2011-03-13 16:57:25 +00:00
|
|
|
#ifdef _MSC_VER
|
|
|
|
#include <basetsd.h>
|
|
|
|
typedef UINT32 uint32_t;
|
|
|
|
#else
|
|
|
|
#include <inttypes.h>
|
|
|
|
#endif
|
|
|
|
|
|
|
|
/*
|
|
|
|
* 32-bit integer manipulation macros (big endian)
|
|
|
|
*/
|
2012-10-01 14:41:15 +00:00
|
|
|
#ifndef GET_UINT32_BE
|
|
|
|
#define GET_UINT32_BE(n,b,i) \
|
2011-03-13 16:57:25 +00:00
|
|
|
{ \
|
2012-10-01 14:41:15 +00:00
|
|
|
(n) = ( (uint32_t) (b)[(i) ] << 24 ) \
|
|
|
|
| ( (uint32_t) (b)[(i) + 1] << 16 ) \
|
|
|
|
| ( (uint32_t) (b)[(i) + 2] << 8 ) \
|
|
|
|
| ( (uint32_t) (b)[(i) + 3] ); \
|
2011-03-13 16:57:25 +00:00
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
2012-10-01 14:41:15 +00:00
|
|
|
#ifndef PUT_UINT32_BE
|
|
|
|
#define PUT_UINT32_BE(n,b,i) \
|
2011-03-13 16:57:25 +00:00
|
|
|
{ \
|
|
|
|
(b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
|
|
|
|
(b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
|
|
|
|
(b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
|
|
|
|
(b)[(i) + 3] = (unsigned char) ( (n) ); \
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
2013-06-25 14:25:17 +00:00
|
|
|
static int unhexify(unsigned char *obuf, const char *ibuf)
|
2009-06-28 21:50:27 +00:00
|
|
|
{
|
|
|
|
unsigned char c, c2;
|
|
|
|
int len = strlen(ibuf) / 2;
|
|
|
|
assert(!(strlen(ibuf) %1)); // must be even number of bytes
|
|
|
|
|
|
|
|
while (*ibuf != 0)
|
|
|
|
{
|
|
|
|
c = *ibuf++;
|
|
|
|
if( c >= '0' && c <= '9' )
|
|
|
|
c -= '0';
|
|
|
|
else if( c >= 'a' && c <= 'f' )
|
|
|
|
c -= 'a' - 10;
|
|
|
|
else if( c >= 'A' && c <= 'F' )
|
|
|
|
c -= 'A' - 10;
|
|
|
|
else
|
|
|
|
assert( 0 );
|
|
|
|
|
|
|
|
c2 = *ibuf++;
|
|
|
|
if( c2 >= '0' && c2 <= '9' )
|
|
|
|
c2 -= '0';
|
|
|
|
else if( c2 >= 'a' && c2 <= 'f' )
|
|
|
|
c2 -= 'a' - 10;
|
|
|
|
else if( c2 >= 'A' && c2 <= 'F' )
|
|
|
|
c2 -= 'A' - 10;
|
|
|
|
else
|
|
|
|
assert( 0 );
|
|
|
|
|
|
|
|
*obuf++ = ( c << 4 ) | c2;
|
|
|
|
}
|
|
|
|
|
|
|
|
return len;
|
|
|
|
}
|
|
|
|
|
2013-06-25 14:25:17 +00:00
|
|
|
static void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
|
2009-06-28 21:50:27 +00:00
|
|
|
{
|
|
|
|
unsigned char l, h;
|
|
|
|
|
|
|
|
while (len != 0)
|
|
|
|
{
|
|
|
|
h = (*ibuf) / 16;
|
|
|
|
l = (*ibuf) % 16;
|
|
|
|
|
|
|
|
if( h < 10 )
|
|
|
|
*obuf++ = '0' + h;
|
|
|
|
else
|
|
|
|
*obuf++ = 'a' + h - 10;
|
|
|
|
|
|
|
|
if( l < 10 )
|
|
|
|
*obuf++ = '0' + l;
|
|
|
|
else
|
|
|
|
*obuf++ = 'a' + l - 10;
|
|
|
|
|
|
|
|
++ibuf;
|
|
|
|
len--;
|
|
|
|
}
|
|
|
|
}
|
2011-03-08 14:16:06 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* This function just returns data from rand().
|
2011-03-13 15:45:42 +00:00
|
|
|
* Although predictable and often similar on multiple
|
|
|
|
* runs, this does not result in identical random on
|
|
|
|
* each run. So do not use this if the results of a
|
|
|
|
* test depend on the random data that is generated.
|
2011-03-08 14:16:06 +00:00
|
|
|
*
|
|
|
|
* rng_state shall be NULL.
