/* -*-c-*-
*
- * $Id: rspit.c,v 1.1 1999/12/10 23:29:13 mdw Exp $
+ * $Id$
*
* Spit out random numbers
*
* (c) 1999 Straylight/Edgeware
*/
-/*----- Licensing notice --------------------------------------------------*
+/*----- Licensing notice --------------------------------------------------*
*
* This file is part of Catacomb.
*
* it under the terms of the GNU Library General Public License as
* published by the Free Software Foundation; either version 2 of the
* License, or (at your option) any later version.
- *
+ *
* Catacomb is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Library General Public License for more details.
- *
+ *
* You should have received a copy of the GNU Library General Public
* License along with Catacomb; if not, write to the Free
* Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
* MA 02111-1307, USA.
*/
-/*----- Revision history --------------------------------------------------*
- *
- * $Log: rspit.c,v $
- * Revision 1.1 1999/12/10 23:29:13 mdw
- * Emit random numbers for statistical tests.
- *
- */
-
/*----- Header files ------------------------------------------------------*/
#include "config.h"
+#include <assert.h>
#include <errno.h>
+#include <math.h>
#include <signal.h>
#include <stdio.h>
#include <stdlib.h>
#include <mLib/report.h>
#include <mLib/sub.h>
+#include "fipstest.h"
#include "grand.h"
+#include "maurer.h"
+#include "key.h"
#include "lcrand.h"
#include "fibrand.h"
#include "mprand.h"
#include "rc4.h"
+#include "seal.h"
#include "des-ofb.h"
#include "des3-ofb.h"
+#include "rc2-ofb.h"
#include "rc5-ofb.h"
+#include "mars-ofb.h"
+#include "skipjack-ofb.h"
+#include "tea-ofb.h"
+#include "xtea-ofb.h"
#include "blowfish-ofb.h"
+#include "twofish-ofb.h"
#include "idea-ofb.h"
+#include "cast128-ofb.h"
+#include "cast256-ofb.h"
+#include "noekeon-ofb.h"
+#include "rijndael-ofb.h"
+#include "rijndael192-ofb.h"
+#include "rijndael256-ofb.h"
+#include "safer-ofb.h"
+#include "safersk-ofb.h"
+#include "square-ofb.h"
+#include "serpent-ofb.h"
+
+#include "des-counter.h"
+#include "des3-counter.h"
+#include "rc2-counter.h"
+#include "rc5-counter.h"
+#include "mars-counter.h"
+#include "skipjack-counter.h"
+#include "tea-counter.h"
+#include "xtea-counter.h"
+#include "blowfish-counter.h"
+#include "twofish-counter.h"
+#include "idea-counter.h"
+#include "cast128-counter.h"
+#include "cast256-counter.h"
+#include "noekeon-counter.h"
+#include "rijndael-counter.h"
+#include "rijndael192-counter.h"
+#include "rijndael256-counter.h"
+#include "safer-counter.h"
+#include "safersk-counter.h"
+#include "square-counter.h"
+#include "serpent-counter.h"
+
+#include "md2-mgf.h"
+#include "md4-mgf.h"
+#include "md5-mgf.h"
+#include "sha-mgf.h"
+#include "tiger-mgf.h"
+#include "rmd128-mgf.h"
+#include "rmd160-mgf.h"
+#include "rmd256-mgf.h"
+#include "rmd320-mgf.h"
#include "rmd160.h"
const char *help;
} gen;
-static gen generators[];
+extern gen generators[];
+
+#define CIPHERS \
+ E(DES, des) \
+ E(DES3, des3) \
+ E(RC2, rc2) \
+ E(RC5, rc5) \
+ E(MARS, mars) \
+ E(SKIPJACK, skipjack) \
+ E(TEA, tea) \
+ E(XTEA, xtea) \
+ E(BLOWFISH, blowfish) \
+ E(TWOFISH, twofish) \
+ E(IDEA, idea) \
+ E(CAST128, cast128) \
+ E(CAST256, cast256) \
+ E(SQUARE, square) \
+ E(SAFER, safer) \
+ E(SAFERSK, safersk) \
+ E(NOEKEON, noekeon) \
+ E(RIJNDAEL, rijndael) \
+ E(RIJNDAEL192, rijndael192) \
+ E(RIJNDAEL256, rijndael256) \
+ E(SERPENT, serpent)
+
+#define HASHES \
+ E(MD2, md2) \
