[git] GCRYPT - branch, master, updated. libgcrypt-1.8.0-11-gdf1e221
by Werner Koch
cvs at cvs.gnupg.org
Wed Aug 2 18:57:08 CEST 2017
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU crypto library".
The branch, master has been updated
via df1e221b3012e96bbffbc7d5fd70836a9ae1cc19 (commit)
via 21d0f068a721c022f955084c28304934fd198c5e (commit)
via eea36574f37830a6a80b4fad884825e815b2912f (commit)
from 94a92a3db909aef0ebcc009c2d7f5a2663e99004 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit df1e221b3012e96bbffbc7d5fd70836a9ae1cc19
Author: Werner Koch <wk at gnupg.org>
Date: Wed Aug 2 18:45:51 2017 +0200
tests: Fix a printf glitch for a Windows test.
* tests/t-convert.c (check_formats): Fix print format glitch on
Windows.
* tests/t-ed25519.c: Typo fix.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/tests/t-convert.c b/tests/t-convert.c
index ec56677..121039c 100644
--- a/tests/t-convert.c
+++ b/tests/t-convert.c
@@ -435,7 +435,8 @@ check_formats (void)
if (gcry_mpi_cmp (a, b) || data[idx].a.stdlen != buflen)
{
fail ("error scanning value %d from %s: %s (%lu)\n",
- data[idx].value, "STD", "wrong result", buflen);
+ data[idx].value, "STD", "wrong result",
+ (long unsigned int)buflen);
showmpi ("expected:", a);
showmpi (" got:", b);
}
@@ -452,7 +453,8 @@ check_formats (void)
if (gcry_mpi_cmp (a, b) || data[idx].a.sshlen != buflen)
{
fail ("error scanning value %d from %s: %s (%lu)\n",
- data[idx].value, "SSH", "wrong result", buflen);
+ data[idx].value, "SSH", "wrong result",
+ (long unsigned int)buflen);
showmpi ("expected:", a);
showmpi (" got:", b);
}
@@ -471,7 +473,8 @@ check_formats (void)
if (gcry_mpi_cmp (a, b) || data[idx].a.usglen != buflen)
{
fail ("error scanning value %d from %s: %s (%lu)\n",
- data[idx].value, "USG", "wrong result", buflen);
+ data[idx].value, "USG", "wrong result",
+ (long unsigned int)buflen);
showmpi ("expected:", a);
showmpi (" got:", b);
}
@@ -492,7 +495,8 @@ check_formats (void)
if (gcry_mpi_cmp (a, b) || data[idx].a.pgplen != buflen)
{
fail ("error scanning value %d from %s: %s (%lu)\n",
- data[idx].value, "PGP", "wrong result", buflen);
+ data[idx].value, "PGP", "wrong result",
+ (long unsigned int)buflen);
showmpi ("expected:", a);
showmpi (" got:", b);
}
diff --git a/tests/t-ed25519.c b/tests/t-ed25519.c
index 2f59a89..73628a8 100644
--- a/tests/t-ed25519.c
+++ b/tests/t-ed25519.c
@@ -74,7 +74,7 @@ show_sexp (const char *prefix, gcry_sexp_t a)
/* Prepend FNAME with the srcdir environment variable's value and
- retrun an allocated filename. */
+ * return an allocated filename. */
char *
prepend_srcdir (const char *fname)
{
commit 21d0f068a721c022f955084c28304934fd198c5e
Author: Werner Koch <wk at gnupg.org>
Date: Wed Aug 2 18:44:14 2017 +0200
tests: Add benchmarking option to tests/random.
* tests/random.c: Always include unistd.h.
(prepend_srcdir): New.
(run_benchmark): New.
(main): Add options --benchmark and --with-seed-file. Print whetehr
JENT has been used.
* tests/t-common.h (split_fields_colon): New. Taken from GnuPG.
License of that code changed to LGPLv2.1.
