diff options
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/common/mod.rs | 46 | ||||
| -rw-r--r-- | tests/custom.rs | 26 | ||||
| -rw-r--r-- | tests/rdrand.rs | 9 |
3 files changed, 63 insertions, 18 deletions
diff --git a/tests/common/mod.rs b/tests/common/mod.rs index 006f230..666f7f5 100644 --- a/tests/common/mod.rs +++ b/tests/common/mod.rs @@ -12,7 +12,19 @@ fn test_zero() { getrandom_impl(&mut [0u8; 0]).unwrap(); } +// Return the number of bits in which s1 and s2 differ +#[cfg(not(feature = "custom"))] +fn num_diff_bits(s1: &[u8], s2: &[u8]) -> usize { + assert_eq!(s1.len(), s2.len()); + s1.iter() + .zip(s2.iter()) + .map(|(a, b)| (a ^ b).count_ones() as usize) + .sum() +} + +// Tests the quality of calling getrandom on two large buffers #[test] +#[cfg(not(feature = "custom"))] fn test_diff() { let mut v1 = [0u8; 1000]; getrandom_impl(&mut v1).unwrap(); @@ -20,13 +32,35 @@ fn test_diff() { let mut v2 = [0u8; 1000]; getrandom_impl(&mut v2).unwrap(); - let mut n_diff_bits = 0; - for i in 0..v1.len() { - n_diff_bits += (v1[i] ^ v2[i]).count_ones(); - } + // Between 3.5 and 4.5 bits per byte should differ. Probability of failure: + // ~ 2^(-94) = 2 * CDF[BinomialDistribution[8000, 0.5], 3500] + let d = num_diff_bits(&v1, &v2); + assert!(d > 3500); + assert!(d < 4500); +} - // Check at least 1 bit per byte differs. p(failure) < 1e-1000 with random input. - assert!(n_diff_bits >= v1.len() as u32); +// Tests the quality of calling getrandom repeatedly on small buffers +#[test] +#[cfg(not(feature = "custom"))] +fn test_small() { + // For each buffer size, get at least 256 bytes and check that between + // 3 and 5 bits per byte differ. Probability of failure: + // ~ 2^(-91) = 64 * 2 * CDF[BinomialDistribution[8*256, 0.5], 3*256] + for size in 1..=64 { + let mut num_bytes = 0; + let mut diff_bits = 0; + while num_bytes < 256 { + let mut s1 = vec![0u8; size]; + getrandom_impl(&mut s1).unwrap(); + let mut s2 = vec![0u8; size]; + getrandom_impl(&mut s2).unwrap(); + + num_bytes += size; + diff_bits += num_diff_bits(&s1, &s2); + } + assert!(diff_bits > 3 * num_bytes); + assert!(diff_bits < 5 * num_bytes); + } } #[test] diff --git a/tests/custom.rs b/tests/custom.rs index 62eae1d..b085094 100644 --- a/tests/custom.rs +++ b/tests/custom.rs @@ -7,13 +7,8 @@ ))] use wasm_bindgen_test::wasm_bindgen_test as test; -#[cfg(feature = "test-in-browser")] -wasm_bindgen_test::wasm_bindgen_test_configure!(run_in_browser); -use core::{ - num::NonZeroU32, - sync::atomic::{AtomicU8, Ordering}, -}; +use core::num::NonZeroU32; use getrandom::{getrandom, register_custom_getrandom, Error}; fn len7_err() -> Error { @@ -21,27 +16,36 @@ fn len7_err() -> Error { } fn super_insecure_rng(buf: &mut [u8]) -> Result<(), Error> { + // `getrandom` guarantees it will not call any implementation if the output + // buffer is empty. + assert!(!buf.is_empty()); // Length 7 buffers return a custom error if buf.len() == 7 { return Err(len7_err()); } - // Otherwise, increment an atomic counter - static COUNTER: AtomicU8 = AtomicU8::new(0); + // Otherwise, fill bytes based on input length + let mut start = buf.len() as u8; for b in buf { - *b = COUNTER.fetch_add(1, Ordering::Relaxed); + *b = start; + start = start.wrapping_mul(3); } Ok(()) } register_custom_getrandom!(super_insecure_rng); +use getrandom::getrandom as getrandom_impl; +mod common; + #[test] fn custom_rng_output() { let mut buf = [0u8; 4]; assert_eq!(getrandom(&mut buf), Ok(())); - assert_eq!(buf, [0, 1, 2, 3]); + assert_eq!(buf, [4, 12, 36, 108]); + + let mut buf = [0u8; 3]; assert_eq!(getrandom(&mut buf), Ok(())); - assert_eq!(buf, [4, 5, 6, 7]); + assert_eq!(buf, [3, 9, 27]); } #[test] diff --git a/tests/rdrand.rs b/tests/rdrand.rs index 4ff85c4..a355c31 100644 --- a/tests/rdrand.rs +++ b/tests/rdrand.rs @@ -6,10 +6,17 @@ use getrandom::Error; #[macro_use] extern crate cfg_if; +#[path = "../src/lazy.rs"] +mod lazy; #[path = "../src/rdrand.rs"] mod rdrand; #[path = "../src/util.rs"] mod util; -use rdrand::getrandom_inner as getrandom_impl; +// The rdrand implementation has the signature of getrandom_uninit(), but our +// tests expect getrandom_impl() to have the signature of getrandom(). +fn getrandom_impl(dest: &mut [u8]) -> Result<(), Error> { + rdrand::getrandom_inner(unsafe { util::slice_as_uninit_mut(dest) })?; + Ok(()) +} mod common; |