From 51c9e7037e22ad592f0b19514b5d439ea1ffe7b7 Mon Sep 17 00:00:00 2001 From: Tiago Oliveira Date: Fri, 26 Jul 2024 07:24:24 +0100 Subject: [PATCH] testing: mlkem_ref pass --- .github/workflows/ct.yml | 2 +- .github/workflows/test.yml | 21 ++ code/Makefile.conf | 7 +- code/jasmin/mlkem_ref/Makefile | 223 +++++++++++------- code/jasmin/mlkem_ref/jpoly.jazz | 9 - code/jasmin/mlkem_ref/jpolyvec.jazz | 4 - code/jasmin/mlkem_ref/test/test_fips202.c | 94 ++++++-- code/jasmin/mlkem_ref/test/test_indcpa.c | 107 +++++++-- code/jasmin/mlkem_ref/test/test_kem.c | 147 ++++++++---- code/jasmin/mlkem_ref/test/test_poly_add2.c | 44 ++-- .../jasmin/mlkem_ref/test/test_poly_basemul.c | 42 ++-- .../mlkem_ref/test/test_poly_compress.c | 38 +-- code/jasmin/mlkem_ref/test/test_poly_csubq.c | 44 ++-- .../mlkem_ref/test/test_poly_decompress.c | 37 ++- .../mlkem_ref/test/test_poly_frombytes.c | 37 ++- .../mlkem_ref/test/test_poly_frommont.c | 46 ++-- .../jasmin/mlkem_ref/test/test_poly_frommsg.c | 38 ++- .../mlkem_ref/test/test_poly_getnoise.c | 34 ++- code/jasmin/mlkem_ref/test/test_poly_invntt.c | 46 ++-- code/jasmin/mlkem_ref/test/test_poly_ntt.c | 47 ++-- code/jasmin/mlkem_ref/test/test_poly_reduce.c | 43 ++-- .../mlkem_ref/test/test_poly_setrandom.c | 40 ++++ code/jasmin/mlkem_ref/test/test_poly_sub.c | 43 ++-- .../jasmin/mlkem_ref/test/test_poly_tobytes.c | 40 ++-- code/jasmin/mlkem_ref/test/test_poly_tomsg.c | 40 ++-- .../jasmin/mlkem_ref/test/test_polyvec_add2.c | 48 ++-- .../mlkem_ref/test/test_polyvec_compress.c | 38 +-- .../mlkem_ref/test/test_polyvec_csubq.c | 50 ++-- .../mlkem_ref/test/test_polyvec_decompress.c | 41 +++- .../mlkem_ref/test/test_polyvec_frombytes.c | 40 +++- .../mlkem_ref/test/test_polyvec_invntt.c | 52 ++-- code/jasmin/mlkem_ref/test/test_polyvec_ntt.c | 52 ++-- .../test/test_polyvec_pointwise_acc.c | 42 ++-- .../mlkem_ref/test/test_polyvec_reduce.c | 49 ++-- .../mlkem_ref/test/test_polyvec_setrandom.c | 58 +++++ .../mlkem_ref/test/test_polyvec_tobytes.c | 44 ++-- shell.nix | 2 +- 37 files changed, 1217 insertions(+), 572 deletions(-) create mode 100644 .github/workflows/test.yml create mode 100644 code/jasmin/mlkem_ref/test/test_poly_setrandom.c create mode 100644 code/jasmin/mlkem_ref/test/test_polyvec_setrandom.c diff --git a/.github/workflows/ct.yml b/.github/workflows/ct.yml index f71d25fa..2b03ed9b 100644 --- a/.github/workflows/ct.yml +++ b/.github/workflows/ct.yml @@ -18,4 +18,4 @@ jobs: nix_path: nixpkgs=channel:nixos-unstable - uses: DeterminateSystems/magic-nix-cache-action@v3 - run: nix-shell --arg full false --run "echo Dependencies OK…" - - run: nix-shell --arg full false --run "make -C code/jasmin/mlkem_${{matrix.dir}}/ ct" + - run: nix-shell --arg full false --run "make -C code/jasmin/mlkem_${{matrix.dir}}/ check-constant-time" diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 00000000..80432fb1 --- /dev/null +++ b/.github/workflows/test.yml @@ -0,0 +1,21 @@ +name: "Tests" +on: + pull_request: + push: + +jobs: + tests: + name: tests + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + dir: [ 'ref'] + steps: + - uses: actions/checkout@v4 + - uses: cachix/install-nix-action@v25 + with: + nix_path: nixpkgs=channel:nixos-unstable + - uses: DeterminateSystems/magic-nix-cache-action@v3 + - run: nix-shell --arg full false --run "echo Dependencies OK…" + - run: nix-shell --arg full false --run "make -C code/jasmin/mlkem_${{matrix.dir}}/ run-tests" diff --git a/code/Makefile.conf b/code/Makefile.conf index c9c59546..c9fa6822 100644 --- a/code/Makefile.conf +++ b/code/Makefile.conf @@ -1,8 +1,9 @@ # -*- Makefile -*- # -------------------------------------------------------------------- -current_dir := $(dir $(realpath $(lastword $(MAKEFILE_LIST)))) +CURRENT_DIR := $(dir $(realpath $(lastword $(MAKEFILE_LIST)))) +PROJECT_DIR := $(abspath $(CURRENT_DIR)/../) # -------------------------------------------------------------------- -JASMINC ?= $(current_dir)/../jasmin/compiler/jasminc -JAZZCT ?= $(current_dir)/../jasmin/compiler/jazzct +JASMINC ?= $(abspath $(PROJECT_DIR)/jasmin/compiler/jasminc) +JASMIN_CT ?