genkat_aead.c 5.57 KB
Newer Older
lwc-tester committed
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159
//
// NIST-developed software is provided by NIST as a public service.
// You may use, copy and distribute copies of the software in any medium,
// provided that you keep intact this entire notice. You may improve,
// modify and create derivative works of the software or any portion of
// the software, and you may copy and distribute such modifications or
// works. Modified works should carry a notice stating that you changed
// the software and should note the date and nature of any such change.
// Please explicitly acknowledge the National Institute of Standards and
// Technology as the source of the software.
//
// NIST-developed software is expressly provided "AS IS." NIST MAKES NO
// WARRANTY OF ANY KIND, EXPRESS, IMPLIED, IN FACT OR ARISING BY OPERATION
// OF LAW, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTY OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT AND DATA ACCURACY. NIST
// NEITHER REPRESENTS NOR WARRANTS THAT THE OPERATION OF THE SOFTWARE WILL BE
// UNINTERRUPTED OR ERROR-FREE, OR THAT ANY DEFECTS WILL BE CORRECTED. NIST
// DOES NOT WARRANT OR MAKE ANY REPRESENTATIONS REGARDING THE USE OF THE SOFTWARE
// OR THE RESULTS THEREOF, INCLUDING BUT NOT LIMITED TO THE CORRECTNESS, ACCURACY,
// RELIABILITY, OR USEFULNESS OF THE SOFTWARE.
//
// You are solely responsible for determining the appropriateness of using and
// distributing the software and you assume all risks associated with its use,
// including but not limited to the risks and costs of program errors, compliance
// with applicable laws, damage to or loss of data, programs or equipment, and
// the unavailability or interruption of operation. This software is not intended
// to be used in any situation where a failure could cause risk of injury or
// damage to property. The software developed by NIST employees is not subject to
// copyright protection within the United States.
//

// disable deprecation for sprintf and fopen
#ifdef _MSC_VER
#define _CRT_SECURE_NO_WARNINGS
#endif

#include <stdio.h>
#include <string.h>

#include "crypto_aead.h"
#include "api.h"

#define KAT_SUCCESS          0
#define KAT_FILE_OPEN_ERROR -1
#define KAT_DATA_ERROR      -3
#define KAT_CRYPTO_FAILURE  -4

#define MAX_FILE_NAME               256
#define MAX_MESSAGE_LENGTH          32
#define MAX_ASSOCIATED_DATA_LENGTH  32

void init_buffer(unsigned char *buffer, unsigned long long numbytes);

void fprint_bstr(FILE *fp, const char *label, const unsigned char *data, unsigned long long length);

int generate_test_vectors();

int main()
{
    int ret = generate_test_vectors();

    if (ret != KAT_SUCCESS) {
        fprintf(stderr, "test vector generation failed with code %d\n", ret);
    }

    return ret;
}

int generate_test_vectors()
{
    FILE                *fp;
    char                fileName[MAX_FILE_NAME];
    unsigned char       key[CRYPTO_KEYBYTES];
    unsigned char       nonce[CRYPTO_NPUBBYTES];
    unsigned char       msg[MAX_MESSAGE_LENGTH];
    unsigned char       msg2[MAX_MESSAGE_LENGTH];
    unsigned char       ad[MAX_ASSOCIATED_DATA_LENGTH];
    unsigned char       ct[MAX_MESSAGE_LENGTH + CRYPTO_ABYTES];
    unsigned long long  clen, mlen2;
    int                 count = 1;
    int                 func_ret, ret_val = KAT_SUCCESS;

    init_buffer(key, sizeof(key));
    init_buffer(nonce, sizeof(nonce));
    init_buffer(msg, sizeof(msg));
    init_buffer(ad, sizeof(ad));

    sprintf(fileName, "LWC_AEAD_KAT_%d_%d.txt", (CRYPTO_KEYBYTES * 8), (CRYPTO_NPUBBYTES * 8));

    if ((fp = fopen(fileName, "w")) == NULL) {
        fprintf(stderr, "Couldn't open <%s> for write\n", fileName);
        return KAT_FILE_OPEN_ERROR;
    }

    for (unsigned long long mlen = 0; (mlen <= MAX_MESSAGE_LENGTH) && (ret_val == KAT_SUCCESS); mlen++) {

        for (unsigned long long adlen = 0; adlen <= MAX_ASSOCIATED_DATA_LENGTH; adlen++) {

            fprintf(fp, "Count = %d\n", count++);

            fprint_bstr(fp, "Key = ", key, CRYPTO_KEYBYTES);

            fprint_bstr(fp, "Nonce = ", nonce, CRYPTO_NPUBBYTES);

            fprint_bstr(fp, "PT = ", msg, mlen);

            fprint_bstr(fp, "AD = ", ad, adlen);

            if ((func_ret = crypto_aead_encrypt(ct, &clen, msg, mlen, ad, adlen, NULL, nonce, key)) != 0) {
                fprintf(fp, "crypto_aead_encrypt returned <%d>\n", func_ret);
                ret_val = KAT_CRYPTO_FAILURE;
                break;
            }

            fprint_bstr(fp, "CT = ", ct, clen);

            fprintf(fp, "\n");

            if ((func_ret = crypto_aead_decrypt(msg2, &mlen2, NULL, ct, clen, ad, adlen, nonce, key)) != 0) {
                fprintf(fp, "crypto_aead_decrypt returned <%d>\n", func_ret);
                ret_val = KAT_CRYPTO_FAILURE;
                break;
            }

            if (mlen != mlen2) {
                fprintf(fp, "crypto_aead_decrypt returned bad 'mlen': Got <%llu>, expected <%llu>\n", mlen2, mlen);
                ret_val = KAT_CRYPTO_FAILURE;
                break;
            }

            if (memcmp(msg, msg2, mlen)) {
                fprintf(fp, "crypto_aead_decrypt did not recover the plaintext\n");
                ret_val = KAT_CRYPTO_FAILURE;
                break;
            }
        }
    }

    fclose(fp);

    return ret_val;
}


void fprint_bstr(FILE *fp, const char *label, const unsigned char *data, unsigned long long length)
{
    fprintf(fp, "%s", label);

    for (unsigned long long i = 0; i < length; i++)
        fprintf(fp, "%02X", data[i]);

    fprintf(fp, "\n");
}

void init_buffer(unsigned char *buffer, unsigned long long numbytes)
{
    for (unsigned long long i = 0; i < numbytes; i++)
        buffer[i] = (unsigned char)i;
}