--
Running these tests on a KVM hosted Windows Vista using a statically
compiled tests/random and modifying the extra random added in
read_seed_file gave these results:
| Seed | Jent | Bytes | Bits | Time (ms) |
|------+------+-------+------+------------|
| yes | yes | 32 | 256 | 46 .. 62 |
| yes | yes | 64 | 512 | 62 .. 78 |
| yes | yes | 128 | 1024 | 78 .. 93 |
| yes | yes | 256 | 2048 | 124 .. 156 |
| yes | yes | 384 | 3072 | 171 .. 202 |
| yes | yes | 512 | 4096 | 234 .. 249 |
| yes | no | 32 | 256 | 15 .. 31 |
| yes | no | 64 | 512 | 15 .. 31 |
| yes | no | 128 | 1024 | 15 |
| no | yes | - | - | 78 .. 93 |
| no | no | - | - | 15 |
Seed: Whether a seed file is used.
Jent: Whether JENT was working.
Bytes: The number bytes mixed into the pool after reading
the seed file.
Bits: 8 * Bytes
Time: Measured time including the time to read the seed file.
Mimimun and maximum values are given. Granularity of
the used timer is quite large.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/tests/random.c b/tests/random.c
index 8a85429..2f48323 100644
--- a/tests/random.c
+++ b/tests/random.c
@@ -24,18 +24,41 @@
#include <string.h>
#include <stdlib.h>
#include <errno.h>
+#include <unistd.h>
#ifndef HAVE_W32_SYSTEM
# include <signal.h>
-# include <unistd.h>
# include <sys/wait.h>
#endif
+#include "stopwatch.h"
+
+
#define PGM "random"
+#define NEED_EXTRA_TEST_SUPPORT 1
#include "t-common.h"
static int with_progress;
+/* Prepend FNAME with the srcdir environment variable's value and
+ * return an allocated filename. */
+static char *
+prepend_srcdir (const char *fname)
+{
+ static const char *srcdir;
+ char *result;
+
+ if (!srcdir && !(srcdir = getenv ("srcdir")))
+ srcdir = ".";
+
+ result = xmalloc (strlen (srcdir) + 1 + strlen (fname) + 1);
+ strcpy (result, srcdir);
+ strcat (result, "/");
+ strcat (result, fname);
+ return result;
+}
+
+
static void
print_hex (const char *text, const void *buf, size_t n)
{
@@ -537,12 +560,43 @@ run_all_rng_tests (const char *program)
free (cmdline);
}
+
+static void
+run_benchmark (void)
+{
+ char rndbuf[32];
+ int i, j;
+
+ if (verbose)
+ info ("benchmarking GCRY_STRONG_RANDOM (/dev/urandom)\n");
+
+ start_timer ();
+ gcry_randomize (rndbuf, sizeof rndbuf, GCRY_STRONG_RANDOM);
+ stop_timer ();
+
+ info ("getting first 256 bits: %s", elapsed_time (1));
+
+ for (j=0; j < 5; j++)
+ {
+ start_timer ();
+ for (i=0; i < 100; i++)
+ gcry_randomize (rndbuf, sizeof rndbuf, GCRY_STRONG_RANDOM);
+ stop_timer ();
+
+ info ("100 calls of 256 bits each: %s", elapsed_time (100));
+ }
+
+}
+
+
int
main (int argc, char **argv)
{
int last_argc = -1;
int early_rng = 0;
int in_recursion = 0;
+ int benchmark = 0;
+ int with_seed_file = 0;
const char *program = NULL;
if (argc)
@@ -586,16 +640,27 @@ main (int argc, char **argv)
in_recursion = 1;
argc--; argv++;
}
+ else if (!strcmp (*argv, "--benchmark"))
+ {
+ benchmark = 1;
+ argc--; argv++;
+ }
else if (!strcmp (*argv, "--early-rng-check"))
{
early_rng = 1;
argc--; argv++;
}
+ else if (!strcmp (*argv, "--with-seed-file"))
+ {
+ with_seed_file = 1;
+ argc--; argv++;
+ }
