|
@@ -11,15 +11,25 @@ import rand "crypto/rand" |
|
|
import sidh "github.com/henrydcase/nobs/dh/sidh" |
|
|
import sidh "github.com/henrydcase/nobs/dh/sidh" |
|
|
import sike "github.com/henrydcase/nobs/kem/sike" |
|
|
import sike "github.com/henrydcase/nobs/kem/sike" |
|
|
import "unsafe" |
|
|
import "unsafe" |
|
|
|
|
|
import "runtime" |
|
|
|
|
|
|
|
|
const ( |
|
|
const ( |
|
|
CSKsz = 644 |
|
|
|
|
|
GSKsz = 80 // 80 because MSR concatenates public key to the secret key |
|
|
|
|
|
|
|
|
GSKsz = 32+48 // 80=(MSG+KeySize). |
|
|
|
|
|
CSKsz = 644 // 80+public key size, which MSR concatenates with secret key |
|
|
PKsz = 564 |
|
|
PKsz = 564 |
|
|
CTsz = 596 |
|
|
CTsz = 596 |
|
|
SSsz = 24 |
|
|
SSsz = 24 |
|
|
) |
|
|
) |
|
|
|
|
|
|
|
|
|
|
|
func FailNow() { |
|
|
|
|
|
pc := make([]uintptr, 10) // at least 1 entry needed |
|
|
|
|
|
runtime.Callers(2, pc) |
|
|
|
|
|
f := runtime.FuncForPC(pc[0]) |
|
|
|
|
|
file, line := f.FileLine(pc[0]) |
|
|
|
|
|
fmt.Printf("%s:%d %s\n", file, line, f.Name()) |
|
|
|
|
|
panic(0) |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
// Helpers for byte convertion |
|
|
// Helpers for byte convertion |
|
|
// ------------------------------ |
|
|
// ------------------------------ |
|
|
|
|
|
|
|
@@ -69,34 +79,28 @@ func keygenCf() (*sidh.PublicKey, *sidh.PrivateKey) { |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
// MSR keygen |
|
|
// MSR keygen |
|
|
// MSR Encapsulate |
|
|
|
|
|
// CF Decapsulate |
|
|
|
|
|
func test_msrK_msrE_cfD() { |
|
|
|
|
|
var msrCipherText [CTsz]C.uchar |
|
|
|
|
|
var ss2 [SSsz]C.uchar |
|
|
|
|
|
var msrSK [CSKsz]C.uchar |
|
|
|
|
|
|
|
|
// CF Encapsulate |
|
|
|
|
|
// MSR Decapsulate |
|
|
|
|
|
func test_msrK_cfE_msrD() { |
|
|
|
|
|
var cCT [CTsz]C.uchar |
|
|
|
|
|
var cSS [SSsz]C.uchar |
|
|
|
|
|
var cSK [CSKsz]C.uchar |
|
|
|
|
|
|
|
|
pubKey, prvKey := keygenMsr() |
|
|
pubKey, prvKey := keygenMsr() |
|
|
ctext, ss1, err := sike.Encapsulate(rand.Reader, pubKey) |
|
|
|
|
|
|
|
|
gCT, gSS, err := sike.Encapsulate(rand.Reader, pubKey) |
|
|
if err != nil { |
|
|
if err != nil { |
|
|
panic(0) |
|
|
panic(0) |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
for i,_:=range(ctext) { |
|
|
|
|
|
msrCipherText[i] = C.uchar(ctext[i]) |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
convBytesGoToC(prvKey.Export(), msrSK[:]) |
|
|
|
|
|
convBytesGoToC(pubKey.Export(), msrSK[80:]) |
|
|
|
|
|
if C.crypto_kem_dec_SIKEp751(&msrSK[0], &msrCipherText[0], &ss2[0]) != 0 { |
|
|
|
|
|
|
|
|
convBytesGoToC(gCT, cCT[:]) |
|
|
|
|
|
convBytesGoToC(prvKey.Export(), cSK[:]) |
|
|
|
|
|
convBytesGoToC(pubKey.Export(), cSK[80:]) |
|
|
|
|
|
