lib/hcrypto/test_rand.c

   1 /*
   2  * Copyright (c) 2007 Kungliga Tekniska Högskolan
   3  * (Royal Institute of Technology, Stockholm, Sweden).
   4  * All rights reserved.
   5  *
   6  * Portions Copyright (c) 2009 Apple Inc. All rights reserved.
   7  *
   8  * Redistribution and use in source and binary forms, with or without
   9  * modification, are permitted provided that the following conditions
  10  * are met:
  11  *
  12  * 1. Redistributions of source code must retain the above copyright
  13  *    notice, this list of conditions and the following disclaimer.
  14  *
  15  * 2. Redistributions in binary form must reproduce the above copyright
  16  *    notice, this list of conditions and the following disclaimer in the
  17  *    documentation and/or other materials provided with the distribution.
  18  *
  19  * 3. Neither the name of the Institute nor the names of its contributors
  20  *    may be used to endorse or promote products derived from this software
  21  *    without specific prior written permission.
  22  *
  23  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
  24  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  25  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  26  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
  27  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  28  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  29  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  30  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  31  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  32  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  33  * SUCH DAMAGE.
  34  */
  35
  36 #include <config.h>
  37
  38 #include <stdio.h>
  39 #include <stdlib.h>
  40 #include <math.h>
  41
  42 #include <roken.h>
  43 #include <getarg.h>
  44
  45 #include "rand.h"
  46
  47
  48 /*
  49  *
  50  */
  51
  52 static int version_flag;
  53 static int help_flag;
  54 static int len = 1024 * 1024;
  55 static char *rand_method;
  56 static char *filename;
  57
  58 static struct getargs args[] = {
  59     { "length", 0,      arg_integer,    &len,
  60       "length", NULL },
  61     { "file",   0,      arg_string,     &filename,
  62       "file name", NULL },
  63     { "method", 0,      arg_string,     &rand_method,
  64       "method", NULL },
  65     { "version",        0,      arg_flag,       &version_flag,
  66       "print version", NULL },
  67     { "help",           0,      arg_flag,       &help_flag,
  68       NULL,     NULL }
  69 };
  70
  71 /*
  72  *
  73  */
  74
  75 /*
  76  *
  77  */
  78
  79 static void
  80 usage (int ret)
  81 {
  82     arg_printusage (args,
  83                     sizeof(args)/sizeof(args[0]),
  84                     NULL,
  85                     "");
  86     exit (ret);
  87 }
  88
  89 int
  90 main(int argc, char **argv)
  91 {
  92     int idx = 0;
  93     char *buffer;
  94     char path[MAXPATHLEN];
  95
  96     setprogname(argv[0]);
  97
  98     if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &idx))
  99         usage(1);
 100
 101     if (help_flag)
 102         usage(0);
 103
 104     if(version_flag){
 105         print_version(NULL);
 106         exit(0);
 107     }
 108
 109     argc -= idx;
 110     argv += idx;
 111
 112     if (argc != 0)
 113         usage(1);
 114
 115     buffer = emalloc(len);
 116
 117     if (rand_method) {
 118         if (0) {
 119         }
 120 #ifndef NO_RAND_FORTUNA_METHOD
 121         else if (strcasecmp(rand_method, "fortuna") == 0)
 122             RAND_set_rand_method(RAND_fortuna_method());
 123 #endif
 124 #ifndef NO_RAND_UNIX_METHOD
 125         else if (strcasecmp(rand_method, "unix") == 0)
 126             RAND_set_rand_method(RAND_unix_method());
 127 #endif
 128 #if defined(HAVE_RAND_EGD)
 129         else if (strcasecmp(rand_method, "egd") == 0)
 130             RAND_set_rand_method(RAND_egd_method());
 131 #endif
 132 #ifdef WIN32
 133         else if (strcasecmp(rand_method, "w32crypto") == 0)
 134             RAND_set_rand_method(RAND_w32crypto_method());
 135 #endif
 136         else
 137             errx(1, "unknown method %s", rand_method);
 138     }
 139
 140     if (RAND_file_name(path, sizeof(path)) == NULL)
 141         errx(1, "RAND_file_name failed");
 142
 143     if (RAND_status() != 1)
 144         errx(1, "random not ready yet");
 145
 146     if (RAND_bytes(buffer, len) != 1)
 147         errx(1, "RAND_bytes");
 148
 149     if (filename)
 150         rk_dumpdata(filename, buffer, len);
 151
 152     /* head vs tail */
 153     if (len >= 100000) {
 154         unsigned bytes[256];
 155         unsigned bits[8];
 156         size_t bit, i;
 157         double res;
 158         double slen = sqrt((double)len);
 159
 160         memset(bits, 0, sizeof(bits));
 161         memset(bytes, 0, sizeof(bytes));
 162
 163         for (i = 0; i < len; i++) {
 164             unsigned char c = ((unsigned char *)buffer)[i];
 165
 166             bytes[c]++;
 167
 168             for (bit = 0; bit < 8 && c; bit++) {
 169                 if (c & 1)
 170                     bits[bit]++;
 171                 c = c >> 1;
 172             }
 173         }
 174
 175         /*
 176          * The count for each bit value has a mean of n*p = len/2,
 177          * and a standard deviation of sqrt(n*p*q) ~ sqrt(len/4).
 178          * Normalizing by dividing by "n*p", we get a mean of 1 and
 179          * a standard deviation of sqrt(q/n*p) = 1/sqrt(len).
 180          *
 181          * A 5.33-sigma event happens 1 time in 10 million.
 182          * A 5.73-sigma event happens 1 time in 100 million.
 183          * A 6.11-sigma event happens 1 time in 1000 million.
 184          *
 185          * We tolerate 5.33-sigma events (we have 8 not entirely
 186          * independent chances of skewed results) and want to fail
 187          * with a good RNG less often than 1 time in million.
 188          */
 189         for (bit = 0; bit < 8; bit++) {
 190             res = slen * fabs(1.0 - 2 * (double)bits[bit] / len);
 191             if (res > 5.33)
 192                 errx(1, "head%d vs tail%d: %.1f-sigma (%d of %d)",
 193                      (int)bit, (int)bit, res, bits[bit], len);
 194             printf("head vs tails bit%d: %f-sigma\n", (int)bit, res);
 195         }
 196
 197         /*
 198          * The count of each byte value has a mean of n*p = len/256,
 199          * and a standard deviation of sqrt(n*p*q) ~ sqrt(len/256).
 200          * Normalizing by dividing by "n*p", we get a mean of 1 and
 201          * a standard deviation of sqrt(q/n*p) ~ 16/sqrt(len).
 202          *
 203          * We tolerate 5.73-sigma events (we have 256 not entirely
 204          * independent chances of skewed results).  Note, for example,
 205          * a 5.2-sigma event was observed in ~5,000 runs.
 206          */
 207         for (i = 0; i < 256; i++) {
 208             res = (slen / 16) * fabs(1.0 - 256 * (double)bytes[i] / len);
 209             if (res > 5.73)
 210                 errx(1, "byte %d: %.1f-sigma (%d of %d)",
 211                      (int) i, res, bytes[i], len);
 212             printf("byte %d: %f-sigma\n", (int)i, res);
 213         }
 214     }
 215
 216     free(buffer);
 217
 218     /* test write random file */
 219     {
 220         static const char *file = "test.file";
 221         if (RAND_write_file(file) != 1)
 222             errx(1, "RAND_write_file");
 223         if (RAND_load_file(file, 1024) != 1)
 224             errx(1, "RAND_load_file");
 225         unlink(file);
 226     }
 227
 228     return 0;
 229 }