1 # -*- coding: utf-8 -*-
3 # SelfTest/Random/Fortuna/test_FortunaAccumulator.py: Self-test for the FortunaAccumulator module
5 # =======================================================================
6 # Copyright (C) 2008 Dwayne C. Litzenberger <dlitz@dlitz.net>
8 # Permission is hereby granted, free of charge, to any person obtaining
9 # a copy of this software and associated documentation files (the
10 # "Software"), to deal in the Software without restriction, including
11 # without limitation the rights to use, copy, modify, merge, publish,
12 # distribute, sublicense, and/or sell copies of the Software, and to
13 # permit persons to whom the Software is furnished to do so.
15 # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
16 # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
17 # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
18 # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
19 # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
20 # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
21 # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
22 # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
23 # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
25 # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 # =======================================================================
29 """Self-tests for CryptoPlus.Random.Fortuna.FortunaAccumulator"""
33 from CryptoPlus
.Util
.python_compat
import *
36 from binascii
import b2a_hex
38 class FortunaAccumulatorTests(unittest
.TestCase
):
40 global FortunaAccumulator
41 from CryptoPlus
.Random
.Fortuna
import FortunaAccumulator
43 def test_FortunaPool(self
):
44 """FortunaAccumulator.FortunaPool"""
45 pool
= FortunaAccumulator
.FortunaPool()
46 self
.assertEqual(0, pool
.length
)
47 self
.assertEqual("5df6e0e2761359d30a8275058e299fcc0381534545f55cf43e41983f5d4c9456", pool
.hexdigest())
51 self
.assertEqual(3, pool
.length
)
52 self
.assertEqual("4f8b42c22dd3729b519ba6f68d2da7cc5b2d606d05daed5ad5128cc03e6c6358", pool
.hexdigest())
54 pool
.append("dbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq")
56 self
.assertEqual(56, pool
.length
)
57 self
.assertEqual("0cffe17f68954dac3a84fb1458bd5ec99209449749b2b308b7cb55812f9563af", b2a_hex(pool
.digest()))
61 self
.assertEqual(0, pool
.length
)
63 pool
.append("a" * 10**6)
65 self
.assertEqual(10**6, pool
.length
)
66 self
.assertEqual("80d1189477563e1b5206b2749f1afe4807e5705e8bd77887a60187a712156688", b2a_hex(pool
.digest()))
68 def test_which_pools(self
):
69 """FortunaAccumulator.which_pools"""
71 # which_pools(0) should fail
72 self
.assertRaises(AssertionError, FortunaAccumulator
.which_pools
, 0)
74 self
.assertEqual(FortunaAccumulator
.which_pools(1), [0])
75 self
.assertEqual(FortunaAccumulator
.which_pools(2), [0, 1])
76 self
.assertEqual(FortunaAccumulator
.which_pools(3), [0])
77 self
.assertEqual(FortunaAccumulator
.which_pools(4), [0, 1, 2])
78 self
.assertEqual(FortunaAccumulator
.which_pools(5), [0])
79 self
.assertEqual(FortunaAccumulator
.which_pools(6), [0, 1])
80 self
.assertEqual(FortunaAccumulator
.which_pools(7), [0])
81 self
.assertEqual(FortunaAccumulator
.which_pools(8), [0, 1, 2, 3])
82 for i
in range(1, 32):
83 self
.assertEqual(FortunaAccumulator
.which_pools(2L**i
-1), [0])
84 self
.assertEqual(FortunaAccumulator
.which_pools(2L**i
), range(i
+1))
85 self
.assertEqual(FortunaAccumulator
.which_pools(2L**i
+1), [0])
86 self
.assertEqual(FortunaAccumulator
.which_pools(2L**31), range(32))
87 self
.assertEqual(FortunaAccumulator
.which_pools(2L**32), range(32))
88 self
.assertEqual(FortunaAccumulator
.which_pools(2L**33), range(32))
89 self
.assertEqual(FortunaAccumulator
.which_pools(2L**34), range(32))
90 self
.assertEqual(FortunaAccumulator
.which_pools(2L**35), range(32))
91 self
.assertEqual(FortunaAccumulator
.which_pools(2L**36), range(32))
92 self
.assertEqual(FortunaAccumulator
.which_pools(2L**64), range(32))
93 self
.assertEqual(FortunaAccumulator
.which_pools(2L**128), range(32))
95 def test_accumulator(self
):
96 """FortunaAccumulator.FortunaAccumulator"""
97 fa
= FortunaAccumulator
.FortunaAccumulator()
99 # This should fail, because we haven't seeded the PRNG yet
100 self
.assertRaises(AssertionError, fa
.random_data
, 1)
102 # Spread some test data across the pools (source number 42)
103 # This would be horribly insecure in a real system.
