+ * runs, this does not result in identical random on
+ * each run. So do not use this if the results of a
+ * test depend on the random data that is generated.
  *
  * rng_state shall be NULL.
  */
@@ -87,23 +91,32 @@ typedef struct
     unsigned char *buf;
     int length;
     int per_call;
-} rnd_info;
+} rnd_buf_info;
 
 /**
  * This function returns random based on a buffer it receives.
  *
- * rng_state shall be a pointer to a rnd_buf structure.
+ * rng_state shall be a pointer to a rnd_buf_info structure.
+ * 
+ * The number of bytes released from the buffer on each call to
+ * the random function is specified by per_call. (Can be between
+ * 1 and 4)
  *
  * After the buffer is empty it will return rand();
  */
 static int rnd_buffer_rand( void *rng_state )
 {
-    rnd_info *info = (rnd_info *) rng_state;
+    rnd_buf_info *info = (rnd_buf_info *) rng_state;
     int res;
 
     if( rng_state == NULL )
         return( rand() );
 
+    if( info->per_call > 4 )
+        info->per_call = 4;
+    else if( info->per_call < 1 )
+        info->per_call = 1;
+
     res = rand();
 
     if( info->length >= info->per_call )
@@ -120,3 +133,42 @@ static int rnd_buffer_rand( void *rng_state )
 
     return( res );
 }
+
+/**
+ * Info structure for the pseudo random function
+ *
+ * Key should be set at the start to a test-unique value.
+ * State( v0, v1 ) should be set to zero.
+ */
+typedef struct
+{
+    unsigned char key[16];
+    uint32_t v0, v1;
+} rnd_pseudo_info;
+
+/**
+ * This function returns random based on a pseudo random function.
+ * This means the results should be identical on all systems.
+ * Pseudo random is based on the XTEA encryption algorithm to
+ * generate pseudorandom.
+ *
+ * rng_state shall be a pointer to a rnd_pseudo_info structure.
+ */
+static int rnd_pseudo_rand( void *rng_state )
+{
+    rnd_pseudo_info *info = (rnd_pseudo_info *) rng_state;
+    uint32_t i, *k, sum, delta=0x9E3779B9;
+
+    if( rng_state == NULL )
+        return( rand() );
+
+    k = (uint32_t *) info->key;
+    for( i = 0; i < 32; i++ )
+    {
+        info->v0 += (((info->v1 << 4) ^ (info->v1 >> 5)) + info->v1) ^ (sum + k[sum & 3]);
+        sum += delta;
+        info->v1 += (((info->v0 << 4) ^ (info->v0 >> 5)) + info->v0) ^ (sum + k[(sum>>11) & 3]);
+    }
+
+    return( info->v0 );
+}
diff --git a/tests/suites/test_suite_dhm.function b/tests/suites/test_suite_dhm.function
index 652b15b08..303b95616 100644
--- a/tests/suites/test_suite_dhm.function
+++ b/tests/suites/test_suite_dhm.function
@@ -1,14 +1,5 @@
 BEGIN_HEADER
 #include <polarssl/dhm.h>
-
-static int myrand( void *r )
-{
-    if ( r != NULL )
-        r = NULL;
-
-    return( rand() );
-}
-
 END_HEADER
 
 BEGIN_CASE
@@ -26,6 +17,7 @@ dhm_do_dhm:x_size:radix_P:input_P:radix_G:input_G
     int sec_srv_len = 1000;
     int sec_cli_len = 1000;
     int x_size;
+    rnd_pseudo_info rnd_info;
 
     memset( &ctx_srv, 0x00, sizeof( dhm_context ) );
     memset( &ctx_cli, 0x00, sizeof( dhm_context ) );
@@ -33,18 +25,19 @@ dhm_do_dhm:x_size:radix_P:input_P:radix_G:input_G
     memset( pub_cli, 0x00, 1000 );
     memset( sec_srv, 0x00, 1000 );
     memset( sec_cli, 0x00, 1000 );
+    memset( &rnd_info, 0x00, sizeof( rnd_pseudo_info ) );
 
     TEST_ASSERT( mpi_read_string( &ctx_srv.P, {radix_P}, {input_P} ) == 0 );
     TEST_ASSERT( mpi_read_string( &ctx_srv.G, {radix_G}, {input_G} ) == 0 );
     x_size = mpi_size( &ctx_srv.P );
 
-    TEST_ASSERT( dhm_make_params( &ctx_srv, x_size, ske, &ske_len, &myrand, NULL ) == 0 );
+    TEST_ASSERT( dhm_make_params( &ctx_srv, x_size, ske, &ske_len, &rnd_pseudo_rand, &rnd_info ) == 0 );
     ske[ske_len++] = 0;
     ske[ske_len++] = 0;
     TEST_ASSERT( dhm_read_params( &ctx_cli, &p, ske + ske_len ) == 0 );
 
     pub_cli_len = x_size;
-    TEST_ASSERT( dhm_make_public( &ctx_cli, x_size, pub_cli, pub_cli_len, &myrand, NULL ) == 0 );
+    TEST_ASSERT( dhm_make_public( &ctx_cli, x_size, pub_cli, pub_cli_len, &rnd_pseudo_rand, &rnd_info ) == 0 );
 
