HomeFreeBSD

random(4): Add regression tests for uint128 implementation, Chacha CTR

Description

random(4): Add regression tests for uint128 implementation, Chacha CTR

Add some basic regression tests to verify behavior of both uint128
implementations at typical boundary conditions, to run on all architectures.

Test uint128 increment behavior of Chacha in keystream mode, as used by
'kern.random.use_chacha20_cipher=1' (r344913) to verify assumptions at edge
cases. These assumptions are critical to the safety of using Chacha as a
PRF in Fortuna (as implemented).

(Chacha's use in arc4random is safe regardless of these tests, as it is
limited to far less than 4 billion blocks of output in that API.)

(cherry picked from commit 403c041316da859b91c048b5daeea61bc366e92f)

Details

Provenance
cemAuthored on Jun 17 2019, 2:59 PM
obrienCommitted on Feb 14 2022, 2:07 AM
Parents
rG921bb16f82d0: random(4): deduplicate explicit_bzero() in harvest
Branches
Unknown
Tags
Unknown