= $(abspath $(PROJECT_DIR)/jasmin/compiler/jasmin-ct) diff --git a/code/jasmin/mlkem_ref/Makefile b/code/jasmin/mlkem_ref/Makefile index 97655c26..94e6644c 100644 --- a/code/jasmin/mlkem_ref/Makefile +++ b/code/jasmin/mlkem_ref/Makefile @@ -7,114 +7,167 @@ CFLAGS := -Wall -Wextra -g -O3 -fomit-frame-pointer JFLAGS := ${JADDFLAGS} OS := $(shell uname -s) -.SECONDARY: jpoly.s jpolyvec.s jfips203.s jindcpa.s jkem.s - -default: test speed - -test: test/test_poly_compress \ - test/test_poly_decompress \ - test/test_poly_tobytes \ - test/test_poly_frombytes \ - test/test_poly_tomsg \ - test/test_poly_frommsg \ - test/test_poly_add2 \ - test/test_poly_sub \ - test/test_poly_ntt \ - test/test_poly_invntt \ - test/test_poly_basemul \ - test/test_poly_frommont \ - test/test_poly_reduce \ - test/test_poly_csubq \ - test/test_poly_getnoise \ - test/test_polyvec_compress\ - test/test_polyvec_decompress\ - test/test_polyvec_tobytes \ - test/test_polyvec_frombytes \ - test/test_polyvec_add2 \ - test/test_polyvec_ntt \ - test/test_polyvec_invntt \ - test/test_polyvec_pointwise_acc \ - test/test_polyvec_reduce\ - test/test_polyvec_csubq \ - test/test_fips202 \ - test/test_indcpa \ - test/test_kem +default: run-tests run-speed + +# -- +TESTS_POLY := \ + test/test_poly_compress \ + test/test_poly_decompress \ + test/test_poly_tobytes \ + test/test_poly_frombytes \ + test/test_poly_tomsg \ + test/test_poly_frommsg \ + test/test_poly_add2 \ + test/test_poly_sub \ + test/test_poly_ntt \ + test/test_poly_invntt \ + test/test_poly_basemul \ + test/test_poly_frommont \ + test/test_poly_reduce \ + test/test_poly_csubq \ + test/test_poly_getnoise + +TESTS_POLYVEC := \ + test/test_polyvec_compress \ + test/test_polyvec_decompress\ + test/test_polyvec_tobytes \ + test/test_polyvec_frombytes \ + test/test_polyvec_add2 \ + test/test_polyvec_ntt \ + test/test_polyvec_invntt \ + test/test_polyvec_pointwise_acc \ + test/test_polyvec_reduce\ + test/test_polyvec_csubq + +TESTS := \ + $(TESTS_POLY) \ + $(TESTS_POLYVEC) \ + test/test_fips202 \ + test/test_indcpa \ + test/test_kem + +test: $(TESTS) speed: test/speed_indcpa -HEADERS = params.h poly.h fips202.h kem.h +#-- +HEADERS := \ + params.h \ + poly.h \ + fips202.h \ + kem.h -JHEADERS = params.jinc \ - reduce.jinc \ - fips202.jinc \ - kem.jinc \ - verify.jinc +C_SOURCES := \ + poly.c \ + polyvec.c \ + cbd.c \ + fips202.c \ + ntt.c \ + reduce.c \ + symmetric-fips202.c \ + indcpa.c \ + kem.c -POLYHEADERS = poly.jinc \ - zetas.jinc \ +JHEADERS := \ + params.jinc \ + reduce.jinc \ + fips202.jinc \ + kem.jinc \ + verify.jinc -POLYVECHEADERS = polyvec.jinc \ - gen_matrix.jinc \ +POLYHEADERS := \ + poly.jinc \ + zetas.jinc -SOURCES = poly.c polyvec.c cbd.c fips202.c ntt.c reduce.c symmetric-fips202.c indcpa.c kem.c \ +POLYVECHEADERS := \ + polyvec.jinc \ + gen_matrix.jinc -test/test_indcpa: test/test_indcpa.c $(HEADERS) $(SOURCES) jindcpa.o - $(CC) $(CFLAGS) -o $@ $(SOURCES) jindcpa.o $< +# -- -test/test_kem: test/test_kem.c $(HEADERS) $(SOURCES) $(INCS) jkem.o - $(CC) $(CFLAGS) -o $@ $(SOURCES) ~/Desktop/Repos/jasmin/compiler/syscall/jasmin_syscall.o jkem.o $< +JASMIN_SOURCES := \ + jpoly.jazz \ + jpolyvec.jazz \ + jfips203.jazz \ + jindcpa.jazz \ + jkem.jazz -test/speed_indcpa: test/speed_indcpa.c $(HEADERS) $(SOURCES) jindcpa.o - $(CC) $(CFLAGS) -o $@ $(SOURCES) jindcpa.o $< +JASMIN_ASSEMBLY := $(JASMIN_SOURCES:%.jazz=%.s) -test/test_fips202: test/test_fips202.c $(HEADERS) $(SOURCES) jfips202.s - $(CC) $(CFLAGS) -o $@ $(SOURCES) jfips202.s $< +# -- -test/test_poly_%: test/test_poly_%.c $(HEADERS) $(SOURCES) jpoly.s - $(CC) $(CFLAGS) -o $@ $(SOURCES) jpoly.s $< +RANDOMBYTES := $(PROJECT_DIR)/jasmin/compiler/syscall/jasmin_syscall.o -test/test_polyvec_%: test/test_polyvec_%.c $(HEADERS) $(SOURCES) jpolyvec.s - $(CC) $(CFLAGS) -o $@ $(SOURCES) jpolyvec.s $< +$(RANDOMBYTES): $(PROJECT_DIR)/jasmin/compiler/syscall/jasmin_syscall.c $(PROJECT_DIR)/jasmin/compiler/syscall/jasmin_syscall.h + $(MAKE) -C $(@D) +$(JASMIN_ASSEMBLY): %.s: %.jazz - $(JASMINC) -o $@ $(JFLAGS) $^ + $(JASMINC) -nowarning -o $@ $(JFLAGS) $^ +#-- -.PHONY: ct clean +compile-tests-poly: $(TESTS_POLY) +$(TESTS_POLY): +test/test_poly_%: test/test_poly_%.c $(HEADERS) $(C_SOURCES) jpoly.s + $(CC) $(CFLAGS) -o $@ $(C_SOURCES) jpoly.s $< -ct: - $(JAZZCT) --infer jkem.jazz +compile-tests-polyvec: $(TESTS_POLYVEC) +$(TESTS_POLYVEC): +test/test_polyvec_%: test/test_polyvec_%.c $(HEADERS) $(C_SOURCES) jpolyvec.s + $(CC) $(CFLAGS) -o $@ $(C_SOURCES) jpolyvec.s $< + +test/test_fips202: test/test_fips202.c $(HEADERS) $(C_SOURCES) jfips202.s + $(CC) $(CFLAGS) -o $@ $(C_SOURCES) jfips202.s $< + +test/test_indcpa: test/test_indcpa.c $(HEADERS) $(C_SOURCES) jindcpa.o + $(CC) $(CFLAGS) -o $@ $(C_SOURCES) jindcpa.o $< + +test/test_kem: test/test_kem.c $(HEADERS) $(C_SOURCES) $(RANDOMBYTES) jkem.o + $(CC) $(CFLAGS) -o $@ $(C_SOURCES) $(RANDOMBYTES) jkem.o $< + +compile-tests: test + +# -- +# note: to improve speed, remove for loop and define *.out targets + +run-tests-poly: compile-tests-poly + for i in $(TESTS_POLY); do ./$$i; done + +run-tests-polyvec: compile-tests-polyvec + for i in $(TESTS_POLYVEC); do ./$$i; done + +run-tests: compile-tests + for i in $(TESTS); do ./$$i; done + +#-- + +test/speed_indcpa: test/speed_indcpa.c $(HEADERS) $(C_SOURCES) jindcpa.o + $(CC) $(CFLAGS) -o $@ $(C_SOURCES) jindcpa.o $< + +compile-speed: test/speed_indcpa + +run-speed: compile-speed + ./test/speed_indcpa + +# -- + +.PHONY: check-ct + +check-constant-time: + $(JASMIN_CT) --infer jkem.jazz + +# -- + +.PHONY: clean clean: -rm -f *.s -rm -f jindcpa.o -rm -f jkem.o - -rm -f test/test_poly_compress - -rm -f test/test_poly_decompress - -rm -f test/test_poly_tobytes - -rm -f test/test_poly_frombytes - -rm -f test/test_poly_tomsg - -rm -f test/test_poly_frommsg - -rm -f test/test_poly_add2 - -rm -f test/test_poly_sub - -rm -f test/test_poly_ntt - -rm -f test/test_poly_invntt - -rm -f test/test_poly_basemul - -rm -f test/test_poly_frommont - -rm -f test/test_poly_reduce - -rm -f test/test_poly_csubq - -rm -f test/test_poly_getnoise - -rm -f test/test_polyvec_compress - -rm -f test/test_polyvec_decompress - -rm -f test/test_polyvec_tobytes - -rm -f test/test_polyvec_frombytes - -rm -f test/test_polyvec_add2 - -rm -f test/test_polyvec_ntt - -rm -f test/test_polyvec_invntt - -rm -f test/test_polyvec_pointwise_acc - -rm -f test/test_polyvec_reduce - -rm -f test/test_polyvec_csubq + -rm -f $(TESTS_POLY) + -rm -f $(TESTS_POLYVEC) -rm -f test/test_fips202 -rm -f test/test_indcpa -rm -f test/test_kem @@ -122,3 +175,5 @@ clean: ifeq ($(OS),Darwin) -rm -rf test/*.dSYM endif + + diff --git a/code/jasmin/mlkem_ref/jpoly.jazz b/code/jasmin/mlkem_ref/jpoly.jazz index 7d72519d..4ccd1492 100644 --- a/code/jasmin/mlkem_ref/jpoly.jazz +++ b/code/jasmin/mlkem_ref/jpoly.jazz @@ -7,9 +7,7 @@ export fn poly_compress_jazz(reg u64 rp, reg u64 ap) { inline int i; reg u16 t; - reg u8 c; stack u16[MLKEM_N] a; - stack u8[128] r; for i = 0 to MLKEM_N { t = (u16)[ap + 2*i]; @@ -23,9 +21,7 @@ export fn poly_decompress_jazz(reg u64 rp, reg u64 ap) { inline int i; reg u16 t; - reg u8 c; stack u16[MLKEM_N] r; - stack u8[128] a; r = _poly_decompress(r, ap); @@ -39,7 +35,6 @@ export fn poly_tobytes_jazz(reg u64 rp, reg u64 ap) { inline int i; reg u16 t; - reg u8 c; stack u16[MLKEM_N] a; for i = 0 to MLKEM_N { @@ -54,7 +49,6 @@ export fn poly_frombytes_jazz(reg u64 rp, reg u64 ap) { inline int i; reg u16 t; - reg u8 c; stack u16[MLKEM_N] r; r = _poly_frombytes(r, ap); @@ -69,9 +63,7 @@ export fn poly_tomsg_jazz(reg u64 rp, reg u64 ap) { inline int i; reg u16 t; - reg u8 c; stack u16[MLKEM_N] a; - stack u8[32] r; for i = 0 to MLKEM_N { t = (u16)[ap + 2*i]; @@ -85,7 +77,6 @@ export fn poly_frommsg_jazz(reg u64 rp, reg u64 ap) { inline int i; reg u16 t; - reg u8 c; stack u16[MLKEM_N] r; r = _poly_frommsg(r, ap); diff --git a/code/jasmin/mlkem_ref/jpolyvec.jazz b/code/jasmin/mlkem_ref/jpolyvec.jazz index d4080f03..b34cce62 100644 --- a/code/jasmin/mlkem_ref/jpolyvec.jazz +++ b/code/jasmin/mlkem_ref/jpolyvec.jazz @@ -7,7 +7,6 @@ export fn polyvec_tobytes_jazz(reg u64 rp, reg u64 ap) { inline int i; reg u16 t; - reg u8 c; stack u16[MLKEM_VECN] a; for i = 0 to MLKEM_VECN { @@ -23,7 +22,6 @@ export fn polyvec_decompress_jazz(reg u64 rp, reg u64 ap) { inline int i; reg u16 t; - reg u8 c; stack u16[MLKEM_VECN] r; r = __polyvec_decompress(ap); @@ -39,7 +37,6 @@ export fn polyvec_compress_jazz(reg u64 rp, reg u64 ap) { inline int i; reg u16 t; - reg u8 c; stack u16[MLKEM_VECN] a; for i = 0 to MLKEM_VECN { @@ -55,7 +52,6 @@ export fn polyvec_frombytes_jazz(reg u64 rp, reg u64 ap) { inline int i; reg u16 t; - reg u8 c; stack u16[MLKEM_VECN] r; r = __polyvec_frombytes(ap); diff --git a/code/jasmin/mlkem_ref/test/test_fips202.c b/code/jasmin/mlkem_ref/test/test_fips202.c index ae7a59e3..ce97b6bb 100644 --- a/code/jasmin/mlkem_ref/test/test_fips202.c +++ b/code/jasmin/mlkem_ref/test/test_fips202.c @@ -1,11 +1,19 @@ #include +#include #include "../fips202.h" +#ifndef TEST_ITERATIONS +#define TEST_ITERATIONS 10000 +#endif + #define MAXINLEN 33 #define MAXOUTLEN 168 int main(void) { + int test_ok = 1, test_ok_shake256_128_33 = 1, test_ok_sha3512_32 = 1, + test_ok_shake128_absorb34 = 1, test_ok_shake128_squeezeblock = 1; + size_t test_iteration = 0; unsigned char in[MAXINLEN]; unsigned char out0[MAXOUTLEN]; unsigned char out1[MAXOUTLEN]; @@ -14,35 +22,83 @@ int main(void) int k; FILE *urandom = fopen("/dev/urandom", "r"); - fread(in, 1, sizeof(in), urandom); - shake256(out0, 128, in, 33); - shake256_128_33_jazz(out1, in); + while(test_ok == 1 && test_iteration < TEST_ITERATIONS) + { + size_t ri = fread(in, 1, sizeof(in), urandom); + assert(ri == sizeof(in)); + + // + shake256(out0, 128, in, 33); + shake256_128_33_jazz(out1, in); - for(k=0;k<128;k++) - if(out0[k] != out1[k]) printf("error shake256 at %d: %d %d\n", k, out0[k], out1[k]); + for(k=0;k<128;k++) + { if(out0[k] != out1[k]) + { fprintf(stderr, "ERROR: shake256_128_33 at %d: %d %d\n", k, out0[k], out1[k]); + test_ok_shake256_128_33 = 0; + test_ok = 0; + } + } - sha3_512(out0, in, 32); - sha3512_32_jazz(out1, in); + // + sha3_512(out0, in, 32); + sha3512_32_jazz(out1, in); - for(k=0;k<64;k++) - if(out0[k] != out1[k]) printf("error sha3512 at %d: %d %d\n", k, out0[k], out1[k]); + for(k=0;k<64;k++) + { if(out0[k] != out1[k]) + { fprintf(stderr, "ERROR: sha3512 at %d: %d %d\n", k, out0[k], out1[k]); + test_ok_sha3512_32 = 0; + test_ok = 0; + } + } - shake128_absorb(state0, in, 34); - shake128_absorb34_jazz(state1, in); + // + shake128_absorb(state0, in, 34); + shake128_absorb34_jazz(state1, in); - for(k=0;k<25;k++) - if(state0[k] != state1[k]) printf("error shake128_absorb at %d: %lu %lu\n", k, state0[k], state1[k]); + for(k=0;k<25;k++) + { if(state0[k] != state1[k]) + { fprintf(stderr, "ERROR: shake128_absorb at %d: %lu %lu\n", k, state0[k], state1[k]); + test_ok_shake128_absorb34 = 0; + test_ok = 0; + } + } - shake128_squeezeblocks(out0, 1, state0); - shake128_squeezeblock_jazz(out1, state1); + // + shake128_squeezeblocks(out0, 1, state0); + shake128_squeezeblock_jazz(out1, state1); - for(k=0;k<25;k++) - if(state0[k] != state1[k]) printf("error shake128_squeezeblock (state) at %d: %lu %lu\n", k, state0[k], state1[k]); + for(k=0;k<25;k++) + { if(state0[k] != state1[k]) + { fprintf(stderr, "ERROR: shake128_squeezeblock (state) at %d: %lu %lu\n", k, state0[k], state1[k]); + test_ok_shake128_squeezeblock = 0; + test_ok = 0; + } + } - for(k=0;k - +#include #include "../params.h" #include "../ntt.h" #include "../indcpa.h" +#ifndef TEST_ITERATIONS +#define TEST_ITERATIONS 10000 +#endif + int main(void) { + int test_ok = 1, test_ok_indcpa_keypair_sk = 1, test_ok_indcpa_keypair_pk = 1, + test_ok_indcpa_enc = 1, test_ok_indcpa_dec = 1, test_ok_decryption = 1; + size_t test_iteration = 0; + size_t ri; + unsigned char sk0[MLKEM_INDCPA_SECRETKEYBYTES]; unsigned char sk1[MLKEM_INDCPA_SECRETKEYBYTES]; unsigned char pk0[MLKEM_INDCPA_PUBLICKEYBYTES]; @@ -25,38 +34,88 @@ int main(void) unsigned char outmsg1[MLKEM_POLYVECBYTES]; FILE *urandom = fopen("/dev/urandom", "r"); - fread(randomness0, MLKEM_SYMBYTES, 1, urandom); - fread(randomness1, MLKEM_SYMBYTES, 1, urandom); - fread(message, MLKEM_SYMBYTES, 1, urandom); - fclose(urandom); - /* TEST KEYPAIR */ - indcpa_keypair_jazz(pk1, sk1, randomness0); - indcpa_keypair(pk0, sk0, randomness0); + while(test_ok == 1 && test_iteration < TEST_ITERATIONS) + { + ri = fread(randomness0, MLKEM_SYMBYTES, 1, urandom); + assert(ri == 1); - for(int i=0;i -#include +#include +#include #include "../params.h" #include "../ntt.h" #include "../kem.h" +#ifndef TEST_ITERATIONS +#define TEST_ITERATIONS 10000 +#endif + int main(void) { + int test_ok = 1, test_ok_kem_keypair_sk = 1, test_ok_kem_keypair_pk = 1, + test_ok_kem_enc_ct = 1, test_ok_kem_enc_ss = 1, + test_ok_kem_dec_success = 1, test_ok_kem_dec_failure = 1; + size_t test_iteration = 0; + size_t ri; + unsigned char sk0[MLKEM_SECRETKEYBYTES]; unsigned char sk1[MLKEM_SECRETKEYBYTES]; unsigned char pk0[MLKEM_PUBLICKEYBYTES]; @@ -20,52 +31,108 @@ int main(void) unsigned char randomness1[2*MLKEM_SYMBYTES]; FILE *urandom = fopen("/dev/urandom", "r"); - fread(randomness0, 2*MLKEM_SYMBYTES, 1, urandom); - fread(randomness1, 2*MLKEM_SYMBYTES, 1, urandom); - fclose(urandom); - - /* TEST KEYPAIR */ - jade_kem_mlkem_mlkem768_amd64_ref_keypair_derand(pk1, sk1, randomness0); - crypto_kem_keypair(pk0, sk0, randomness0); - - for(int i=0;i #include "../poly.h" -void poly_setrandom(poly *r) -{ - FILE *urandom = fopen("/dev/urandom", "r"); - fread(r->coeffs, sizeof(int16_t), MLKEM_N, urandom); - for(int