Return to test_ntru.c CVS log | Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libstrongswan / tests / suites |
1.1 misho 1: /* 2: * Copyright (C) 2013-2014 Andreas Steffen 3: * HSR Hochschule fuer Technik Rapperswil 4: * 5: * This program is free software; you can redistribute it and/or modify it 6: * under the terms of the GNU General Public License as published by the 7: * Free Software Foundation; either version 2 of the License, or (at your 8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. 9: * 10: * This program is distributed in the hope that it will be useful, but 11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY 12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 13: * for more details. 14: */ 15: 16: #include "test_suite.h" 17: 18: #include <utils/test.h> 19: #include <crypto/xofs/xof.h> 20: #include <crypto/drbgs/drbg.h> 21: #include <crypto/rngs/rng_tester.h> 22: #include <plugins/ntru/ntru_trits.h> 23: #include <plugins/ntru/ntru_poly.h> 24: #include <plugins/ntru/ntru_param_set.h> 25: #include <plugins/ntru/ntru_private_key.h> 26: 27: IMPORT_FUNCTION_FOR_TESTS(ntru, ntru_trits_create, ntru_trits_t*, 28: size_t len, ext_out_function_t alg, chunk_t seed) 29: 30: IMPORT_FUNCTION_FOR_TESTS(ntru, ntru_poly_create_from_seed, ntru_poly_t*, 31: ext_out_function_t alg, chunk_t seed, uint8_t c_bits, 32: uint16_t N, uint16_t q, uint32_t indices_len_p, 33: uint32_t indices_len_m, bool is_product_form) 34: 35: IMPORT_FUNCTION_FOR_TESTS(ntru, ntru_poly_create_from_data, ntru_poly_t*, 36: uint16_t *data, uint16_t N, uint16_t q, 37: uint32_t indices_len_p, uint32_t indices_len_m, 38: bool is_product_form) 39: 40: IMPORT_FUNCTION_FOR_TESTS(ntru, ntru_param_set_get_by_id, ntru_param_set_t* , 41: ntru_param_set_id_t id) 42: 43: IMPORT_FUNCTION_FOR_TESTS(ntru, ntru_private_key_create, ntru_private_key_t*, 44: drbg_t *drbg, ntru_param_set_t *params) 45: 46: IMPORT_FUNCTION_FOR_TESTS(ntru, ntru_private_key_create_from_data, ntru_private_key_t*, 47: drbg_t *drbg, chunk_t data) 48: 49: IMPORT_FUNCTION_FOR_TESTS(ntru, ntru_public_key_create_from_data, ntru_public_key_t*, 50: drbg_t *drbg, chunk_t data) 51: 52: /** 53: * NTRU parameter sets to test 54: */ 55: static struct { 56: diffie_hellman_group_t group; 57: char *group_name; 58: } params[] = { 59: { NTRU_112_BIT, "NTRU_112" }, 60: { NTRU_128_BIT, "NTRU_128" }, 61: { NTRU_192_BIT, "NTRU_192" }, 62: { NTRU_256_BIT, "NTRU_256" } 63: }; 64: 65: /** 66: * NTRU parameter set selection 67: */ 68: char *parameter_sets[] = { 69: "x9_98_speed", "x9_98_bandwidth", "x9_98_balance", "optimum" 70: }; 71: 72: typedef struct { 73: uint8_t c_bits; 74: uint16_t N; 75: uint16_t q; 76: bool is_product_form; 77: uint32_t indices_len; 78: uint32_t indices_size; 79: uint16_t *indices; 80: } poly_test_t; 81: 82: typedef struct { 83: ext_out_function_t alg; 84: size_t hash_size; 85: size_t seed_len; 86: chunk_t seed; 87: chunk_t trits; 88: poly_test_t poly_test[2]; 89: } trits_test_t; 90: 91: uint16_t indices_ees439ep1[] = { 92: 367, 413, 16, 214, 114, 128, 42, 268, 346, 329, 119, 303, 208, 287, 150, 93: 3, 45, 321, 110, 109, 272, 430, 80, 305, 51, 381, 322, 140, 207, 315, 94: 206, 186, 56, 5, 273, 177, 44, 100, 205, 210, 98, 191, 8, 336 95: }; 96: 97: uint16_t indices_ees613ep1[] = { 98: 245, 391, 251, 428, 301, 2, 176, 296, 461, 224, 590, 215, 250, 91, 395, 99: 363, 58, 537, 278, 291, 247, 33, 140, 447, 172, 514, 424, 412, 95, 94, 100: 281, 159, 196, 302, 277, 63, 404, 150, 608, 315, 195, 334, 207, 376, 398, 101: 0, 309, 486, 516, 86, 267, 139, 130, 38, 141, 258, 21, 341, 526, 388, 102: 194, 116, 138, 524, 547, 383, 542, 406, 270, 438, 240, 445, 527, 168, 320, 103: 186, 327, 212, 543, 82, 606, 131, 294, 392, 477, 430, 583, 