subsys/random: Add cryptographically secure random test cases

Updated tests/crypto/rand32/ to include cryptographic test cases. Added config file for rand32_ctr_drbg generator. Signed-off-by: David Leach <[email protected]>
bseazeng · Nov 5, 2019 · 1bb1b3e · 1bb1b3e
1 parent afdc63f
commit 1bb1b3e
Show file tree

Hide file tree

Showing 3 changed files with 53 additions and 3 deletions.
diff --git a/tests/crypto/rand32/prj_ctr_drbg.conf b/tests/crypto/rand32/prj_ctr_drbg.conf
@@ -0,0 +1,3 @@
+CONFIG_ZTEST=y
+CONFIG_LOG=y
+CONFIG_ENTROPY_GENERATOR=y
diff --git a/tests/crypto/rand32/src/main.c b/tests/crypto/rand32/src/main.c
@@ -32,6 +32,7 @@ void test_rand32(void)
 	u32_t gen, last_gen;
 	int rnd_cnt;
 	int equal_count = 0;
+	u32_t buf[N_VALUES];
 
 	/* Test early boot random number generation function */
 	last_gen = z_early_boot_rand32_get();
@@ -64,14 +65,55 @@ void test_rand32(void)
 		zassert_false((equal_count > N_VALUES / 2),
 		"random numbers returned same value with high probability");
 	}
+
+	printk("Generating bulk fill random numbers\n");
+	memset(buf, 0, sizeof(buf));
+	sys_rand_get((u8_t *)(&buf[0]), sizeof(buf));
+
+	for (rnd_cnt = 0; rnd_cnt < (N_VALUES - 1); rnd_cnt++) {
+		gen = buf[rnd_cnt];
+		if (gen == last_gen) {
+			equal_count++;
+		}
+		last_gen = gen;
+	}
+
+	if (equal_count > N_VALUES / 2) {
+		zassert_false((equal_count > N_VALUES / 2),
+		"random numbers returned same value with high probability");
+	}
+
+#if defined(CONFIG_CSPRING_ENABLED)
+
+	printk("Generating bulk fill cryptographically secure random numbers\n");
+
+	memset(buf, 0, sizeof(buf));
+	sys_csrand_get(buf, sizeof(buf));
+
+	for (rnd_cnt = 0; rnd_cnt < (N_VALUES - 1); rnd_cnt++) {
+		gen = buf[rnd_cnt];
+		if (gen == last_gen) {
+			equal_count++;
+		}
+		last_gen = gen;
+	}
+
+	if (equal_count > N_VALUES / 2) {
+		zassert_false((equal_count > N_VALUES / 2),
+		"random numbers returned same value with high probability");
+	}
+
+#else
+
+	printk("Cryptographically secure random number APIs not enabled\n");
+
+#endif /* CONFIG_CSPRING_ENABLED */
 }
 
 
 void test_main(void)
 {
-	ztest_test_suite(common_test,
-			 ztest_unit_test(test_rand32)
-			 );
+	ztest_test_suite(common_test, ztest_unit_test(test_rand32));
 
 	ztest_run_test_suite(common_test);
 }
diff --git a/tests/crypto/rand32/testcase.yaml b/tests/crypto/rand32/testcase.yaml
@@ -11,3 +11,8 @@ tests:
     filter: CONFIG_ENTROPY_HAS_DRIVER
     tags: crypto security
     min_ram: 16
+  crypto.rand32.random_ctr_drbg:
+    extra_args: CONF_FILE=prj_ctr_drbg.conf
+    filter: CONFIG_ENTROPY_HAS_DRIVER
+    tags: crypto security
+    min_ram: 16