i=0;icoeffs[i] %= MLKEM_Q; - fclose(urandom); -} +#ifndef TEST_ITERATIONS +#define TEST_ITERATIONS 10000 +#endif + +#include "test_poly_setrandom.c" int main(void) { + int test_ok = 1; + size_t test_iteration = 0; poly a, b, r0; - poly_setrandom(&a); - poly_setrandom(&b); - - poly_add(&r0, &a, &b); - - poly_add2_jazz(&a, &b); + while(test_ok == 1 && test_iteration < TEST_ITERATIONS) + { + poly_setrandom(&a); + poly_setrandom(&b); + + poly_add(&r0, &a, &b); + + poly_add2_jazz(&a, &b); + + for(int i=0;icoeffs, sizeof(int16_t), MLKEM_N, urandom); - for(int i=0;icoeffs[i] %= MLKEM_Q; - fclose(urandom); -} +#ifndef TEST_ITERATIONS +#define TEST_ITERATIONS 10000 +#endif + +#include "test_poly_setrandom.c" int main(void) { + int test_ok = 1; + size_t test_iteration = 0; poly a, b, r0, r1; - poly_setrandom(&a); - poly_setrandom(&b); + while(test_ok == 1 && test_iteration < TEST_ITERATIONS) + { + poly_setrandom(&a); + poly_setrandom(&b); + + poly_basemul(&r0, &a, &b); + + poly_basemul_jazz(&r1, &a, &b); + + for(int i=0;i +#include #include "../poly.h" #include "../ntt.h" -void poly_setrandom(poly *r) -{ - FILE *urandom = fopen("/dev/urandom", "r"); - fread(r->coeffs, sizeof(int16_t), MLKEM_N, urandom); - fclose(urandom); - poly_reduce(r); -} +#ifndef TEST_ITERATIONS +#define TEST_ITERATIONS 10000 +#endif + +#include "test_poly_setrandom.c" int main(void) { + int test_ok = 1; + size_t test_iteration = 0; unsigned char out0[128]; unsigned char out1[128]; poly a; - poly_setrandom(&a); + while(test_ok == 1 && test_iteration < TEST_ITERATIONS) + { + poly_setrandom_nomodq(&a); - poly_compress(out0, &a); - poly_compress_jazz(out1, &a); + poly_compress(out0, &a); + poly_compress_jazz(out1, &a); - for(int i=0;i<128;i++) - { - if(out0[i] != out1[i]) - printf("error compress %d, %d, %d\n", i, out0[i], out1[i]); + for(int i=0;i<128;i++) + { if(out0[i] != out1[i]) + { fprintf(stderr, "ERROR: poly_compress: %d, %d, %d\n", i, out0[i], out1[i]); + test_ok = 0; + } + } + + test_iteration += 1; } + if(test_ok == 1) + { printf("OK: poly_compress\n"); } + return 0; } diff --git a/code/jasmin/mlkem_ref/test/test_poly_csubq.c b/code/jasmin/mlkem_ref/test/test_poly_csubq.c index fbaf8478..aa56ba63 100644 --- a/code/jasmin/mlkem_ref/test/test_poly_csubq.c +++ b/code/jasmin/mlkem_ref/test/test_poly_csubq.c @@ -1,32 +1,42 @@ #include +#include #include "../poly.h" #include "../ntt.h" -void poly_setrandom(poly *r) -{ - FILE *urandom = fopen("/dev/urandom", "r"); - fread(r->coeffs, sizeof(int16_t), MLKEM_N, urandom); - fclose(urandom); - poly_reduce(r); -} +#ifndef TEST_ITERATIONS +#define TEST_ITERATIONS 10000 +#endif + +#include "test_poly_setrandom.c" int main(void) { + int test_ok = 1; + size_t test_iteration = 0; poly r0, r1; - poly_setrandom(&r0); + while(test_ok == 1 && test_iteration < TEST_ITERATIONS) + { + poly_setrandom_nomodq(&r0); - for(int i=0;i +#include #include "../poly.h" #include "../ntt.h" +#ifndef TEST_ITERATIONS +#define TEST_ITERATIONS 10000 +#endif + int main(void) { + int test_ok = 1; + size_t test_iteration = 0; + size_t ri; unsigned char in[MLKEM_POLYCOMPRESSEDBYTES]; poly r0, r1; - - FILE *urandom = fopen("/dev/urandom", "r"); - fread(in, 1, MLKEM_POLYCOMPRESSEDBYTES, urandom); - fclose(urandom); - poly_decompress(&r0, in); - poly_decompress_jazz(&r1, in); + FILE *urandom = fopen("/dev/urandom", "r"); - for(int i=0;i +#include #include "../poly.h" #include "../ntt.h" +#ifndef TEST_ITERATIONS +#define TEST_ITERATIONS 10000 +#endif + int main(void) { + int test_ok = 1; + size_t test_iteration = 0; + size_t ri; unsigned char in[MLKEM_POLYBYTES]; poly r0, r1; - - FILE *urandom = fopen("/dev/urandom", "r"); - fread(in, 1, MLKEM_POLYBYTES, urandom); - fclose(urandom); - poly_frombytes(&r0, in); - poly_frombytes_jazz(&r1, in); + FILE *urandom = fopen("/dev/urandom", "r"); - for(int i=0;i +#include #include "../poly.h" #include "../ntt.h" -void poly_setrandom(poly *r) -{ - FILE *urandom = fopen("/dev/urandom", "r"); - fread(r->coeffs, sizeof(int16_t), MLKEM_N, urandom); - for(int i=0;icoeffs[i] %= MLKEM_Q; - } - fclose(urandom); -} +#ifndef TEST_ITERATIONS +#define TEST_ITERATIONS 10000 +#endif + +#include "test_poly_setrandom.c" int main(void) { + int test_ok = 1; + size_t test_iteration = 0; poly r0, r1; - poly_setrandom(&r0); + while(test_ok == 1 && test_iteration < TEST_ITERATIONS) + { + poly_setrandom(&r0); + for(int