|
|
|
|
*/
|
2011-11-27 21:07:34 +00:00
|
|
|
static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len )
|
2011-03-08 14:16:06 +00:00
|
|
|
{
|
2011-11-27 21:07:34 +00:00
|
|
|
size_t i;
|
|
|
|
|
2011-03-08 14:16:06 +00:00
|
|
|
if( rng_state != NULL )
|
|
|
|
rng_state = NULL;
|
|
|
|
|
2011-11-27 21:07:34 +00:00
|
|
|
for( i = 0; i < len; ++i )
|
|
|
|
output[i] = rand();
|
|
|
|
|
|
|
|
return( 0 );
|
2011-03-08 14:16:06 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* This function only returns zeros
|
|
|
|
*
|
|
|
|
* rng_state shall be NULL.
|
|
|
|
*/
|
2011-11-27 21:07:34 +00:00
|
|
|
static int rnd_zero_rand( void *rng_state, unsigned char *output, size_t len )
|
2011-03-08 14:16:06 +00:00
|
|
|
{
|
|
|
|
if( rng_state != NULL )
|
|
|
|
rng_state = NULL;
|
|
|
|
|
2011-11-27 21:07:34 +00:00
|
|
|
memset( output, 0, len );
|
|
|
|
|
2011-03-08 14:16:06 +00:00
|
|
|
return( 0 );
|
|
|
|
}
|
|
|
|
|
|
|
|
typedef struct
|
|
|
|
{
|
|
|
|
unsigned char *buf;
|
2011-11-27 21:07:34 +00:00
|
|
|
size_t length;
|
2011-03-13 15:45:42 +00:00
|
|
|
} rnd_buf_info;
|
2011-03-08 14:16:06 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* This function returns random based on a buffer it receives.
|
|
|
|
*
|
2011-03-13 15:45:42 +00:00
|
|
|
* rng_state shall be a pointer to a rnd_buf_info structure.
|
|
|
|
*
|
|
|
|
* The number of bytes released from the buffer on each call to
|
|
|
|
* the random function is specified by per_call. (Can be between
|
|
|
|
* 1 and 4)
|
2011-03-08 14:16:06 +00:00
|
|
|
*
|
|
|
|
* After the buffer is empty it will return rand();
|
|
|
|
*/
|
2011-11-27 21:07:34 +00:00
|
|
|
static int rnd_buffer_rand( void *rng_state, unsigned char *output, size_t len )
|
2011-03-08 14:16:06 +00:00
|
|
|
{
|
2011-03-13 15:45:42 +00:00
|
|
|
rnd_buf_info *info = (rnd_buf_info *) rng_state;
|
2011-11-27 21:07:34 +00:00
|
|
|
size_t use_len;
|
2011-03-08 14:16:06 +00:00
|
|
|
|
|
|
|
if( rng_state == NULL )
|
2011-11-27 21:07:34 +00:00
|
|
|
return( rnd_std_rand( NULL, output, len ) );
|
2011-03-08 14:16:06 +00:00
|
|
|
|
2011-11-27 21:07:34 +00:00
|
|
|
use_len = len;
|
|
|
|
if( len > info->length )
|
|
|
|
use_len = info->length;
|
2011-03-13 15:45:42 +00:00
|
|
|
|
2011-11-27 21:07:34 +00:00
|
|
|
if( use_len )
|
2011-03-08 14:16:06 +00:00
|
|
|
{
|
2011-11-27 21:07:34 +00:00
|
|
|
memcpy( output, info->buf, use_len );
|
|
|
|
info->buf += use_len;
|
|
|
|
info->length -= use_len;
|
2011-03-08 14:16:06 +00:00
|
|
|
}
|
|
|
|
|
2011-11-27 21:07:34 +00:00
|
|
|
if( len - use_len > 0 )
|
|
|
|
return( rnd_std_rand( NULL, output + use_len, len - use_len ) );
|
|
|
|
|
|
|
|
return( 0 );
|
2011-03-08 14:16:06 +00:00
|
|
|
}
|
2011-03-13 15:45:42 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Info structure for the pseudo random function
|
|
|
|
*
|
|
|
|
* Key should be set at the start to a test-unique value.
|
2011-03-13 16:57:25 +00:00
|
|
|
* Do not forget endianness!
|
2011-03-13 15:45:42 +00:00
|
|
|
* State( v0, v1 ) should be set to zero.
|
|
|
|
*/
|
|
|
|
typedef struct
|
|
|
|
{
|
2011-03-13 16:57:25 +00:00
|
|
|
uint32_t key[16];
|
2011-03-13 15:45:42 +00:00
|
|
|
uint32_t v0, v1;
|
|
|
|
} rnd_pseudo_info;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* This function returns random based on a pseudo random function.
|
|
|
|
* This means the results should be identical on all systems.
|
|
|
|
* Pseudo random is based on the XTEA encryption algorithm to
|
|
|
|
* generate pseudorandom.
