diff --git a/src/nistkat/PQCgenKAT_kem.c b/src/nistkat/PQCgenKAT_kem.c index fa45e9d..e33a44e 100644 --- a/src/nistkat/PQCgenKAT_kem.c +++ b/src/nistkat/PQCgenKAT_kem.c @@ -1,16 +1,17 @@ +/* +NIST-developed software is provided by NIST as a public service. You may use, copy, and distribute copies of the software in any medium, provided that you keep intact this entire notice. You may improve, modify, and create derivative works of the software or any portion of the software, and you may copy and distribute such modifications or works. Modified works should carry a notice stating that you changed the software and should note the date and nature of any such change. Please explicitly acknowledge the National Institute of Standards and Technology as the source of the software. + +NIST-developed software is expressly provided "AS IS." NIST MAKES NO WARRANTY OF ANY KIND, EXPRESS, IMPLIED, IN FACT, OR ARISING BY OPERATION OF LAW, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND DATA ACCURACY. NIST NEITHER REPRESENTS NOR WARRANTS THAT THE OPERATION OF THE SOFTWARE WILL BE UNINTERRUPTED OR ERROR-FREE, OR THAT ANY DEFECTS WILL BE CORRECTED. NIST DOES NOT WARRANT OR MAKE ANY REPRESENTATIONS REGARDING THE USE OF THE SOFTWARE OR THE RESULTS THEREOF, INCLUDING BUT NOT LIMITED TO THE CORRECTNESS, ACCURACY, RELIABILITY, OR USEFULNESS OF THE SOFTWARE. + +You are solely responsible for determining the appropriateness of using and distributing the software and you assume all risks associated with its use, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and the unavailability or interruption of operation. This software is not intended to be used in any situation where a failure could cause risk of injury or damage to property. The software developed by NIST employees is not subject to copyright protection within the United States. +*/ -// -// PQCgenKAT_kem.c -// -// Created by Bassham, Lawrence E (Fed) on 8/29/17. -// Copyright © 2017 Bassham, Lawrence E (Fed). All rights reserved. -// #include #include #include #include #include "rng.h" -#include "../kem.h" +#include "api.h" #define MAX_MARKER_LEN 50 #define KAT_SUCCESS 0 @@ -34,7 +35,7 @@ main() int done; unsigned char pk[CRYPTO_PUBLICKEYBYTES], sk[CRYPTO_SECRETKEYBYTES]; int ret_val; - + // Create the REQUEST file sprintf(fn_req, "PQCkemKAT_%d.req", CRYPTO_SECRETKEYBYTES); if ( (fp_req = fopen(fn_req, "w")) == NULL ) { @@ -46,7 +47,7 @@ main() printf("Couldn't open <%s> for write\n", fn_rsp); return KAT_FILE_OPEN_ERROR; } - + for (int i=0; i<48; i++) entropy_input[i] = i; @@ -61,13 +62,13 @@ main() fprintf(fp_req, "ss =\n\n"); } fclose(fp_req); - + //Create the RESPONSE file based on what's in the REQUEST file if ( (fp_req = fopen(fn_req, "r")) == NULL ) { printf("Couldn't open <%s> for read\n", fn_req); return KAT_FILE_OPEN_ERROR; } - + fprintf(fp_rsp, "# %s\n\n", CRYPTO_ALGNAME); done = 0; do { @@ -78,15 +79,15 @@ main() break; } fprintf(fp_rsp, "count = %d\n", count); - + if ( !ReadHex(fp_req, seed, 48, "seed = ") ) { printf("ERROR: unable to read 'seed' from <%s>\n", fn_req); return KAT_DATA_ERROR; } fprintBstr(fp_rsp, "seed = ", seed, 48); - + randombytes_init(seed, NULL, 256); - + // Generate the public/private keypair if ( (ret_val = crypto_kem_keypair(pk, sk)) != 0) { printf("crypto_kem_keypair returned <%d>\n", ret_val); @@ -94,28 +95,28 @@ main() } fprintBstr(fp_rsp, "pk = ", pk, CRYPTO_PUBLICKEYBYTES); fprintBstr(fp_rsp, "sk = ", sk, CRYPTO_SECRETKEYBYTES); - + if ( (ret_val = crypto_kem_enc(ct, ss, pk)) != 0) { printf("crypto_kem_enc returned <%d>\n", ret_val); return KAT_CRYPTO_FAILURE; } fprintBstr(fp_rsp, "ct = ", ct, CRYPTO_CIPHERTEXTBYTES); fprintBstr(fp_rsp, "ss = ", ss, CRYPTO_BYTES); - + fprintf(fp_rsp, "\n"); - + if ( (ret_val = crypto_kem_dec(ss1, ct, sk)) != 0) { printf("crypto_kem_dec returned <%d>\n", ret_val); return KAT_CRYPTO_FAILURE; } - + if ( memcmp(ss, ss1, CRYPTO_BYTES) ) { printf("crypto_kem_dec returned bad 'ss' value\n"); return KAT_CRYPTO_FAILURE; } } while ( !done ); - + fclose(fp_req); fclose(fp_rsp); @@ -203,7 +204,7 @@ ReadHex(FILE *infile, unsigned char *A, int Length, char *str) ich = ch - 'a' + 10; else // shouldn't ever get here ich = 0; - + for ( i=0; i> 4); A[Length-1] = (A[Length-1] << 4) | ich; diff --git a/src/nistkat/rng.c b/src/nistkat/rng.c index 2976969..2d6aa1c 100644 --- a/src/nistkat/rng.c +++ b/src/nistkat/rng.c @@ -1,9 +1,10 @@ -// -// rng.c -// -// Created by Bassham, Lawrence E (Fed) on 8/29/17. -// Copyright © 2017 Bassham, Lawrence E (Fed). All rights reserved. -// +/* +NIST-developed software is provided by NIST as a public service. You may use, copy, and distribute copies of the software in any medium, provided that you keep intact this entire notice. You may improve, modify, and create derivative works of the software or any portion of the software, and you may copy and distribute such modifications or works. Modified works should carry a notice stating that you changed the software and should note the date and nature of any such change. Please explicitly acknowledge the National Institute of Standards and Technology as the source of the software. + +NIST-developed software is expressly provided "AS IS." NIST MAKES NO WARRANTY OF ANY KIND, EXPRESS, IMPLIED, IN FACT, OR ARISING BY OPERATION OF LAW, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND DATA ACCURACY. NIST NEITHER REPRESENTS NOR WARRANTS THAT THE OPERATION OF THE SOFTWARE WILL BE UNINTERRUPTED OR ERROR-FREE, OR THAT ANY DEFECTS WILL BE CORRECTED. NIST DOES NOT WARRANT OR MAKE ANY REPRESENTATIONS REGARDING THE USE OF THE SOFTWARE OR THE RESULTS THEREOF, INCLUDING BUT NOT LIMITED TO THE CORRECTNESS, ACCURACY, RELIABILITY, OR USEFULNESS OF THE SOFTWARE. + +You are solely responsible for determining the appropriateness of using and distributing the software and you assume all risks associated with its use, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and the unavailability or interruption of operation. This software is not intended to be used in any situation where a failure could cause risk of injury or damage to property. The software developed by NIST employees is not subject to copyright protection within the United States. +*/ #include #include "rng.h" @@ -30,11 +31,11 @@ seedexpander_init(AES_XOF_struct *ctx, { if ( maxlen >= 0x100000000 ) return RNG_BAD_MAXLEN; - + ctx->length_remaining = maxlen; - + memcpy(ctx->key, seed, 32); - + memcpy(ctx->ctr, diversifier, 8); ctx->ctr[11] = maxlen % 256; maxlen >>= 8; @@ -44,10 +45,10 @@ seedexpander_init(AES_XOF_struct *ctx, maxlen >>= 8; ctx->ctr[8] = maxlen % 256; memset(ctx->ctr+12, 0x00, 4); - + ctx->buffer_pos = 16; memset(ctx->buffer, 0x00, 16); - + return RNG_SUCCESS; } @@ -61,31 +62,31 @@ int seedexpander(AES_XOF_struct *ctx, unsigned char *x, unsigned long xlen) { unsigned long offset; - + if ( x == NULL ) return RNG_BAD_OUTBUF; if ( xlen >= ctx->length_remaining ) return RNG_BAD_REQ_LEN; - + ctx->length_remaining -= xlen; - + offset = 0; while ( xlen > 0 ) { if ( xlen <= (16-ctx->buffer_pos) ) { // buffer has what we need memcpy(x+offset, ctx->buffer+ctx->buffer_pos, xlen); ctx->buffer_pos += xlen; - + return RNG_SUCCESS; } - + // take what's in the buffer memcpy(x+offset, ctx->buffer+ctx->buffer_pos, 16-ctx->buffer_pos); xlen -= 16-ctx->buffer_pos; offset += 16-ctx->buffer_pos; - + AES256_ECB(ctx->key, ctx->ctr, ctx->buffer); ctx->buffer_pos = 0; - + //increment the counter for (int i=15; i>=12; i--) { if ( ctx->ctr[i] == 0xff ) @@ -95,9 +96,9 @@ seedexpander(AES_XOF_struct *ctx, unsigned char *x, unsigned long xlen) break; } } - + } - + return RNG_SUCCESS; } @@ -116,21 +117,21 @@ void AES256_ECB(unsigned char *key, unsigned char *ctr, unsigned char *buffer) { EVP_CIPHER_CTX *ctx; - + int len; - + int ciphertext_len; - + /* Create and initialise the context */ if(!