i=0;i +#include #include "../poly.h" #include "../ntt.h" +#ifndef TEST_ITERATIONS +#define TEST_ITERATIONS 10000 +#endif + int main(void) { + int test_ok = 1; + size_t test_iteration = 0; + size_t ri; unsigned char in[32]; poly r0, r1; - - FILE *urandom = fopen("/dev/urandom", "r"); - fread(in, 1, 32, urandom); - fclose(urandom); - poly_frommsg(&r0, in); - poly_frommsg_jazz(&r1, in); + FILE *urandom = fopen("/dev/urandom", "r"); - for(int i=0;i +#include #include "../poly.h" #include "../ntt.h" #include "../params.h" +#ifndef TEST_ITERATIONS +#define TEST_ITERATIONS 10000 +#endif int main(void) { + int test_ok = 1; + size_t test_iteration = 0; + size_t ri; poly r0, r1; unsigned char seed[MLKEM_SYMBYTES]; FILE *urandom = fopen("/dev/urandom", "r"); - fread(seed, 1, MLKEM_SYMBYTES, urandom); - fclose(urandom); - for(int i = 0; i < 1; i++) + while(test_ok == 1 && test_iteration < TEST_ITERATIONS) { - poly_getnoise(&r0, seed, i); - poly_getnoise_jazz(&r1, seed, i); + ri = fread(seed, 1, MLKEM_SYMBYTES, urandom); + assert(ri == MLKEM_SYMBYTES); - for(int j=0;j +#include #include "../poly.h" #include "../ntt.h" -void poly_setrandom(poly *r) -{ - FILE *urandom = fopen("/dev/urandom", "r"); - fread(r->coeffs, sizeof(int16_t), MLKEM_N, urandom); - for(int i=0;icoeffs[i] %= 2*MLKEM_Q; - } - fclose(urandom); -} +#ifndef TEST_ITERATIONS +#define TEST_ITERATIONS 10000 +#endif + +#include "test_poly_setrandom.c" int main(void) { + int test_ok = 1; + size_t test_iteration = 0; poly r0, r1; - poly_setrandom(&r0); + while(test_ok == 1 && test_iteration < TEST_ITERATIONS) + { + poly_setrandom_mod2q(&r0); + for(int i=0;i +#include #include "../poly.h" #include "../ntt.h" -void poly_setrandom(poly *r) -{ - FILE *urandom = fopen("/dev/urandom", "r"); - fread(r->coeffs, sizeof(int16_t), MLKEM_N, urandom); - for(int i=0;icoeffs[i] %= 2*MLKEM_Q; - } - fclose(urandom); -} +#ifndef TEST_ITERATIONS +#define TEST_ITERATIONS 10000 +#endif + +#include "test_poly_setrandom.c" int main(void) { + int test_ok = 1; + size_t test_iteration = 0; poly r0, r1; - poly_setrandom(&r0); + while(test_ok == 1 && test_iteration < TEST_ITERATIONS) + { + poly_setrandom_mod2q(&r0); - for(int i=0;i +#include #include "../poly.h" #include "../ntt.h" -void poly_setrandom(poly *r) -{ - FILE *urandom = fopen("/dev/urandom", "r"); - fread(r->coeffs, sizeof(int16_t), MLKEM_N, urandom); - fclose(urandom); -} +#ifndef TEST_ITERATIONS +#define TEST_ITERATIONS 10000 +#endif + +#include "test_poly_setrandom.c" int main(void) { + int test_ok = 1; + size_t test_iteration = 0; poly r0, r1; - poly_setrandom(&r0); + while(test_ok == 1 && test_iteration < TEST_ITERATIONS) + { + poly_setrandom_nomodq(&r0); - for(int i=0;i +#include +#include "../poly.h" + +// note: extend to *_setrandom_open; *_setrandom; *_setrandom_close; +// to not open the file so many times + +void poly_setrandom(poly *r) +{ + FILE *urandom = fopen("/dev/urandom", "r"); + size_t ri = fread(r->coeffs, sizeof(int16_t), MLKEM_N, urandom); + assert(ri == MLKEM_N); + for(int i=0;icoeffs[i] %= MLKEM_Q; } + fclose(urandom); +} + +void poly_setrandom_mod2q(poly *r) +{ + FILE *urandom = fopen("/dev/urandom", "r"); + size_t ri = fread(r->coeffs, sizeof(int16_t), MLKEM_N, urandom); + assert(ri == MLKEM_N); + for(int i=0;icoeffs[i] %= 2*MLKEM_Q; } + fclose(urandom); +} + +void poly_setrandom_nomodq(poly *r) +{ + FILE *urandom = fopen("/dev/urandom", "r"); + size_t ri = fread(r->coeffs, sizeof(int16_t), MLKEM_N, urandom); + assert(ri == MLKEM_N); + fclose(urandom); + poly_reduce(r); +} + +#endif diff --git a/code/jasmin/mlkem_ref/test/test_poly_sub.c b/code/jasmin/mlkem_ref/test/test_poly_sub.c index f46326f2..08510804 100644 --- a/code/jasmin/mlkem_ref/test/test_poly_sub.c +++ b/code/jasmin/mlkem_ref/test/test_poly_sub.c @@ -1,29 +1,40 @@ #include +#include #include "../poly.h" -void poly_setrandom(poly *r) -{ - FILE *urandom = fopen("/dev/urandom", "r"); - fread(r->coeffs, sizeof(int16_t), MLKEM_N, urandom); - for(int i=0;icoeffs[i] %= MLKEM_Q; - fclose(urandom); -} +#ifndef TEST_ITERATIONS +#define TEST_ITERATIONS 10000 +#endif + +#include "test_poly_setrandom.c" int main(void) { + int test_ok = 1; + size_t test_iteration = 0; poly a, b, r0, r1; - poly_setrandom(&a); - poly_setrandom(&b); + while(test_ok == 1 && test_iteration < TEST_ITERATIONS) + { + poly_setrandom(&a); + poly_setrandom(&b); + + poly_sub(&r0, &a, &b); + + poly_sub_jazz(&r1, &a, &b); + + for(int