+ E(MD4, md4) \
+ E(MD5, md5) \
+ E(SHA, sha) \
+ E(TIGER, tiger) \
+ E(RMD128, rmd128) \
+ E(RMD160, rmd160) \
+ E(RMD256, rmd256) \
+ E(RMD320, rmd320)
+
+#define E(PRE, pre) CIPHER_##PRE,
+enum { CIPHERS CIPHER__bogus };
+#undef E
+
+#define E(PRE, pre) HASH_##PRE,
+enum { HASHES HASH__bogus };
+#undef E
+
+static struct {
+ const octet *keysz;
+ size_t blksz;
+ grand *(*ofb)(const void */*k*/, size_t /*sz*/);
+ grand *(*counter)(const void */*k*/, size_t /*sz*/);
+} ciphertab[] = {
+#define E(PRE, pre) \
+ { pre##_keysz, PRE##_BLKSZ, pre##_ofbrand, pre##_counterrand },
+ CIPHERS
+#undef E
+};
+
+static struct {
+ const gchash *h;
+ const octet *keysz;
+ grand *(*mgf)(const void */*k*/, size_t /*sz*/);
+} hashtab[] = {
+#define E(PRE, pre) \
+ { &pre, pre##_mgfkeysz, pre##_mgfrand },
+ HASHES
+#undef E
+};
/*----- Miscellaneous static data -----------------------------------------*/
-static FILE *outfp = stdout;
+static FILE *outfp;
static size_t outsz = 0;
+static unsigned maurer_lo = 5, maurer_hi = 8;
static int argc;
static char **argv;
static unsigned flags = 0;
-enum {
- f_progress = 1,
- f_file = 2
-};
+#define f_progress 1u
+#define f_file 2u
+#define f_fips 4u
+#define f_maurer 8u
+#define f_timer 16u
+#define f_discard 32u
/*----- Help options ------------------------------------------------------*/
\n\
-l, --list Show a list of the supported generators, with\n\
their options.\n\
+-f, --fipstest Run the FIPS 140-1 randomness test.\n\
+-m, --maurer[=LO-HI] Run Maurer's universal statistical test.\n\
-o, --output FILE Write output to FILE, not stdout.\n\
-z, --size SIZE Emit SIZE bytes, not an unlimited number.\n\
-p, --progress Show a little progress meter (on stderr).\n\
+-T, --timer Keep track of the CPU time used by the generator.\n\
+-d, --discard Discard the generated output.\n\
\n\
(A SIZE may be followed by `g' for gigabytes, `m' for megabytes, or\n\
`k' for kilobytes. If unqualified, an amount in bytes is assumed.)\n\
/* --- Other useful things --- */
{ "list", 0, 0, 'l' },
+ { "fipstest", 0, 0, 'f' },
+ { "maurer", OPTF_ARGOPT, 0, 'm' },
{ "output", OPTF_ARGREQ, 0, 'o' },
{ "size", OPTF_ARGREQ, 0, 'z' },
{ "progress", 0, 0, 'p' },
+ { "timer", 0, 0, 'T' },
+ { "discard", 0, 0, 'd' },
/* --- End of main table --- */
{ 0, 0, 0, 0 }
};
-static const char *sopts = "hvu lo:z:p";
+static const char *sopts = "hvu lfm::o:z:pTd";
#ifndef OPTION_V
DA_DECL(option_v, struct option);
printf(" %s %s\n", g->name, g->help);
exit(0);
} break;
+ case 'f':
+ flags |= f_fips;
+ break;
+ case 'm':
+ flags |= f_maurer;
+ if (optarg) {
+ char *p;
+ unsigned long lo, hi;
+ lo = strtoul(optarg, &p, 0);
+ if (*p == '-' || *p == ',')
+ hi = strtoul(p + 1, &p, 0);
+ else
+ hi = lo;
+ if (*p != 0 || hi < lo || lo == 0)
+ die(EXIT_FAILURE, "bad bit range `%s'", optarg);
+ maurer_lo = lo;
+ maurer_hi = hi;
+ }
+ break;
case 'o':
if (flags & f_file)
die(EXIT_FAILURE, "already set an output file");
outfp = fopen(optarg, "w");
if (!outfp) {
die(EXIT_FAILURE, "couldn't open output file `%s': %s",
- strerror(errno));
+ optarg, strerror(errno));
}
}
flags |= f_file;
case 'p':
flags |= f_progress;
break;
+ case 'T':
+ flags |= f_timer;
+ break;
+ case 'd':
+ flags |= f_discard;
+ break;
default:
return (i);
}
*end = (char *)p;
}
-/*----- Generators --------------------------------------------------------*/
-
-/* --- Blum-Blum-Shub strong generator --- */
+/* --- Generate a key --- */
-static int bbsev(int ev, mp *m, void *p)
