Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add ML-DSA-ipd and ML-KEM-ipd & NIST supplied test vectors #1626

Merged
merged 27 commits into from
Feb 19, 2024
Merged
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
some improvements in test code
  • Loading branch information
bhess committed Feb 19, 2024
commit 9674fead316d2f6323bbfce0065b07b48687b0c0
1 change: 1 addition & 0 deletions tests/test_kem_vectors.sh
Original file line number Diff line number Diff line change
@@ -25,6 +25,7 @@ encaps_K=$(grep "encaps_K: " "$file")

output=$($build_dir/tests/vectors_kem $1 "$keygen_z$keygen_d$encaps_m" "$encaps_ek" "$encaps_k" "$decaps_dk" "$decaps_c" "$decaps_kprime")
if [ $? != 0 ]; then
echo "$output"
exit 1
fi

48 changes: 32 additions & 16 deletions tests/vectors_kem.c
Original file line number Diff line number Diff line change
@@ -14,11 +14,11 @@

#include "system_info.c"

typedef struct {
struct {
const uint8_t *pos;
} fixed_prng_state;

fixed_prng_state prng_state = { .pos = 0 };
} prng_state = {
.pos = 0
};

/* Displays hexadecimal strings */
static void OQS_print_hex_string(const char *label, const uint8_t *str, size_t len) {
@@ -228,22 +228,36 @@ int main(int argc, char **argv) {
char *decaps_ciphertext = argv[6];
char *decaps_kprime = argv[7];

uint8_t *prng_output_stream_bytes = NULL;
uint8_t *encaps_pk_bytes = NULL;
uint8_t *encaps_K_bytes = NULL;
uint8_t *decaps_sk_bytes = NULL;
uint8_t *decaps_ciphertext_bytes = NULL;
uint8_t *decaps_kprime_bytes = NULL;

OQS_KEM *kem = OQS_KEM_new(alg_name);
if (kem == NULL) {
printf("[vectors_kem] %s was not enabled at compile-time.\n", alg_name);
rc = OQS_ERROR;
goto err;
}

if (strlen(prng_output_stream) % 2 != 0 ||
strlen(encaps_pk) % 2 != 0 ||
strlen(encaps_K) % 2 != 0 ||
strlen(decaps_sk) % 2 != 0 ||
strlen(decaps_ciphertext) % 2 != 0 ||
strlen(decaps_kprime) % 2 != 0) {
return EXIT_FAILURE;
strlen(encaps_pk) != 2 * kem->length_public_key ||
strlen(encaps_K) != 2 * kem->length_shared_secret ||
strlen(decaps_sk) != 2 * kem->length_secret_key ||
strlen(decaps_ciphertext) != 2 * kem->length_ciphertext ||
strlen(decaps_kprime) != 2 * kem->length_shared_secret ) {
rc = OQS_ERROR;
goto err;
}

uint8_t *prng_output_stream_bytes = malloc(strlen(prng_output_stream) / 2); // TODO: allocate real sizes and check before to real sizes!
uint8_t *encaps_pk_bytes = malloc(strlen(encaps_pk) / 2);
uint8_t *encaps_K_bytes = malloc(strlen(encaps_K) / 2);
uint8_t *decaps_sk_bytes = malloc(strlen(decaps_sk) / 2);
uint8_t *decaps_ciphertext_bytes = malloc(strlen(decaps_ciphertext) / 2);
uint8_t *decaps_kprime_bytes = malloc(strlen(decaps_kprime) / 2);
prng_output_stream_bytes = malloc(strlen(prng_output_stream) / 2);
encaps_pk_bytes = malloc(kem->length_public_key);
encaps_K_bytes = malloc(kem->length_shared_secret);
decaps_sk_bytes = malloc(kem->length_secret_key);
decaps_ciphertext_bytes = malloc(kem->length_ciphertext);
decaps_kprime_bytes = malloc(kem->length_shared_secret);

if ((prng_output_stream_bytes == NULL) || (encaps_pk_bytes == NULL) || (encaps_K_bytes == NULL) || (decaps_sk_bytes == NULL) || (decaps_ciphertext_bytes == NULL) || (decaps_kprime_bytes == NULL)) {
fprintf(stderr, "[vectors_kem] ERROR: malloc failed!\n");
@@ -268,6 +282,8 @@ int main(int argc, char **argv) {
OQS_MEM_insecure_free(decaps_ciphertext_bytes);
OQS_MEM_insecure_free(decaps_kprime_bytes);

OQS_KEM_free(kem);

OQS_destroy();

if (rc != OQS_SUCCESS) {
62 changes: 45 additions & 17 deletions tests/vectors_sig.c
Original file line number Diff line number Diff line change
@@ -14,11 +14,11 @@