if C.crypto_kem_dec_SIKEp751(&cSS[0], &cCT[0], &cSK[0]) != 0 { |
|
|
panic(0) |
|
|
panic(0) |
|
|
} |
|
|
} |
|
|
for _,i:=range(ss2) { |
|
|
|
|
|
if byte(ss2[i]) != ss1[i] { |
|
|
|
|
|
fmt.Printf("LEN=%d %X\n", len(ss2), ss2) |
|
|
|
|
|
// fmt.Printf("LEN=%d %X\n", len(ss1), ss1) |
|
|
|
|
|
|
|
|
for i:=0; i<SSsz; i++ { |
|
|
|
|
|
if byte(cSS[i]) != gSS[i] { |
|
|
fmt.Println("ERR: shared secrets differ") |
|
|
fmt.Println("ERR: shared secrets differ") |
|
|
break |
|
|
|
|
|
|
|
|
FailNow() |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
@@ -130,11 +134,53 @@ func test_cfK_cfE_msrD() { |
|
|
fmt.Printf("LEN=%d %X\n", len(gSS), gSS) |
|
|
fmt.Printf("LEN=%d %X\n", len(gSS), gSS) |
|
|
fmt.Printf("LEN=%d %X\n", len(cSS), cSS) |
|
|
fmt.Printf("LEN=%d %X\n", len(cSS), cSS) |
|
|
fmt.Println("ERR: shared secrets differ") |
|
|
fmt.Println("ERR: shared secrets differ") |
|
|
break |
|
|
|
|
|
|
|
|
FailNow() |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
// Check if public key generated with CF is same as the one from MSR |
|
|
|
|
|
func test_cfK_msrK1() { |
|
|
|
|
|
// C variables |
|
|
|
|
|
var cPK [PKsz]C.uchar |
|
|
|
|
|
var cSK [CSKsz]C.uchar |
|
|
|
|
|
|
|
|
|
|
|
pubKey, prvKey := keygenCf() |
|
|
|
|
|
convBytesGoToC(prvKey.Export()[32:], cSK[:]) |
|
|
|
|
|
if C.EphemeralKeyGeneration_B_SIDHp751(&cSK[0], &cPK[0]) != 0 { |
|
|
|
|
|
panic(0) |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
gPK := pubKey.Export() |
|
|
|
|
|
for i,v:=range(gPK) { |
|
|
|
|
|
if byte(cPK[i]) != v { |
|
|
|
|
|
fmt.Printf("PRV =%d %X\n", len(prvKey.Export()), prvKey.Export()) |
|
|
|
|
|
fmt.Printf("PUB CF =%d %X\n", len(pubKey.Export()), pubKey.Export()) |
|
|
|
|
|
fmt.Printf("PUB MSR=%d %X\n", len(cPK), cPK) |
|
|
|
|
|
} |
|
|
|
|
|
} |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// Check if public key generated with CF is same as the one from MSR |
|
|
|
|
|
func test_cfK_msrK2() { |
|
|
|
|
|
pubKeyMsr, prvKey := keygenMsr() |
|
|
|
|
|
pubKeyCf, err := sidh.GeneratePublicKey(prvKey) |
|
|
|
|
|
if err != nil { |
|
|
|
|
|
panic(0) |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
cfPK := pubKeyCf.Export() |
|
|
|
|
|
msrPK := pubKeyMsr.Export() |
|
|
|
|
|
for i,v:=range(cfPK) { |
|
|
|
|
|
if msrPK[i]!= v { |
|
|
|
|
|
fmt.Printf("Keys differ") |
|
|
|
|
|
FailNow() |
|
|
|
|
|
} |
|
|
|
|
|
} |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// CF keygen |
|
|
// CF keygen |
|
|
// MSR Encapsulate |
|
|
// MSR Encapsulate |
|
|
// CF Decapsulate |
|
|
// CF Decapsulate |
|
@@ -148,7 +194,9 @@ func test_cfK_msrE_cfD() { |
|
|
pubKey, prvKey := keygenCf() |
|
|
pubKey, prvKey := keygenCf() |
