Browse Source
Replace functional test by tests from PQM4
This also adds some code for canaries, and unifies crypto_{kem,sign}
master
Joost Rijneveld
5 years ago
No known key found for this signature in database
GPG Key ID: A4FE39CF49CBC553
1 changed files with 54 additions and 23 deletions
Split View
Diff Options
-
+54 -23crypto_kem/test.c
+ 54
- 23
crypto_kem/test.c
View File
| @@ -3,33 +3,66 @@ | |||
| #include <stdio.h> | |||
| #include <string.h> | |||
| #define NTESTS 100 | |||
| #define NTESTS 10 | |||
| /* allocate a bit more for all keys and messages and | |||
| * make sure it is not touched by the implementations. | |||
| */ | |||
| static void write_canary(unsigned char *d) { | |||
| *((uint64_t *)d) = 0x0123456789ABCDEF; | |||
| } | |||
| static int check_canary(unsigned char *d) { | |||
| if (*(uint64_t *)d != 0x0123456789ABCDEF) | |||
| return -1; | |||
| else | |||
| return 0; | |||
| } | |||
| static int test_keys(void) { | |||
| unsigned char key_a[CRYPTO_BYTES + 16], key_b[CRYPTO_BYTES + 16]; | |||
| unsigned char pk[CRYPTO_PUBLICKEYBYTES + 16]; | |||
| unsigned char sendb[CRYPTO_CIPHERTEXTBYTES + 16]; | |||
| unsigned char sk_a[CRYPTO_SECRETKEYBYTES + 16]; | |||
| write_canary(key_a); | |||
| write_canary(key_a + sizeof(key_a) - 8); | |||
| write_canary(key_b); | |||
| write_canary(key_b + sizeof(key_b) - 8); | |||
| write_canary(pk); | |||
| write_canary(pk + sizeof(pk) - 8); | |||
| write_canary(sendb); | |||
| write_canary(sendb + sizeof(sendb) - 8); | |||
| write_canary(sk_a); | |||
| write_canary(sk_a + sizeof(sk_a) - 8); | |||
| int test_keys() { | |||
| unsigned char key_a[CRYPTO_BYTES], key_b[CRYPTO_BYTES]; | |||
| unsigned char pk[CRYPTO_PUBLICKEYBYTES]; | |||
| unsigned char sendb[CRYPTO_CIPHERTEXTBYTES]; | |||
| unsigned char sk_a[CRYPTO_SECRETKEYBYTES]; | |||
| int i; | |||
| for (i = 0; i < NTESTS; i++) { | |||
| // Alice generates a public key | |||
| crypto_kem_keypair(pk, sk_a); | |||
| crypto_kem_keypair(pk + 8, sk_a + 8); | |||
| // Bob derives a secret key and creates a response | |||
| crypto_kem_enc(sendb, key_b, pk); | |||
| crypto_kem_enc(sendb + 8, key_b + 8, pk + 8); | |||
| // Alice uses Bobs response to get her secret key | |||
| crypto_kem_dec(key_a, sendb, sk_a); | |||
| if (memcmp(key_a, key_b, CRYPTO_BYTES)) | |||
| printf("ERROR keys\n"); | |||
| crypto_kem_dec(key_a + 8, sendb + 8, sk_a + 8); | |||
| if (memcmp(key_a + 8, key_b + 8, CRYPTO_BYTES)) { | |||
| printf("ERROR KEYS\n"); | |||
| } else if (check_canary(key_a) || check_canary(key_a + sizeof(key_a) - 8) || | |||
| check_canary(key_b) || check_canary(key_b + sizeof(key_b) - 8) || | |||
| check_canary(pk) || check_canary(pk + sizeof(pk) - 8) || | |||
| check_canary(sendb) || check_canary(sendb + sizeof(sendb) - 8) || | |||
| check_canary(sk_a) || check_canary(sk_a + sizeof(sk_a) - 8)) { | |||
| printf("ERROR canary overwritten\n"); | |||
| } | |||
| } | |||
| return 0; | |||
| } | |||
| int test_invalid_sk_a() { | |||
| static int test_invalid_sk_a(void) { | |||
| unsigned char sk_a[CRYPTO_SECRETKEYBYTES]; | |||
| unsigned char key_a[CRYPTO_BYTES], key_b[CRYPTO_BYTES]; | |||
| unsigned char pk[CRYPTO_PUBLICKEYBYTES]; | |||
| @@ -46,17 +79,18 @@ int test_invalid_sk_a() { | |||
| // Replace secret key with random values | |||
| randombytes(sk_a, CRYPTO_SECRETKEYBYTES); | |||
| // Alice uses Bobs response to get her secre key | |||
| // Alice uses Bobs response to get her secret key | |||
| crypto_kem_dec(key_a, sendb, sk_a); | |||
| if (!memcmp(key_a, key_b, CRYPTO_BYTES)) | |||
| if (!memcmp(key_a, key_b, CRYPTO_BYTES)) { | |||
| printf("ERROR invalid sk_a\n"); | |||
| } | |||
| } | |||
| return 0; | |||
| } | |||
| int test_invalid_ciphertext() { | |||
| static int test_invalid_ciphertext(void) { | |||
| unsigned char sk_a[CRYPTO_SECRETKEYBYTES]; | |||
| unsigned char key_a[CRYPTO_BYTES], key_b[CRYPTO_BYTES]; | |||
| unsigned char pk[CRYPTO_PUBLICKEYBYTES]; | |||
| @@ -76,11 +110,12 @@ int test_invalid_ciphertext() { | |||
| // Change some byte in the ciphertext (i.e., encapsulated key) | |||
| sendb[pos % CRYPTO_CIPHERTEXTBYTES] ^= 23; | |||
| // Alice uses Bobs response to get her secre key | |||
| // Alice uses Bobs response to get her secret key | |||
| crypto_kem_dec(key_a, sendb, sk_a); | |||
| if (!memcmp(key_a, key_b, CRYPTO_BYTES)) | |||
| if (!memcmp(key_a, key_b, CRYPTO_BYTES)) { | |||
| printf("ERROR invalid ciphertext\n"); | |||
| } | |||
| } | |||
| return 0; | |||
| @@ -91,9 +126,5 @@ int main(void) { | |||
| test_invalid_sk_a(); | |||
| test_invalid_ciphertext(); | |||
| printf("CRYPTO_SECRETKEYBYTES: %d\n", CRYPTO_SECRETKEYBYTES); | |||
| printf("CRYPTO_PUBLICKEYBYTES: %d\n", CRYPTO_PUBLICKEYBYTES); | |||
| printf("CRYPTO_CIPHERTEXTBYTES: %d\n", CRYPTO_CIPHERTEXTBYTES); | |||
| return 0; | |||
| } | |||
| } | |||