else if (!strcmp (*argv, "--prefer-standard-rng"))
{
/* This is anyway the default, but we may want to use it for
debugging. */
- xgcry_control (GCRYCTL_SET_PREFERRED_RNG_TYPE, GCRY_RNG_TYPE_STANDARD);
+ xgcry_control (GCRYCTL_SET_PREFERRED_RNG_TYPE,
+ GCRY_RNG_TYPE_STANDARD);
argc--; argv++;
}
else if (!strcmp (*argv, "--prefer-fips-rng"))
@@ -608,12 +673,27 @@ main (int argc, char **argv)
xgcry_control (GCRYCTL_SET_PREFERRED_RNG_TYPE, GCRY_RNG_TYPE_SYSTEM);
argc--; argv++;
}
+ else if (!strcmp (*argv, "--disable-hwf"))
+ {
+ argc--;
+ argv++;
+ if (argc)
+ {
+ if (gcry_control (GCRYCTL_DISABLE_HWF, *argv, NULL))
+ die ("unknown hardware feature `%s'\n", *argv);
+ argc--;
+ argv++;
+ }
+ }
}
#ifndef HAVE_W32_SYSTEM
signal (SIGPIPE, SIG_IGN);
#endif
+ if (benchmark && !verbose)
+ verbose = 1;
+
if (early_rng)
{
/* Don't switch RNG in fips mode. */
@@ -628,11 +708,25 @@ main (int argc, char **argv)
if (with_progress)
gcry_set_progress_handler (progress_cb, NULL);
+ if (with_seed_file)
+ {
+ char *fname = prepend_srcdir ("random.seed");
+
+ if (access (fname, F_OK))
+ info ("random seed file '%s' not found\n", fname);
+ gcry_control (GCRYCTL_SET_RANDOM_SEED_FILE, fname);
+ xfree (fname);
+ }
+
xgcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
if (debug)
xgcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u, 0);
- if (!in_recursion)
+ if (benchmark)
+ {
+ run_benchmark ();
+ }
+ else if (!in_recursion)
{
check_forking ();
check_nonce_forking ();
@@ -640,16 +734,31 @@ main (int argc, char **argv)
}
/* For now we do not run the drgb_reinit check from "make check" due
to its high requirement for entropy. */
- if (!getenv ("GCRYPT_IN_REGRESSION_TEST"))
+ if (!benchmark && !getenv ("GCRYPT_IN_REGRESSION_TEST"))
check_drbg_reinit ();
/* Don't switch RNG in fips mode. */
- if (!gcry_fips_mode_active())
+ if (!benchmark && !gcry_fips_mode_active())
check_rng_type_switching ();
- if (!in_recursion)
+ if (!in_recursion && !benchmark)
run_all_rng_tests (program);
+ /* Print this info last so that it does not influence the
+ * initialization and thus the benchmarking. */
+ if (!in_recursion && verbose)
+ {
+ char *buf;
+ char *fields[5];
+
+ buf = gcry_get_config (0, "rng-type");
+ if (buf
+ && split_fields_colon (buf, fields, DIM (fields)) >= 5
+ && atoi (fields[4]) > 0)
+ info ("The JENT RNG was active\n");
+ gcry_free (buf);
+ }
+
if (debug)
xgcry_control (GCRYCTL_DUMP_RANDOM_STATS);
diff --git a/tests/t-common.h b/tests/t-common.h
index 8466ac1..2040f09 100644
--- a/tests/t-common.h
+++ b/tests/t-common.h
@@ -158,3 +158,41 @@ info (const char *format, ...)
die ("line %d: gcry_control (%s) failed: %s", \
__LINE__, #cmd, gcry_strerror (err__)); \
} while (0)
+
+
+/* Split a string into colon delimited fields A pointer to each field
+ * is stored in ARRAY. Stop splitting at ARRAYSIZE fields. The
+ * function modifies STRING. The number of parsed fields is returned.
+ * Note that leading and trailing spaces are not removed from the fields.
+ * Example:
+ *
+ * char *fields[2];
+ * if (split_fields (string, fields, DIM (fields)) < 2)
+ * return // Not enough args.