+static void textkey(dstr *d, const char *p, const octet *ksz)
{
- switch (ev) {
- case BBSEV_FINDP:
- fputs("Searching for p: ", stderr);
- fflush(stderr);
- break;
- case BBSEV_FINDQ:
- fputs("Searching for q: ", stderr);
- fflush(stderr);
- break;
- case BBSEV_FAILP:
- case BBSEV_FAILQ:
- fputc('.', stderr);
- fflush(stderr);
- break;
- case BBSEV_PASSP:
- case BBSEV_PASSQ:
- fputc('+', stderr);
- fflush(stderr);
- break;
- case BBSEV_GOODP:
- case BBSEV_GOODQ:
- fputc('\n', stderr);
- fflush(stderr);
- break;
+ size_t sz = strlen(p);
+
+ if (!sz)
+ die(EXIT_FAILURE, "zero-length key string");
+ if (keysz(sz, ksz) != sz)
+ DPUTM(d, p, sz);
+ else {
+ rmd160_mgfctx g;
+ rmd160_mgfinit(&g, p, sz);
+ sz = keysz(0, ksz);
+ dstr_ensure(d, sz);
+ rmd160_mgfencrypt(&g, 0, d->buf, sz);
+ d->len += sz;
}
- return (0);
+ assert(((void)"I can't seem to choose a good key size",
+ keysz(d->len, ksz) == d->len));
}
+static void hexkey(dstr *d, const char *p, const octet *ksz)
+{
+ char *q;
+ unhex(optarg, &q, d);
+ if (*q)
+ die(EXIT_FAILURE, "bad hex key `%s'", p);
+ if (keysz(d->len, ksz) != d->len)
+ die(EXIT_FAILURE, "bad key length");
+}
+
+static void randkey(dstr *d, const octet *ksz)
+{
+ size_t sz = keysz(0, ksz);
+ dstr_ensure(d, sz);
+ rand_get(RAND_GLOBAL, d->buf, sz);
+ d->len += sz;
+}
+
+/*----- Generators --------------------------------------------------------*/
+
+/* --- Blum-Blum-Shub strong generator --- */
+
static grand *gen_bbs(unsigned i)
{
/* --- Default modulus --- *
* The factors of this number are
*
* @p = 1229936431484295969649886203367009966370895964206162032259292413@
- * @7754313537966036459299022912838407755462506416274551744201653277@
+ * @7754313537966036459299022912838407755462506416274551744201653277@
* @313130311731673973886822067@
*
* @q = 9798171783943489959487301695884963889684294764514008432498259742@
* @5374320073594018817245784145742769603334292182227671519041431067@
* @61344781426317516045890159@
*
- * Both %$p$% and %$q$% are prime; %$(p - 1)/2%$ and %$(q - 1)/2$% have no
+ * Both %$p$% and %$q$% are prime; %$(p - 1)/2$% and %$(q - 1)/2$% have no
* common factors. They were found using this program, with random
* starting points.
*
* I hope that, by publishing these factors, I'll dissuade people from
- * actually using this modulus in attempt to actually attain real
- * security. The program is quite quick at finding Blum numbers, so
- * there's no excuse for not generating your own.
+ * actually using this modulus in an attempt to attain real security. The
+ * program is quite quick at finding Blum numbers, so there's no excuse for
+ * not generating your own.
*/
const char *mt =
- "120511284390135742513572142094334711443073194119732569353820828435640527418092392240366088035509890969913081816369160298961490135716255689660470370755013177656905237112577648090277537209936078171554274553448103698084782669252936352843649980105109850503830397166360721262431179505917248447259735253684659338653";
+ "12051128439013574251357214209433471144307319411973256935382082"
+ "84356405274180923922403660880355098909699130818163691602989614"
+ "90135716255689660470370755013177656905237112577648090277537209"
+ "93607817155427455344810369808478266925293635284364998010510985"
+ "0503830397166360721262431179505917248447259735253684659338653";
/* --- Other things --- */
grand *r;
const char *xt = 0;
- unsigned bits = 512;
+ unsigned bits = 1024;
mp *m, *x;
unsigned show = 0;
