jdk-sandbox: jdk/test/sun/security/provider/SecureRandom/DrbgCavp.java@cd841af7dcd0 (annotated)

37796 256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	1	/*
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	2	* Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	4	*
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	7	* published by the Free Software Foundation.
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	8	*
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	9	* This code is distributed in the hope that it will be useful, but WITHOUT
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	10	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	11	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	12	* version 2 for more details (a copy is included in the LICENSE file that
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	13	* accompanied this code).
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	14	*
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	15	* You should have received a copy of the GNU General Public License version
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	16	* 2 along with this work; if not, write to the Free Software Foundation,
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	17	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	18	*
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	19	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	20	* or visit www.oracle.com if you need additional information or have any
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	21	* questions.
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	22	*/
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	23
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	24	import sun.security.provider.EntropySource;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	25	import sun.security.provider.MoreDrbgParameters;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	26
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	27	import javax.crypto.Cipher;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	28	import java.io.BufferedReader;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	29	import java.io.ByteArrayOutputStream;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	30	import java.io.File;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	31	import java.io.InputStream;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	32	import java.io.InputStreamReader;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	33	import java.io.PrintStream;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	34	import java.lang.*;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	35	import java.security.NoSuchAlgorithmException;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	36	import java.security.SecureRandom;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	37	import java.security.DrbgParameters;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	38	import java.util.ArrayDeque;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	39	import java.util.Arrays;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	40	import java.util.Queue;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	41	import java.util.stream.Stream;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	42	import java.util.zip.ZipEntry;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	43	import java.util.zip.ZipFile;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	44	import java.util.zip.ZipInputStream;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	45
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	46	import static java.security.DrbgParameters.Capability.*;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	47
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	48	/**
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	49	* The Known-output DRBG test. The test vector can be obtained from
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	50	* http://csrc.nist.gov/groups/STM/cavp/documents/drbg/drbgtestvectors.zip.
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	51	*
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	52	* Manually run this test with
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	53	*
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	54	* java DrbgCavp drbgtestvectors.zip
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	55	*
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	56	*/
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	57	public class DrbgCavp {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	58
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	59	// the current nonce
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	60	private static byte[] nonce;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	61
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	62	// A buffer to store test materials for the current call and
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	63	// can be printed out of an error occurs.
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	64	private static ByteArrayOutputStream bout = new ByteArrayOutputStream();
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	65
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	66	// Save err for restoring
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	67	private static PrintStream err = System.err;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	68
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	69	private static final int AES_LIMIT;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	70
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	71	static {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	72	try {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	73	AES_LIMIT = Cipher.getMaxAllowedKeyLength("AES");
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	74	} catch (Exception e) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	75	// should not happen
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	76	throw new AssertionError("Cannot detect AES");
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	77	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	78	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	79
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	80	public static void main(String[] args) throws Exception {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	81
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	82	if (args.length != 1) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	83	System.out.println("Usage: java DrbgCavp drbgtestvectors.zip");
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	84	return;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	85	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	86	File tv = new File(args[0]);
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	87
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	88	EntropySource es = new TestEntropySource();
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	89	System.setErr(new PrintStream(bout));
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	90
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	91	// The testsuite is a zip file containing more zip files for different
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	92	// working modes. Each internal zip file contains test materials for
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	93	// different mechanisms.
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	94
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	95	try (ZipFile zf = new ZipFile(tv)) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	96	String[] modes = {"no_reseed", "pr_false", "pr_true"};
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	97	for (String mode : modes) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	98	try (ZipInputStream zis = new ZipInputStream(zf.getInputStream(
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	99	zf.getEntry("drbgvectors_" + mode + ".zip")))) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	100	while (true) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	101	ZipEntry ze = zis.getNextEntry();
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	102	if (ze == null) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	103	break;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	104	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	105	String fname = ze.getName();
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	106	if (fname.equals("Hash_DRBG.txt")
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	107	\|\| fname.equals("HMAC_DRBG.txt")
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	108	\|\| fname.equals("CTR_DRBG.txt")) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	109	String algorithm
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	110	= fname.substring(0, fname.length() - 4);
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	111	test(mode, algorithm, es, zis);
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	112	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	113	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	114	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	115	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	116	} finally {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	117	System.setErr(err);
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	118	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	119	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	120
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	121	/**
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	122	* A special entropy source you can set entropy input at will.
