kris
/
xmss-KAT-generator
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
140 Commits
1 Branch
488 KiB
Tree: db1d6a1eda
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'db1d6a1eda'
${ noResults }
xmss-KAT-generator/test/acvpkat.c

acvpkat.c 10 KiB
Raw Normal View History

[xmss] Create ACVP tests
5 months ago
add parameter name to the vectors
5 months ago
[xmss] Create ACVP tests
5 months ago
[acvp-kat] Adds OID to keys and signature
5 months ago
[xmss] Create ACVP tests
5 months ago
[acvp-kat] Adds OID to keys and signature
5 months ago
[xmss] Create ACVP tests
5 months ago
[acvp-kat] Adds OID to keys and signature
5 months ago
[xmss] Create ACVP tests
5 months ago
[acvp-kat] Adds OID to keys and signature
5 months ago
[xmss] Create ACVP tests
5 months ago
[acvp-kat] Adds OID to keys and signature
5 months ago
[xmss] Create ACVP tests
5 months ago
[acvp-kat] Adds OID to keys and signature
5 months ago
[xmss] Create ACVP tests
5 months ago
[acvp-kat] Adds OID to keys and signature
5 months ago
[xmss] Create ACVP tests
5 months ago
add parameter name to the vectors
5 months ago
[xmss] Create ACVP tests
5 months ago
[acvp-kat] Adds OID to keys and signature
5 months ago
[xmss] Create ACVP tests
5 months ago
add parameter name to the vectors
5 months ago
[xmss] Create ACVP tests
5 months ago
add parameter name to the vectors
5 months ago
[xmss] Create ACVP tests
5 months ago
[acvp-kat] Adds OID to keys and signature
5 months ago
[xmss] Create ACVP tests
5 months ago
[acvp-kat] Adds OID to keys and signature
5 months ago
[xmss] Create ACVP tests
5 months ago
[acvp-kat] Adds OID to keys and signature
5 months ago
[xmss] Create ACVP tests
5 months ago
add parameter name to the vectors
5 months ago
[xmss] Create ACVP tests
5 months ago
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292 
  1. /* 

  2.  * Generate intermediate test vectors useful to test implementations.

  3.  */

  4. 

  5. // Number of sample vectors to be generated

  6. #include <stdint.h>

  7. #include <stdio.h>

  8. #include <string.h>

  9. 

  10. #include "../fips202.h"

  11. #include "../params.h"

  12. #include "../randombytes.h"

  13. #include "../utils.h"

  14. #include "../wots.h"

  15. #include "../xmss_commons.h"

  16. #include "../xmss_core.h"

  17. 

  18. #include <sys/random.h>

  19. #include <sys/stat.h>

  20. 

  21. #include <json.h>

  22. 

  23. struct param_t {

  24.     uint8_t oid;

  25.     const char *name;

  26.     const char *hash;

  27.     unsigned height;

  28.     unsigned n_samples;

  29. };

  30. 

  31. void sprint_hex(char *sbuf, unsigned char *buf, int len) {

  32.     for (int i = 0; i < len; i++) { 

  33.         sprintf(&sbuf[2*i], "%02X", buf[i]); 

  34.     }

  35.     sbuf[2*len] = '\0';

  36. }

  37. 

  38. void vectors_keygen(uint32_t oid, json_object *jreq, json_object *jres, uint32_t n_samples) {

  39.     xmss_params params;

  40.     struct json_object *tc_req, *tcs_req, *tc_res, *tcs_res;

  41.     

  42.     xmss_parse_oid(&params, oid);

  43. 

  44.     unsigned char seed[params.n * 3];

  45.     unsigned char pk[params.pk_bytes + XMSS_OID_LEN];

  46.     unsigned char sk[params.sk_bytes + XMSS_OID_LEN];

  47.     char *sbuf;

  48.     unsigned i;

  49. 

  50.     tcs_req = json_object_new_array();

  51.     tcs_res = json_object_new_array();

  52. 

  53.     for (i = 0; i < XMSS_OID_LEN; i++) {

  54.         pk[XMSS_OID_LEN - i - 1] = (oid >> (8 * i)) & 0xFF;

  55.         sk[XMSS_OID_LEN - i - 1] = (oid >> (8 * i)) & 0xFF;

  56.     }

  57. 

  58.     for (size_t i=0; i<n_samples; i++) {

  59.         tc_req = json_object_new_object();

  60.         tc_res = json_object_new_object();

  61. 