+ * foo (fields[0]);
+ * foo (fields[1]);
+ */
+#ifdef NEED_EXTRA_TEST_SUPPORT
+static int
+split_fields_colon (char *string, char **array, int arraysize)
+{
+ int n = 0;
+ char *p, *pend;
+
+ p = string;
+ do
+ {
+ if (n == arraysize)
+ break;
+ array[n++] = p;
+ pend = strchr (p, ':');
+ if (!pend)
+ break;
+ *pend++ = 0;
+ p = pend;
+ }
+ while (*p);
+
+ return n;
+}
+#endif /*NEED_EXTRA_TEST_SUPPORT*/
commit eea36574f37830a6a80b4fad884825e815b2912f
Author: Werner Koch <wk at gnupg.org>
Date: Fri Jul 28 15:31:03 2017 +0200
random: Add more bytes to the pool in addition to the seed file.
* random/random-csprng.c (read_seed_file): Read 128 or 32 butes
depending on whether we have the Jitter RNG.
--
These are actually 3 changes:
- We use GCRY_STRONG_RANDOM instead GCRY_WEAK_RANDOM, which we used
for historical reasons. However the entropy gather modules handle
both identical; that is reading from /dev/urandom. Only
GCRY_VERY_STRONG_RANDOM would use a blocking read from /dev/random.
- We increase the number of extra buts from 128 or 256.
- If the Jitter RNG is available we assume that a fast entropy source
is available and thus we read 4 times more entropy (1024 bits).
Note that on Windows GnuPG tests in DE-VS mode that the Jitter RNG is
available and properly working. Thus we will add 1024 bits in
addition to the state read from the seed file.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/random/random-csprng.c b/random/random-csprng.c
index 5a771c2..650c438 100644
--- a/random/random-csprng.c
+++ b/random/random-csprng.c
@@ -717,12 +717,12 @@ lock_seed_file (int fd, const char *fname, int for_write)
out the same pool and then race for updating it (the last update
overwrites earlier updates). They will differentiate only by the
weak entropy that is added in read_seed_file based on the PID and
- clock, and up to 16 bytes of weak random non-blockingly. The
+ clock, and up to 32 bytes from a non-blocking entropy source. The
consequence is that the output of these different instances is
correlated to some extent. In the perfect scenario, the attacker
can control (or at least guess) the PID and clock of the
application, and drain the system's entropy pool to reduce the "up
- to 16 bytes" above to 0. Then the dependencies of the initial
+ to 32 bytes" above to 0. Then the dependencies of the initial
states of the pools are completely known. */
static int
read_seed_file (void)
@@ -814,12 +814,16 @@ read_seed_file (void)
add_randomness( &x, sizeof(x), RANDOM_ORIGIN_INIT );
}
- /* And read a few bytes from our entropy source. By using a level
- * of 0 this will not block and might not return anything with some
- * entropy drivers, however the rndlinux driver will use
- * /dev/urandom and return some stuff - Do not read too much as we
- * want to be friendly to the scare system entropy resource. */
- read_random_source ( RANDOM_ORIGIN_INIT, 16, GCRY_WEAK_RANDOM );
+ /* And read a few bytes from our entropy source. If we have the
+ * Jitter RNG we can fast get a lot of entropy. Thus we read 1024
+ * bits from that source.
+ *
+ * Without the Jitter RNG we keep the old method of reading only a
+ * few bytes usually from /dev/urandom which won't block. */
+ if (_gcry_rndjent_get_version (NULL))
+ read_random_source (RANDOM_ORIGIN_INIT, 128, GCRY_STRONG_RANDOM);
+ else
+ read_random_source (RANDOM_ORIGIN_INIT, 32, GCRY_STRONG_RANDOM);
allow_seed_file_update = 1;
return 1;
-----------------------------------------------------------------------
Summary of changes:
random/random-csprng.c | 20 ++++----
tests/random.c | 121 ++++++++++++++++++++++++++++++++++++++++++++++---
tests/t-common.h | 38 ++++++++++++++++
tests/t-convert.c | 12 +++--
tests/t-ed25519.c | 2 +-
5 files changed, 174 insertions(+), 19 deletions(-)
hooks/post-receive
--
The GNU crypto library
http://git.gnupg.org
_______________________________________________
Gnupg-commits mailing list
Gnupg-commits at gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-commits
More information about the Gcrypt-devel
mailing list