genkat_aead.c 5.47 KB
Newer Older
Johann Großschädl committed
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165
// NIST-developed software is provided by NIST as a public service. You may
// use, copy and distribute copies of the software in any medium, provided that
// you keep intact this entire notice. You may improve, modify and create
// derivative works of the software or any portion of the software, and you may
// copy and distribute such modifications or works. Modified works should carry
// a notice stating that you changed the software and should note the date and
// nature of any such change. Please explicitly acknowledge the National
// Institute of Standards and Technology as the source of the software.
//
// NIST-developed software is expressly provided "AS IS." NIST MAKES NO
// WARRANTY OF ANY KIND, EXPRESS, IMPLIED, IN FACT OR ARISING BY OPERATION OF
// LAW, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTY OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT AND DATA ACCURACY. NIST
// NEITHER REPRESENTS NOR WARRANTS THAT THE OPERATION OF THE SOFTWARE WILL BE 
// UNINTERRUPTED OR ERROR-FREE, OR THAT ANY DEFECTS WILL BE CORRECTED. NIST
// DOES NOT WARRANT OR MAKE ANY REPRESENTATIONS REGARDING THE USE OF THE
// SOFTWARE OR THE RESULTS THEREOF, INCLUDING BUT NOT LIMITED TO THE
// CORRECTNESS, ACCURACY, RELIABILITY, OR USEFULNESS OF THE SOFTWARE.
//
// You are solely responsible for determining the appropriateness of using and
// distributing the software and you assume all risks associated with its use, 
// including but not limited to the risks and costs of program errors,
// compliance with applicable laws, damage to or loss of data, programs or
// equipment, and the unavailability or interruption of operation. This
// software is not intended to be used in any situation where a failure could
// cause risk of injury or damage to property. The software developed by NIST
// employees is not subject to copyright protection within the United States.


// disable deprecation for sprintf and fopen
#ifdef _MSC_VER
#define _CRT_SECURE_NO_WARNINGS
#endif

#include <stdio.h>
#include <string.h>

#include "crypto_aead.h"
#include "api.h"

#define KAT_SUCCESS          0
#define KAT_FILE_OPEN_ERROR -1
#define KAT_DATA_ERROR      -3
#define KAT_CRYPTO_FAILURE  -4

#define MAX_FILE_NAME              256
#define MAX_MESSAGE_LENGTH         32
#define MAX_ASSOCIATED_DATA_LENGTH 32

typedef unsigned char UChar;
typedef unsigned long long int ULLInt;

void init_buffer(UChar *buffer, ULLInt numbytes);
void fprint_bstr(FILE *fp, const char *label, const UChar *data, \
                 ULLInt length);
int generate_test_vectors(void);

/*
int main(void)
{
  int ret;
  
  ret = generate_test_vectors();
  if (ret != KAT_SUCCESS) {
    fprintf(stderr, "test vector generation failed with code %d\n", ret);
  }
  
  return ret;
}
*/

int generate_test_vectors(void)
{
  FILE *fp;
  char fileName[MAX_FILE_NAME];
  UChar key[CRYPTO_KEYBYTES];
  UChar nonce[CRYPTO_NPUBBYTES];
  UChar msg[MAX_MESSAGE_LENGTH];
  UChar msg2[MAX_MESSAGE_LENGTH];
  UChar ad[MAX_ASSOCIATED_DATA_LENGTH];
  UChar ct[MAX_MESSAGE_LENGTH + CRYPTO_ABYTES];
  ULLInt clen, mlen2;
  ULLInt mlen, adlen;
  int count = 1;
  int func_ret, ret_val = KAT_SUCCESS;
  
  init_buffer(key, sizeof(key));
  init_buffer(nonce, sizeof(nonce));
  init_buffer(msg, sizeof(msg));
  init_buffer(ad, sizeof(ad));
  
  sprintf(fileName, "LWC_AEAD_KAT_%d_%d.txt", (CRYPTO_KEYBYTES*8), \
          (CRYPTO_NPUBBYTES*8));
  if ((fp = fopen(fileName, "w")) == NULL) {
    fprintf(stderr, "Couldn't open <%s> for write\n", fileName);
    return KAT_FILE_OPEN_ERROR;
  }
  
  for (mlen = 0; (mlen<=MAX_MESSAGE_LENGTH)&&(ret_val==KAT_SUCCESS); mlen++) {
    
    for(adlen = 0; adlen <= MAX_ASSOCIATED_DATA_LENGTH; adlen++) {
      
      fprintf(fp, "Count = %d\n", count++);
      fprint_bstr(fp, "Key = ", key, CRYPTO_KEYBYTES);
      fprint_bstr(fp, "Nonce = ", nonce, CRYPTO_NPUBBYTES);
      fprint_bstr(fp, "PT = ", msg, mlen);
      fprint_bstr(fp, "AD = ", ad, adlen);
      
      func_ret = crypto_aead_encrypt(ct, &clen, msg, mlen, ad, adlen, NULL, \
                                     nonce, key);
      if (func_ret != 0) {
        fprintf(fp, "crypto_aead_encrypt returned <%d>\n", func_ret);
        ret_val = KAT_CRYPTO_FAILURE;
        break;
      }
      
      fprint_bstr(fp, "CT = ", ct, clen);
      fprintf(fp, "\n");
      
      func_ret = crypto_aead_decrypt(msg2, &mlen2, NULL, ct, clen, ad, adlen, \
                                     nonce, key);
      if (func_ret != 0) {
        fprintf(fp, "crypto_aead_decrypt returned <%d>\n", func_ret);
        ret_val = KAT_CRYPTO_FAILURE;
        break;
      }
      
      if (mlen != mlen2) {
        fprintf(fp, "crypto_aead_decrypt returned bad 'mlen': Got <%llu>, \
                expected <%llu>\n", mlen2, mlen);
        ret_val = KAT_CRYPTO_FAILURE;
        break;
      }
      
      if (memcmp(msg, msg2, ((size_t) mlen))) {
        fprintf(fp, "crypto_aead_decrypt did not recover the plaintext\n");
        ret_val = KAT_CRYPTO_FAILURE;
        break;
      }
    }
  }
  
  fclose(fp);
  return ret_val;
}


void fprint_bstr(FILE *fp, const char *label, const UChar *data, ULLInt length)
{
  ULLInt i;
  
  fprintf(fp, "%s", label);
  for (i = 0; i < length; i++)
    fprintf(fp, "%02X", data[i]);
  fprintf(fp, "\n");
}


void init_buffer(UChar *buffer, ULLInt numbytes)
{
  ULLInt i;
  
  for (i = 0; i < numbytes; i++)
    buffer[i] = (UChar)i;
}