#include "system_info.c"

typedef struct {
struct {
const uint8_t *pos;
} fixed_prng_state;

fixed_prng_state prng_state = { .pos = 0 };
} prng_state = {
.pos = 0
};

static void fprintBstr(FILE *fp, const char *S, const uint8_t *A, size_t L) {
size_t i;
@@ -175,6 +175,8 @@ OQS_STATUS sig_vector(const char *method_name,
}

int main(int argc, char **argv) {
OQS_STATUS rc;

OQS_init();

if (argc != 8) {
@@ -203,21 +205,43 @@ int main(int argc, char **argv) {
char *verif_msg = argv[7];
size_t verif_msg_len = strlen(verif_msg) / 2;

uint8_t *prng_output_stream_bytes = NULL;
uint8_t *sig_msg_bytes = NULL;
uint8_t *sig_sk_bytes = NULL;
uint8_t *verif_sig_bytes = NULL;
uint8_t *verif_pk_bytes = NULL;
uint8_t *verif_msg_bytes = NULL;

OQS_SIG *sig = OQS_SIG_new(alg_name);
if (sig == NULL) {
printf("[vectors_sig] %s was not enabled at compile-time.\n", alg_name);
rc = OQS_ERROR;
goto err;
}

if (strlen(prng_output_stream) % 2 != 0 ||
strlen(sig_msg) % 2 != 0 ||
strlen(sig_sk) % 2 != 0 ||
strlen(verif_sig) % 2 != 0 ||
strlen(verif_pk) % 2 != 0 ||
strlen(verif_msg) % 2 != 0) {
return EXIT_FAILURE;
strlen(sig_msg) % 2 != 0 || // variable length
strlen(sig_sk) != 2 * sig->length_secret_key ||
strlen(verif_sig) != 2 * sig->length_signature ||
strlen(verif_pk) != 2 * sig->length_public_key ||
strlen(verif_msg) % 2 != 0) { // variable length
rc = OQS_ERROR;
goto err;
}

prng_output_stream_bytes = malloc(strlen(prng_output_stream) / 2);
sig_msg_bytes = malloc(strlen(sig_msg) / 2);
sig_sk_bytes = malloc(sig->length_secret_key);
verif_sig_bytes = malloc(sig->length_signature);
verif_pk_bytes = malloc(sig->length_public_key);
verif_msg_bytes = malloc(strlen(verif_msg) / 2);

if ((prng_output_stream_bytes == NULL) || (sig_msg_bytes == NULL) || (sig_sk_bytes == NULL) || (verif_sig_bytes == NULL) || (verif_pk_bytes == NULL) || (verif_msg_bytes == NULL)) {
fprintf(stderr, "[vectors_sig] ERROR: malloc failed!\n");
rc = OQS_ERROR;
goto err;
}

uint8_t *prng_output_stream_bytes = malloc(strlen(prng_output_stream) / 2);
uint8_t *sig_msg_bytes = malloc(strlen(sig_msg) / 2);
uint8_t *sig_sk_bytes = malloc(strlen(sig_sk) / 2);
uint8_t *verif_sig_bytes = malloc(strlen(verif_sig) / 2);
uint8_t *verif_pk_bytes = malloc(strlen(verif_pk) / 2);
uint8_t *verif_msg_bytes = malloc(strlen(verif_msg) / 2);

hexStringToByteArray(prng_output_stream, prng_output_stream_bytes);
hexStringToByteArray(sig_msg, sig_msg_bytes);
@@ -226,14 +250,18 @@ int main(int argc, char **argv) {
hexStringToByteArray(verif_pk, verif_pk_bytes);
hexStringToByteArray(verif_msg, verif_msg_bytes);

OQS_STATUS rc = sig_vector(alg_name, prng_output_stream_bytes, sig_msg_bytes, sig_msg_len, sig_sk_bytes, verif_sig_bytes, verif_pk_bytes, verif_msg_bytes, verif_msg_len);
rc = sig_vector(alg_name, prng_output_stream_bytes, sig_msg_bytes, sig_msg_len, sig_sk_bytes, verif_sig_bytes, verif_pk_bytes, verif_msg_bytes, verif_msg_len);

err:
OQS_MEM_insecure_free(prng_output_stream_bytes);
OQS_MEM_insecure_free(sig_msg_bytes);
OQS_MEM_insecure_free(sig_sk_bytes);
OQS_MEM_insecure_free(verif_sig_bytes);
OQS_MEM_insecure_free(verif_pk_bytes);
OQS_MEM_insecure_free(verif_msg_bytes);

OQS_SIG_free(sig);

OQS_destroy();

if (rc != OQS_SUCCESS) {