     TEST_ASSERT( dhm_read_public( &ctx_srv, pub_cli, pub_cli_len ) == 0 );
 
diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data
index 5781ca2d7..b19ba647f 100644
--- a/tests/suites/test_suite_rsa.data
+++ b/tests/suites/test_suite_rsa.data
@@ -173,7 +173,7 @@ RSA PKCS1 Sign #8 Verify (Invalid padding type)
 rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":1:SIG_RSA_MD5:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021":POLARSSL_ERR_RSA_INVALID_PADDING
 
 RSA PKCS1 Encrypt #1
-rsa_pkcs1_encrypt:"4E636AF98E40F3ADCFCCB698F4E80B9F":RSA_PKCS_V15:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":0
+rsa_pkcs1_encrypt:"4E636AF98E40F3ADCFCCB698F4E80B9F":RSA_PKCS_V15:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"0543bd6d7e88daab6830f39648faeca5c00b423a36456946c2775d3ed676fcb57c83b1b1ad3c47823441b3bae059c2f63817ce8f75d93c9eeb8ddc8a0d3ae5572e8c6010f0959f2222306b18e263326e6d5aa38bd7d2763173f13aab5245d2dd937473e8c2f5b68442f1341e09139f55a1df4a3b89e34752983c0448a2262321d7f9f8e460ce1db3609731e2c5b1d1520daba5cc8547d42d1646e6df068e649fadad1434fcd75abb47d640e050a43cb1e37dc7e873b6a71adafe4c2d80e8d2a9dbba424ace993467d5eff62e59ce5224c857e3c700e3f52323fed206fb6a32556fc5731424f8819d23d3a7928298027681b469eb9e04bf117b9d9fb69056dd65":0
 
 RSA PKCS1 Decrypt #1 (Verify)
 rsa_pkcs1_decrypt:"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404fea284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":RSA_PKCS_V15:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":1000:"4E636AF98E40F3ADCFCCB698F4E80B9F":0
diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function
index 0040d5cbe..169a67726 100644
--- a/tests/suites/test_suite_rsa.function
+++ b/tests/suites/test_suite_rsa.function
@@ -9,14 +9,6 @@ BEGIN_HEADER
 #include <polarssl/sha4.h>
 #include <polarssl/havege.h>
 
-static int myrand( void *rng_state )
-{
-    if( rng_state != NULL )
-        rng_state  = NULL;
-
-    return( rand() );
-}
-
 static int badrand( void *rng_state )
 {
     if( rng_state != NULL )
@@ -265,6 +257,9 @@ rsa_pkcs1_encrypt:message_hex_string:padding_mode:mod:radix_N:input_N:radix_E:in
     unsigned char output_str[1000];
     rsa_context ctx;
     int msg_len;
+    rnd_pseudo_info rnd_info;
+
+    memset( &rnd_info, 0, sizeof( rnd_pseudo_info ) );
 
     rsa_init( &ctx, {padding_mode}, 0 );
     memset( message_str, 0x00, 1000 );
@@ -279,7 +274,7 @@ rsa_pkcs1_encrypt:message_hex_string:padding_mode:mod:radix_N:input_N:radix_E:in
 
     msg_len = unhexify( message_str, {message_hex_string} );
 
-    TEST_ASSERT( rsa_pkcs1_encrypt( &ctx, &myrand, NULL, RSA_PUBLIC, msg_len, message_str, output ) == {result} );
+    TEST_ASSERT( rsa_pkcs1_encrypt( &ctx, &rnd_pseudo_rand, &rnd_info, RSA_PUBLIC, msg_len, message_str, output ) == {result} );
     if( {result} == 0 )
     {
         hexify( output_str, output, ctx.len );
@@ -311,7 +306,7 @@ rsa_pkcs1_encrypt_bad_rng:message_hex_string:padding_mode:mod:radix_N:input_N:ra
 
     msg_len = unhexify( message_str, {message_hex_string} );
 
-    TEST_ASSERT( rsa_pkcs1_encrypt( &ctx, &badrand, NULL, RSA_PUBLIC, msg_len, message_str, output ) == {result} );
+    TEST_ASSERT( rsa_pkcs1_encrypt( &ctx, &rnd_zero_rand, NULL, RSA_PUBLIC, msg_len, message_str, output ) == {result} );
     if( {result} == 0 )
     {
         hexify( output_str, output, ctx.len );