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	123	*/
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	124	private static class TestEntropySource implements EntropySource {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	125
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	126	private static Queue<byte[]> data = new ArrayDeque<>();
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	127
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	128	@Override
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	129	public byte[] getEntropy(int minEntropy, int minLength,
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	130	int maxLength, boolean pr) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	131	byte[] result = data.poll();
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	132	if (result == null
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	133	\|\| result.length < minLength
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	134	\|\| result.length > maxLength) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	135	throw new RuntimeException("Invalid entropy: " +
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	136	"need [" + minLength + ", " + maxLength + "], " +
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	137	(result == null ? "none" : "has " + result.length));
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	138	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	139	return result;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	140	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	141
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	142	private static void setEntropy(byte[] input) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	143	data.offer(input);
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	144	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	145
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	146	private static void clearEntropy() {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	147	data.clear();
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	148	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	149	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	150
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	151	/**
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	152	* The test.
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	153	*
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	154	* // Algorithm line, might contain usedf flag
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	155	* [AES-128 use df]
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	156	* // Ignored, use mode argument
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	157	* [PredictionResistance = True]
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	158	* // Ignored, just read EntropyInput
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	159	* [EntropyInputLen = 128]
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	160	* // Ignored, just read Nonce
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	161	* [NonceLen = 64]
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	162	* // Ignored, just read PersonalizationString
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	163	* [PersonalizationStringLen = 128]
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	164	* // Ignored, just read AdditionalInput
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	165	* [AdditionalInputLen = 128]
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	166	* // Used to allocate buffer for nextBytes() call
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	167	* [ReturnedBitsLen = 512]
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	168	*
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	169	* // A sign we can ignore old unused entropy input
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	170	* COUNT = 0
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	171	*
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	172	* // Instantiate
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	173	* EntropyInput = 92898f...
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	174	* Nonce = c2a4d9...
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	175	* PersonalizationString = ea65ee... // Enough to call getInstance()
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	176	*
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	177	* // Reseed
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	178	* EntropyInputReseed = bfd503...
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	179	* AdditionalInputReseed = 009e0b... // Enough to call reseed()
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	180	*
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	181	* // Generation
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	182	* AdditionalInput = 1a40fa.... // Enough to call nextBytes() for PR off
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	183	* EntropyInputPR = 20728a... // Enough to call nextBytes() for PR on
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	184	* ReturnedBits = 5a3539... // Compare this to last nextBytes() output
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	185	*
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	186	* @param mode one of "no_reseed", "pr_false", "pr_true"
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	187	* @param mech one of "Hash_DRBG", "HMAC_DRBG", "CTR_DRBG"
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	188	* @param es our own entropy source
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	189	* @param is test material
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	190	*/
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	191	private static void test(String mode, String mech, EntropySource es,
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	192	InputStream is) throws Exception {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	193
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	194	SecureRandom hd = null;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	195
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	196	// Expected output length in bits as in [ReturnedBitsLen]
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	197	int outLen = 0;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	198
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	199	// DRBG algorithm as in the algorithm line
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	200	String algorithm = null;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	201