+ const char *kfile = 0, *id = 0, *ktype = 0;
/* --- Parse options --- */
static struct option opts[] = {
- { "modulus", OPTF_ARGREQ, 0, 'm' },
+ { "modulus", OPTF_ARGREQ, 0, 'M' },
{ "generate", 0, 0, 'g' },
{ "seed", OPTF_ARGREQ, 0, 's' },
{ "bits", OPTF_ARGREQ, 0, 'b' },
{ "show", 0, 0, 'S' },
+ { "keyring", OPTF_ARGREQ, 0, 'k' },
+ { "id", OPTF_ARGREQ, 0, 'i' },
+ { "type", OPTF_ARGREQ, 0, 't' },
{ 0, 0, 0, 0 }
};
- addopts("m:gs:b:S", opts);
+ addopts("M:gs:b:Sk:i:t:", opts);
for (;;) {
int o = opt();
if (o < 0)
break;
switch (o) {
- case 'm':
+ case 'M':
mt = optarg;
break;
case 'g':
case 'S':
show = 1;
break;
+ case 'k':
+ kfile = optarg;
+ mt = 0;
+ break;
+ case 'i':
+ id = optarg;
+ mt = 0;
+ break;
+ case 't':
+ ktype = optarg;
+ mt = 0;
+ break;
default:
return (0);
}
if (mt) {
char *p;
m = mp_readstring(MP_NEW, mt, &p, 0);
- if (*p)
+ if (!m || *p || (m->v[0] & 3) != 1)
die(EXIT_FAILURE, "bad modulus `%s'", mt);
/* Unfortunately I don't know how to test for a Blum integer */
+ } else if (kfile || id || ktype) {
+ key_file kf;
+ key *kk;
+ key_data *kd;
+
+ /* --- Open the key file --- */
+
+ if (!kfile)
+ kfile = "keyring";
+ if (key_open(&kf, kfile, KOPEN_READ, key_moan, 0)) {
+ die(EXIT_FAILURE, "error opening key file `%s': %s",
+ kfile, strerror(errno));
+ }
+
+ /* --- Find the key --- */
+
+ if (id) {
+ if ((kk = key_bytag(&kf, id)) == 0)
+ die(EXIT_FAILURE, "key `%s' not found", id);
+ } else {
+ if (!ktype)
+ ktype = "bbs";
+ if ((kk = key_bytype(&kf, ktype)) == 0)
+ die(EXIT_FAILURE, "no suitable key with type `%s' found", ktype);
+ }
+
+ /* --- Read the key data --- */
+
+ if ((kk->k->e & KF_ENCMASK) != KENC_STRUCT)
+ die(EXIT_FAILURE, "key is not structured");
+ if ((kd = key_structfind(kk->k, "n")) == 0)
+ die(EXIT_FAILURE, "key has no subkey `n'");
+ if ((kd->e & KF_ENCMASK) != KENC_MP)
+ die(EXIT_FAILURE, "incompatible subkey encoding");
+ m = MP_COPY(kd->u.m);
+ key_close(&kf);
} else {
- mp *p = mprand(MP_NEW, bits / 2, &rand_global, 3);
- mp *q = mprand(MP_NEW, bits - bits / 2, &rand_global, 3);
- bbs_params bp;
- int err;
-
- if ((err = bbs_gen(&bp, p, q, 0,
- (flags & f_progress) ? bbsev : 0, 0)) != 0)
- die(EXIT_FAILURE, "modulus generation failed (reason = %i)", err);
+ bbs_priv bp;
+
+ if (bbs_gen(&bp, bits, &rand_global, 0,
+ (flags & f_progress) ? pgen_ev : 0, 0))
+ die(EXIT_FAILURE, "modulus generation failed");
m = bp.n;
if (show) {
fputc('\n', stderr);
}
- mp_drop(p);
- mp_drop(q);
mp_drop(bp.p);
mp_drop(bp.q);
}
{ "key", OPTF_ARGREQ, 0, 'k' },
{ "text", OPTF_ARGREQ, 0, 't' },
{ "hex", OPTF_ARGREQ, 0, 'H' },
- { "noise", 0, 0, 'n' },
{ 0, 0, 0, 0 }
};
addopts("k:t:H:n", opts);
+ r->ops->misc(r, RAND_NOISESRC, &noise_source);
+ r->ops->misc(r, RAND_SEED, 160);
+
for (;;) {
int o = opt();
if (o < 0)
break;
switch (o) {
- case 'k': {
- rmd160_ctx c;
- octet hash[RMD160_HASHSZ];
- rmd160_init(&c);
- rmd160_hash(&c, optarg, strlen(optarg));
- rmd160_done(&c, hash);
- r->ops->misc(r, RAND_KEY, hash, sizeof(hash));
- } break;
+ case 'k':
+ DRESET(&d);
+ textkey(&d, optarg, rmd160_hmackeysz);
+ r->ops->misc(r, RAND_KEY, d.buf, d.len);
+ break;
case 't':
r->ops->misc(r, GRAND_SEEDBLOCK, optarg, strlen(optarg));
break;
- case 'H': {
- char *p;
+ case 'H':
DRESET(&d);
- unhex(optarg, &p, &d);
- if (*p)
- die(EXIT_FAILURE, "bad hex key `%s'", optarg);
+ hexkey(&d, optarg, rmd160_hmackeysz);
r->ops->misc(r, GRAND_SEEDBLOCK, d.buf, d.len);
- } break;
- case 'n':