(ctx = EVP_CIPHER_CTX_new())) handleErrors(); - + if(1 != EVP_EncryptInit_ex(ctx, EVP_aes_256_ecb(), NULL, key, NULL)) handleErrors(); - + if(1 != EVP_EncryptUpdate(ctx, buffer, &len, ctr, 16)) handleErrors(); ciphertext_len = len; - + /* Clean up */ EVP_CIPHER_CTX_free(ctx); } @@ -141,7 +142,7 @@ randombytes_init(unsigned char *entropy_input, int security_strength) { unsigned char seed_material[48]; - + memcpy(seed_material, entropy_input, 48); if (personalization_string) for (int i=0; i<48; i++) @@ -157,7 +158,7 @@ randombytes(unsigned char *x, unsigned long long xlen) { unsigned char block[16]; int i = 0; - + while ( xlen > 0 ) { //increment V for (int j=15; j>=0; j--) { @@ -181,7 +182,7 @@ randombytes(unsigned char *x, unsigned long long xlen) } AES256_CTR_DRBG_Update(NULL, DRBG_ctx.Key, DRBG_ctx.V); DRBG_ctx.reseed_counter++; - + return RNG_SUCCESS; } @@ -191,7 +192,7 @@ AES256_CTR_DRBG_Update(unsigned char *provided_data, unsigned char *V) { unsigned char temp[48]; - + for (int i=0; i<3; i++) { //increment V for (int j=15; j>=0; j--) { @@ -202,7 +203,7 @@ AES256_CTR_DRBG_Update(unsigned char *provided_data, break; } } - + AES256_ECB(Key, V, temp+16*i); } if ( provided_data != NULL ) diff --git a/src/nistkat/rng.h b/src/nistkat/rng.h index 577e263..407c0c6 100644 --- a/src/nistkat/rng.h +++ b/src/nistkat/rng.h @@ -1,9 +1,10 @@ -// -// rng.h -// -// Created by Bassham, Lawrence E (Fed) on 8/29/17. -// Copyright © 2017 Bassham, Lawrence E (Fed). All rights reserved. -// +/* +NIST-developed software is provided by NIST as a public service. You may use, copy, and distribute copies of the software in any medium, provided that you keep intact this entire notice. You may improve, modify, and create derivative works of the software or any portion of the software, and you may copy and distribute such modifications or works. Modified works should carry a notice stating that you changed the software and should note the date and nature of any such change. Please explicitly acknowledge the National Institute of Standards and Technology as the source of the software. + +NIST-developed software is expressly provided "AS IS." NIST MAKES NO WARRANTY OF ANY KIND, EXPRESS, IMPLIED, IN FACT, OR ARISING BY OPERATION OF LAW, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND DATA ACCURACY. NIST NEITHER REPRESENTS NOR WARRANTS THAT THE OPERATION OF THE SOFTWARE WILL BE UNINTERRUPTED OR ERROR-FREE, OR THAT ANY DEFECTS WILL BE CORRECTED. NIST DOES NOT WARRANT OR MAKE ANY REPRESENTATIONS REGARDING THE USE OF THE SOFTWARE OR THE RESULTS THEREOF, INCLUDING BUT NOT LIMITED TO THE CORRECTNESS, ACCURACY, RELIABILITY, OR USEFULNESS OF THE SOFTWARE. + +You are solely responsible for determining the appropriateness of using and distributing the software and you assume all risks associated with its use, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and the unavailability or interruption of operation. This software is not intended to be used in any situation where a failure could cause risk of injury or damage to property. The software developed by NIST employees is not subject to copyright protection within the United States. +*/ #ifndef rng_h #define rng_h