142, 253, 434, 104: 134, 458, 559, 414, 162, 407, 580, 577, 191, 109, 554, 523, 32, 62, 297, 105: 283, 268, 54, 539, 5 106: }; 107: 108: uint16_t indices_ees743ep1[] = { 109: 285, 62, 136, 655, 460, 35, 450, 208, 340, 212, 61, 234, 454, 52, 520, 110: 399, 315, 616, 496, 88, 280, 543, 508, 237, 553, 39, 214, 253, 720, 291, 111: 586, 615, 635, 596, 62, 499, 301, 176, 271, 659, 372, 185, 621, 350, 683, 112: 180, 717, 509, 641, 738, 666, 171, 639, 606, 353, 706, 237, 358, 410, 423, 113: 197, 501, 261, 654, 658, 701, 377, 182, 548, 287, 700, 403, 248, 137 114: }; 115: 116: uint16_t indices_ees1171ep1[] = { 117: 514, 702, 760, 505, 262, 486, 695, 783, 533, 74, 403, 847, 170,1019, 568, 118: 676,1057, 277,1021, 238, 203, 884, 124, 87, 65, 93, 131, 881,1102, 133, 119: 459, 462, 92, 40, 5,1152,1158, 297, 599, 299, 7, 458, 347, 343, 173, 120: 1044, 264, 871, 819, 679, 328, 438, 990, 982, 308,1135, 423, 470, 254, 295, 121: 1029, 892, 759, 789, 123, 939, 749, 353,1062, 145, 562, 337, 550, 102, 549, 122: 821,1098, 823, 96, 365, 135,1110, 334, 391, 638, 963, 962,1002,1069, 993, 123: 983, 649,1056, 399, 385, 715, 582, 799, 161, 512, 629, 979, 250, 37, 213, 124: 929, 413, 566, 336, 727, 160, 616,1170, 748, 282,1115, 325, 994, 189, 500, 125: 913, 332,1118, 753, 946, 775, 59, 809, 782, 612, 909,1090, 223, 777, 940, 126: 866,1032, 471, 298, 969, 192, 411, 721, 476, 910,1045,1027, 812, 352, 487, 127: 215, 625, 808, 230, 602, 457, 900, 416, 985, 850, 908, 155, 670, 669,1054, 128: 400,1126, 733, 647, 786, 195, 148, 362,1094, 389,1086,1166, 231, 436, 210, 129: 333, 824, 785, 826, 658, 472, 639,1046,1028, 519, 422, 80, 924,1089, 547, 130: 1157, 579, 2, 508,1040, 998, 902,1058, 600, 220, 805, 945, 140,1117, 179, 131: 536, 191 132: }; 133: 134: /** 135: * Trits and Polynomial Test Vectors 136: */ 137: static trits_test_t trits_tests[] = { 138: { XOF_MGF1_SHA1, 20, 24, 139: chunk_from_chars( 140: 0xED, 0xA5, 0xC3, 0xBC, 0xAF, 0xB3, 0x20, 0x7D, 141: 0x14, 0xA1, 0x54, 0xF7, 0x8B, 0x37, 0xF2, 0x8D, 142: 0x8C, 0x9B, 0xD5, 0x63, 0x57, 0x38, 0x11, 0xC2, 143: 0xB5, 0xCA, 0xBF, 0x06, 0x43, 0x45, 0x19, 0xD5, 144: 0xE7, 0x36, 0xD0, 0x29, 0x21, 0xDA, 0x02, 0x20, 145: 0x45, 0xF6, 0x5F, 0x0F, 0x10, 0x04, 0x2A, 0xE3, 146: 0x6A, 0x1D, 0xD5, 0x9F, 0x1D, 0x66, 0x44, 0x8F, 147: 0xFA, 0xC6, 0xCA, 0xA4, 0x6E, 0x3B, 0x00, 0x66, 148: 0xA6, 0xC9, 0x80, 0x5C, 0xF5, 0x2D, 0xD7, 0x72, 149: 0xC6, 0xD4, 0x4F, 0x30, 0x72, 0xA2, 0xAD, 0xE0, 150: 0x33, 0xE8, 0x55, 0xD5, 0xE6, 0xD6, 0x00, 0x1D, 151: 0xA8, 0x68, 0xFF, 0x97, 0x36, 0x8A, 0xF4, 0xD6, 152: 0xF1, 0xB6, 0x7E, 0x1F, 0x06, 0xCB, 0x57, 0xCB, 153: 0x35, 0x38, 0xF2, 0x2D, 0xF6, 0x20), 154: chunk_from_chars( 155: 1, 2, 1, 0, 0, 1, 1, 1, 2, 0, 1, 0, 1, 1, 1, 0, 2, 0, 1, 1, 156: 0, 0, 0, 1, 1, 0, 2, 0, 2, 2, 1, 2, 2, 2, 1, 2, 1, 1, 0, 0, 157: 2, 0, 1, 1, 1, 0, 0, 0, 0, 1, 1, 2, 0, 0, 1, 0, 1, 0, 2, 0, 158: 0, 1, 0, 2, 1, 0, 0, 0, 2, 0, 0, 0, 1, 2, 2, 0, 0, 2, 0, 1, 159: 1, 2, 1, 1, 0, 0, 1, 1, 1, 2, 2, 1, 2, 0, 0, 2, 1, 0, 0, 1, 160: 0, 1, 1, 0, 0, 0, 1, 2, 2, 0, 1, 2, 1, 2, 0, 2, 0, 0, 0, 2, 161: 1, 2, 0, 0, 0, 2, 0, 0, 0, 2, 2, 1, 0, 2, 0, 1, 2, 0, 2, 1, 162: 0, 2, 2, 1, 0, 2, 1, 2, 2, 0, 2, 0, 2, 1, 2, 2, 0, 2, 0, 1, 163: 1, 2, 2, 2, 2, 1, 0, 1, 0, 2, 2, 0, 1, 1, 2, 2, 2, 0, 0, 1, 164: 0, 2, 0, 1, 0, 2, 1, 2, 1, 0, 1, 1, 2, 0, 0, 2, 1, 1, 2, 0, 165: 1, 2, 1, 1, 0, 1, 0, 2, 1, 1, 1, 2, 1, 0, 2, 0, 2, 0, 0, 2, 166: 2, 1, 0, 0, 2, 2, 0, 1, 1, 0, 0, 1, 1, 0, 1, 1, 2, 1, 2, 2, 167: 2, 0, 0, 0, 0, 1, 0, 0, 1, 2, 1, 2, 0, 2, 1, 1, 1, 0, 2, 2, 168: 1, 2, 2, 1, 0, 1, 0, 2, 2, 2, 1, 2, 1, 0, 0, 1, 0, 1, 1, 1, 169: 1, 1, 2, 0, 0, 2, 1, 0, 2, 1, 2, 1, 0, 2, 2, 0, 0, 1, 2, 1, 170: 2, 0, 1, 2, 1, 1, 2, 0, 2, 0, 2, 1, 1, 1, 0, 0, 0, 1, 2, 1, 171: 2, 2, 1, 2, 1, 1, 2, 1, 2, 0, 2, 2, 