DEV Community

allen-woods
allen-woods

Posted on

1

How to Patch and Run DieHarder on Alpine Linux

I am neither a cryptographer nor a security engineer, so when it came time to consider cryptographic best practices for my project I innocently searched for entropy test utilities. A few skimmed lists later, I had set my sites on one that I kept hearing good things about -- something called dieharder.

It'll be fun, they said.

Nakatomi Tower as a CLI? A Digital John McClane? I had to track it down and learn more.

DieHarder DOA?

DieHarder is a CLI entropy testing utility written by Robert G. Brown at Duke University. It implements several rigorous tests that can measure a system's performance calculating random data. To vastly oversimplify, it goes far beyond /dev/urandom. "Perfect," I thought. "I'll just grab that and include it as a nice-to-have."

Unfortunately, when I followed the installation instructions the compilation failed. Trying to find a solution only pulled up threads dedicated to CentOS or Ubuntu that were years out of date. So, I decided to solve how to compile it on Alpine myself.

Sed to the Rescue

Luckily, the necessary changes are brief and can be made using the built-in stream editor sed. The addition of a missing typedef and a missing define of a constant are all that it takes to make the compilation succeed; aside from renaming a required dependency.

Without further ado, here's how to install, patch, compile, and run this utility on Alpine!

#!/bin/sh

# Install static packages.
apk add \
  apk-tools-static \
  busybox-static

# Install packages needed to compile DieHarder.
apk.static -U add \
  chrpath \
  gsl \
  gsl-dev \
  haveged \
  libtool \
  make \
  rng-tools \
  rpm-dev \
  build-base

# Create a valid build tree for RPM.
mkdir -pm 0700 \
~/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}

# Point to the 'rpmbuild' path in the macro file.
echo '%_topdir %(echo $HOME)/rpmbuild' >> ~/.rpmmacros

# Create a path of your choice to install into.
mkdir -pm 0700 /your/install/path
chown root:root /your/install/path

# Download the latest version of dieharder.
wget -c \
http://webhome.phy.duke.edu/~rgb/General/dieharder/dieharder.tgz -O - | \
tar -xz -C /your/install/path/

# Set current directory to the top level of the build
# extracted from the tarball.
cd /your/install/path/*

# Generate makefiles and compilation resources.
./autogen.sh

# ---- Patch dieharder.spec file.

# Patch line 16 to point to 'gsl-dev' package.
sed -i \
'16s/.*/chrpath gsl-dev/' \
./dieharder.spec

# Patch line 129 to prevent 'macro expanded' error.
sed -i '129s/.*/# /' ./dieharder.spec

# ---- Patch libdieharder.h file.

# Insert new line to define 'M_PI' constant.
sed -i \
'66i #define M_PI    3.14159265358979323846' \
./include/dieharder/libdieharder.h

# Insert new line to create 'uint' typedef.
sed -i \
'262i typedef unsigned int uint;' \
./include/dieharder/libdieharder.h

# Compile dieharder.
make install

# Run all tests in dieharder.
dieharder -a
Enter fullscreen mode Exit fullscreen mode

This has been tested using dieharder 3.31.1 running on Alpine 3.12 Stable inside a HashiCorp Vault 1.5.4 image built with docker-compose. Results may vary.

Hope this helps you in your cryptographic projects, and thanks for reading!

Sentry image

See why 4M developers consider Sentry, “not bad.”

Fixing code doesn’t have to be the worst part of your day. Learn how Sentry can help.

Learn more

Top comments (0)

A Workflow Copilot. Tailored to You.

Pieces.app image

Our desktop app, with its intelligent copilot, streamlines coding by generating snippets, extracting code from screenshots, and accelerating problem-solving.

Read the docs

👋 Kindness is contagious

Please leave a ❤️ or a friendly comment on this post if you found it helpful!

Okay