  62.         getentropy(seed, 3*params.n);

  63.         xmssmt_core_seed_keypair(&params, &pk[XMSS_OID_LEN], &sk[XMSS_OID_LEN], seed);

  64. 

  65.         json_object_object_add(tc_req, "tcId", json_object_new_int(i+1));

  66.         sbuf = malloc(2*params.n + 1);

  67.         sprint_hex(sbuf, seed, params.n);

  68.         json_object_object_add(tc_req, "S_XMSS", json_object_new_string(sbuf));

  69.         sprint_hex(sbuf, &seed[params.n], params.n);

  70.         json_object_object_add(tc_req, "SK_PRF", json_object_new_string(sbuf));

  71.         sprint_hex(sbuf, &seed[2*params.n], params.n);

  72.         json_object_object_add(tc_req, "I", json_object_new_string(sbuf));

  73.         free(sbuf);

  74. 

  75.         json_object_object_add(tc_res, "tcId", json_object_new_int(i+1));

  76.         sbuf = malloc(2*params.pk_bytes + 1);

  77.         sprint_hex(sbuf, pk, params.pk_bytes + XMSS_OID_LEN);

  78.         json_object_object_add(tc_res, "publicKey", json_object_new_string(sbuf));

  79.         free(sbuf);

  80. 

  81.         sbuf = malloc(2*params.sk_bytes + 1);

  82.         sprint_hex(sbuf, sk, params.sk_bytes + XMSS_OID_LEN);

  83.         json_object_object_add(tc_res, "secretKey", json_object_new_string(sbuf));

  84.         free(sbuf);

  85. 

  86.         json_object_array_add(tcs_req,tc_req);

  87.         json_object_array_add(tcs_res,tc_res);

  88.     }

  89.     json_object_object_add(jreq, "tests", tcs_req);

  90.     json_object_object_add(jres, "tests", tcs_res);

  91. }

  92. 

  93. void json_header_keygen(json_object *jobj) {

  94.     json_object_object_add(jobj, "vsId", json_object_new_int(0));

  95.     json_object_object_add(jobj, "algorithm", json_object_new_string("XMSS"));

  96.     json_object_object_add(jobj, "mode", json_object_new_string("keyGen"));

  97.     json_object_object_add(jobj, "revision", json_object_new_string("1.0"));

  98.     json_object_object_add(jobj, "isSample", json_object_new_boolean(1));

  99. }

  100. 

  101. void keygen_KAT(const struct param_t *h) {

  102.     struct json_object *jres, *jreq, *tgs_req, *tgs_res, *tg_req, *tg_res;

  103.     char buf[256];

  104. 

  105.     jreq = json_object_new_object();

  106.     jres = json_object_new_object();

  107. 

  108.     json_header_keygen(jreq);

  109.     json_header_keygen(jres);

  110. 

  111.     tgs_req = json_object_new_array();

  112.     tgs_res = json_object_new_array();

  113. 

  114.     tg_req = json_object_new_object();

  115.     tg_res = json_object_new_object();

  116. 

  117.     // Request file

  118.     json_object_object_add(tg_req, "tgId", json_object_new_int(1));

  119.     json_object_object_add(tg_req, "testType", json_object_new_string("AFT"));

  120.     json_object_object_add(tg_req, "OID", json_object_new_int(h->oid));

  121.     json_object_object_add(tg_req, "param", json_object_new_string(h->name));

  122. 

  123.     // Response file

  124.     json_object_object_add(tg_res, "tgId", json_object_new_int(1));

  125.     json_object_object_add(tg_req, "OID", json_object_new_int(h->oid));

  126. 

  127.     vectors_keygen(h->oid, tg_req, tg_res, h->n_samples); 

  128. 

  129.     json_object_array_add(tgs_req, tg_req);

  130.     json_object_array_add(tgs_res, tg_res);

  131. 

  132.     json_object_object_add(jreq, "testGroups", tgs_req);

  133.     json_object_object_add(jres, "testGroups", tgs_res);

  134.     

  135.     sprintf(buf, "XMSS-%s-%s-H%u", "keyGen", h->hash, h->height);

  136.     mkdir(buf, S_IRWXU | S_IRWXG | S_IROTH | S_IXOTH);

  137.     sprintf(buf, "XMSS-%s-%s-H%u/%s", "keyGen", h->hash, h->height, "prompt.json");

  138.     json_object_to_file_ext(buf, jreq, JSON_C_TO_STRING_SPACED | JSON_C_TO_STRING_PRETTY);

  139.     sprintf(buf, "XMSS-%s-%s-H%u/%s", "keyGen", h->hash, h->height, "expectedResults.json");

  140.     json_object_to_file_ext(buf, jres, JSON_C_TO_STRING_SPACED | JSON_C_TO_STRING_PRETTY);

  141. 

