DEV Community

allen-woods
allen-woods

Posted on

How to Patch and Run DieHarder on Alpine Linux

I am neither a cryptographer nor a security engineer, so when it came time to consider cryptographic best practices for my project I innocently searched for entropy test utilities. A few skimmed lists later, I had set my sites on one that I kept hearing good things about -- something called dieharder.

It'll be fun, they said.

Nakatomi Tower as a CLI? A Digital John McClane? I had to track it down and learn more.

DieHarder DOA?

DieHarder is a CLI entropy testing utility written by Robert G. Brown at Duke University. It implements several rigorous tests that can measure a system's performance calculating random data. To vastly oversimplify, it goes far beyond /dev/urandom. "Perfect," I thought. "I'll just grab that and include it as a nice-to-have."

Unfortunately, when I followed the installation instructions the compilation failed. Trying to find a solution only pulled up threads dedicated to CentOS or Ubuntu that were years out of date. So, I decided to solve how to compile it on Alpine myself.

Sed to the Rescue

Luckily, the necessary changes are brief and can be made using the built-in stream editor sed. The addition of a missing typedef and a missing define of a constant are all that it takes to make the compilation succeed; aside from renaming a required dependency.

Without further ado, here's how to install, patch, compile, and run this utility on Alpine!

#!/bin/sh

# Install static packages.
apk add \
  apk-tools-static \
  busybox-static

# Install packages needed to compile DieHarder.
apk.static -U add \
  chrpath \
  gsl \
  gsl-dev \
  haveged \
  libtool \
  make \
  rng-tools \
  rpm-dev \
  build-base

# Create a valid build tree for RPM.
mkdir -pm 0700 \
~/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}

# Point to the 'rpmbuild' path in the macro file.
echo '%_topdir %(echo $HOME)/rpmbuild' >> ~/.rpmmacros

# Create a path of your choice to install into.
mkdir -pm 0700 /your/install/path
chown root:root /your/install/path

# Download the latest version of dieharder.
wget -c \
http://webhome.phy.duke.edu/~rgb/General/dieharder/dieharder.tgz -O - | \
tar -xz -C /your/install/path/

# Set current directory to the top level of the build
# extracted from the tarball.
cd /your/install/path/*

# Generate makefiles and compilation resources.
./autogen.sh

# ---- Patch dieharder.spec file.

# Patch line 16 to point to 'gsl-dev' package.
sed -i \
'16s/.*/chrpath gsl-dev/' \
./dieharder.spec

# Patch line 129 to prevent 'macro expanded' error.
sed -i '129s/.*/# /' ./dieharder.spec

# ---- Patch libdieharder.h file.

# Insert new line to define 'M_PI' constant.
sed -i \
'66i #define M_PI    3.14159265358979323846' \
./include/dieharder/libdieharder.h

# Insert new line to create 'uint' typedef.
sed -i \
'262i typedef unsigned int uint;' \
./include/dieharder/libdieharder.h

# Compile dieharder.
make install

# Run all tests in dieharder.
dieharder -a
Enter fullscreen mode Exit fullscreen mode

This has been tested using dieharder 3.31.1 running on Alpine 3.12 Stable inside a HashiCorp Vault 1.5.4 image built with docker-compose. Results may vary.

Hope this helps you in your cryptographic projects, and thanks for reading!

Top comments (0)