i=0;i +#include #include "../poly.h" #include "../ntt.h" -void poly_setrandom(poly *r) -{ - FILE *urandom = fopen("/dev/urandom", "r"); - fread(r->coeffs, sizeof(int16_t), MLKEM_N, urandom); - fclose(urandom); - poly_reduce(r); -} +#ifndef TEST_ITERATIONS +#define TEST_ITERATIONS 10000 +#endif + +#include "test_poly_setrandom.c" int main(void) { + int test_ok = 1; + size_t test_iteration = 0; unsigned char out0[MLKEM_POLYBYTES]; unsigned char out1[MLKEM_POLYBYTES]; poly a; - - poly_setrandom(&a); - - poly_tobytes(out0, &a); - poly_tobytes_jazz(out1, &a); - for(int i=0;i +#include #include "../poly.h" #include "../ntt.h" -void poly_setrandom(poly *r) -{ - FILE *urandom = fopen("/dev/urandom", "r"); - fread(r->coeffs, sizeof(int16_t), MLKEM_N, urandom); - fclose(urandom); - poly_reduce(r); -} +#ifndef TEST_ITERATIONS +#define TEST_ITERATIONS 10000 +#endif + +#include "test_poly_setrandom.c" int main(void) { + int test_ok = 1; + size_t test_iteration = 0; unsigned char out0[MLKEM_INDCPA_MSGBYTES]; unsigned char out1[MLKEM_INDCPA_MSGBYTES]; poly a; - - poly_setrandom(&a); - - poly_tomsg(out0, &a); - poly_tomsg_jazz(out1, &a); - for(int i=0;i +#include #include "../polyvec.h" -void polyvec_setrandom(polyvec *r) -{ - FILE *urandom = fopen("/dev/urandom", "r"); - for(int i=0;ivec[i].coeffs, sizeof(int16_t), MLKEM_N, urandom); - for(int i=0;ivec[i].coeffs[j] %= MLKEM_Q; - fclose(urandom); -} +#ifndef TEST_ITERATIONS +#define TEST_ITERATIONS 10000 +#endif + +#include "test_polyvec_setrandom.c" int main(void) { + int test_ok = 1; + size_t test_iteration = 0; polyvec a, b, r0; - polyvec_setrandom(&a); - polyvec_setrandom(&b); - - polyvec_add(&r0, &a, &b); - polyvec_add2_jazz(&a, &b); + while(test_ok == 1 && test_iteration < TEST_ITERATIONS) + { + polyvec_setrandom(&a); + polyvec_setrandom(&b); + + polyvec_add(&r0, &a, &b); + polyvec_add2_jazz(&a, &b); + + for(int i=0;i +#include #include "../polyvec.h" #include "../ntt.h" -void polyvec_setrandom(polyvec *r) -{ - FILE *urandom = fopen("/dev/urandom", "r"); - for(int i=0;ivec[i].coeffs, sizeof(int16_t), MLKEM_N, urandom); +#ifndef TEST_ITERATIONS +#define TEST_ITERATIONS 10000 +#endif - polyvec_reduce(r); - fclose(urandom); -} +#include "test_polyvec_setrandom.c" int main(void) { + int test_ok = 1; + size_t test_iteration = 0; unsigned char out0[MLKEM_POLYVECCOMPRESSEDBYTES]; unsigned char out1[MLKEM_POLYVECCOMPRESSEDBYTES]; polyvec a; - polyvec_setrandom(&a); + while(test_ok == 1 && test_iteration < TEST_ITERATIONS) + { + polyvec_setrandom_reduce(&a); - polyvec_compress(out0, &a); - polyvec_compress_jazz(out1, &a); + polyvec_compress(out0, &a); + polyvec_compress_jazz(out1, &a); - for(int i=0;i +#include #include "../poly.h" #include "../polyvec.h" -void polyvec_setrandom(polyvec *r) -{ - FILE *urandom = fopen("/dev/urandom", "r"); - for(int i=0;ivec[i].coeffs, sizeof(int16_t), MLKEM_N, urandom); - fclose(urandom); - polyvec_reduce(r); -} +#ifndef TEST_ITERATIONS +#define TEST_ITERATIONS 10000 +#endif + +#include "test_polyvec_setrandom.c" int main(void) { + int test_ok = 1; + size_t test_iteration = 0; polyvec r0, r1; - polyvec_setrandom(&r0); - - for(int i = 0;i +#include #include "../polyvec.h" +#ifndef TEST_ITERATIONS +#define TEST_ITERATIONS 10000 +#endif + int main(void) { + int test_ok = 1; + size_t test_iteration = 0; + size_t ri; + unsigned char in[MLKEM_POLYVECCOMPRESSEDBYTES]; polyvec r0, r1; - + FILE *urandom = fopen("/dev/urandom", "r"); - fread(in, 1, MLKEM_POLYVECCOMPRESSEDBYTES, urandom); - fclose(urandom); - polyvec_decompress(&r0, in); - polyvec_decompress_jazz(&r1, in); + while(test_ok == 1 && test_iteration < TEST_ITERATIONS) + { + ri = fread(in, 1, MLKEM_POLYVECCOMPRESSEDBYTES, urandom); + assert(ri == MLKEM_POLYVECCOMPRESSEDBYTES); + + polyvec_decompress(&r0, in); + polyvec_decompress_jazz(&r1, in); + + for(int i=0;i +#include #include "../polyvec.h" +#ifndef TEST_ITERATIONS +#define TEST_ITERATIONS 10000 +#endif + int main(void) { + int test_ok = 1; + size_t test_iteration = 0; + size_t ri; unsigned char in[MLKEM_POLYVECBYTES]; polyvec r0, r1; - + FILE *urandom = fopen("/dev/urandom", "r"); - fread(in, 1, MLKEM_POLYVECBYTES, urandom); - fclose(urandom); - polyvec_frombytes(&r0, in); - polyvec_frombytes_jazz(&r1, in); + while(test_ok == 1 && test_iteration < TEST_ITERATIONS) + { + ri = fread(in, 1, MLKEM_POLYVECBYTES, urandom); + assert(ri == MLKEM_POLYVECBYTES); + + polyvec_frombytes(&r0, in); + polyvec_frombytes_jazz(&r1, in); + + for(int i=0;i +#include #include "../ntt.h" #include "../poly.h" #include "../polyvec.h" -void polyvec_setrandom(polyvec *r) -{ - FILE *urandom = fopen("/dev/urandom", "r"); - for(int i=0;ivec[i].coeffs, sizeof(int16_t), MLKEM_N, urandom); - for(int i=0;ivec[i].coeffs[j] %= 2*MLKEM_Q; - fclose(urandom); -} +#ifndef TEST_ITERATIONS +#define TEST_ITERATIONS 10000 +#endif + +#include "test_polyvec_setrandom.c" int main(void) { + int test_ok = 1; + size_t test_iteration = 0; polyvec r0, r1; - polyvec_setrandom(&r0); - - for(int i = 0;i +#include #include "../ntt.h" #include "../poly.h" #include "../polyvec.h" -void polyvec_setrandom(polyvec *r) -{ - FILE *urandom = fopen("/dev/urandom", "r"); - for(int i=0;ivec[i].coeffs, sizeof(int16_t), MLKEM_N, urandom); - for(int i=0;ivec[i].coeffs[j] %= 2*MLKEM_Q; - fclose(urandom); -} +#ifndef TEST_ITERATIONS +#define TEST_ITERATIONS 10000 +#endif + +#include "test_polyvec_setrandom.c" int main(void) { + int test_ok = 1; + size_t test_iteration = 0; polyvec r0, r1; - polyvec_setrandom(&r0); - - for(int i = 0;i +#include #include "../ntt.h" #include "../polyvec.h" -void polyvec_setrandom(polyvec *r) -{ - FILE *urandom = fopen("/dev/urandom", "r"); - for(int i=0;ivec[i].coeffs, sizeof(int16_t), MLKEM_N, urandom); - for(int i=0;ivec[i].coeffs[j] %= MLKEM_Q; - fclose(urandom); -} +#ifndef TEST_ITERATIONS +#define TEST_ITERATIONS 10000 +#endif + +#include "test_polyvec_setrandom.c" int main(void) { + int test_ok = 1; + size_t test_iteration = 0; polyvec a, b; poly r0, r1; - polyvec_setrandom(&a); - polyvec_setrandom(&b); - - polyvec_pointwise_acc(&r0, &a, &b); - polyvec_pointwise_acc_jazz(&r1, &a, &b); + while(test_ok == 1 && test_iteration < TEST_ITERATIONS) + { + polyvec_setrandom(&a); + polyvec_setrandom(&b); + + polyvec_pointwise_acc(&r0, &a, &b); + polyvec_pointwise_acc_jazz(&r1, &a, &b); for(int j=0;j +#include #include "../poly.h" #include "../polyvec.h" -void polyvec_setrandom(polyvec *r) -{ - FILE *urandom = fopen("/dev/urandom", "r"); - for(int i=0;ivec[i].coeffs, sizeof(int16_t), MLKEM_N, urandom); - fclose(urandom); -} +#ifndef TEST_ITERATIONS +#define TEST_ITERATIONS 10000 +#endif + +#include "test_polyvec_setrandom.c" int main(void) { + int test_ok = 1; + size_t test_iteration = 0; polyvec r0, r1; - polyvec_setrandom(&r0); - - for(int i = 0;i +#include +#include "../polyvec.h" + +// note: extend to *_setrandom_open; *_setrandom; *_setrandom_close; +// to not open the file so many times + +void polyvec_setrandom(polyvec *r) +{ + FILE *urandom = fopen("/dev/urandom", "r"); + for(int i=0;ivec[i].coeffs, sizeof(int16_t), MLKEM_N, urandom); + assert(ri == MLKEM_N); + } + for(int i=0;ivec[i].coeffs[j] %= MLKEM_Q; + fclose(urandom); +} + +void polyvec_setrandom_reduce(polyvec *r) +{ + FILE *urandom = fopen("/dev/urandom", "r"); + for(int i=0;ivec[i].coeffs, sizeof(int16_t), MLKEM_N, urandom); + assert(ri == MLKEM_N); + } + polyvec_reduce(r); + fclose(urandom); +} + +void polyvec_setrandom_mod2q(polyvec *r) +{ + FILE *urandom = fopen("/dev/urandom", "r"); + for(int i=0;ivec[i].coeffs, sizeof(int16_t), MLKEM_N, urandom); + assert(ri == MLKEM_N); + } + for(int i=0;ivec[i].coeffs[j] %= 2*MLKEM_Q; + fclose(urandom); +} + +void polyvec_setrandom_nomodq(polyvec *r) +{ + FILE *urandom = fopen("/dev/urandom", "r"); + for(int i=0;ivec[i].coeffs, sizeof(int16_t), MLKEM_N, urandom); + assert(ri == MLKEM_N); + } + fclose(urandom); +} + +#endif diff --git a/code/jasmin/mlkem_ref/test/test_polyvec_tobytes.c b/code/jasmin/mlkem_ref/test/test_polyvec_tobytes.c index d23acb49..d17f8941 100644 --- a/code/jasmin/mlkem_ref/test/test_polyvec_tobytes.c +++ b/code/jasmin/mlkem_ref/test/test_polyvec_tobytes.c @@ -1,34 +1,42 @@ #include +#include #include "../polyvec.h" #include "../ntt.h" -void polyvec_setrandom(polyvec *r) -{ - FILE *urandom = fopen("/dev/urandom", "r"); - for(int i=0;ivec[i].coeffs, sizeof(int16_t), MLKEM_N, urandom); - for(int i=0;ivec[i].coeffs[j] %= MLKEM_Q; - fclose(urandom); -} +#ifndef TEST_ITERATIONS +#define TEST_ITERATIONS 10000 +#endif + +#include "test_polyvec_setrandom.c" int main(void) { + int test_ok = 1; + size_t test_iteration = 0; unsigned char out0[MLKEM_POLYVECBYTES]; unsigned char out1[MLKEM_POLYVECBYTES]; polyvec a; - - polyvec_setrandom(&a); - polyvec_tobytes(out0, &a); - polyvec_tobytes_jazz(out1, &a); - - for(int i=0;i