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	202	// When CTR_DRBG uses a derivation function as in the algorithm line
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	203	boolean usedf = false;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	204
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	205	// Additional input as in "AdditionalInput"
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	206	byte[] additional = null;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	207
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	208	// Random bits generated
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	209	byte[] output = null;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	210
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	211	// Prediction resistance flag, determined by mode
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	212	boolean isPr = false;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	213
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	214	StringBuilder sb = new StringBuilder();
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	215
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	216	int lineno = 0;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	217
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	218	System.out.println(mode + "/" + mech);
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	219
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	220	try (Stream<String> lines =
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	221	new BufferedReader(new InputStreamReader(is)).lines()) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	222	for (String s: (Iterable<String>) lines::iterator) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	223	lineno++;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	224	err.print(hd == null ? '-' : '*');
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	225	Line l = new Line(s);
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	226	if (l.key.contains("no df") \|\| l.key.contains("use df") \|\|
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	227	l.key.startsWith("SHA-")) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	228	sb = new StringBuilder();
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	229	bout.reset();
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	230	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	231	sb.append(String.format(
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	232	"%9s %4s %5d %s\n", mode, mech, lineno, s));
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	233	switch (l.key) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	234	case "3KeyTDEA no df":
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	235	case "AES-128 no df":
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	236	case "AES-192 no df":
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	237	case "AES-256 no df":
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	238	case "3KeyTDEA use df":
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	239	case "AES-128 use df":
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	240	case "AES-192 use df":
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	241	case "AES-256 use df":
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	242	algorithm = l.key.split(" ")[0];
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	243	usedf = l.key.contains("use df");
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	244	break;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	245	case "ReturnedBitsLen":
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	246	outLen = l.vint();
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	247	output = new byte[outLen / 8];
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	248	break;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	249	case "EntropyInput":
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	250	TestEntropySource.setEntropy(l.vdata());
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	251	break;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	252	case "Nonce":
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	253	nonce = l.vdata();
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	254	break;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	255	case "COUNT":
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	256	// Remove unused entropy (say, when AES-256 is skipped)
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	257	TestEntropySource.clearEntropy();
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	258	break;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	259	case "PersonalizationString":
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	260	try {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	261	isPr = mode.equals("pr_true");
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	262	byte[] ps = null;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	263	if (l.vdata().length != 0) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	264	ps = l.vdata();
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	265	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	266
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	267	// MoreDrbgParameters must be used because we
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	268	// want to set entropy input and nonce. Since
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	269	// it can also set mechanism, algorithm and usedf,
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	270	// we don't need to touch securerandom.drbg.config.
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	271	hd = SecureRandom.getInstance("DRBG",
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	272	new MoreDrbgParameters(es, mech, algorithm,
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	273	nonce, usedf,
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	274	DrbgParameters.instantiation(
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	275	-1,
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	276	isPr ? PR_AND_RESEED
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	277	: RESEED_ONLY,
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	278	ps)),
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	279	"SUN");
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	280	} catch (NoSuchAlgorithmException iae) {
37896 cd841af7dcd0 8156213: Remove SHA-1 and 3KeyTDEA algorithms from DRBG weijun parents: 37796 diff changeset	281	// We don't support SHA-1 and 3KeyTDEA. AES-192 or
37796 256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	282	// AES-256 might not be available. This is OK.