- r->ops->misc(r, RAND_NOISESRC, &noise_source);
break;
}
}
if (o < 0)
break;
switch (o) {
- case 'k': {
- rmd160_ctx c;
- dstr_ensure(&d, RMD160_HASHSZ);
- rmd160_init(&c);
- rmd160_hash(&c, optarg, strlen(optarg));
- rmd160_done(&c, d.buf);
- d.len += RMD160_HASHSZ;
- } break;
- case 'H': {
- char *p;
- unhex(optarg, &p, &d);
- if (*p)
- die(EXIT_FAILURE, "bad hex key `%s'", optarg);
- } break;
+ case 'k':
+ DRESET(&d);
+ textkey(&d, optarg, rc4_keysz);
+ break;
+ case 'H':
+ DRESET(&d);
+ hexkey(&d, optarg, rc4_keysz);
+ break;
default:
return (0);
}
}
- if (!d.len) {
- dstr_ensure(&d, 16);
- d.len = 16;
- rand_getgood(RAND_GLOBAL, d.buf, d.len);
- }
+ if (!d.len)
+ randkey(&d, rc4_keysz);
r = rc4_rand(d.buf, d.len);
dstr_destroy(&d);
return (r);
}
-/* --- Output feedback generators --- */
+/* --- SEAL output --- */
-#define OFBTAB \
- E(OFB_DES, DES_KEYSZ, DES_BLKSZ, des_ofbrand), \
- E(OFB_DES3, DES3_KEYSZ, DES3_BLKSZ, des3_ofbrand), \
- E(OFB_RC5, RC5_KEYSZ, RC5_BLKSZ, rc5_ofbrand), \
- E(OFB_BLOWFISH, BLOWFISH_KEYSZ, BLOWFISH_BLKSZ, blowfish_ofbrand), \
- E(OFB_IDEA, IDEA_KEYSZ, IDEA_BLKSZ, idea_ofbrand)
+static grand *gen_seal(unsigned i)
+{
+ grand *r;
+ dstr d = DSTR_INIT;
+ uint32 n = 0;
-static struct {
- size_t keysz;
- size_t blksz;
- grand *(*rand)(const void */*k*/, size_t /*sz*/);
-} ofbtab[] = {
-#define E(c, x, y, z) { x, y, z }
- OFBTAB
-#undef E
-};
+ static struct option opts[] = {
+ { "key", OPTF_ARGREQ, 0, 'k' },
+ { "hex", OPTF_ARGREQ, 0, 'H' },
+ { "sequence", OPTF_ARGREQ, 0, 'n' },
+ { 0, 0, 0, 0 }
+ };
-enum {
-#define E(c, x, y, z) c
- OFBTAB
-#undef E
-};
+ addopts("k:H:n:", opts);
+
+ for (;;) {
+ int o = opt();
+ if (o < 0)
+ break;
+ switch (o) {
+ case 'k':
+ DRESET(&d);
+ textkey(&d, optarg, seal_keysz);
+ break;
+ case 'H':
+ DRESET(&d);
+ hexkey(&d, optarg, seal_keysz);
+ break;
+ case 'n': {
+ char *p;
+ n = strtoul(optarg, &p, 0);
+ if (*p)
+ die(EXIT_FAILURE, "bad number `%s'", optarg);
+ } break;
+ default:
+ return (0);
+ }
+ }
+
+ if (!d.len)
+ randkey(&d, seal_keysz);
+ r = seal_rand(d.buf, d.len, n);
+ dstr_destroy(&d);
+ return (r);
+}
-#undef OFBTAB
+/* --- Output feedback generators --- */
static grand *gen_ofb(unsigned i)
{
if (o < 0)
break;
switch (o) {
- case 'k': {
- rmd160_ctx c;
- dstr_ensure(&d, RMD160_HASHSZ);
- rmd160_init(&c);
- rmd160_hash(&c, optarg, strlen(optarg));
- rmd160_done(&c, d.buf);
- d.len += RMD160_HASHSZ;
- } break;
- case 'H': {
- char *p;
- unhex(optarg, &p, &d);
- if (*p)
- die(EXIT_FAILURE, "bad hex key `%s'", optarg);
- } break;
+ case 'k':
+ DRESET(&d);
+ textkey(&d, optarg, ciphertab[i].keysz);
+ break;
+ case 'H':
+ DRESET(&d);
+ hexkey(&d, optarg, ciphertab[i].keysz);
+ break;
case 'i': {
char *p;
unhex(optarg, &p, &iv);
}
}
- if (!d.len) {
- size_t n = ofbtab[i].keysz;
- if (!n)
- n = 16;
- dstr_ensure(&d, n);
- d.len = n;
- rand_getgood(RAND_GLOBAL, d.buf, d.len);
+ if (!d.len)
+ randkey(&d, ciphertab[i].keysz);
+ r = ciphertab[i].ofb(d.buf, d.len);
+ if (iv.len) {
+ if (iv.len != ciphertab[i].blksz) {
+ die(EXIT_FAILURE, "bad IV length %lu (must be %lu)",
+ (unsigned long)iv.len, (unsigned long)ciphertab[i].blksz);
+ }
+ r->ops->misc(r, GRAND_SEEDBLOCK, iv.buf);
}
- while (d.len < ofbtab[i].keysz)
- DPUTD(&d, &d);
- if (ofbtab[i].keysz && d.len > ofbtab[i].keysz)
- d.len = ofbtab[i].keysz;
+ dstr_destroy(&d);
+ dstr_destroy(&iv);
+ return (r);
+}
+
+/* --- Counter generators --- */
+
+static grand *gen_counter(unsigned i)
