From adf7f1ef729df22560c193a2ba9a616d0a4f22da Mon Sep 17 00:00:00 2001
From: Karel Miko <karel.miko@gmail.com>
Date: Sun, 26 Mar 2017 23:16:34 +0200
Subject: [PATCH 1/3] RC4 PRNG - broken import/export

---
 src/prngs/rc4.c | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/src/prngs/rc4.c b/src/prngs/rc4.c
index 2583451f9..d08978afa 100644
--- a/src/prngs/rc4.c
+++ b/src/prngs/rc4.c
@@ -257,6 +257,31 @@ int rc4_test(void)
           return CRYPT_FAIL_TESTVECTOR;
        }
    }
+   {
+      prng_state prng1, prng2;
+      unsigned char dump[300], buf1[100], buf2[100];
+      unsigned long dumplen = sizeof(dump), i;
+      unsigned char entropy[] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
+
+      if ((err = rc4_start(&prng1)) != CRYPT_OK)                                 return err;
+      if ((err = rc4_add_entropy(entropy, sizeof(entropy), &prng1)) != CRYPT_OK) return err;
+      if ((err = rc4_ready(&prng1)) != CRYPT_OK)                                 return err;
+      if (rc4_read(buf1, 100, &prng1) != 100)                                    return CRYPT_ERROR_READPRNG;
+      if ((err = rc4_export(dump, &dumplen, &prng1)) != CRYPT_OK)                return err;
+      if (rc4_read(buf1, 10, &prng1) != 10)                                      return CRYPT_ERROR_READPRNG;
+
+      if ((err = rc4_import(dump, dumplen, &prng2)) != CRYPT_OK)                 return err;
+      if (rc4_read(buf2, 10, &prng2) != 10)                                      return CRYPT_ERROR_READPRNG;
+
+      if (XMEMCMP(buf1, buf2, 10) != 0) {
+         fprintf(stderr, "\nbuf1:\n");
+         for(i = 1; i < 10; i++) fprintf(stderr, "%02x ", buf1[i]);
+         fprintf(stderr, "\nbuf2:\n");
+         for(i = 1; i < 10; i++) fprintf(stderr, "%02x ", buf2[i]);
+         fprintf(stderr, "\n");
+         return CRYPT_FAIL_TESTVECTOR;
+      }
+   }
    return CRYPT_OK;
 #endif
 }

From 5d174f89bc9de19b4ec683f5fef7aa9aa376507f Mon Sep 17 00:00:00 2001
From: Karel Miko <karel.miko@gmail.com>
Date: Mon, 27 Mar 2017 19:50:03 +0200
Subject: [PATCH 2/3] tuning prng tests

---
 src/prngs/rc4.c             | 25 -------------------------
 testprof/cipher_hash_test.c | 27 ++++++++++++++++++++++-----
 2 files changed, 22 insertions(+), 30 deletions(-)

diff --git a/src/prngs/rc4.c b/src/prngs/rc4.c
index d08978afa..2583451f9 100644
--- a/src/prngs/rc4.c
+++ b/src/prngs/rc4.c
@@ -257,31 +257,6 @@ int rc4_test(void)
           return CRYPT_FAIL_TESTVECTOR;
        }
    }
-   {
-      prng_state prng1, prng2;
-      unsigned char dump[300], buf1[100], buf2[100];
-      unsigned long dumplen = sizeof(dump), i;
-      unsigned char entropy[] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
-
-      if ((err = rc4_start(&prng1)) != CRYPT_OK)                                 return err;
-      if ((err = rc4_add_entropy(entropy, sizeof(entropy), &prng1)) != CRYPT_OK) return err;
-      if ((err = rc4_ready(&prng1)) != CRYPT_OK)                                 return err;
-      if (rc4_read(buf1, 100, &prng1) != 100)                                    return CRYPT_ERROR_READPRNG;
-      if ((err = rc4_export(dump, &dumplen, &prng1)) != CRYPT_OK)                return err;
-      if (rc4_read(buf1, 10, &prng1) != 10)                                      return CRYPT_ERROR_READPRNG;
-
-      if ((err = rc4_import(dump, dumplen, &prng2)) != CRYPT_OK)                 return err;
-      if (rc4_read(buf2, 10, &prng2) != 10)                                      return CRYPT_ERROR_READPRNG;
-
-      if (XMEMCMP(buf1, buf2, 10) != 0) {
-         fprintf(stderr, "\nbuf1:\n");
-         for(i = 1; i < 10; i++) fprintf(stderr, "%02x ", buf1[i]);
-         fprintf(stderr, "\nbuf2:\n");
-         for(i = 1; i < 10; i++) fprintf(stderr, "%02x ", buf2[i]);
-         fprintf(stderr, "\n");
-         return CRYPT_FAIL_TESTVECTOR;
-      }
-   }
    return CRYPT_OK;
 #endif
 }
diff --git a/testprof/cipher_hash_test.c b/testprof/cipher_hash_test.c
index 6dd04daec..fc071398f 100644
--- a/testprof/cipher_hash_test.c
+++ b/testprof/cipher_hash_test.c
@@ -21,20 +21,37 @@ int cipher_hash_test(void)
 