|
|
|
|
|
|
|
|
convBytesGoToC(pubKey.Export(), cPK[:]) |
|
|
convBytesGoToC(pubKey.Export(), cPK[:]) |
|
|
C.crypto_kem_enc_SIKEp751(&cCT[0], &cSS[0], &cPK[0]) |
|
|
|
|
|
|
|
|
if C.crypto_kem_enc_SIKEp751(&cCT[0], &cSS[0], &cPK[0]) != 0 { |
|
|
|
|
|
panic(0) |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
convBytesCToGo(cCT[:], gCT[:]) |
|
|
convBytesCToGo(cCT[:], gCT[:]) |
|
|
gSS, err := sike.Decapsulate(prvKey, pubKey, gCT[:]) |
|
|
gSS, err := sike.Decapsulate(prvKey, pubKey, gCT[:]) |
|
@@ -159,12 +207,12 @@ func test_cfK_msrE_cfD() { |
|
|
for i,_:=range(gSS) { |
|
|
for i,_:=range(gSS) { |
|
|
if gSS[i] != byte(cSS[i]) { |
|
|
if gSS[i] != byte(cSS[i]) { |
|
|
fmt.Println("ERR: shared secrets differ") |
|
|
fmt.Println("ERR: shared secrets differ") |
|
|
break |
|
|
|
|
|
|
|
|
FailNow() |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
func test_cfK_msrK_msrD() { |
|
|
|
|
|
|
|
|
func test_cfK_msrE_msrD() { |
|
|
// C variables |
|
|
// C variables |
|
|
var cSS [SSsz]C.uchar |
|
|
var cSS [SSsz]C.uchar |
|
|
var cSS2 [SSsz]C.uchar |
|
|
var cSS2 [SSsz]C.uchar |
|
@@ -175,45 +223,22 @@ func test_cfK_msrK_msrD() { |
|
|
pubKey, prvKey := keygenCf() |
|
|
pubKey, prvKey := keygenCf() |
|
|
|
|
|
|
|
|
convBytesGoToC(pubKey.Export(), cPK[:]) |
|
|
convBytesGoToC(pubKey.Export(), cPK[:]) |
|
|
C.crypto_kem_enc_SIKEp751(&cCT[0], &cSS[0], &cPK[0]) |
|
|
|
|
|
|
|
|
if C.crypto_kem_enc_SIKEp751(&cCT[0], &cSS[0], &cPK[0]) != 0 { |
|
|
|
|
|
panic(0) |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
convBytesGoToC(prvKey.Export(), cSK[:]) |
|
|
convBytesGoToC(prvKey.Export(), cSK[:]) |
|
|
convBytesGoToC(pubKey.Export(), cSK[80:]) |
|
|
convBytesGoToC(pubKey.Export(), cSK[80:]) |
|
|
C.crypto_kem_dec_SIKEp751(&cSS2[0], &cCT[0], &cSK[0]) |
|
|
|
|
|
|
|
|
if C.crypto_kem_dec_SIKEp751(&cSS2[0], &cCT[0], &cSK[0]) != 0 { |
|
|
|
|
|
panic(0) |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
for i,_:=range(cSS) { |
|
|
for i,_:=range(cSS) { |
|
|
if cSS[i] != cSS2[i] {//gSS[i] != byte(cSS[i]) { |
|
|
if cSS[i] != cSS2[i] {//gSS[i] != byte(cSS[i]) { |
|
|
fmt.Printf("LEN=%d %X\n", len(cSS2), cSS2) |
|
|
fmt.Printf("LEN=%d %X\n", len(cSS2), cSS2) |
|
|
fmt.Printf("LEN=%d %X\n", len(cSS), cSS) |
|
|
fmt.Printf("LEN=%d %X\n", len(cSS), cSS) |
|
|
fmt.Println("ERR: shared secrets differ") |
|
|
fmt.Println("ERR: shared secrets differ") |
|
|
break |
|
|
|
|
|
} |
|
|
|
|
|
} |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
// MSR keygen |
|
|
|
|
|
// CF Encapsulate |
|
|
|
|
|
// MSR Decapsulate |
|
|
|
|
|
func test_msrK_cfE_msrD() { |
|
|
|
|
|
var cCT [CTsz]C.uchar |
|
|
|
|
|
var cSS [SSsz]C.uchar |