  142.     json_object_put(jres);

  143.     json_object_put(jreq);

  144. }

  145. 

  146. void json_header_siggen(json_object *jobj) {

  147.     json_object_object_add(jobj, "vsId", json_object_new_int(0));

  148.     json_object_object_add(jobj, "algorithm", json_object_new_string("XMSS"));

  149.     json_object_object_add(jobj, "mode", json_object_new_string("sigGen"));

  150.     json_object_object_add(jobj, "revision", json_object_new_string("1.0"));

  151.     json_object_object_add(jobj, "isSample", json_object_new_boolean(1));

  152. }

  153. 

  154. void vectors_siggen(uint32_t oid, unsigned char *sk, json_object *jreq, json_object *jres, uint32_t n_samples) {

  155.     xmss_params params;

  156.     struct json_object *tc_req, *tcs_req, *tc_res, *tcs_res;

  157.     

  158.     xmss_parse_oid(&params, oid);

  159.     unsigned char sm[params.sig_bytes + 128];

  160.     unsigned long long smlen = 0;

  161.     unsigned char msg[128];

  162.     unsigned q;

  163.     unsigned height = 1u << (params.full_height);

  164.     char *sbuf;

  165. 

  166.     tcs_req = json_object_new_array();

  167.     tcs_res = json_object_new_array();

  168. 

  169.     for (size_t i=0; i<n_samples; i++) {

  170.         tc_req = json_object_new_object();

  171.         tc_res = json_object_new_object();

  172. 

  173.         getentropy(msg, 128);

  174.         getentropy(&q, sizeof(q));

  175.         q = q % height;

  176.         smlen = 0;

  177. 

  178.         ull_to_bytes(sk, params.index_bytes, q);

  179.         xmss_core_sign(&params, sk, sm, &smlen, msg, 128);

  180. 

  181.         json_object_object_add(tc_res, "tcId", json_object_new_int(i+1));

  182.         json_object_object_add(tc_req, "tcId", json_object_new_int(i+1));

  183. 

  184.         sbuf = malloc(2*128 + 1);

  185.         sprint_hex(sbuf, msg, 128);

  186.         json_object_object_add(tc_req, "message", json_object_new_string(sbuf));

  187.         free(sbuf);

  188. 

  189.         sbuf = malloc(2*smlen + 1);

  190.         sprint_hex(sbuf, sm, smlen);

  191.         json_object_object_add(tc_res, "signature", json_object_new_string(sbuf));

  192.         free(sbuf);

  193. 

  194.         json_object_object_add(tc_req, "q", json_object_new_int(q));

  195.         json_object_array_add(tcs_req, tc_req);

  196.         json_object_array_add(tcs_res, tc_res);

  197.     }

  198.     json_object_object_add(jreq, "tests", tcs_req);

  199.     json_object_object_add(jres, "tests", tcs_res);

  200. }

  201. 

  202. void siggen_KAT(const struct param_t *h) {

  203.     xmss_params params;

  204.     struct json_object *jres, *jreq, *tgs_req, *tgs_res, *tg_req, *tg_res;

  205.     xmss_parse_oid(&params, h->oid);

  206. 

  207.     char buf[256], *sbuf;

  208.     unsigned char seed[params.n * 3];

  209.     unsigned char pk[params.pk_bytes + XMSS_OID_LEN];

  210.     unsigned char sk[params.sk_bytes + XMSS_OID_LEN];

  211. 

  212.     jreq = json_object_new_object();

  213.     jres = json_object_new_object();

  214. 

  215.     json_header_siggen(jreq);

  216.     json_header_siggen(jres);

  217. 

  218.     tgs_req = json_object_new_array();

  219.     tgs_res = json_object_new_array();

  220. 

  221.     tg_req = json_object_new_object();

  222.     tg_res = json_object_new_object();

  223. 

  224.     // Request file

  225.     json_object_object_add(tg_req, "tgId", json_object_new_int(1));

  226.     json_object_object_add(tg_req, "testType", json_object_new_string("AFT"));

  227.     json_object_object_add(tg_req, "OID", json_object_new_int(h->oid));

  228.     json_object_object_add(tg_req, "param", json_object_new_string(h->name));

  229. 

