xmss-KAT-generator/test/xmss_determinism.c

#include <stdio.h>
#include <stdint.h>
#include <string.h>

#include "../params.h"
#include "../xmss.h"
#include "../randombytes.h"

#define MLEN 32

int main()
{
    xmss_params params;
    char *oidstr = "XMSS-SHA2_10_256";
    uint32_t oid;
    unsigned int i;

    fprintf(stderr, "Testing if XMSS-SHA2_10_256 signing is deterministic.. ");

    xmss_str_to_oid(&oid, oidstr);
    xmss_parse_oid(&params, oid);

    unsigned char pk[XMSS_OID_LEN + params.pk_bytes];
    unsigned char sk[XMSS_OID_LEN + params.sk_bytes];
    unsigned char sk2[XMSS_OID_LEN + params.sk_bytes];

    unsigned char m[MLEN];
    unsigned char sm[params.sig_bytes + MLEN];
    unsigned char sm2[params.sig_bytes + MLEN];
    unsigned long long smlen;

    xmss_keypair(pk, sk, oid);

    /* Duplicate the key, because the original will be modified. */
    memcpy(sk2, sk, XMSS_OID_LEN + params.sk_bytes);

    /* Sign a random message (but twice the same one). */
    randombytes(m, MLEN);

    xmss_sign(sk, sm, &smlen, m, MLEN);
    xmss_sign(sk2, sm2, &smlen, m, MLEN);

    /* Compare signature, and, if applicable, print the differences. */
    if (memcmp(sm, sm2, params.sig_bytes + MLEN)) {
        fprintf(stderr, "signatures differ!\n");
        for (i = 0; i < params.sig_bytes + MLEN; i++) {
            fprintf(stderr, (sm[i] != sm2[i] ? "x" : "."));
        }
        fprintf(stderr, "\n");
        return -1;
    }
    else {
        fprintf(stderr, "signatures are identical.\n");
    }

    return 0;
}
Add test to check deterministic signatures Wrote this to find what turned out to be an external error when using the interfacing programs, but felt like it might as well be added. Under the same key and message, the signature is expected to be identical. However, as the index changes, this case will not happen in real use. 2017-10-23 13:52:33 +01:00			`#include <stdio.h>`
			`#include <stdint.h>`
			`#include <string.h>`

			`#include "../params.h"`
			`#include "../xmss.h"`
			`#include "../randombytes.h"`

			`#define MLEN 32`

			`int main()`
			`{`
			`xmss_params params;`
			`char *oidstr = "XMSS-SHA2_10_256";`
Clean up tests 2017-10-26 14:50:33 +01:00			`uint32_t oid;`
Add test to check deterministic signatures Wrote this to find what turned out to be an external error when using the interfacing programs, but felt like it might as well be added. Under the same key and message, the signature is expected to be identical. However, as the index changes, this case will not happen in real use. 2017-10-23 13:52:33 +01:00			`unsigned int i;`

			`fprintf(stderr, "Testing if XMSS-SHA2_10_256 signing is deterministic.. ");`

			`xmss_str_to_oid(&oid, oidstr);`
			`xmss_parse_oid(&params, oid);`

Rename parameters for readability and consistency 2017-10-24 16:51:56 +01:00			`unsigned char pk[XMSS_OID_LEN + params.pk_bytes];`
			`unsigned char sk[XMSS_OID_LEN + params.sk_bytes];`
			`unsigned char sk2[XMSS_OID_LEN + params.sk_bytes];`
Add test to check deterministic signatures Wrote this to find what turned out to be an external error when using the interfacing programs, but felt like it might as well be added. Under the same key and message, the signature is expected to be identical. However, as the index changes, this case will not happen in real use. 2017-10-23 13:52:33 +01:00
			`unsigned char m[MLEN];`
Rename parameters for readability and consistency 2017-10-24 16:51:56 +01:00			`unsigned char sm[params.sig_bytes + MLEN];`
			`unsigned char sm2[params.sig_bytes + MLEN];`
Add test to check deterministic signatures Wrote this to find what turned out to be an external error when using the interfacing programs, but felt like it might as well be added. Under the same key and message, the signature is expected to be identical. However, as the index changes, this case will not happen in real use. 2017-10-23 13:52:33 +01:00			`unsigned long long smlen;`

			`xmss_keypair(pk, sk, oid);`

			`/* Duplicate the key, because the original will be modified. */`
Rename parameters for readability and consistency 2017-10-24 16:51:56 +01:00			`memcpy(sk2, sk, XMSS_OID_LEN + params.sk_bytes);`
Add test to check deterministic signatures Wrote this to find what turned out to be an external error when using the interfacing programs, but felt like it might as well be added. Under the same key and message, the signature is expected to be identical. However, as the index changes, this case will not happen in real use. 2017-10-23 13:52:33 +01:00
			`/* Sign a random message (but twice the same one). */`
			`randombytes(m, MLEN);`

			`xmss_sign(sk, sm, &smlen, m, MLEN);`
			`xmss_sign(sk2, sm2, &smlen, m, MLEN);`

			`/* Compare signature, and, if applicable, print the differences. */`
Rename parameters for readability and consistency 2017-10-24 16:51:56 +01:00			`if (memcmp(sm, sm2, params.sig_bytes + MLEN)) {`
Add test to check deterministic signatures Wrote this to find what turned out to be an external error when using the interfacing programs, but felt like it might as well be added. Under the same key and message, the signature is expected to be identical. However, as the index changes, this case will not happen in real use. 2017-10-23 13:52:33 +01:00			`fprintf(stderr, "signatures differ!\n");`
Rename parameters for readability and consistency 2017-10-24 16:51:56 +01:00			`for (i = 0; i < params.sig_bytes + MLEN; i++) {`
Add test to check deterministic signatures Wrote this to find what turned out to be an external error when using the interfacing programs, but felt like it might as well be added. Under the same key and message, the signature is expected to be identical. However, as the index changes, this case will not happen in real use. 2017-10-23 13:52:33 +01:00			`fprintf(stderr, (sm[i] != sm2[i] ? "x" : "."));`
			`}`
			`fprintf(stderr, "\n");`
			`return -1;`
			`}`
			`else {`
			`fprintf(stderr, "signatures are identical.\n");`
			`}`

			`return 0;`
			`}`