|
|
|
|
|
var cSK [CSKsz]C.uchar |
|
|
|
|
|
|
|
|
|
|
|
pubKey, prvKey := keygenMsr() |
|
|
|
|
|
gCT, gSS, err := sike.Encapsulate(rand.Reader, pubKey) |
|
|
|
|
|
if err != nil { |
|
|
|
|
|
panic(0) |
|
|
|
|
|
} |
|
|
|
|
|
convBytesGoToC(gCT, cCT[:]) |
|
|
|
|
|
convBytesGoToC(prvKey.Export(), cSK[:]) |
|
|
|
|
|
convBytesGoToC(pubKey.Export(), cSK[80:]) |
|
|
|
|
|
if C.crypto_kem_dec_SIKEp751(&cSS[0], &cCT[0], &cSK[0]) != 0 { |
|
|
|
|
|
panic(0) |
|
|
|
|
|
} |
|
|
|
|
|
for i:=0; i<SSsz; i++ { |
|
|
|
|
|
if byte(cSS[i]) != gSS[i] { |
|
|
|
|
|
fmt.Println("ERR: shared secrets differ") |
|
|
|
|
|
break |
|
|
|
|
|
|
|
|
FailNow() |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
@@ -221,7 +246,7 @@ func test_msrK_cfE_msrD() { |
|
|
// MSR keygen |
|
|
// MSR keygen |
|
|
// MSR Encapsulate |
|
|
// MSR Encapsulate |
|
|
// CF Decapsulate |
|
|
// CF Decapsulate |
|
|
func test_msrK_msrK_cfD() { |
|
|
|
|
|
|
|
|
func test_msrK_msrE_cfD() { |
|
|
// C variables |
|
|
// C variables |
|
|
var cSS [SSsz]C.uchar |
|
|
var cSS [SSsz]C.uchar |
|
|
var cCT [CTsz]C.uchar |
|
|
var cCT [CTsz]C.uchar |
|
@@ -246,7 +271,7 @@ func test_msrK_msrK_cfD() { |
|
|
fmt.Printf("LEN=%d %X\n", len(gSS), gSS) |
|
|
fmt.Printf("LEN=%d %X\n", len(gSS), gSS) |
|
|
fmt.Printf("LEN=%d %X\n", len(cSS), cSS) |
|
|
fmt.Printf("LEN=%d %X\n", len(cSS), cSS) |
|
|
fmt.Println("ERR: shared secrets differ") |
|
|
fmt.Println("ERR: shared secrets differ") |
|
|
break |
|
|
|
|
|
|
|
|
FailNow() |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
@@ -271,14 +296,14 @@ func test_msrK_cfE_cfD() { |
|
|
fmt.Printf("LEN=%d %X\n", len(gSS1), gSS1) |
|
|
fmt.Printf("LEN=%d %X\n", len(gSS1), gSS1) |
|
|
fmt.Printf("LEN=%d %X\n", len(gSS2), gSS2) |
|
|
fmt.Printf("LEN=%d %X\n", len(gSS2), gSS2) |
|
|
fmt.Println("ERR: shared secrets differ") |
|
|
fmt.Println("ERR: shared secrets differ") |
|
|
break |
|
|
|
|
|
|
|
|
FailNow() |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
// For CGO testing really |
|
|
// For CGO testing really |
|
|
// ---------------------- |
|
|
// ---------------------- |
|
|
func test_msrK_msrK_msrD() { |
|
|
|
|
|
|
|
|
func test_msrK_msrE_msrD() { |
|
|
// C variables |
|
|
// C variables |
|
|
var cSS [SSsz]C.uchar |
|
|
var cSS [SSsz]C.uchar |
|
|
var cSS2 [SSsz]C.uchar |
|
|
var cSS2 [SSsz]C.uchar |
|
@@ -291,40 +316,58 @@ func test_msrK_msrK_msrD() { |
|
|
convBytesGoToC(prvKey.Export(), cSK[:]) |
|
|
convBytesGoToC(prvKey.Export(), cSK[:]) |
|
|
convBytesGoToC(pubKey.Export(), cSK[80:]) |
|
|
convBytesGoToC(pubKey.Export(), cSK[80:]) |
|
|
convBytesGoToC(pubKey.Export(), cPK[:]) |
|
|
convBytesGoToC(pubKey.Export(), cPK[:]) |
