Add hmac_drbg_{write,update}_seed_file()
diff --git a/include/polarssl/hmac_drbg.h b/include/polarssl/hmac_drbg.h
index 79be0a6..4b8e11b 100644
--- a/include/polarssl/hmac_drbg.h
+++ b/include/polarssl/hmac_drbg.h
@@ -221,6 +221,32 @@
*/
void hmac_drbg_free( hmac_drbg_context *ctx );
+#if defined(POLARSSL_FS_IO)
+/**
+ * \brief Write a seed file
+ *
+ * \param ctx HMAC_DRBG context
+ * \param path Name of the file
+ *
+ * \return 0 if successful, 1 on file error, or
+ * POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED
+ */
+int hmac_drbg_write_seed_file( hmac_drbg_context *ctx, const char *path );
+
+/**
+ * \brief Read and update a seed file. Seed is added to this
+ * instance
+ *
+ * \param ctx HMAC_DRBG context
+ * \param path Name of the file
+ *
+ * \return 0 if successful, 1 on file error,
+ * POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED or
+ * POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG
+ */
+int hmac_drbg_update_seed_file( hmac_drbg_context *ctx, const char *path );
+#endif
+
#if defined(POLARSSL_SELF_TEST)
/**
diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c
index 43ab8f2..cfeb8a4 100644
--- a/library/hmac_drbg.c
+++ b/library/hmac_drbg.c
@@ -35,6 +35,10 @@
#include "polarssl/hmac_drbg.h"
+#if defined(POLARSSL_FS_IO)
+#include <stdio.h>
+#endif
+
/*
* HMAC_DRBG update, using optional additional data (10.1.2.2)
*/
@@ -284,6 +288,65 @@
memset( ctx, 0, sizeof( hmac_drbg_context ) );
}
+#if defined(POLARSSL_FS_IO)
+int hmac_drbg_write_seed_file( hmac_drbg_context *ctx, const char *path )
+{
+ int ret = POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR;
+ FILE *f;
+ unsigned char buf[ POLARSSL_HMAC_DRBG_MAX_INPUT ];
+
+ if( ( f = fopen( path, "wb" ) ) == NULL )
+ return( POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR );
+
+ if( ( ret = hmac_drbg_random( ctx, buf, sizeof( buf ) ) ) != 0 )
+ goto exit;
+
+ if( fwrite( buf, 1, sizeof( buf ), f ) != sizeof( buf ) )
+ {
+ ret = POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR;
+ goto exit;
+ }
+
+ ret = 0;
+
+exit:
+ fclose( f );
+ return( ret );
+}
+
+int hmac_drbg_update_seed_file( hmac_drbg_context *ctx, const char *path )
+{
+ FILE *f;
+ size_t n;
+ unsigned char buf[ POLARSSL_HMAC_DRBG_MAX_INPUT ];
+
+ if( ( f = fopen( path, "rb" ) ) == NULL )
+ return( POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR );
+
+ fseek( f, 0, SEEK_END );
+ n = (size_t) ftell( f );
+ fseek( f, 0, SEEK_SET );
+
+ if( n > POLARSSL_HMAC_DRBG_MAX_INPUT )
+ {
+ fclose( f );
+ return( POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG );
+ }
+
+ if( fread( buf, 1, n, f ) != n )
+ {
+ fclose( f );
+ return( POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR );
+ }
+
+ fclose( f );
+
+ hmac_drbg_update( ctx, buf, n );
+
+ return( hmac_drbg_write_seed_file( ctx, path ) );
+}
+#endif /* POLARSSL_FS_IO */
+
#if defined(POLARSSL_SELF_TEST)
diff --git a/tests/.gitignore b/tests/.gitignore
index 0d59058..dc17f87 100644
--- a/tests/.gitignore
+++ b/tests/.gitignore
@@ -1,2 +1,3 @@
/test_suite*
data_files/mpi_write
+data_files/hmac_drbg_seed
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index 858e429..a24ef25 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -63,6 +63,7 @@
add_test_suite(gcm gcm.aes192_de)
add_test_suite(gcm gcm.aes256_de)
add_test_suite(gcm gcm.camellia)
+add_test_suite(hmac_drbg hmac_drbg.misc)
add_test_suite(hmac_drbg hmac_drbg.no_reseed)
add_test_suite(hmac_shax)
add_test_suite(md)
diff --git a/tests/Makefile b/tests/Makefile
index f32a4e6..0e56e7f 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -44,6 +44,7 @@
test_suite_gcm.aes192_en \
test_suite_gcm.aes256_en \
test_suite_gcm.camellia test_suite_hmac_shax \
+ test_suite_hmac_drbg.misc \
test_suite_hmac_drbg.no_reseed \
test_suite_md test_suite_mdx \