105 fa
.add_random_event(42, p
, "X" * 32)
106 self
.assertEqual(32+2, fa
.pools
[p
].length
)
108 # This should still fail, because we haven't seeded the PRNG with 64 bytes yet
109 self
.assertRaises(AssertionError, fa
.random_data
, 1)
113 fa
.add_random_event(42, p
, "X" * 32)
114 self
.assertEqual((32+2)*2, fa
.pools
[p
].length
)
116 # The underlying RandomGenerator should get seeded with Pool 0
117 # s = SHAd256(chr(42) + chr(32) + "X"*32 + chr(42) + chr(32) + "X"*32)
118 # = SHA256(h'edd546f057b389155a31c32e3975e736c1dec030ddebb137014ecbfb32ed8c6f')
119 # = h'aef42a5dcbddab67e8efa118e1b47fde5d697f89beb971b99e6e8e5e89fbf064'
120 # The counter and the key before reseeding is:
123 # The counter after reseeding is 1, and the new key after reseeding is
125 # K_1 = SHAd256(K_0 || s)
126 # = SHA256(h'0eae3e401389fab86640327ac919ecfcb067359d95469e18995ca889abc119a6')
127 # = h'aafe9d0409fbaaafeb0a1f2ef2014a20953349d3c1c6e6e3b962953bea6184dd'
128 # The first block of random data, therefore, is
129 # r_1 = AES-256(K_1, 1)
130 # = AES-256(K_1, h'01000000000000000000000000000000')
131 # = h'b7b86bd9a27d96d7bb4add1b6b10d157'
132 # The second block of random data is
133 # r_2 = AES-256(K_1, 2)
134 # = AES-256(K_1, h'02000000000000000000000000000000')
135 # = h'2350b1c61253db2f8da233be726dc15f'
136 # The third and fourth blocks of random data (which become the new key) are
137 # r_3 = AES-256(K_1, 3)
138 # = AES-256(K_1, h'03000000000000000000000000000000')
139 # = h'f23ad749f33066ff53d307914fbf5b21'
140 # r_4 = AES-256(K_1, 4)
141 # = AES-256(K_1, h'04000000000000000000000000000000')
142 # = h'da9667c7e86ba247655c9490e9d94a7c'
144 # = h'f23ad749f33066ff53d307914fbf5b21da9667c7e86ba247655c9490e9d94a7c'
145 # The final counter value is 5.
146 self
.assertEqual("aef42a5dcbddab67e8efa118e1b47fde5d697f89beb971b99e6e8e5e89fbf064",
147 fa
.pools
[0].hexdigest())
148 self
.assertEqual(None, fa
.generator
.key
)
149 self
.assertEqual(0, fa
.generator
.counter
.get_value())
151 result
= fa
.random_data(32)
153 self
.assertEqual("b7b86bd9a27d96d7bb4add1b6b10d157" "2350b1c61253db2f8da233be726dc15f", b2a_hex(result
))
154 self
.assertEqual("f23ad749f33066ff53d307914fbf5b21da9667c7e86ba247655c9490e9d94a7c", b2a_hex(fa
.generator
.key
))
155 self
.assertEqual(5, fa
.generator
.counter
.get_value())
157 def test_accumulator_pool_length(self
):
158 """FortunaAccumulator.FortunaAccumulator minimum pool length"""
159 fa
= FortunaAccumulator
.FortunaAccumulator()
161 # This test case is hard-coded to assume that FortunaAccumulator.min_pool_size is 64.
162 self
.assertEqual(fa
.min_pool_size
, 64)
164 # The PRNG should not allow us to get random data from it yet
165 self
.assertRaises(AssertionError, fa
.random_data
, 1)
167 # Add 60 bytes, 4 at a time (2 header + 2 payload) to each of the 32 pools
170 # Add the bytes to the pool
171 fa
.add_random_event(2, p
, "XX")
173 # The PRNG should not allow us to get random data from it yet
174 self
.assertRaises(AssertionError, fa
.random_data
, 1)
176 # Add 4 more bytes to pool 0
177 fa
.add_random_event(2, 0, "XX")
179 # We should now be able to get data from the accumulator
183 from CryptoPlus
.SelfTest
.st_common
import list_test_cases
184 return list_test_cases(FortunaAccumulatorTests
)
186 if __name__
== '__main__':
187 suite
= lambda: unittest
.TestSuite(get_tests())
188 unittest
.main(defaultTest
='suite')
190 # vim:set ts=4 sw=4 sts=4 expandtab: