From 48bc3e81dab6c7267852d3166d811fa02a00e84c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Thu, 30 Jan 2014 21:11:16 +0100
Subject: [PATCH] Add hmac_drbg_{write,update}_seed_file()

---
 include/polarssl/hmac_drbg.h                | 26 +++++++++
 library/hmac_drbg.c                         | 63 +++++++++++++++++++++
 tests/.gitignore                            |  1 +
 tests/CMakeLists.txt                        |  1 +
 tests/Makefile                              |  9 +++
 tests/suites/test_suite_hmac_drbg.function  | 17 ++++++
 tests/suites/test_suite_hmac_drbg.misc.data | 40 +++++++++++++
 7 files changed, 157 insertions(+)
 create mode 100644 tests/suites/test_suite_hmac_drbg.misc.data

diff --git a/include/polarssl/hmac_drbg.h b/include/polarssl/hmac_drbg.h
index 79be0a6a9..4b8e11bb0 100644
--- a/include/polarssl/hmac_drbg.h
+++ b/include/polarssl/hmac_drbg.h
@@ -221,6 +221,32 @@ int hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len );
  */
 void hmac_drbg_free( hmac_drbg_context *ctx );
 
+#if defined(POLARSSL_FS_IO)
+/**
+ * \brief               Write a seed file
+ *
+ * \param ctx           HMAC_DRBG context
+ * \param path          Name of the file
+ *
+ * \return              0 if successful, 1 on file error, or
+ *                      POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED
+ */
+int hmac_drbg_write_seed_file( hmac_drbg_context *ctx, const char *path );
+
+/**
+ * \brief               Read and update a seed file. Seed is added to this
+ *                      instance
+ *
+ * \param ctx           HMAC_DRBG context
+ * \param path          Name of the file
+ *
+ * \return              0 if successful, 1 on file error,
+ *                      POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED or
+ *                      POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG
+ */
+int hmac_drbg_update_seed_file( hmac_drbg_context *ctx, const char *path );
+#endif
+
 
 #if defined(POLARSSL_SELF_TEST)
 /**
diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c
index 43ab8f2a0..cfeb8a4c8 100644
--- a/library/hmac_drbg.c
+++ b/library/hmac_drbg.c
@@ -35,6 +35,10 @@
 
 #include "polarssl/hmac_drbg.h"
 
+#if defined(POLARSSL_FS_IO)
+#include <stdio.h>
+#endif
+
 /*
  * HMAC_DRBG update, using optional additional data (10.1.2.2)
  */
@@ -284,6 +288,65 @@ void hmac_drbg_free( hmac_drbg_context *ctx )
     memset( ctx, 0, sizeof( hmac_drbg_context ) );
 }
 
+#if defined(POLARSSL_FS_IO)
+int hmac_drbg_write_seed_file( hmac_drbg_context *ctx, const char *path )
+{
+    int ret = POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR;
+    FILE *f;
+    unsigned char buf[ POLARSSL_HMAC_DRBG_MAX_INPUT ];
+
+    if( ( f = fopen( path, "wb" ) ) == NULL )
+        return( POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR );
+
+    if( ( ret = hmac_drbg_random( ctx, buf, sizeof( buf ) ) ) != 0 )
+        goto exit;
+
+    if( fwrite( buf, 1, sizeof( buf ), f ) != sizeof( buf ) )
+    {
+        ret = POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR;
+        goto exit;
+    }
+
+    ret = 0;
+
+exit:
+    fclose( f );
+    return( ret );
+}
+
+int hmac_drbg_update_seed_file( hmac_drbg_context *ctx, const char *path )
+{
+    FILE *f;
+    size_t n;
+    unsigned char buf[ POLARSSL_HMAC_DRBG_MAX_INPUT ];
+
+    if( ( f = fopen( path, "rb" ) ) == NULL )
+        return( POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR );
+
+    fseek( f, 0, SEEK_END );
+    n = (size_t) ftell( f );
+    fseek( f, 0, SEEK_SET );
+
+    if( n > POLARSSL_HMAC_DRBG_MAX_INPUT )
+    {
+        fclose( f );
+        return( POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG );
+    }
+
+    if( fread( buf, 1, n, f ) != n )
+    {
+        fclose( f );
+        return( POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR );
+    }
+
+    fclose( f );
+
+    hmac_drbg_update( ctx, buf, n );
+
+    return( hmac_drbg_write_seed_file( ctx, path ) );
+}
+#endif /* POLARSSL_FS_IO */
+
 
 #if defined(POLARSSL_SELF_TEST)
 
diff --git a/tests/.gitignore b/tests/.gitignore
index 0d59058dc..dc17f8729 100644
--- a/tests/.gitignore
+++ b/tests/.gitignore
@@ -1,2 +1,3 @@
 /test_suite*
 data_files/mpi_write
+data_files/hmac_drbg_seed
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index 858e429c7..a24ef2531 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -63,6 +63,7 @@ add_test_suite(gcm gcm.aes128_de)
 add_test_suite(gcm gcm.aes192_de)
 add_test_suite(gcm gcm.aes256_de)
 add_test_suite(gcm gcm.camellia)
+add_test_suite(hmac_drbg hmac_drbg.misc)
 add_test_suite(hmac_drbg hmac_drbg.no_reseed)
 add_test_suite(hmac_shax)
 add_test_suite(md)
diff --git a/tests/Makefile b/tests/Makefile
index f32a4e600..0e56e7fb3 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -44,6 +44,7 @@ APPS =	test_suite_aes.ecb		test_suite_aes.cbc		\
 		test_suite_gcm.aes192_en						\
 		test_suite_gcm.aes256_en						\
 		test_suite_gcm.camellia	test_suite_hmac_shax	\
+		test_suite_hmac_drbg.misc						\
 		test_suite_hmac_drbg.no_reseed					\
 		test_suite_md			test_suite_mdx			\
 		test_suite_mpi			test_suite_pbkdf2		\
@@ -134,6 +135,10 @@ test_suite_gcm.camellia.c : suites/test_suite_gcm.function suites/test_suite_gcm
 	echo   "  Generate	$@"
 	scripts/generate_code.pl suites test_suite_gcm test_suite_gcm.camellia
 
+test_suite_hmac_drbg.misc.c : suites/test_suite_hmac_drbg.function suites/test_suite_hmac_drbg.misc.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
+	echo   "  Generate	$@"
+	scripts/generate_code.pl suites test_suite_hmac_drbg test_suite_hmac_drbg.misc
+
 test_suite_hmac_drbg.no_reseed.c : suites/test_suite_hmac_drbg.function suites/test_suite_hmac_drbg.no_reseed.data scripts/generate_code.pl suites/helpers.function suites/main_test.function
 	echo   "  Generate	$@"
 	scripts/generate_code.pl suites test_suite_hmac_drbg test_suite_hmac_drbg.no_reseed
@@ -262,6 +267,10 @@ test_suite_gcm.camellia: test_suite_gcm.camellia.c ../library/libpolarssl.a
 	echo   "  CC    	$@.c"
 	$(CC) $(CFLAGS) $(OFLAGS) $@.c	$(LDFLAGS) -o $@
 
+test_suite_hmac_drbg.misc: test_suite_hmac_drbg.misc.c ../library/libpolarssl.a
+	echo   "  CC    	$@.c"
+	$(CC) $(CFLAGS) $(OFLAGS) $@.c	$(LDFLAGS) -o $@
+
 test_suite_hmac_drbg.no_reseed: test_suite_hmac_drbg.no_reseed.c ../library/libpolarssl.a
 	echo   "  CC    	$@.c"
 	$(CC) $(CFLAGS) $(OFLAGS) $@.c	$(LDFLAGS) -o $@
diff --git a/tests/suites/test_suite_hmac_drbg.function b/tests/suites/test_suite_hmac_drbg.function
index a95beb2df..09e55b796 100644
--- a/tests/suites/test_suite_hmac_drbg.function
+++ b/tests/suites/test_suite_hmac_drbg.function
@@ -28,6 +28,23 @@ int entropy_func( void *data, unsigned char *buf, size_t len )
  * END_DEPENDENCIES
  */
 
+/* BEGIN_CASE depends_on:POLARSSL_FS_IO */
+void hmac_drbg_seed_file( int md_alg, char *path, int ret )
+{
+    const md_info_t *md_info;
+    hmac_drbg_context ctx;
+
+    TEST_ASSERT( ( md_info = md_info_from_type( md_alg ) ) != NULL );
+    TEST_ASSERT( hmac_drbg_init( &ctx, md_info, rnd_std_rand, NULL,
+                                 NULL, 0 ) == 0 );
+
+    TEST_ASSERT( hmac_drbg_write_seed_file( &ctx, path ) == ret );
+    TEST_ASSERT( hmac_drbg_update_seed_file( &ctx, path ) == ret );
+
+    hmac_drbg_free( &ctx );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void hmac_drbg_no_reseed( int md_alg,
                           char *entropy_hex, char *custom_hex,
diff --git a/tests/suites/test_suite_hmac_drbg.misc.data b/tests/suites/test_suite_hmac_drbg.misc.data
new file mode 100644
index 000000000..b88bcc461
--- /dev/null
+++ b/tests/suites/test_suite_hmac_drbg.misc.data
@@ -0,0 +1,40 @@
+HMAC_DRBG write/update seed file SHA-1
+depends_on:POLARSSL_SHA1_C
+hmac_drbg_seed_file:POLARSSL_MD_SHA1:"data_files/hmac_drbg_seed":0
+
+HMAC_DRBG write/update seed file SHA-1
+depends_on:POLARSSL_SHA1_C
+hmac_drbg_seed_file:POLARSSL_MD_SHA1:"no_such_dir/file":POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR
+
+HMAC_DRBG write/update seed file SHA-224
+depends_on:POLARSSL_SHA256_C
+hmac_drbg_seed_file:POLARSSL_MD_SHA224:"data_files/hmac_drbg_seed":0
+
+HMAC_DRBG write/update seed file SHA-224
+depends_on:POLARSSL_SHA256_C
+hmac_drbg_seed_file:POLARSSL_MD_SHA224:"no_such_dir/file":POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR
+
+HMAC_DRBG write/update seed file SHA-256
+depends_on:POLARSSL_SHA256_C
+hmac_drbg_seed_file:POLARSSL_MD_SHA256:"data_files/hmac_drbg_seed":0
+
+HMAC_DRBG write/update seed file SHA-256
+depends_on:POLARSSL_SHA256_C
+hmac_drbg_seed_file:POLARSSL_MD_SHA256:"no_such_dir/file":POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR
+
+HMAC_DRBG write/update seed file SHA-384
+depends_on:POLARSSL_SHA512_C
+hmac_drbg_seed_file:POLARSSL_MD_SHA384:"data_files/hmac_drbg_seed":0
+
+HMAC_DRBG write/update seed file SHA-384
+depends_on:POLARSSL_SHA512_C
+hmac_drbg_seed_file:POLARSSL_MD_SHA384:"no_such_dir/file":POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR
+
+HMAC_DRBG write/update seed file SHA-512
+depends_on:POLARSSL_SHA512_C
+hmac_drbg_seed_file:POLARSSL_MD_SHA512:"data_files/hmac_drbg_seed":0
+
+HMAC_DRBG write/update seed file SHA-512
+depends_on:POLARSSL_SHA512_C
+hmac_drbg_seed_file:POLARSSL_MD_SHA512:"no_such_dir/file":POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR
+