|
|
C.crypto_kem_enc_SIKEp751(&cCT[0], &cSS[0], &cPK[0]) |
|
|
|
|
|
C.crypto_kem_dec_SIKEp751(&cSS2[0], &cCT[0], &cSK[0]) |
|
|
|
|
|
|
|
|
if C.crypto_kem_enc_SIKEp751(&cCT[0], &cSS[0], &cPK[0]) != 0 {panic(0)} |
|
|
|
|
|
if C.crypto_kem_dec_SIKEp751(&cSS2[0], &cCT[0], &cSK[0]) != 0 {panic(0)} |
|
|
|
|
|
|
|
|
for i,_:=range(cSS) { |
|
|
for i,_:=range(cSS) { |
|
|
if cSS[i] != cSS2[i] { |
|
|
if cSS[i] != cSS2[i] { |
|
|
fmt.Printf("LEN=%d %X\n", len(cSS2), cSS2) |
|
|
fmt.Printf("LEN=%d %X\n", len(cSS2), cSS2) |
|
|
fmt.Printf("LEN=%d %X\n", len(cSS), cSS) |
|
|
fmt.Printf("LEN=%d %X\n", len(cSS), cSS) |
|
|
fmt.Println("ERR: shared secrets differ") |
|
|
fmt.Println("ERR: shared secrets differ") |
|
|
break |
|
|
|
|
|
|
|
|
FailNow() |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
func debug() { |
|
|
func debug() { |
|
|
// fmt.Println("MSR+MSR+MSR") |
|
|
|
|
|
// test_msrK_msrK_msrD() |
|
|
|
|
|
// fmt.Println("CF+MSR+CF") |
|
|
|
|
|
// test_cfK_msrE_cfD() |
|
|
|
|
|
// fmt.Println("MSR+CF+MSR") |
|
|
|
|
|
// test_msrK_cfE_msrD() |
|
|
|
|
|
// fmt.Println("MSR+MSR+CF") |
|
|
|
|
|
// test_msrK_msrK_cfD() |
|
|
|
|
|
// fmt.Println("MSR+CF+CF") |
|
|
|
|
|
// test_msrK_cfE_cfD() |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
fmt.Println("MSR+MSR+MSR") |
|
|
|
|
|
test_msrK_msrE_msrD() |
|
|
|
|
|
fmt.Println("CF+MSR+CF") |
|
|
|
|
|
test_cfK_msrE_cfD() |
|
|
|
|
|
fmt.Println("MSR+CF+MSR") |
|
|
|
|
|
test_msrK_cfE_msrD() |
|
|
|
|
|
fmt.Println("MSR+MSR+CF") |
|
|
|
|
|
test_msrK_msrE_cfD() |
|
|
|
|
|
fmt.Println("MSR+CF+CF") |
|
|
|
|
|
test_msrK_cfE_cfD() |
|
|
fmt.Println("CF+CF+MSR") |
|
|
fmt.Println("CF+CF+MSR") |
|
|
test_cfK_cfE_msrD() |
|
|
test_cfK_cfE_msrD() |
|
|
fmt.Println("CF+MSR+MSR") |
|
|
fmt.Println("CF+MSR+MSR") |
|
|
test_cfK_msrK_msrD() |
|
|
|
|
|
|
|
|
test_cfK_msrE_msrD() |
|
|
|
|
|
fmt.Println("CF prv Keygen") |
|
|
|
|
|
test_cfK_msrK1() |
|
|
|
|
|
fmt.Println("MSR prv Keygen") |
|
|
|
|
|
test_cfK_msrK2() |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
func doLongTest() { |
|
|
|
|
|
test_msrK_msrE_cfD() |
|
|
|
|
|
test_msrK_cfE_msrD() |
|
|
|
|
|
test_msrK_cfE_cfD() |
|
|
|
|
|
|
|
|
|
|
|
test_cfK_msrE_cfD() |
|
|
|
|
|
test_cfK_cfE_msrD() |
|
|
|
|
|
test_cfK_msrE_msrD() |
|
|
|
|
|
|
|
|
|
|
|
test_cfK_msrK1() |
|
|
|
|
|
test_cfK_msrK2() |
|
|
|
|
|
|
|
|
|
|
|
test_msrK_msrE_msrD() |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
func main() { |
|
|
func main() { |
|
|
for i:=0; i<1000; i++ { |
|
|
for i:=0; i<1000; i++ { |
|
|
debug() |
|
|
|
|
|
|
|
|
doLongTest() |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
|
|
|
|