test_suite_mpi test_suite_pbkdf2 \
@@ -134,6 +135,10 @@
echo " Generate $@"
scripts/generate_code.pl suites test_suite_gcm test_suite_gcm.camellia
+test_suite_hmac_drbg.misc.c : suites/test_suite_hmac_drbg.function suites/test_suite_hmac_drbg.misc.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
+ echo " Generate $@"
+ scripts/generate_code.pl suites test_suite_hmac_drbg test_suite_hmac_drbg.misc
+
test_suite_hmac_drbg.no_reseed.c : suites/test_suite_hmac_drbg.function suites/test_suite_hmac_drbg.no_reseed.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
echo " Generate $@"
scripts/generate_code.pl suites test_suite_hmac_drbg test_suite_hmac_drbg.no_reseed
@@ -262,6 +267,10 @@
echo " CC $@.c"
$(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@
+test_suite_hmac_drbg.misc: test_suite_hmac_drbg.misc.c ../library/libpolarssl.a
+ echo " CC $@.c"
+ $(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@
+
test_suite_hmac_drbg.no_reseed: test_suite_hmac_drbg.no_reseed.c ../library/libpolarssl.a
echo " CC $@.c"
$(CC) $(CFLAGS) $(OFLAGS) $@.c $(LDFLAGS) -o $@
diff --git a/tests/suites/test_suite_hmac_drbg.function b/tests/suites/test_suite_hmac_drbg.function
index a95beb2..09e55b7 100644
--- a/tests/suites/test_suite_hmac_drbg.function
+++ b/tests/suites/test_suite_hmac_drbg.function
@@ -28,6 +28,23 @@
* END_DEPENDENCIES
*/
+/* BEGIN_CASE depends_on:POLARSSL_FS_IO */
+void hmac_drbg_seed_file( int md_alg, char *path, int ret )
+{
+ const md_info_t *md_info;
+ hmac_drbg_context ctx;
+
+ TEST_ASSERT( ( md_info = md_info_from_type( md_alg ) ) != NULL );
+ TEST_ASSERT( hmac_drbg_init( &ctx, md_info, rnd_std_rand, NULL,
+ NULL, 0 ) == 0 );
+
+ TEST_ASSERT( hmac_drbg_write_seed_file( &ctx, path ) == ret );
+ TEST_ASSERT( hmac_drbg_update_seed_file( &ctx, path ) == ret );
+
+ hmac_drbg_free( &ctx );
+}
+/* END_CASE */
+
/* BEGIN_CASE */
void hmac_drbg_no_reseed( int md_alg,
char *entropy_hex, char *custom_hex,
diff --git a/tests/suites/test_suite_hmac_drbg.misc.data b/tests/suites/test_suite_hmac_drbg.misc.data
new file mode 100644
index 0000000..b88bcc4
--- /dev/null
+++ b/tests/suites/test_suite_hmac_drbg.misc.data
@@ -0,0 +1,40 @@
+HMAC_DRBG write/update seed file SHA-1
+depends_on:POLARSSL_SHA1_C
+hmac_drbg_seed_file:POLARSSL_MD_SHA1:"data_files/hmac_drbg_seed":0
+
+HMAC_DRBG write/update seed file SHA-1
+depends_on:POLARSSL_SHA1_C
+hmac_drbg_seed_file:POLARSSL_MD_SHA1:"no_such_dir/file":POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR
+
+HMAC_DRBG write/update seed file SHA-224
+depends_on:POLARSSL_SHA256_C
+hmac_drbg_seed_file:POLARSSL_MD_SHA224:"data_files/hmac_drbg_seed":0
+
+HMAC_DRBG write/update seed file SHA-224
+depends_on:POLARSSL_SHA256_C
+hmac_drbg_seed_file:POLARSSL_MD_SHA224:"no_such_dir/file":POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR
+
+HMAC_DRBG write/update seed file SHA-256
+depends_on:POLARSSL_SHA256_C
+hmac_drbg_seed_file:POLARSSL_MD_SHA256:"data_files/hmac_drbg_seed":0
+
+HMAC_DRBG write/update seed file SHA-256
+depends_on:POLARSSL_SHA256_C
+hmac_drbg_seed_file:POLARSSL_MD_SHA256:"no_such_dir/file":POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR
+
+HMAC_DRBG write/update seed file SHA-384
+depends_on:POLARSSL_SHA512_C
+hmac_drbg_seed_file:POLARSSL_MD_SHA384:"data_files/hmac_drbg_seed":0
+
+HMAC_DRBG write/update seed file SHA-384
+depends_on:POLARSSL_SHA512_C
+hmac_drbg_seed_file:POLARSSL_MD_SHA384:"no_such_dir/file":POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR
+
+HMAC_DRBG write/update seed file SHA-512
+depends_on:POLARSSL_SHA512_C
+hmac_drbg_seed_file:POLARSSL_MD_SHA512:"data_files/hmac_drbg_seed":0
+
+HMAC_DRBG write/update seed file SHA-512
+depends_on:POLARSSL_SHA512_C
+hmac_drbg_seed_file:POLARSSL_MD_SHA512:"no_such_dir/file":POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR
+