+{
+ grand *r;
+ dstr d = DSTR_INIT;
+ dstr iv = DSTR_INIT;
+
+ static struct option opts[] = {
+ { "key", OPTF_ARGREQ, 0, 'k' },
+ { "hex", OPTF_ARGREQ, 0, 'H' },
+ { "iv", OPTF_ARGREQ, 0, 'i' },
+ { 0, 0, 0, 0 }
+ };
+
+ addopts("k:H:i:", opts);
+
+ for (;;) {
+ int o = opt();
+ if (o < 0)
+ break;
+ switch (o) {
+ case 'k':
+ DRESET(&d);
+ textkey(&d, optarg, ciphertab[i].keysz);
+ break;
+ case 'H':
+ DRESET(&d);
+ hexkey(&d, optarg, ciphertab[i].keysz);
+ break;
+ case 'i': {
+ char *p;
+ unhex(optarg, &p, &iv);
+ if (*p)
+ die(EXIT_FAILURE, "bad hex IV `%s'", optarg);
+ } break;
+ default:
+ return (0);
+ }
+ }
- r = ofbtab[i].rand(d.buf, d.len);
+ if (!d.len)
+ randkey(&d, ciphertab[i].keysz);
+ r = ciphertab[i].counter(d.buf, d.len);
if (iv.len) {
- while (iv.len < ofbtab[i].blksz)
- DPUTD(&iv, &iv);
+ if (iv.len != ciphertab[i].blksz) {
+ die(EXIT_FAILURE, "bad IV length %lu (must be %lu)",
+ (unsigned long)iv.len, (unsigned long)ciphertab[i].blksz);
+ }
r->ops->misc(r, GRAND_SEEDBLOCK, iv.buf);
}
return (r);
}
+/* --- Mask generators --- */
+
+static grand *gen_mgf(unsigned i)
+{
+ grand *r;
+ dstr d = DSTR_INIT;
+ uint32 c = 0;
+
+ static struct option opts[] = {
+ { "key", OPTF_ARGREQ, 0, 'k' },
+ { "hex", OPTF_ARGREQ, 0, 'H' },
+ { "index", OPTF_ARGREQ, 0, 'i' },
+ { 0, 0, 0, 0 }
+ };
+
+ addopts("k:H:i:", opts);
+
+ for (;;) {
+ int o = opt();
+ if (o < 0)
+ break;
+ switch (o) {
+ case 'k':
+ DRESET(&d);
+ textkey(&d, optarg, hashtab[i].keysz);
+ break;
+ case 'H':
+ DRESET(&d);
+ hexkey(&d, optarg, hashtab[i].keysz);
+ break;
+ case 'i': {
+ char *p;
+ c = strtoul(optarg, &p, 0);
+ if (*p)
+ die(EXIT_FAILURE, "bad index `%s'", optarg);
+ } break;
+ default:
+ return (0);
+ }
+ }
+
+ if (!d.len)
+ randkey(&d, hashtab[i].keysz);
+
+ r = hashtab[i].mgf(d.buf, d.len);
+ if (c)
+ r->ops->misc(r, GRAND_SEEDUINT32, c);
+
+ dstr_destroy(&d);
+ return (r);
+}
+
/* --- Fibonacci generator --- */
static grand *gen_fib(unsigned i)
/*----- Generators table --------------------------------------------------*/
-static gen generators[] = {
+gen generators[] = {
{ "fibonacci", gen_fib, 0,
"[-s SEED]" },
{ "lc", gen_lc, 0,
"[-s SEED]" },
- { "des-ofb", gen_ofb, OFB_DES,
- "[-k KEY-PHRASE] [-H HEX-KEY] [-i HEX-IV]" },
- { "3des-ofb", gen_ofb, OFB_DES3,
+#define E(PRE, pre) \
+ { #pre "-ofb", gen_ofb, CIPHER_##PRE, \
"[-k KEY-PHRASE] [-H HEX-KEY] [-i HEX-IV]" },
- { "rc5-ofb", gen_ofb, OFB_RC5,
- "[-k KEY-PHRASE] [-H HEX-KEY] [-i HEX-IV]" },
- { "blowfish-ofb", gen_ofb, OFB_BLOWFISH,
- "[-k KEY-PHRASE] [-H HEX-KEY] [-i HEX-IV]" },
- { "idea-ofb", gen_ofb, OFB_IDEA,
+ CIPHERS
+#undef E
+#define E(PRE, pre) \
+ { #pre "-counter", gen_counter, CIPHER_##PRE, \
"[-k KEY-PHRASE] [-H HEX-KEY] [-i HEX-IV]" },
+ CIPHERS
+#undef E
+#define E(PRE, pre) \
+ { #pre "-mgf", gen_mgf, HASH_##PRE, \
+ "[-k KEY-PHRASE] [-H HEX-KEY] [-i INDEX]" },
+ HASHES
+#undef E
{ "rc4", gen_rc4, 0,
"[-k KEY-PHRASE] [-H HEX-KEY]" },
+ { "seal", gen_seal, 0,
+ "[-k KEY-PHRASE] [-H HEX-KEY] [-n SEQ]" },
{ "rand", gen_rand, 0,
"[-n] [-k KEY-PHRASE] [-t TEXT-BLOCK] [-H HEX-BLOCK]" },
{ "bbs", gen_bbs, 0,
- "[-gS] [-s SEED] [-m MODULUS] [-b BITS" },
+ "[-gS] [-s SEED] [-M MODULUS] [-b BITS] [-k KEYRING] [-i TAG] [-t TYPE]"
+ },
{ 0, 0, 0, 0 },
};
static gen optsg = { "options", gen_opts, 0,
"This message shouldn't be printed." };
-/*----- Main code ---------------------------------------------------------*/
