/*- * Copyright (c) 2002 Millions Consulting Limited * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * $Id: runs.c,v 1.1.1.1 2002/09/11 03:36:00 stacy Exp $ */ #include /* * FIPS 140-1 runs and long runs tests for a random number generator * * Refrence: * http://csrc.nist.gov/publications/fips/fips140-1/fips1401.htm */ int runlength(u_char *s, int bits); /* s should point to a stream of 20,000 bits of muck */ int fips_runs_test(u_char *s) { int zero_count[6]; int one_count[6]; int *count; int i; int bits; for(i = 0; i < 6; i++) zero_count[i] = one_count[i] = 0; bits = 0; while(bits < 20000) { i = runlength(s, bits); if(i < 0) { count = zero_count; i = i * -1; } else count = one_count; bits += i; if(i > 6) i = 6; count[i - 1]++; } count = zero_count; if(!(count[0] >= 2267 && count[0] <= 2733)) return 0; if(!(count[1] >= 1079 && count[1] <= 1421)) return 0; if(!(count[2] >= 502 && count[2] <= 748)) return 0; if(!(count[3] >= 223 && count[3] <= 402)) return 0; if(!(count[4] >= 90 && count[4] <= 223)) return 0; if(!(count[5] >= 90 && count[5] <= 223)) return 0; count = one_count; if(!(count[0] >= 2267 && count[0] <= 2733)) return 0; if(!(count[1] >= 1079 && count[1] <= 1421)) return 0; if(!(count[2] >= 502 && count[2] <= 748)) return 0; if(!(count[3] >= 223 && count[3] <= 402)) return 0; if(!(count[4] >= 90 && count[4] <= 223)) return 0; if(!(count[5] >= 90 && count[5] <= 223)) return 0; return 1; } int fips_long_run_test(u_char *s) { int r; int bits; int i; r = bits = 0; while(bits < 20000) { i = runlength(s, bits); if(i < 0) i = i * -1; if(i >= 34) r++; bits += i; } if(r == 0) return 1; else return 0; } int runlength(u_char *s, int bits) { int count; int zero; u_char b, B, mask; int byte; int match; int tbits; tbits = bits; /* get the index of the byte and bit where we left off */ byte = bits / 8; bits = bits % 8; mask = 0x80 >> bits; B = *(s+byte); b = B & mask; zero = (b == 0); count = 0; do { count++; tbits++; mask = mask >> 1; if(mask == 0) { byte++; B = *(s+byte); mask = 0x80; } b = B & mask; match = zero ? (b == 0) : (b > 0); } while(match && tbits < 20000); if(zero) count *= -1; return count; }