    /* test prngs (test, import/export */
    for (x = 0; prng_descriptor[x].name != NULL; x++) {
+      unsigned char buf1[100], buf2[100];
+
       DOX(prng_descriptor[x].test(), prng_descriptor[x].name);
       DOX(prng_descriptor[x].start(&nprng), prng_descriptor[x].name);
       DOX(prng_descriptor[x].add_entropy((unsigned char *)"helloworld12", 12, &nprng), prng_descriptor[x].name);
       DOX(prng_descriptor[x].ready(&nprng), prng_descriptor[x].name);
       n = sizeof(buf);
       DOX(prng_descriptor[x].pexport(buf, &n, &nprng), prng_descriptor[x].name);
+      if (prng_descriptor[x].read(buf1, 100, &nprng) != 100) exit(EXIT_FAILURE); /* skip 100 bytes */
+      if (prng_descriptor[x].read(buf1, 10, &nprng) != 10) exit(EXIT_FAILURE);   /* 10 bytes for comparison */
       prng_descriptor[x].done(&nprng);
+
       DOX(prng_descriptor[x].pimport(buf, n, &nprng), prng_descriptor[x].name);
-      DOX(prng_descriptor[x].ready(&nprng), prng_descriptor[x].name);
-      if (prng_descriptor[x].read(buf, 100, &nprng) != 100) {
-         fprintf(stderr, "Error reading from imported PRNG!\n");
-         exit(EXIT_FAILURE);
-      }
+      /*DOX(prng_descriptor[x].ready(&nprng), prng_descriptor[x].name);*/
+      if (prng_descriptor[x].read(buf2, 100, &nprng) != 100) exit(EXIT_FAILURE); /* skip 100 bytes */
+      if (prng_descriptor[x].read(buf2, 10, &nprng) != 10) exit(EXIT_FAILURE);   /* 10 bytes for comparison */
       prng_descriptor[x].done(&nprng);
+
+      if (XMEMCMP(buf1, buf2, 10) != 0) {
+         int i;
+         fprintf(stderr, "%s export/import FAILED\n", prng_descriptor[x].name);
+         fprintf(stderr, "%s buf1: ", prng_descriptor[x].name);
+         for(i = 1; i < 10; i++) fprintf(stderr, "%02x ", buf1[i]);
+         fprintf(stderr, "\n%s buf2: ", prng_descriptor[x].name);
+         for(i = 1; i < 10; i++) fprintf(stderr, "%02x ", buf2[i]);
+         fprintf(stderr, "\n");
+         /*return CRYPT_FAIL_TESTVECTOR;*/
+      }
+      else {
+         fprintf(stderr, "%s export/import OK\n", prng_descriptor[x].name);
+      }
    }
 
    return 0;

From cb8c9059bbc4820c78810d5a6a5e11e5d7ff5cab Mon Sep 17 00:00:00 2001
From: Karel Miko <karel.miko@gmail.com>
Date: Mon, 27 Mar 2017 21:57:41 +0200
Subject: [PATCH 3/3] tuning prng tests

---
 testprof/cipher_hash_test.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/testprof/cipher_hash_test.c b/testprof/cipher_hash_test.c
index fc071398f..9925c70b6 100644
--- a/testprof/cipher_hash_test.c
+++ b/testprof/cipher_hash_test.c
@@ -4,7 +4,7 @@
 
 int cipher_hash_test(void)
 {
-   int           x;
+   int           x, fails = 0;
    unsigned char buf[4096];
    unsigned long n;
    prng_state    nprng;
@@ -34,7 +34,7 @@ int cipher_hash_test(void)
       prng_descriptor[x].done(&nprng);
 
       DOX(prng_descriptor[x].pimport(buf, n, &nprng), prng_descriptor[x].name);
-      /*DOX(prng_descriptor[x].ready(&nprng), prng_descriptor[x].name);*/
+      /*DOX(prng_descriptor[x].ready(&nprng), prng_descriptor[x].name);*/ /* it fails both with/without this line */
       if (prng_descriptor[x].read(buf2, 100, &nprng) != 100) exit(EXIT_FAILURE); /* skip 100 bytes */
       if (prng_descriptor[x].read(buf2, 10, &nprng) != 10) exit(EXIT_FAILURE);   /* 10 bytes for comparison */
       prng_descriptor[x].done(&nprng);
@@ -47,12 +47,13 @@ int cipher_hash_test(void)
          fprintf(stderr, "\n%s buf2: ", prng_descriptor[x].name);
          for(i = 1; i < 10; i++) fprintf(stderr, "%02x ", buf2[i]);
          fprintf(stderr, "\n");
-         /*return CRYPT_FAIL_TESTVECTOR;*/
+         fails++;
       }
       else {
          fprintf(stderr, "%s export/import OK\n", prng_descriptor[x].name);
       }
    }
+   if (fails > 0) return CRYPT_FAIL_TESTVECTOR;
 
    return 0;
 }