+/*----- Random number generation ------------------------------------------*/
-int main(int ac, char *av[])
+static int genfile(const void *buf, size_t sz, void *p)
{
- gen *g = &optsg;
- grand *r;
- unsigned percent = -1;
- size_t kb = 0;
- time_t last;
- static char baton[] = "|/-\\";
- char *bp;
-
- /* --- Initialize mLib --- */
-
- ego(av[0]);
- sub_init();
-
- /* --- Set up the main Catacomb generator --- */
-
- rand_noisesrc(RAND_GLOBAL, &noise_source);
-
- /* --- Initialize the options table --- */
-
- addopts(sopts, opts);
- argc = ac;
- argv = av;
+ FILE *fp = p;
+ if (fwrite(buf, 1, sz, fp) != sz)
+ die(EXIT_FAILURE, "error writing to file: %s", strerror(errno));
+ return (0);
+}
- /* --- Read the generator out of the first argument --- */
+static int genbuf(const void *buf, size_t sz, void *p)
+{
+ octet **pp = p;
+ memcpy(*pp, buf, sz);
+ *pp += sz;
+ return (0);
+}
- if (argc > 1 && *argv[1] != '-') {
- const char *arg = av[1];
- size_t sz = strlen(arg);
- gen *gg;
+typedef struct genmaurer_ctx {
+ size_t n;
+ maurer_ctx *m;
+} genmaurer_ctx;
- g = 0;
- for (gg = generators; gg->name; gg++) {
- if (strncmp(arg, gg->name, sz) == 0) {
- if (gg->name[sz] == 0) {
- g = gg;
- break;
- } else if (g)
- die(EXIT_FAILURE, "ambiguous generator name `%s'", arg);
- else
- g = gg;
- }
- }
- if (!g)
- die(EXIT_FAILURE, "unknown generator name `%s'", arg);
- argc--;
- argv++;
- }
+static int genmaurer(const void *buf, size_t sz, void *p)
+{
+ genmaurer_ctx *g = p;
+ size_t i;
- /* --- Get a generic random number generator --- */
+ for (i = 0; i < g->n; i++)
+ maurer_test(&g->m[i], buf, sz);
+ return (0);
+}
- r = g->seed(g->i);
- if (!r || optind != ac - 1) {
- usage(stderr);
- exit(EXIT_FAILURE);
- }
+static int generate(grand *r, size_t outsz,
+ int (*func)(const void *buf, size_t sz, void *p),
+ void *p)
+{
+ static char kmg[] = { ' ', 'k', 'M', 'G', 'T', 'P', 'E', 'Z', 'Y', 0 };
-#ifndef PORTABLE
- if (!(flags & f_file) && isatty(STDOUT_FILENO))
- die(EXIT_FAILURE, "writing output to a terminal is a bad idea");
-#endif
+ unsigned percent = 0;
+ size_t kb = 0;
+ time_t last;
+ static char baton[] = "-\\|/";
+ char *bp;
+ int rc;
+ clock_t clk = 0;
/* --- Spit out random data --- */
if (flags & f_progress) {
char *errbuf = xmalloc(BUFSIZ);
setvbuf(stderr, errbuf, _IOLBF, BUFSIZ);
- fputc('[', stderr);
+ if (outsz)
+ fprintf(stderr, "[%*s] 0%% 0\r[/\b", 50, "");
+ else
+ fputs("[ ] 0\r[/\b", stderr);
fflush(stderr);
}
signal(SIGPIPE, SIG_IGN);
#endif
- for (;;) {
+ do {
octet buf[BUFSIZ];
size_t sz = sizeof(buf);
+ clock_t c_start, c_stop;
/* --- Emit a bufferful (or less) of data --- */
if (sz > outsz - kb)
sz = outsz - kb;
}
+ c_start = clock();
r->ops->fill(r, buf, sz);
- if (fwrite(buf, 1, sz, outfp) != sz) {
- if (flags & f_progress)
- fputc('\n', stderr);
- die(EXIT_FAILURE, "error writing data: %s", strerror(errno));
- }
+ c_stop = clock();
+ clk += c_stop - c_start;
+ if (func && (rc = func(buf, sz, p)) != 0)
+ return (rc);
kb += sz;
/* --- Update the display --- */
if (up) {
size_t q = kb;
- char *suff = " KMG";
- while (q > 8192 && suff[1]) {
+ char *kk = kmg;
+ while (q > 8192 && kk[1]) {
q >>= 10;
- suff++;
+ kk++;
}
- fprintf(stderr, "%4i%c\r[", q, *suff);
+ fprintf(stderr, "%4i%c\r[", q, *kk);
if (outsz) {
unsigned pc;
for (pc = 0; pc < (percent & ~1); pc += 2)
/* --- Terminate the loop --- */
- if (outsz && kb >= outsz)
- break;
+ } while (!outsz || kb < outsz);
+
+ if (flags & f_progress)
