mirror of
https://github.com/OpenVPN/openvpn3.git
synced 2024-09-19 19:52:15 +02:00
be3f20dc58
The need of having to call the assert_crypto() member function to ensure that a cryptographically strong RNG is used where needed, was reported as potentially insecure, since calling it manually can easily be missed. In the commit the two new classes StrongRandomAPI and WeakRandomAPI are introduced. They are to be used instead of just RandomAPI, unless it doesn't matter what strength the RNG is. All the places the assert_crypto() was called were converted to using StrongRandomAPI instead. Also the RNGs for which assert_crypto() was not throwing are now inheriting from StrongRandomAPI. Variable names, which have the StrongRandomAPI type, but were called prng, are changed to rng instead to follow the source code convention. Signed-off-by: Heiko Hund <heiko@openvpn.net>
72 lines
1.8 KiB
C++
72 lines
1.8 KiB
C++
#include <iostream>
|
|
#include "test_common.h"
|
|
|
|
#include <openvpn/random/randapi.hpp>
|
|
|
|
using namespace openvpn;
|
|
|
|
template <typename IntegralT>
|
|
class IntegralMin : public WeakRandomAPI
|
|
{
|
|
public:
|
|
OPENVPN_EXCEPTION(s_min_error);
|
|
|
|
typedef RCPtr<IntegralMin> Ptr;
|
|
|
|
// Random algorithm name
|
|
std::string name() const override
|
|
{
|
|
return "IntegralMin";
|
|
}
|
|
|
|
// Fill buffer with minimum value
|
|
void rand_bytes(unsigned char *buf, size_t size) override
|
|
{
|
|
if (!rand_bytes_noexcept(buf, size))
|
|
throw s_min_error("rand_bytes failed");
|
|
}
|
|
|
|
// Like rand_bytes, but don't throw exception.
|
|
// Return true on successs, false on fail.
|
|
bool rand_bytes_noexcept(unsigned char *buf, size_t size) override
|
|
{
|
|
if (size < sizeof(IntegralT))
|
|
return false;
|
|
IntegralT *int_ptr = reinterpret_cast<IntegralT *>(buf);
|
|
*int_ptr = std::numeric_limits<IntegralT>::min();
|
|
return true;
|
|
}
|
|
|
|
IntegralT get_result()
|
|
{
|
|
return rand_get_positive<IntegralT>();
|
|
}
|
|
};
|
|
|
|
template <typename IntegralT>
|
|
void randapi_signed_min_test(const std::string &test_name)
|
|
{
|
|
IntegralMin<IntegralT> s_min;
|
|
|
|
IntegralT result = s_min.get_result();
|
|
|
|
EXPECT_EQ(result, 0) << "fails for \"" << test_name << "\" test";
|
|
}
|
|
|
|
#define RANDAPI_SIGNED_MIN_TEST(test) \
|
|
do \
|
|
{ \
|
|
randapi_signed_min_test<test>(#test); \
|
|
} while (0)
|
|
|
|
|
|
TEST(misc, randapi_signed_min)
|
|
{
|
|
RANDAPI_SIGNED_MIN_TEST(signed char);
|
|
RANDAPI_SIGNED_MIN_TEST(unsigned char);
|
|
RANDAPI_SIGNED_MIN_TEST(int32_t);
|
|
RANDAPI_SIGNED_MIN_TEST(uint32_t);
|
|
RANDAPI_SIGNED_MIN_TEST(int64_t);
|
|
RANDAPI_SIGNED_MIN_TEST(uint64_t);
|
|
}
|