1, 0, 0, 1, 2, 0, 1, 1, 172: 2, 0, 0, 0, 1, 2, 2, 1, 2, 0, 0, 2, 1, 0, 2, 2, 2, 1, 1, 0, 173: 2, 1, 2, 1, 2, 2, 1, 2, 1, 1, 0, 1, 1, 1, 1, 2, 0, 2, 2, 1, 174: 0, 1, 1, 2, 1, 2, 0, 2, 1, 0, 1, 0, 1, 0, 1, 2, 0, 1, 1, 0, 175: 0, 1, 1, 2, 0, 2, 2, 0, 0, 0, 1, 1, 0, 1, 0, 1, 1, 0, 1, 1, 176: 0, 1, 2, 0, 1, 1, 0, 1, 2, 0, 0, 1, 2, 2, 0, 0, 2, 1, 2), 177: { 178: { 9, 439, 2048, TRUE, 9 + (8 << 8) + (5 << 16), 179: countof(indices_ees439ep1), indices_ees439ep1 180: }, 181: { 11, 613, 2048, FALSE, 55, 182: countof(indices_ees613ep1), indices_ees613ep1 183: } 184: } 185: }, 186: { XOF_MGF1_SHA256, 32, 40, 187: chunk_from_chars( 188: 0x52, 0xC5, 0xDD, 0x1E, 0xEF, 0x76, 0x1B, 0x53, 189: 0x08, 0xE4, 0x86, 0x3F, 0x91, 0x12, 0x98, 0x69, 190: 0xC5, 0x9D, 0xDE, 0xF6, 0xFC, 0xFA, 0x93, 0xCE, 191: 0x32, 0x52, 0x66, 0xF9, 0xC9, 0x97, 0xF6, 0x42, 192: 0x00, 0x2C, 0x64, 0xED, 0x1A, 0x6B, 0x14, 0x0A, 193: 0x4B, 0x04, 0xCF, 0x6D, 0x2D, 0x82, 0x0A, 0x07, 194: 0xA2, 0x3B, 0xDE, 0xCE, 0x19, 0x8A, 0x39, 0x43, 195: 0x16, 0x61, 0x29, 0x98, 0x68, 0xEA, 0xE5, 0xCC, 196: 0x0A, 0xF8, 0xE9, 0x71, 0x26, 0xF1, 0x07, 0x36, 197: 0x2C, 0x07, 0x1E, 0xEB, 0xE4, 0x28, 0xA2, 0xF4, 198: 0xA8, 0x12, 0xC0, 0xC8, 0x20, 0x37, 0xF8, 0xF2, 199: 0x6C, 0xAF, 0xDC, 0x6F, 0x2E, 0xD0, 0x62, 0x58, 200: 0xD2, 0x37, 0x03, 0x6D, 0xFA, 0x6E, 0x1A, 0xAC, 201: 0x9F, 0xCA, 0x56, 0xC6, 0xA4, 0x52, 0x41, 0xE8, 202: 0x0F, 0x1B, 0x0C, 0xB9, 0xE6, 0xBA, 0xDE, 0xE1, 203: 0x03, 0x5E, 0xC2, 0xE5, 0xF8, 0xF4, 0xF3, 0x46, 204: 0x3A, 0x12, 0xC0, 0x1F, 0x3A, 0x00, 0xD0, 0x91, 205: 0x18, 0xDD, 0x53, 0xE4, 0x22, 0xF5, 0x26, 0xA4, 206: 0x54, 0xEE, 0x20, 0xF0, 0x80), 207: chunk_from_chars( 208: 1, 2, 2, 2, 2, 1, 2, 2, 0, 0, 2, 0, 0, 0, 0, 1, 2, 2, 2, 0, 209: 2, 0, 0, 2, 2, 1, 2, 0, 0, 1, 2, 1, 0, 0, 0, 1, 0, 2, 2, 1, 210: 1, 2, 0, 0, 0, 1, 2, 0, 2, 2, 1, 2, 1, 0, 1, 0, 1, 2, 1, 1, 211: 1, 2, 0, 1, 0, 2, 1, 1, 0, 0, 0, 1, 2, 0, 0, 1, 2, 1, 2, 0, 212: 2, 1, 1, 1, 2, 2, 2, 2, 1, 0, 0, 2, 0, 2, 0, 1, 1, 0, 2, 2, 213: 2, 0, 1, 0, 2, 2, 1, 0, 1, 0, 1, 0, 0, 2, 2, 0, 0, 1, 2, 0, 214: 1, 1, 1, 0, 0, 2, 0, 2, 1, 2, 2, 2, 0, 0, 2, 1, 0, 2, 0, 1, 215: 0, 1, 2, 0, 1, 2, 0, 1, 0, 1, 2, 0, 2, 2, 0, 1, 2, 2, 1, 2, 216: 2, 2, 0, 2, 1, 1, 1, 0, 0, 1, 0, 2, 0, 0, 1, 0, 1, 2, 0, 0, 217: 1, 2, 1, 0, 2, 1, 1, 0, 0, 2, 1, 2, 2, 2, 1, 2, 1, 1, 2, 2, 218: 0, 2, 0, 0, 2, 0, 0, 1, 1, 2, 0, 0, 0, 1, 2, 1, 1, 1, 1, 0, 219: 0, 0, 2, 0, 2, 0, 2, 2, 1, 2, 2, 0, 0, 1, 1, 1, 0, 1, 0, 1, 220: 0, 1, 2, 2, 0, 2, 1, 1, 0, 2, 1, 2, 1, 2, 1, 0, 0, 1, 0, 0, 221: 1, 0, 1, 0, 2, 0, 2, 0, 0, 1, 2, 0, 2, 0, 1, 1, 0, 2, 0, 0, 222: 1, 2, 1, 2, 1, 2, 1, 0, 1, 1, 2, 2, 1, 1, 0, 0, 2, 1, 2, 0, 223: 1, 0, 2, 0, 0, 1, 2, 0, 2, 0, 1, 1, 2, 2, 2, 2, 0, 0, 1, 2, 224: 1, 1, 1, 0, 2, 1, 2, 2, 0, 2, 0, 1, 2, 2, 0, 1, 1, 1, 0, 0, 225: 2, 0, 1, 0, 1, 0, 2, 1, 2, 0, 2, 1, 2, 1, 2, 2, 0, 2, 1, 0, 226: 2, 1, 2, 0, 0, 2, 0, 1, 2, 1, 1, 2, 0, 0, 0, 0, 1, 2, 0, 1, 227: 2, 2, 1, 0, 0, 1, 2, 1, 2, 0, 0, 1, 1, 0, 0, 0, 1, 0, 0, 0, 228: 2, 0, 1, 2, 1, 2, 0, 0, 0, 2, 1, 0, 0, 0, 1, 2, 2, 0, 0, 0, 229: 2, 2, 1, 1, 0, 1, 0, 2, 2, 0, 2, 1, 2, 1, 0, 2, 2, 2, 0, 0, 230: 0, 1, 1, 2, 1, 0, 0, 0, 0, 1, 2, 2, 1, 2, 1, 2, 0, 2, 0, 2, 231: 1, 1, 1, 2, 1, 2, 1, 2, 1, 1, 0, 1, 0, 2, 0, 0, 0, 2, 1, 2, 232: 2, 2, 2, 0, 1, 1, 1, 0, 1, 0, 2, 0, 2, 1, 0, 1, 2, 1, 1, 0, 233: 1, 2, 1, 0, 0, 2, 1, 0, 1, 1, 2, 2, 1, 1, 1, 2, 2, 2, 1, 0, 234: 0, 0, 0, 1, 1, 0, 0, 2, 2, 2, 2, 2, 0, 1, 2, 0, 1, 2, 0, 1, 235: 1, 0, 1, 1, 2, 2, 0, 1, 1, 0, 2, 2, 1, 1, 1, 2, 1, 2, 2, 1, 236: 1, 0, 1, 0, 2, 2, 1, 0, 2, 2, 2, 2, 2, 1, 0, 2, 2, 2, 1, 2, 237: 0, 2, 0, 0, 0, 0, 0, 1, 2, 0, 1, 0, 1), 238: { 239: { 13, 743, 2048, TRUE, 11 + (11 << 8) + (15 << 16), 240: countof(indices_ees743ep1), indices_ees743ep1 241: }, 242: { 12, 1171, 2048, FALSE, 106, 243: countof(indices_ees1171ep1), indices_ees1171ep1 244: } 245: } 246: } 247: }; 248: 249: START_TEST(test_ntru_trits) 250: { 251: ntru_trits_t *mask; 252: chunk_t trits; 253: 254: mask = TEST_FUNCTION(ntru, ntru_trits_create, trits_tests[_i].trits.len, 255: XOF_UNDEFINED, trits_tests[_i].seed); 256: ck_assert(mask == NULL); 257: 258: mask = TEST_FUNCTION(ntru, ntru_trits_create, trits_tests[_i].trits.len, 259: trits_tests[_i].alg, chunk_empty); 260: ck_assert(mask == NULL); 261: 262: mask = TEST_FUNCTION(ntru, ntru_trits_create, trits_tests[_i].trits.len, 263: trits_tests[_i].alg, trits_tests[_i].seed); 264: ck_assert(mask); 265: 266: trits = chunk_create(mask->get_trits(mask), mask->get_size(mask)); 267: ck_assert(chunk_equals(trits, trits_tests[_i].trits)); 268: mask->destroy(mask); 269: 270: /* generate a multiple of 5 trits */ 271: mask = TEST_FUNCTION(ntru, ntru_trits_create, 10, trits_tests[_i].alg, 272: trits_tests[_i].seed); 273: ck_assert(mask); 274: 275: trits = chunk_create(mask->get_trits(mask), mask->get_size(mask)); 276: ck_assert(chunk_equals(trits, chunk_create(trits_tests[_i].trits.ptr, 10))); 277: mask->destroy(mask); 278: } 279: END_TEST 280: 281: START_TEST(test_ntru_poly) 282: { 283: ntru_poly_t *poly; 284: uint16_t *indices; 285: chunk_t seed; 286: poly_test_t *p; 287: int j, n; 288: 289: seed = trits_tests[_i].seed; 290: seed.len = trits_tests[_i].seed_len; 291: 292: p = &trits_tests[_i].poly_test[0]; 293: poly = TEST_FUNCTION(ntru, ntru_poly_create_from_seed, XOF_UNDEFINED, seed, 294: p->c_bits, p->N, p->q, p->indices_len, p->indices_len, 295: p->is_product_form); 296: ck_assert(poly == NULL); 297: 298: for (n = 0; n < 2; n++) 299: { 300: p = &trits_tests[_i].poly_test[n]; 301: poly = TEST_FUNCTION(ntru, ntru_poly_create_from_seed, 302: trits_tests[_i].alg, seed, p->c_bits, p->N, p->q, 303: p->indices_len, p->indices_len, p->is_product_form); 304: ck_assert(poly != NULL && poly->get_size(poly) == p->indices_size); 305: 306: indices = poly->get_indices(poly); 307: for (j = 0; j < p->indices_size; j++) 308: { 309: ck_assert(indices[j] == p->indices[j]); 310: } 311: poly->destroy(poly); 312: } 313: } 314: END_TEST 315: 316: typedef struct { 317: uint16_t N; 318: uint16_t q; 319: bool is_product_form; 320: uint32_t indices_len_p; 321: uint32_t indices_len_m; 322: uint16_t *indices; 323: uint16_t *a; 324: uint16_t *c; 325: } ring_mult_test_t; 326: 327: uint16_t t1_indices[] = { 1, 6, 5, 3 }; 328: 329: uint16_t t1_a[] = { 1, 0, 0, 0, 0, 0, 0 }; 330: uint16_t t1_c[] = { 0, 1, 0, 7, 0, 7, 1 }; 331: 332: uint16_t t2_a[] = { 5, 0, 0, 0, 0, 0, 0 }; 333: uint16_t t2_c[] = { 0, 5, 0, 3, 0, 3, 5 }; 334: 335: uint16_t t3_a[] = { 4, 0, 0, 0, 0, 0, 0 }; 336: uint16_t t3_c[] = { 0, 4, 0, 4, 0, 4, 4 }; 337: 338: uint16_t t4_a[] = { 0, 6, 0, 0, 0, 0, 0 }; 339: uint16_t t4_c[] = { 6, 0, 6, 0, 2, 0, 2 }; 340: 341: uint16_t t5_a[] = { 4, 6, 0, 0, 0, 0, 0 }; 342: uint16_t t5_c[] = { 6, 4, 6, 4, 2, 4, 6 }; 343: 344: uint16_t t6_a[] = { 0, 0, 3, 0, 0, 0, 0 }; 345: uint16_t t6_c[] = { 5, 3, 0, 3, 0, 5, 0 }; 346: 347: uint16_t t7_a[] = { 4, 6, 3, 0, 0, 0, 0 }; 348: uint16_t t7_c[] = { 3, 7, 6, 7, 2, 1, 6 }; 349: 350: uint16_t t8_a[] = { 0, 0, 0, 7, 0, 0, 0 }; 351: uint16_t t8_c[] = { 0, 1, 7, 0, 7, 0, 1 }; 352: 353: uint16_t t9_a[] = { 4, 6, 3, 7, 0, 0, 0 }; 354: uint16_t t9_c[] = { 3, 0, 5, 7, 1, 1, 7 }; 355: 356: uint16_t t10_a[] = { 0, 0, 0, 0, 0, 1, 0 }; 357: uint16_t t10_c[] = { 0, 7, 0, 7, 1, 0, 1 }; 358: 359: uint16_t t11_a[] = { 4, 6, 3, 7, 0, 1, 0 }; 360: uint16_t t11_c[] = { 3, 7, 5, 6, 2, 1, 0 }; 361: 362: uint16_t t2_indices[] = { 1, 6, 5, 2, 3 }; 363: 364: uint16_t t12_c[] = { 0, 1, 7, 7, 0, 1, 1 }; 365: uint16_t t13_c[] = { 0, 1, 7, 7, 0, 7, 1 }; 366: uint16_t t14_c[] = { 0, 1, 0, 31, 0, 31, 1 }; 367: uint16_t t15_c[] = { 0, 5, 0, 2043, 0, 2043, 5 }; 368: uint16_t t16_c[] = { 0, 5, 0, 32763, 0, 32763, 5 }; 369: 370: uint16_t t3_indices[] = { 7, 2, 3, 5, 0, 2, 3, 10, 7, 0, 8, 2 }; 371: 372: uint16_t t17_a[] = { 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }; 373: uint16_t t17_c[] = { 7, 1, 0, 1, 1, 7, 0, 7, 7, 7, 2 }; 374: 375: ring_mult_test_t ring_mult_tests[] = { 376: { 7, 8, FALSE, 2, 2, t1_indices, t1_a, t1_c }, 377: { 7, 8, FALSE, 2, 2, t1_indices, t2_a, t2_c }, 378: { 7, 8, FALSE, 2, 2, t1_indices, t3_a, t3_c }, 379: { 7, 8, FALSE, 2, 2, t1_indices, t4_a, t4_c }, 380: { 7, 8, FALSE, 2, 2, t1_indices, t5_a, t5_c }, 381: { 7, 8, FALSE, 2, 2, t1_indices, t6_a, t6_c }, 382: { 7, 8, FALSE, 2, 2, t1_indices, t7_a, t7_c }, 383: { 7, 8, FALSE, 2, 2, t1_indices, t8_a, t8_c }, 384: { 7, 8, FALSE, 2, 2, t1_indices, t9_a, t9_c }, 385: { 7, 8, FALSE, 2, 2, t1_indices, t10_a, t10_c }, 386: { 7, 8, FALSE, 2, 2, t1_indices, t11_a, t11_c }, 387: { 7, 8, FALSE, 3, 2, t2_indices, t1_a, t12_c }, 388: { 7, 8, FALSE, 2, 3, t2_indices, t1_a, t13_c }, 389: { 7, 32, FALSE, 2, 2, t1_indices, t1_a, t14_c }, 390: { 7, 2048, FALSE, 2, 2, t1_indices, t2_a, t15_c }, 391: { 7, 32768, FALSE, 2, 2, t1_indices, t2_a, t16_c }, 392: { 11, 8, TRUE, 197121, 197121, t3_indices, t17_a, t17_c }, 393: }; 394: 395: START_TEST(test_ntru_ring_mult) 396: { 397: ntru_poly_t *poly; 398: ring_mult_test_t *t; 399: uint16_t *c; 400: int i; 401: 402: t = &ring_mult_tests[_i]; 403: poly = TEST_FUNCTION(ntru, ntru_poly_create_from_data, t->indices, t->N, 404: t->q, t->indices_len_p, t->indices_len_m, 405: t->is_product_form); 406: ck_assert(poly != NULL); 407: 408: c = malloc(t->N * sizeof(uint16_t)); 409: poly->ring_mult(poly, t->a, c); 410: 411: for (i = 0; i < t->N; i++) 412: { 413: ck_assert(c[i] == t->c[i]); 414: } 415: 416: free(c); 417: poly->destroy(poly); 418: } 419: END_TEST 420: 421: int array_tests[] = { 0, 11, 12, 16 }; 422: 423: START_TEST(test_ntru_array) 424: { 425: ntru_poly_t *poly; 426: ring_mult_test_t *t; 427: uint16_t *c; 428: int i; 429: 430: t = &ring_mult_tests[array_tests[_i]]; 431: 432: poly = TEST_FUNCTION(ntru, ntru_poly_create_from_data, t->indices, t->N, 433: t->q, t->indices_len_p, t->indices_len_m, 434: t->is_product_form); 435: ck_assert(poly != NULL); 436: 437: c = malloc(t->N * sizeof(uint16_t)); 438: poly->get_array(poly, c); 439: 440: for (i = 0; i < t->N; i++) 441: { 442: ck_assert(c[i] == t->c[i]); 443: } 444: 445: free(c); 446: poly->destroy(poly); 447: } 448: END_TEST 449: 450: START_TEST(test_ntru_param_set) 451: { 452: ck_assert(TEST_FUNCTION(ntru, ntru_param_set_get_by_id, -1) == NULL); 453: ck_assert(TEST_FUNCTION(ntru, ntru_param_set_get_by_id, 16) == NULL); 454: } 455: END_TEST 456: 457: typedef struct { 458: ntru_param_set_id_t id; 459: chunk_t entropy; 460: chunk_t encoding; 461: } privkey_test_t; 462: 463: privkey_test_t privkey_tests[] = { 464: { 465: NTRU_EES401EP1, 466: chunk_from_chars( 467: 0x0C, 0x2F, 0x24, 0xE1, 0xA4, 0x81, 0x26, 0xA2, 468: 0x6C, 0xEA, 0xCD, 0x1A, 0xF3, 0xEB, 0x3D, 0xBF, 469: 0xEA, 0xAE, 0xC3, 0x0D, 0xC1), 470: chunk_from_chars( 471: 0x02, 0x03, 0x00, 0x02, 0x04, 0x3E, 0xF3, 0xCB, 472: 0x7A, 0x58, 0x13, 0x75, 0xBB, 0x87, 0xF5, 0xBF, 473: 0x2E, 0x18, 0xAE, 0x03, 0xAF, 0xB8, 0x33, 0x85, 474: 0xD8, 0xBF, 0x8A, 0xB5, 0x8C, 0xA6, 0xDF, 0x03, 475: 0x90, 0x1E, 0xE4, 0x83, 0xA4, 0x95, 0x40, 0xB5, 476: 0x08, 0x92, 0x29, 0xD8, 0x83, 0xA8, 0x42, 0xB2, 477: 0x69, 0xC2, 0x00, 0x8B, 0xAE, 0x80, 0x00, 0x4F, 478: 0x3D, 0xDD, 0xFB, 0xDB, 0x9A, 0xD8, 0x0F, 0xFF, 479: 0xBC, 0x21, 0xD5, 0xE6, 0x04, 0x9C, 0xDD, 0x3B, 480: 0x2D, 0x16, 0x4B, 0xC7, 0x3D, 0xBE, 0xDE, 0xBB, 481: 0x6F, 0xF4, 0x8A, 0x31, 0xCD, 