kris
/
xmss-KAT-generator
1
0
Fork 0
Koodi Ongelmat 0 Pull-pyynnöt 0 Julkaisut 0 Wiki Toiminta
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
89 Commitit
1 Haara
488 KiB
 
 
Puu: 5ce8fc402b
Branchit Tagit
${ item.name }
Create branch ${ searchTerm }
from '5ce8fc402b'
${ noResults }
xmss-KAT-generator/test/xmss_core_fast.c

151 rivejä
4.3 KiB
Raaka Blame Historia 

  1. #include <stdio.h>

  2. #include <string.h>

  3. #include <stdlib.h>

  4. 

  5. #include "../xmss_core_fast.h"

  6. #include "../params.h"

  7. #include "../randombytes.h"

  8. 

  9. #define MLEN 3491

  10. #define SIGNATURES 256

  11. 

  12. unsigned long long t1, t2;

  13. 

  14. unsigned long long cpucycles(void)

  15. {

  16.   unsigned long long result;

  17.   asm volatile(".byte 15;.byte 49;shlq $32,%%rdx;orq %%rdx,%%rax" : "=a" (result) ::  "%rdx");

  18.   return result;

  19. }

  20. 

  21. int main()

  22. {

  23.   xmss_params params;

  24.   // TODO test more different OIDs

  25.   uint32_t oid = 0x01000001;

  26.   xmss_parse_oid(&params, oid);

  27. 

  28.   int r;

  29.   unsigned long long i;

  30.   unsigned int k = params.bds_k;

  31. 

  32.   unsigned long errors = 0;

  33. 

  34.   unsigned char sk[4*params.n+4];

  35.   unsigned char pk[2*params.n];

  36. 

  37.   // TODO should we hide this into xmss_fast.c and just allocate a large enough chunk of memory here?

  38.   unsigned char stack[(params.tree_height+1)*params.n];

  39.   unsigned int stackoffset = 0;

  40.   unsigned char stacklevels[params.tree_height+1];

  41.   unsigned char auth[(params.tree_height)*params.n];

  42.   unsigned char keep[(params.tree_height >> 1)*params.n];

  43.   treehash_inst treehash[params.tree_height-k];

  44.   unsigned char th_nodes[(params.tree_height-k)*params.n];

  45.   unsigned char retain[((1 << k) - k - 1)*params.n];

  46.   bds_state s;

  47.   bds_state *state = &s;

  48.   for (i = 0; i < params.tree_height-k; i++)

  49.     treehash[i].node = &th_nodes[params.n*i];

  50.   xmss_set_bds_state(state, stack, stackoffset, stacklevels, auth, keep, treehash, retain, 0);

  51. 

  52.   unsigned long long signature_length = 4+params.n+params.wots_sig_bytes+params.tree_height*params.n;

  53.   unsigned char mi[MLEN];

  54.   unsigned char mo[MLEN+signature_length];

  55.   unsigned char sm[MLEN+signature_length];

  56.   unsigned long long smlen;

  57.   unsigned long long mlen;

  58. 

  59.   randombytes(mi, MLEN);

  60. 

  61.   printf("keypair\n");

  62.   t1 = cpucycles();

  63.   xmss_core_keypair(&params, pk, sk, state);

  64.   t2 = cpucycles();

  65.   printf("cycles = %llu\n", (t2-t1));

  66.   double sec = (t2-t1)/3500000;

  67.   printf("ms = %f\n", sec);

  68.   // check pub_seed in SK

  69.   for (i = 0; i < params.n; i++) {

  70.     if (pk[params.n+i] != sk[4+2*params.n+i]) printf("pk.pub_seed != sk.pub_seed %llu",i);

  71.     if (pk[i] != sk[4+3*params.n+i]) printf("pk.root != sk.root %llu",i);

  72.   }

  73. 

  74.   // check index

  75.   unsigned long idx = ((unsigned long)sk[0] << 24) | ((unsigned long)sk[1] << 16) | ((unsigned long)sk[2] << 8) | sk[3];

  76.   if (idx) printf("\nidx != 0 %lu\n",idx);

  77. 

  78.   for (i = 0; i < SIGNATURES; i++) {

  79.     printf("sign\n");

  80.     xmss_core_sign(&params, sk, state, sm, &smlen, mi, MLEN);

  81.     idx = ((unsigned long)sm[0] << 24) | ((unsigned long)sm[1] << 16) | ((unsigned long)sm[2] << 8) | sm[3];

  82.     printf("\nidx = %lu\n",idx);

  83. 

  84.     r = memcmp(mi, sm+signature_length,MLEN);

  85.     printf("%d\n", r);

  86. 

  87.         /* Test valid signature */

  88.     printf("verify\n");

  89.     r = xmss_core_sign_open(&params, mo, &mlen, sm, smlen, pk);

  90.     printf("%d\n", r);

  91.     if (r != 0) errors++;

  92.     r = memcmp(mi,mo,MLEN);

  93.     printf("%d\n", r);

  94.     printf("%llu\n", MLEN-mlen);

  95. 

  96.     /* Test with modified message */

  97.     sm[signature_length+10] ^= 1;

  98.     r = xmss_core_sign_open(&params, mo, &mlen, sm, smlen, pk);

  99.     printf("%d\n", r+1);

  100.     if (r == 0) errors++;

  101.     r = memcmp(mi,mo,MLEN);

  102.     printf("%d\n", (r!=0) - 1);

  103.     printf("%llu\n", mlen+1);

  104. 

  105.     /* Test with modified signature */

  106.     /* Modified index */

  107.     sm[signature_length+10] ^= 1;

  108.     sm[2] ^= 1;

  109.     r = xmss_core_sign_open(&params, mo, &mlen, sm, smlen, pk);

  110.     printf("%d\n", r+1);

  111.     if (r == 0) errors++;

  112.     r = memcmp(mi,mo,MLEN);

  113.     printf("%d\n", (r!=0) - 1);

  114.     printf("%llu\n", mlen+1);

  115. 

  116.     /* Modified R */

  117.     sm[2] ^= 1;

  118.     sm[5] ^= 1;

  119.     r = xmss_core_sign_open(&params, mo, &mlen, sm, smlen, pk);

  120.     printf("%d\n", r+1);

  121.     if (r == 0) errors++;

  122.     r = memcmp(mi,mo,MLEN);

  123.     printf("%d\n", (r!=0) - 1);

  124.     printf("%llu\n", mlen+1);

  125. 

  126.     /* Modified OTS sig */

  127.     sm[5] ^= 1;

  128.     sm[240] ^= 1;

  129.     r = xmss_core_sign_open(&params, mo, &mlen, sm, smlen, pk);

  130.     printf("%d\n", r+1);

  131.     if (r == 0) errors++;

  132.     r = memcmp(mi,mo,MLEN);

  133.     printf("%d\n", (r!=0) - 1);

  134.     printf("%llu\n", mlen+1);

  135. 

  136.     /* Modified AUTH */

  137.     sm[240] ^= 1;

  138.     sm[signature_length - 10] ^= 1;

  139.     r = xmss_core_sign_open(&params, mo, &mlen, sm, smlen, pk);

  140.     printf("%d\n", r+1);

  141.     if (r == 0) errors++;

  142.     r = memcmp(mi,mo,MLEN);

  143.     printf("%d\n", (r!=0) - 1);

  144.     printf("%llu\n", mlen+1);

  145.   }

  146. 

  147.   printf("#errors = %lu\n", errors);

  148.   printf("finished loop\n");

  149.   return 0;

  150. }