  230.     // Response file

  231.     json_object_object_add(tg_res, "tgId", json_object_new_int(1));

  232.     json_object_object_add(tg_res, "OID", json_object_new_int(h->oid));

  233.     

  234.     getentropy(seed, 3*params.n);

  235.     xmssmt_core_seed_keypair(&params, pk + XMSS_OID_LEN, sk + XMSS_OID_LEN, seed);

  236. 

  237.     sbuf = malloc(2*params.n + 1);

  238.     sprint_hex(sbuf, seed, params.n);

  239.     json_object_object_add(tg_req, "S_XMSS", json_object_new_string(sbuf));

  240.     sprint_hex(sbuf, &seed[params.n], params.n);

  241.     json_object_object_add(tg_req, "SK_PRF", json_object_new_string(sbuf));

  242.     sprint_hex(sbuf, &seed[2*params.n], params.n);

  243.     json_object_object_add(tg_req, "I", json_object_new_string(sbuf));

  244.     free(sbuf);

  245. 

  246.     sbuf = malloc(2*params.pk_bytes + 1);

  247.     sprint_hex(sbuf, pk, params.pk_bytes  + XMSS_OID_LEN);

  248.     json_object_object_add(tg_res, "publicKey", json_object_new_string(sbuf));

  249.     free(sbuf);

  250. 

  251.     vectors_siggen(h->oid, sk + XMSS_OID_LEN, tg_req, tg_res, h->n_samples); 

  252. 

  253.     json_object_array_add(tgs_req, tg_req);

  254.     json_object_array_add(tgs_res, tg_res);

  255. 

  256.     json_object_object_add(jreq, "testGroups", tgs_req);

  257.     json_object_object_add(jres, "testGroups", tgs_res);

  258.     

  259.     sprintf(buf, "XMSS-%s-%s-H%u", "sigGen", h->hash, h->height);

  260.     mkdir(buf, S_IRWXU | S_IRWXG | S_IROTH | S_IXOTH);

  261.     sprintf(buf, "XMSS-%s-%s-H%u/%s", "sigGen", h->hash, h->height, "prompt.json");

  262.     json_object_to_file_ext(buf, jreq, JSON_C_TO_STRING_SPACED | JSON_C_TO_STRING_PRETTY);

  263.     sprintf(buf, "XMSS-%s-%s-H%u/%s", "sigGen", h->hash, h->height, "expectedResults.json");

  264.     json_object_to_file_ext(buf, jres, JSON_C_TO_STRING_SPACED | JSON_C_TO_STRING_PRETTY);

  265. 

  266.     json_object_put(jres);

  267.     json_object_put(jreq);

  268. }

  269. 

  270. int main() {

  271.     const struct param_t OIDs[] = {

  272.         {0x01, "XMSS-SHA2_10_256", "SHA256-N32", 10, 10},   // H10

  273.         {0x0D, "XMSS-SHA2_10_192", "SHA256-N24", 10, 10},   // H10

  274.         {0x10, "XMSS-SHAKE256_10_256", "SHAKE256-N32", 10, 10}, // H10

  275.         {0x13, "XMSS-SHAKE256_10_192", "SHA2KE56-N24", 10, 10}, // H10

  276. 

  277.         {0x02, "XMSS-SHA2_16_256", "SHA256-N32", 16, 5},    // H16

  278.         {0x0E, "XMSS-SHA2_16_192", "SHA256-N24", 16, 5},    // H16

  279.         {0x11, "XMSS-SHAKE256_16_256", "SHAKE256-N32", 16, 5},  // H16

  280.         {0x14, "XMSS-SHAKE256_16_192", "SHAKE256-N24", 16, 5},  // H16

  281. 

  282.         {0x03, "XMSS-SHA2_20_256", "SHA256-N32", 20, 3},    // H20

  283.         {0x0F, "XMSS-SHA2_20_192", "SHA256-N24", 20, 3},    // H20

  284.         {0x12, "XMSS-SHAKE256_20_256", "SHAKE256-N32", 20, 3},  // H20

  285.         {0x15, "XMSS-SHAKE256_20_192", "SHAKE256-N24", 20, 3}   // H20

  286.     };

  287.     

  288.     for (size_t i=0; i<12; i++) {

  289.         keygen_KAT(&OIDs[i]);

  290.         siggen_KAT(&OIDs[i]);

  291.     }

  292. }