0x23, 0x19, 0xC2, 482: 0x3C, 0xE1, 0xE2, 0xEE, 0xE4, 0xE7, 0x2E, 0xFC, 483: 0x5C, 0xDD, 0xAD, 0x0C, 0x9D, 0x98, 0xC5, 0x18, 484: 0x2A, 0x80, 0x21, 0x93, 0x61, 0xC4, 0x9A, 0x16, 485: 0xE8, 0x9B, 0xF7, 0x3B, 0x6D, 0x06, 0x91, 0x9E, 486: 0x71, 0x59, 0xBE, 0x8E, 0x65, 0x61, 0xB2, 0x69, 487: 0x9C, 0x82, 0x58, 0x0D, 0x63, 0x7A, 0x1F, 0x2A, 488: 0x1C, 0x2C, 0x92, 0x8C, 0x8D, 0xCA, 0x2B, 0x45, 489: 0x24, 0x79, 0xDB, 0x7F, 0x1D, 0x2F, 0xAB, 0x88, 490: 0x8C, 0x1D, 0xE3, 0x15, 0x8F, 0xCD, 0x46, 0x8C, 491: 0x45, 0x20, 0x88, 0x1C, 0x17, 0xE0, 0xE5, 0x89, 492: 0xF4, 0x60, 0x56, 0x3C, 0x6B, 0x9F, 0x2A, 0xD9, 493: 0xD0, 0xAE, 0x3B, 0xB6, 0xC2, 0xB7, 0x58, 0xC6, 494: 0x6E, 0x09, 0x36, 0x21, 0x0B, 0xDD, 0xE9, 0x52, 495: 0x33, 0x27, 0x39, 0xC8, 0x51, 0x59, 0x69, 0x25, 496: 0xC6, 0x3D, 0x19, 0x5C, 0x5E, 0x74, 0xD0, 0x62, 497: 0xD9, 0x26, 0x90, 0xC7, 0x64, 0x92, 0xA8, 0x72, 498: 0xD1, 0x77, 0x1F, 0x78, 0xC5, 0x11, 0xBD, 0x5D, 499: 0x3C, 0x1B, 0x1F, 0x8B, 0x5B, 0xE4, 0x5D, 0xA1, 500: 0x27, 0x6D, 0x20, 0x24, 0x32, 0x53, 0xF3, 0xB0, 501: 0xE6, 0x71, 0x61, 0xCC, 0xFC, 0x4A, 0x06, 0xDA, 502: 0xBE, 0xD7, 0x9F, 0x2F, 0xEB, 0x44, 0xD0, 0x8A, 503: 0x7D, 0x8E, 0x82, 0xF5, 0x84, 0xCF, 0x8E, 0xE5, 504: 0x4B, 0xA4, 0x30, 0x77, 0xBD, 0x14, 0xB9, 0x75, 505: 0x02, 0x68, 0xDF, 0x71, 0x89, 0x81, 0xF2, 0x95, 506: 0xC3, 0x67, 0x6E, 0x37, 0xE4, 0xD0, 0xC9, 0x1E, 507: 0x02, 0xDE, 0x2D, 0x79, 0x99, 0xE8, 0x7D, 0x5C, 508: 0x99, 0xF2, 0x1A, 0xDE, 0x12, 0x9B, 0xD1, 0x83, 509: 0x9B, 0x01, 0xD3, 0xEB, 0x2B, 0x8E, 0x9C, 0xA5, 510: 0x19, 0xE8, 0x2E, 0xFE, 0x23, 0x6E, 0xAD, 0x8F, 511: 0x3C, 0xAF, 0xB9, 0xE6, 0xDB, 0x07, 0xA4, 0x31, 512: 0x02, 0x2B, 0x6A, 0xA0, 0xFB, 0x51, 0x6C, 0xD0, 513: 0x26, 0xD5, 0xAD, 0x29, 0x65, 0x10, 0xCE, 0xF8, 514: 0x84, 0x4D, 0x1E, 0x37, 0x92, 0xA2, 0xD1, 0xFA, 515: 0xF6, 0xC0, 0x36, 0x4C, 0x23, 0x3A, 0x42, 0xAA, 516: 0xB8, 0x0D, 0x4E, 0xD4, 0x40, 0x61, 0xD5, 0x36, 517: 0x62, 0x23, 0x7C, 0x1C, 0x5E, 0xEA, 0x16, 0xAD, 518: 0x4F, 0x30, 0xF9, 0x16, 0x99, 0xCE, 0xC5, 0x50, 519: 0xAC, 0x8F, 0x6F, 0x98, 0xD7, 0xE3, 0x89, 0x6E, 520: 0x3A, 0x12, 0xCE, 0xA7, 0xA4, 0x17, 0x74, 0xDC, 521: 0xDB, 0xFA, 0xFF, 0xF9, 0x35, 0xD7, 0xF5, 0x77, 522: 0x03, 0xF5, 0xBF, 0x81, 0x6C, 0x9F, 0x62, 0xA6, 523: 0x8A, 0x5B, 0xA3, 0xEF, 0x9D, 0xC3, 0xF6, 0x3A, 524: 0x6A, 0xC0, 0x42, 0x71, 0xAF, 0x90, 0xCA, 0x1D, 525: 0x86, 0x78, 0xD7, 0x2C, 0xFE, 0xB6, 0x99, 0x15, 526: 0x8C, 0x10, 0x42, 0x92, 0x2C, 0x05, 0x43, 0x92, 527: 0x69, 0x05, 0x8D, 0x9E, 0xBC, 0xAB, 0x8F, 0x28, 528: 0xAA, 0x4B, 0xFB, 0x25, 0xD9, 0xAD, 0x29, 0xFF, 529: 0x33, 0x65, 0x14, 0xC3, 0x75, 0x1F, 0xCF, 0xFC, 530: 0x20, 0x83, 0xBF, 0xB9, 0xA5, 0x4B, 0x7B, 0xD9, 531: 0x07, 0x5C, 0xA1, 0xD1, 0x5A, 0x3E, 0x94, 0xF8, 532: 0x03, 0xDE, 0xB8, 0x94, 0x11, 0x92, 0x80, 0x77, 533: 0x57, 0x45, 0x1E, 0x6B, 0xA5, 0x15, 0xDB, 0x48, 534: 0xB6, 0x9E, 0x02, 0xF1, 0x61, 0x4A, 0xAC, 0x1D, 535: 0x49, 0xBC, 0xA9, 0x3F, 0x03, 0x50, 0xAC, 0x02, 536: 0x8E, 0x84, 0xE0, 0x12, 0x37, 0x76, 0xBC, 0x4A, 537: 0xF9, 0xC6, 0x74, 0x36, 0xFC, 0x92, 0x1D, 0x59, 538: 0x0C, 0x04, 0xD2, 0x14, 0xB7, 0x11, 0xE9, 0xE2, 539: 0xFE, 0x0C, 0xE1, 0xDA, 0x8B, 0xCA, 0x10, 0xA1, 540: 0x60, 0xB6, 0x57, 0x51, 0x00, 0xD6, 0x5B, 0x55, 541: 0x09, 0x60, 0xE8, 0x00, 0x40, 0x45, 0x56, 0xBA, 542: 0x83, 0x1E, 0x36, 0x12, 0x59, 0x4B, 0x19, 0x00, 543: 0x53, 0xAE, 0x62, 0xA6, 0x29, 0x39, 0xED, 0x87, 544: 0x24, 0x37, 0x1E, 0x1B, 0xCF, 0x3F, 0x3A, 0x71, 545: 0x31, 0xB5, 0x50, 0x8D, 0x4B, 0x53, 0x53, 0x75, 546: 0x3F, 0x33, 0x39, 0x09, 0x2A, 0x78, 0xA8, 0x71, 547: 0x3E, 0x63, 0xC5, 0x61, 0x73, 0xB6, 0xE1, 0x71, 548: 0x16, 0xDA, 0x06, 0xBF, 0x3F, 0x22, 0x74, 0x89, 549: 0x08, 0xD2, 0x05, 0x0B, 0x16, 0xC8, 0xF0, 0x17, 550: 0x4E, 0xA2, 0x65, 0x67, 0x6D, 0x02) 551: }, 552: { 553: NTRU_EES743EP1, 554: chunk_from_chars( 555: 0x9B, 