|
|
|
|
*
|
|
|
|
* rng_state shall be a pointer to a rnd_pseudo_info structure.
|
|
|
|
*/
|
2011-11-27 21:07:34 +00:00
|
|
|
static int rnd_pseudo_rand( void *rng_state, unsigned char *output, size_t len )
|
2011-03-13 15:45:42 +00:00
|
|
|
{
|
|
|
|
rnd_pseudo_info *info = (rnd_pseudo_info *) rng_state;
|
2011-11-27 21:07:34 +00:00
|
|
|
uint32_t i, *k, sum, delta=0x9E3779B9;
|
2012-05-15 15:02:38 +00:00
|
|
|
unsigned char result[4];
|
2011-03-13 15:45:42 +00:00
|
|
|
|
|
|
|
if( rng_state == NULL )
|
2011-11-27 21:07:34 +00:00
|
|
|
return( rnd_std_rand( NULL, output, len ) );
|
2011-03-13 15:45:42 +00:00
|
|
|
|
2011-03-13 16:57:25 +00:00
|
|
|
k = info->key;
|
2011-11-27 21:07:34 +00:00
|
|
|
|
|
|
|
while( len > 0 )
|
2011-03-13 15:45:42 +00:00
|
|
|
{
|
2012-05-15 15:02:38 +00:00
|
|
|
size_t use_len = ( len > 4 ) ? 4 : len;
|
2011-11-27 21:07:34 +00:00
|
|
|
sum = 0;
|
|
|
|
|
|
|
|
for( i = 0; i < 32; i++ )
|
|
|
|
{
|
|
|
|
info->v0 += (((info->v1 << 4) ^ (info->v1 >> 5)) + info->v1) ^ (sum + k[sum & 3]);
|
|
|
|
sum += delta;
|
|
|
|
info->v1 += (((info->v0 << 4) ^ (info->v0 >> 5)) + info->v0) ^ (sum + k[(sum>>11) & 3]);
|
|
|
|
}
|
|
|
|
|
2012-10-01 14:41:15 +00:00
|
|
|
PUT_UINT32_BE( info->v0, result, 0 );
|
2012-05-15 15:02:38 +00:00
|
|
|
memcpy( output, result, use_len );
|
2011-11-27 21:07:34 +00:00
|
|
|
len -= use_len;
|
2011-03-13 15:45:42 +00:00
|
|
|
}
|
|
|
|
|
2011-11-27 21:07:34 +00:00
|
|
|
return( 0 );
|
2011-03-13 15:45:42 +00:00
|
|
|
}
|
2013-01-27 07:10:28 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* This function returns a buffer given as a hex string.
|
|
|
|
*
|
|
|
|
* The buffer is reversed so that the following are equivalent:
|
|
|
|
* mpi_fill_random( x, len, not_rnd, str );
|
|
|
|
* mpi_read_string( x, 16, str );
|
|
|
|
* (So, not random at all. Usefull to match test vectors.)
|
|
|
|
* Based on unhexify(), just reversed (changes marked by "sic")
|
|
|
|
*/
|
|
|
|
static int not_rnd( void *in, unsigned char *out, size_t len )
|
|
|
|
{
|
|
|
|
unsigned char *obuf;
|
|
|
|
const char *ibuf = in;
|
|
|
|
unsigned char c, c2;
|
|
|
|
assert( len == strlen(ibuf) / 2 );
|
|
|
|
assert(!(strlen(ibuf) %1)); // must be even number of bytes
|
|
|
|
|
|
|
|
obuf = out + (len - 1); // sic
|
|
|
|
while (*ibuf != 0)
|
|
|
|
{
|
|
|
|
c = *ibuf++;
|
|
|
|
if( c >= '0' && c <= '9' )
|
|
|
|
c -= '0';
|
|
|
|
else if( c >= 'a' && c <= 'f' )
|
|
|
|
c -= 'a' - 10;
|
|
|
|
else if( c >= 'A' && c <= 'F' )
|
|
|
|
c -= 'A' - 10;
|
|
|
|
else
|
|
|
|
assert( 0 );
|
|
|
|
|
|
|
|
c2 = *ibuf++;
|
|
|
|
if( c2 >= '0' && c2 <= '9' )
|
|
|
|
c2 -= '0';
|
|
|
|
else if( c2 >= 'a' && c2 <= 'f' )
|
|
|
|
c2 -= 'a' - 10;
|
|
|
|
else if( c2 >= 'A' && c2 <= 'F' )
|
|
|
|
c2 -= 'A' - 10;
|
|
|
|
else
|
|
|
|
assert( 0 );
|
|
|
|
|
|
|
|
*obuf-- = ( c << 4 ) | c2; // sic
|
|
|
|
}
|
|
|
|
|
|
|
|
return( 0 );
|
|
|
|
}
|