xref: /src/crypto/openssl/test/rdcpu_sanitytest.c (revision f25b8c9fb4f58cf61adb47d7570abe7caa6d385d) 
1 /*
2  * Copyright 2018-2022 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the Apache License 2.0 (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9 
10 #include <stdio.h>
11 #include <stdlib.h>
12 #include <string.h>
13 #include "testutil.h"
14 #include "internal/cryptlib.h"
15 
16 #if (defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) || defined(_M_X64)) && defined(OPENSSL_CPUID_OBJ)
17 #define IS_X_86 1
18 size_t OPENSSL_ia32_rdrand_bytes(unsigned char *buf, size_t len);
19 size_t OPENSSL_ia32_rdseed_bytes(unsigned char *buf, size_t len);
20 #else
21 #define IS_X_86 0
22 #endif
23 
24 #if defined(__aarch64__) && defined(OPENSSL_CPUID_OBJ)
25 #define IS_AARCH_64 1
26 #include "arm_arch.h"
27 
28 size_t OPENSSL_rndr_bytes(unsigned char *buf, size_t len);
29 size_t OPENSSL_rndrrs_bytes(unsigned char *buf, size_t len);
30 #else
31 #define IS_AARCH_64 0
32 #endif
33 
34 #if (IS_X_86 || IS_AARCH_64)
sanity_check_bytes(size_t (* rng)(unsigned char *,size_t),int rounds,int min_failures,int max_retries,int max_zero_words)35 static int sanity_check_bytes(size_t (*rng)(unsigned char *, size_t),
36     int rounds, int min_failures, int max_retries, int max_zero_words)
37 {
38     int testresult = 0;
39     unsigned char prior[31] = { 0 }, buf[31] = { 0 }, check[7];
40     int failures = 0, zero_words = 0;
41 
42     int i;
43     for (i = 0; i < rounds; i++) {
44         size_t generated = 0;
45 
46         int retry;
47         for (retry = 0; retry < max_retries; retry++) {
48             generated = rng(buf, sizeof(buf));
49             if (generated == sizeof(buf))
50                 break;
51             failures++;
52         }
53 
54         /*-
55          * Verify that we don't have too many unexpected runs of zeroes,
56          * implying that we might be accidentally using the 32-bit RDRAND
57          * instead of the 64-bit one on 64-bit systems.
58          */
59         size_t j;
60         for (j = 0; j < sizeof(buf) - 1; j++) {
61             if (buf[j] == 0 && buf[j + 1] == 0) {
62                 zero_words++;
63             }
64         }
65 
66         if (!TEST_int_eq(generated, sizeof(buf)))
67             goto end;
68         if (!TEST_false(!memcmp(prior, buf, sizeof(buf))))
69             goto end;
70 
71         /* Verify that the last 7 bytes of buf aren't all the same value */
72         unsigned char *tail = &buf[sizeof(buf) - sizeof(check)];
73         memset(check, tail[0], 7);
74         if (!TEST_false(!memcmp(check, tail, sizeof(check))))
75             goto end;
76 
77         /* Save the result and make sure it's different next time */
78         memcpy(prior, buf, sizeof(buf));
79     }
80 
81     if (!TEST_int_le(zero_words, max_zero_words))
82         goto end;
83 
84     if (!TEST_int_ge(failures, min_failures))
85         goto end;
86 
87     testresult = 1;
88 end:
89     return testresult;
90 }
91 #endif
92 
93 #if IS_X_86
sanity_check_rdrand_bytes(void)94 static int sanity_check_rdrand_bytes(void)
95 {
96     return sanity_check_bytes(OPENSSL_ia32_rdrand_bytes, 1000, 0, 10, 10);
97 }
98 
sanity_check_rdseed_bytes(void)99 static int sanity_check_rdseed_bytes(void)
100 {
101     /*-
102      * RDSEED may take many retries to succeed; note that this is effectively
103      * multiplied by the 8x retry loop in asm, and failure probabilities are
104      * increased by the fact that we need either 4 or 8 samples depending on
105      * the platform.
106      */
107     return sanity_check_bytes(OPENSSL_ia32_rdseed_bytes, 1000, 1, 10000, 10);
108 }
109 #elif IS_AARCH_64
sanity_check_rndr_bytes(void)110 static int sanity_check_rndr_bytes(void)
111 {
112     return sanity_check_bytes(OPENSSL_rndr_bytes, 1000, 0, 10, 10);
113 }
114 
sanity_check_rndrrs_bytes(void)115 static int sanity_check_rndrrs_bytes(void)
116 {
117     return sanity_check_bytes(OPENSSL_rndrrs_bytes, 1000, 0, 10000, 10);
118 }
119 #endif
120 
setup_tests(void)121 int setup_tests(void)
122 {
123 #if (IS_X_86 || IS_AARCH_64)
124     OPENSSL_cpuid_setup();
125 
126 #if IS_X_86
127     int have_rdseed = (OPENSSL_ia32cap_P[2] & (1 << 18)) != 0;
128     int have_rdrand = (OPENSSL_ia32cap_P[1] & (1 << (62 - 32))) != 0;
129 
130     if (have_rdrand) {
131         ADD_TEST(sanity_check_rdrand_bytes);
132     }
133 
134     if (have_rdseed) {
135         ADD_TEST(sanity_check_rdseed_bytes);
136     }
137 #elif IS_AARCH_64
138     int have_rndr_rndrrs = (OPENSSL_armcap_P & (1 << 8)) != 0;
139 
140     if (have_rndr_rndrrs) {
141         ADD_TEST(sanity_check_rndr_bytes);
142         ADD_TEST(sanity_check_rndrrs_bytes);
143     }
144 #endif
145 #endif
146 
147     return 1;
148 }
149