0xAB, 0x57, 0xDB, 0x2C, 0x60, 0x83, 0x48, 556: 0x9F, 0xC9, 0x70, 0x8F, 0x69, 0xF7, 0xB4, 0xBB, 557: 0x63, 0x5C, 0x9A, 0x63, 0x07, 0x80, 0x17, 0xD3, 558: 0xCD, 0xB1, 0x57, 0x79, 0xFE, 0x8D, 0x81, 0x70, 559: 0xEB, 0x50, 0xFA, 0x05, 0xFB, 0x97, 0xB2, 0xAB, 560: 0x25, 0xED, 0xD8, 0x18, 0x1C, 0xFE, 0x96, 0x7D), 561: chunk_from_chars( 562: 0x02, 0x03, 0x00, 0x06, 0x10, 0x14, 0x53, 0x73, 563: 0x56, 0xF5, 0xA9, 0x34, 0xDE, 0xA6, 0x4D, 0x46, 564: 0x05, 0x9E, 0x80, 0xAE, 0xB6, 0x74, 0x91, 0xFF, 565: 0xFB, 0x48, 0xD3, 0x5C, 0x61, 0x12, 0x46, 0x02, 566: 0x9F, 0x53, 0x45, 0x87, 0x47, 0xBD, 0x6B, 0x26, 567: 0xF7, 0x36, 0xD3, 0x99, 0x1B, 0xD7, 0xEA, 0xA3, 568: 0xA8, 0x94, 0xFF, 0x93, 0x46, 0x7C, 0x2C, 0x5F, 569: 0x87, 0x8C, 0x38, 0xB3, 0x7B, 0xC6, 0x49, 0xE2, 570: 0x88, 0xCA, 0x67, 0x89, 0xD0, 0x6D, 0x7C, 0xAE, 571: 0x7C, 0x98, 0x84, 0xDA, 0x6B, 0x93, 0x92, 0xEF, 572: 0x4A, 0xD1, 0x4A, 0xD2, 0x5B, 0x13, 0xF8, 0x59, 573: 0x15, 0x2E, 0xBC, 0x70, 0x8D, 0x2D, 0xA9, 0x47, 574: 0xA1, 0x99, 0x19, 0x3F, 0x67, 0xE8, 0x18, 0xA7, 575: 0x17, 0x07, 0xB3, 0x14, 0xF6, 0x20, 0xA1, 0xD8, 576: 0x33, 0xE8, 0x08, 0x6A, 0xC1, 0x39, 0x99, 0x08, 577: 0xB4, 0x88, 0xEB, 0x48, 0x7D, 0xFB, 0xF5, 0xEF, 578: 0x03, 0x0D, 0x25, 0xB7, 0x98, 0xF3, 0xF1, 0x15, 579: 0x63, 0xE4, 0x0F, 0xFD, 0x54, 0x9F, 0x56, 0xE9, 580: 0xD1, 0x44, 0xE5, 0x89, 0x66, 0x14, 0x91, 0x1C, 581: 0xFD, 0xD6, 0xFD, 0x38, 0xAE, 0x39, 0xE3, 0xF7, 582: 0xCD, 0x77, 0xC2, 0xEA, 0x2E, 0xE4, 0xB7, 0x2B, 583: 0xBA, 0x7A, 0xD1, 0x75, 0xB8, 0x28, 0x65, 0x18, 584: 0xF4, 0xC6, 0xBD, 0xD0, 0x17, 0x7E, 0xEA, 0x86, 585: 0x7E, 0xFC, 0x95, 0xD6, 0x4C, 0x92, 0x01, 0xC3, 586: 0xFF, 0x04, 0x9B, 0xF8, 0xD6, 0xB3, 0x8F, 0x72, 587: 0xEF, 0x64, 0x09, 0x61, 0xF8, 0xE4, 0x48, 0xFC, 588: 0x0D, 0xEE, 0xEF, 0xA2, 0x9F, 0x3A, 0x2B, 0x1A, 589: 0xFB, 0x8B, 0xA0, 0x9C, 0x11, 0x0B, 0x97, 0x75, 590: 0x30, 0x7C, 0xB8, 0x9F, 0xEE, 0x3B, 0x53, 0x85, 591: 0x7D, 0xE9, 0xCB, 0xC4, 0x4D, 0xD7, 0x7F, 0x59, 592: 0x10, 0x72, 0x19, 0x3A, 0xC9, 0x38, 0xFE, 0xE8, 593: 0xB3, 0x06, 0x55, 0x8D, 0xA2, 0x5A, 0x3D, 0x79, 594: 0x67, 0x0E, 0x90, 0xC9, 0x25, 0x6D, 0x45, 0x9C, 595: 0x39, 0x79, 0x5F, 0x18, 0x35, 0x9F, 0xC1, 0x49, 596: 0x08, 0x6F, 0x1C, 0x47, 0x09, 0x0D, 0x49, 0x7C, 597: 0x3C, 0x7B, 0xB1, 0x09, 0x92, 0x1C, 0x4E, 0x5A, 598: 0xDA, 0x74, 0x9E, 0xBB, 0x55, 0x9D, 0xBB, 0x1E, 599: 0x43, 0x28, 0x62, 0xAF, 0x02, 0xB0, 0x1A, 0xEA, 600: 0x13, 0x0A, 0x70, 0x0F, 0x60, 0x0F, 0x62, 0xA2, 601: 0x4E, 0x1F, 0xB2, 0xEA, 0x06, 0xDD, 0x18, 0x02, 602: 0x6C, 0xF3, 0x82, 0xF1, 0x80, 0x7F, 0xA7, 0x2F, 603: 0xCC, 0xC6, 0x18, 0xEA, 0xFF, 0x1F, 0xAD, 0xC6, 604: 0xBA, 0x0C, 0x0E, 0x04, 0xB2, 0x58, 0x1D, 0xB6, 605: 0x01, 0xA3, 0x97, 0xDF, 0x7D, 0x9B, 0xB5, 0x0A, 606: 0xAD, 0x30, 0x2B, 0xC5, 0x67, 0x40, 0x07, 0xF1, 607: 0xD5, 0x6C, 0x11, 0x10, 0xE1, 0x69, 0x30, 0xAD, 608: 0x90, 0x06, 0xDB, 0xF8, 0xEA, 0x92, 0x9B, 0x39, 609: 0x57, 0x38, 0x7B, 0xE4, 0xB2, 0xA2, 0x89, 0xFD, 610: 0xB1, 0x6D, 0x88, 0x41, 0x62, 0x4D, 0x18, 0xB6, 611: 0x3F, 0x12, 0x81, 0xDE, 0xE6, 0xDC, 0x4A, 0x31, 612: 0x61, 0x26, 0xB1, 0x4B, 0x95, 0xC1, 0x69, 0xDC, 613: 0xDC, 0xAC, 0xD0, 0x15, 0xFC, 0x21, 0xC5, 0x20, 614: 0x5F, 0x97, 0x76, 0x41, 0xC1, 0xF2, 0xD7, 0x95, 615: 0x1D, 0x25, 0x23, 0x36, 0x86, 0xFA, 0x7E, 0xF4, 616: 0x14, 0x9F, 0x9D, 0x9F, 0xB2, 0xBB, 0x25, 0x1D, 617: 0xD5, 0x7A, 0x6F, 0x9E, 0xF7, 0xEF, 0x9D, 0x63, 618: 0x1E, 0xD5, 0xDE, 0x6A, 0xE6, 0x46, 0x48, 0x1F, 619: 0xE1, 0x0C, 0x4D, 0x82, 0xC9, 0x19, 0x3B, 0x65, 620: 0xA4, 0x06, 0x13, 0xB7, 0x04, 0xB1, 0x62, 0xF7, 621: 0x08, 0xAE, 0xED, 0x42, 0x6D, 0xCC, 0x6C, 0xA6, 622: 0x06, 0x06, 0x41, 0x3E, 0x0C, 0x89, 0x4C, 0xBD, 623: 0x00, 0x4F, 0x0E, 0xA9, 0x72, 0x06, 0x21, 0x82, 624: 0xD2, 0xB6, 0x6C, 0xB0, 0xB0, 0x01, 0x5B, 0xDD, 625: 0x05, 0xCE, 0x71, 0x6E, 0x00, 0x58, 0xC7, 0xA6, 626: 0x5B, 