37896 cd841af7dcd0 8156213: Remove SHA-1 and 3KeyTDEA algorithms from DRBG weijun parents: 37796 diff changeset	283	if (algorithm.equals("SHA-1") \|\|
cd841af7dcd0 8156213: Remove SHA-1 and 3KeyTDEA algorithms from DRBG weijun parents: 37796 diff changeset	284	algorithm.equals("3KeyTDEA") \|\|
cd841af7dcd0 8156213: Remove SHA-1 and 3KeyTDEA algorithms from DRBG weijun parents: 37796 diff changeset	285	((algorithm.equals("AES-192")
37796 256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	286	\|\| algorithm.equals("AES-256"))
37896 cd841af7dcd0 8156213: Remove SHA-1 and 3KeyTDEA algorithms from DRBG weijun parents: 37796 diff changeset	287	&& AES_LIMIT == 128)) {
37796 256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	288	hd = null;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	289	} else {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	290	throw iae;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	291	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	292	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	293	break;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	294	case "EntropyInputReseed":
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	295	TestEntropySource.setEntropy(l.vdata());
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	296	break;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	297	case "AdditionalInputReseed":
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	298	if (l.vdata().length == 0) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	299	additional = null;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	300	} else {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	301	additional = l.vdata();
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	302	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	303	if (hd != null) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	304	if (additional == null) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	305	hd.reseed();
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	306	} else {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	307	hd.reseed(DrbgParameters.reseed(
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	308	isPr, additional));
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	309	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	310	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	311	break;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	312	case "EntropyInputPR":
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	313	if (l.vdata().length != 0) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	314	TestEntropySource.setEntropy(l.vdata());
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	315	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	316	if (mode.equals("pr_true")) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	317	if (hd != null) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	318	if (additional == null) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	319	hd.nextBytes(output);
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	320	} else {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	321	hd.nextBytes(output,
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	322	DrbgParameters.nextBytes(
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	323	-1, isPr, additional));
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	324	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	325	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	326	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	327	break;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	328	case "AdditionalInput":
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	329	if (l.vdata().length == 0) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	330	additional = null;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	331	} else {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	332	additional = l.vdata();
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	333	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	334	if (!mode.equals("pr_true")) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	335	if (hd != null) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	336	if (additional == null) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	337	hd.nextBytes(output);
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	338	} else {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	339	hd.nextBytes(output,
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	340	DrbgParameters.nextBytes(
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	341	-1, isPr, additional));
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	342	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	343	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	344	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	345	break;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	346	case "ReturnedBits":
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	347	if (hd != null) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	348	if (!Arrays.equals(output, l.vdata())) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	349	throw new Exception("\nExpected: " +
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	350	l.value + "\n Actual: " + hex(output));
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	351	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	352	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	353	break;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	354	default:
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	355	// Algorithm line for Hash_DRBG and HMAC_DRBG
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	356	if (l.key.startsWith("SHA-")) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	357	algorithm = l.key;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	358	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	359	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	360	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	361	err.println();
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	362	} catch (Exception e) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	363	err.println();
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	364	err.println(sb.toString());
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	365	err.println(bout.toString());
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	366	throw e;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	367	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	368	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	369
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	370	/**
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	371	* Parse a line from test material.
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	372	*
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	373	* Brackets are removed. Key and value separated.
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	374	*/
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	375	static class Line {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	376
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	377	final String key;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	378	final String value;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	379
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	380	Line(String s) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	381	s = s.trim();
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	382	if (s.length() >= 2) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	383	if (s.charAt(0) == '[') {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	384	s = s.substring(1, s.length() - 1);
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	385	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	386	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	387	if (s.indexOf('=') < 0) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	388	key = s;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	389	value = null;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	390	} else {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	391	key = s.substring(0, s.indexOf('=')).trim();
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	392	value = s.substring(s.indexOf('=') + 1).trim();
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	393	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	394	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	395
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	396	int vint() {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	397	return Integer.parseInt(value);
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	398	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	399
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	400	byte[] vdata() {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	401	return xeh(value);
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	402	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	403	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	404
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	405	// Bytes to HEX
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	406	private static String hex(byte[] in) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	407	StringBuilder sb = new StringBuilder();
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	408	for (byte b: in) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	409	sb.append(String.format("%02x", b&0xff));
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	410	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	411	return sb.toString();
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	412	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	413
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	414	// HEX to bytes
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	415	private static byte[] xeh(String in) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	416	in = in.replaceAll(" ", "");
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	417	int len = in.length() / 2;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	418	byte[] out = new byte[len];
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	419	for (int i = 0; i < len; i++) {
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	420	out[i] = (byte) Integer.parseInt(
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	421	in.substring(i * 2, i * 2 + 2), 16);
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	422	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	423	return out;
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	424	}
256c45c4af5d 8051408: NIST SP 800-90A SecureRandom implementations weijun parents: diff changeset	425	}

author	weijun
	Thu, 12 May 2016 13:06:03 +0800
changeset 37896	cd841af7dcd0
parent 37796	256c45c4af5d
permissions	-rw-r--r--