mirror of
https://github.com/henrydcase/pqc.git
synced 2024-11-29 19:01:22 +00:00
07ca665f0b
It's poorly supported and reports false positives (See also #10)
46 lines
1.3 KiB
Python
46 lines
1.3 KiB
Python
import yaml
|
|
import sys
|
|
import os
|
|
import subprocess
|
|
import hashlib
|
|
|
|
"""
|
|
For a given SCHEME, this script verifies that the hash of the testvectors
|
|
produced on this platform matches the one provided in the META file.
|
|
"""
|
|
|
|
if len(sys.argv) != 2:
|
|
print("Provide a scheme name (e.g. crypto_kem/kyber768) as argv[1]")
|
|
exit(1)
|
|
|
|
SCHEME = sys.argv[1]
|
|
SCHEMEFULL = SCHEME.replace('/', '_') # e.g. crypto_kem_kyber768
|
|
SCHEMESHORT = SCHEME.split('/')[1].upper()
|
|
|
|
|
|
def get_hash(scheme):
|
|
with open("{}/META.yml".format(scheme), 'r') as stream:
|
|
meta = yaml.load(stream)
|
|
return meta['testvectors-sha256']
|
|
|
|
|
|
expectedTestvectorsHash = get_hash(SCHEME)
|
|
|
|
subprocess.run(["make", "testvectors", "SCHEME={}".format(SCHEME)])
|
|
implementations = [
|
|
x for x in os.listdir('bin')
|
|
if 'testvectors' in x and SCHEMEFULL in x and '.dSYM' not in x
|
|
|
|
]
|
|
|
|
for impl in implementations:
|
|
testvectors = subprocess.run(["bin/{}".format(impl)],
|
|
stdout=subprocess.PIPE)
|
|
testvectorsHash = hashlib.sha256(testvectors.stdout).hexdigest()
|
|
if testvectorsHash.lower() != expectedTestvectorsHash.lower():
|
|
print("testvectors of {} should be {}, but is {}"
|
|
.format(SCHEME, expectedTestvectorsHash, testvectorsHash))
|
|
sys.exit(1)
|
|
else:
|
|
print("testvectors of {} matched expected hash".format(SCHEME))
|