+ fputc('\n', stderr);
+ if (flags & f_timer) {
+ fprintf(stderr, "generated %lu bytes ", (unsigned long)outsz);
+ if (!clk)
+ fputs("too quickly to measure\n", stderr);
+ else {
+ char *kk;
+ double sec = (double)clk/CLOCKS_PER_SEC;
+ double bps = (outsz << 3)/sec;
+ for (kk = kmg; bps > 1024 && kk[1]; kk++, bps /= 1024)
+ ;
+ fprintf(stderr, "in %g secs (%g %cb/s)\n", sec, bps, *kk);
+ }
+ }
+ return (0);
+}
+
+/*----- Main code ---------------------------------------------------------*/
+
+int main(int ac, char *av[])
+{
+ gen *g = &optsg;
+ grand *r;
+
+ /* --- Initialize mLib --- */
+
+ ego(av[0]);
+ sub_init();
+
+ /* --- Set up the main Catacomb generator --- */
+
+ rand_noisesrc(RAND_GLOBAL, &noise_source);
+ rand_seed(RAND_GLOBAL, 160);
+
+ /* --- Initialize the options table --- */
+
+ addopts(sopts, opts);
+ argc = ac;
+ argv = av;
+ outfp = stdout;
+
+ /* --- Read the generator out of the first argument --- */
+
+ if (argc > 1 && *argv[1] != '-') {
+ const char *arg = av[1];
+ size_t sz = strlen(arg);
+ gen *gg;
+
+ g = 0;
+ for (gg = generators; gg->name; gg++) {
+ if (strncmp(arg, gg->name, sz) == 0) {
+ if (gg->name[sz] == 0) {
+ g = gg;
+ break;
+ } else if (g)
+ die(EXIT_FAILURE, "ambiguous generator name `%s'", arg);
+ else
+ g = gg;
+ }
+ }
+ if (!g)
+ die(EXIT_FAILURE, "unknown generator name `%s'", arg);
+ argc--;
+ argv++;
+ }
+
+ /* --- Get a generic random number generator --- */
+
+ r = g->seed(g->i);
+ if (!r || optind != ac - 1) {
+ usage(stderr);
+ exit(EXIT_FAILURE);
+ }
+
+ /* --- Do the FIPS test --- */
+
+ if (flags & f_fips) {
+ octet buf[FIPSTEST_BUFSZ];
+ unsigned rc;
+ octet *p = buf;
+
+ generate(r, sizeof(buf), genbuf, &p);
+ rc = fipstest(buf);
+ if (rc & FIPSTEST_MONOBIT)
+ moan("failed monobit test");
+ if (rc & FIPSTEST_POKER)
+ moan("failed poker test");
+ if (rc & FIPSTEST_RUNS)
+ moan("failed runs test");
+ if (rc & FIPSTEST_LONGRUNS)
+ moan("failed long runs test");
+ if (!rc && (flags & f_progress))
+ fputs("test passed\n", stderr);
+ return (rc ? EXIT_FAILURE : 0);
+ }
+
+ /* --- Do Maurer's test --- */
+
+ if (flags & f_maurer) {
+ size_t bufsz;
+ unsigned i;
+ unsigned rc = 0;
+ genmaurer_ctx g;
+
+ static struct { double x; const char *sig; } sigtab[] = {
+ { 3.2905, "1e-3" },
+ { 3.0902, "2e-3" },
+ { 2.8070, "5e-3" },
+ { 2.5758, "1e-2" },
+ { 0 , 0 }
+ };
+
+ g.n = maurer_hi - maurer_lo + 1;
+ g.m = xmalloc(g.n * sizeof(maurer_ctx));
+ for (i = 0; i < g.n; i++)
+ maurer_init(&g.m[i], i + maurer_lo);
+ bufsz = (100 * maurer_hi) << maurer_hi;
+
+ generate(r, bufsz, genmaurer, &g);
+
+ for (i = maurer_lo; i <= maurer_hi; i++) {
+ double z = maurer_done(&g.m[i - maurer_lo]);
+ double zz = fabs(z);
+ unsigned j;
+
+ for (j = 0; sigtab[j].sig; j++) {
+ if (zz > sigtab[j].x) {
+ rc = EXIT_FAILURE;
+ moan("failed, bits = %u, sig = %s, Z_u = %g",
+ i, sigtab[j].sig, z);
+ break;
+ }
+ }
+ if (flags & f_progress)
+ fprintf(stderr, "bits = %u, Z_u = %g\n", i, z);
+ }
+
+ xfree(g.m);
+ return (rc);
}
+ /* --- Discard --- */
+
+ if (flags & f_discard) {
+ generate(r, outsz, 0, 0);
+ return (0);
+ }
+
+ /* --- Write to a file --- */
+
+#ifndef PORTABLE
+ if (!(flags & f_file) && isatty(STDOUT_FILENO))
+ die(EXIT_FAILURE, "writing output to a terminal is a bad idea");
+#endif
+
+ generate(r, outsz, genfile, outfp);
+
/* --- Done --- */
r->ops->destroy(r);
- if (flags & f_progress)
- fputc('\n', stderr);
return (0);
}
projects / u / mdw / catacomb / blobdiff