0xF6, 0xFB, 0x6B, 0x62, 0xB1, 0xE8, 0x4D, 627: 0xAC, 0xC0, 0x6B, 0xF4, 0x40, 0x69, 0xEE, 0x0D, 628: 0xE7, 0x82, 0x61, 0x8D, 0x35, 0x01, 0x97, 0x4E, 629: 0xF2, 0xCC, 0xF5, 0x7F, 0xBF, 0xE4, 0xEC, 0x9C, 630: 0xC4, 0xD2, 0xD9, 0x65, 0x78, 0x98, 0xD8, 0xB0, 631: 0xFA, 0xA8, 0xFB, 0xB0, 0xCE, 0x22, 0x5D, 0x0B, 632: 0x27, 0xDF, 0x0E, 0x63, 0x42, 0xFE, 0x89, 0x13, 633: 0x99, 0xB2, 0x02, 0x0B, 0xF6, 0x04, 0xB6, 0xAF, 634: 0x9F, 0x8C, 0xA6, 0x17, 0x0D, 0xD9, 0x5B, 0x45, 635: 0xE4, 0x08, 0x53, 0x51, 0xE0, 0xD5, 0x22, 0x72, 636: 0xBE, 0xAD, 0x74, 0x69, 0xB9, 0xFB, 0x91, 0xF8, 637: 0xC1, 0x89, 0x28, 0x71, 0x27, 0x62, 0xB1, 0xF0, 638: 0xFD, 0x78, 0xBC, 0x82, 0xFE, 0x76, 0xBE, 0x7B, 639: 0x47, 0x79, 0x32, 0x71, 0xAD, 0xD6, 0x76, 0x46, 640: 0xFB, 0x32, 0xE8, 0x4B, 0x98, 0x9A, 0xC6, 0x85, 641: 0xF2, 0xF1, 0x8A, 0xEC, 0xC2, 0x4E, 0x9B, 0x2F, 642: 0x2D, 0x6F, 0xC9, 0x9B, 0xB6, 0x14, 0x35, 0x6D, 643: 0xD6, 0x5B, 0xF3, 0x02, 0x5A, 0xE5, 0xBD, 0x00, 644: 0xF7, 0x6E, 0x51, 0xA7, 0xDB, 0x19, 0xAE, 0x01, 645: 0x01, 0x05, 0x94, 0x23, 0xF7, 0x5B, 0x07, 0x79, 646: 0xFF, 0x39, 0x58, 0x9C, 0x2A, 0xF7, 0x7E, 0x5D, 647: 0x81, 0xF9, 0x59, 0xFE, 0xB9, 0x9A, 0x96, 0x63, 648: 0x1F, 0x65, 0xF6, 0xF0, 0x3D, 0xEA, 0xD7, 0xC2, 649: 0x8A, 0xCF, 0xB5, 0x58, 0x74, 0x77, 0x23, 0xD6, 650: 0x72, 0x58, 0xA8, 0xAE, 0x31, 0x8A, 0x59, 0xEA, 651: 0x69, 0x14, 0x6A, 0x20, 0x78, 0x79, 0x28, 0x5A, 652: 0xE1, 0x76, 0x6F, 0xA6, 0x1A, 0x9E, 0x47, 0xD2, 653: 0xAF, 0x63, 0xF8, 0x06, 0xF6, 0xD8, 0xD5, 0x14, 654: 0xA8, 0xD1, 0xEE, 0x96, 0xCE, 0xBB, 0x8E, 0x22, 655: 0x69, 0x2F, 0x52, 0x06, 0xB6, 0x6F, 0xC8, 0x99, 656: 0x96, 0xEA, 0xC6, 0x1D, 0x96, 0x4C, 0x69, 0x95, 657: 0xFE, 0x74, 0x04, 0x3C, 0x55, 0xD9, 0x5F, 0xE0, 658: 0x41, 0x21, 0x43, 0x21, 0x5A, 0x50, 0x5D, 0x8B, 659: 0xE8, 0xB2, 0x51, 0x1B, 0x7C, 0x63, 0x50, 0xAE, 660: 0x97, 0x4F, 0xBA, 0x7D, 0xF2, 0xB6, 0xB6, 0x16, 661: 0x1D, 0x47, 0x9E, 0x19, 0x68, 0xD4, 0x6B, 0x2B, 662: 0x75, 0xCD, 0xAE, 0x65, 0x33, 0x38, 0xF6, 0x6D, 663: 0xC7, 0x3E, 0x46, 0x98, 0x9E, 0x98, 0x8B, 0x45, 664: 0x11, 0xA7, 0x12, 0x05, 0xB0, 0x01, 0xC3, 0x51, 665: 0xA0, 0xEE, 0x7C, 0x16, 0xD1, 0x42, 0x96, 0xC4, 666: 0xF0, 0x7B, 0x71, 0xCD, 0x50, 0x38, 0xA4, 0xB0, 667: 0x6E, 0x6F, 0xE0, 0xBD, 0xC4, 0xF7, 0x96, 0x2B, 668: 0xF1, 0x6D, 0x9F, 0xF3, 0x71, 0x89, 0xFA, 0xB4, 669: 0x44, 0xA4, 0x32, 0xDC, 0xB2, 0x55, 0x13, 0x31, 670: 0x83, 0x29, 0x66, 0x21, 0x3E, 0x89, 0xF8, 0x78, 671: 0x97, 0x9C, 0x64, 0xF9, 0x2C, 0x0A, 0x88, 0xBC, 672: 0xCA, 0x6F, 0x83, 0x42, 0xF6, 0xD7, 0x00, 0xC4, 673: 0x19, 0x52, 0xB0, 0x31, 0xA8, 0xBA, 0xE8, 0xD4, 674: 0xAD, 0x4B, 0x5D, 0xC0, 0x01, 0x20, 0x6C, 0xBB, 675: 0x1D, 0x9A, 0x1D, 0xD4, 0x19, 0xFD, 0x33, 0xAB, 676: 0xA0, 0x54, 0x50, 0x91, 0xE9, 0x75, 0x5C, 0x7E, 677: 0x7E, 0xB3, 0x24, 0x79, 0xAE, 0x10, 0x3C, 0xB4, 678: 0xB7, 0x0A, 0x1D, 0x86, 0xAD, 0x06, 0x95, 0xCB, 679: 0x84, 0x9B, 0x0E, 0x8B, 0x77, 0x7E, 0x3E, 0xD2, 680: 0xA6, 0xDF, 0xAD, 0x4E, 0xFB, 0x69, 0x23, 0xAC, 681: 0x7A, 0xCB, 0xAA, 0xB0, 0x22, 0xDD, 0xD2, 0xC6, 682: 0xC7, 0xAD, 0xD7, 0xDE, 0xEC, 0x6F, 0x08, 0x41, 683: 0x54, 0xD5, 0x52, 0xDC, 0x77, 0xE4, 0x72, 0xF9, 684: 0x16, 0xB1, 0xC9, 0xAF, 0xB1, 0x3B, 0x18, 0x99, 685: 0x20, 0x9F, 0x79, 0x63, 0x7B, 0x07, 0xC7, 0x35, 686: 0xDF, 0xBB, 0xCE, 0x66, 0x93, 0x1B, 0xF5, 0x82, 687: 0x25, 0x67, 0xC1, 0xF2, 0xF0, 0x89, 0x0F, 0xEF, 688: 0x84, 0x0D, 0x63, 0xB6, 0x7B, 0xD0, 0x40, 0x8E, 689: 0xDB, 0x94, 0xCC, 0x71, 0x3C, 0xDB, 0x36, 0x14, 690: 0x34, 0xFD, 0xA0, 0xB0, 0xC1, 0x45, 0x31, 0xF8, 691: 0x8D, 0xD8, 0x23, 0xB1, 0x05, 0x14, 0xA9, 0x55, 692: 0x3A, 0x1A, 0x37, 0x48, 0x68, 0x89, 0x3F, 0x15, 693: 0x25, 0xD4, 0x99, 0x53, 0x4C, 0x85, 0x98, 0x78, 694: 0x1D, 0x35, 0x4A, 0x83, 0x79, 0x9A, 0x29, 0x90, 695: 0x2B, 0x45, 0x76, 0x0C, 0x13, 0x80, 0x4A, 0xE0, 696: 0x40, 0xED, 0x6B, 0x2E, 0x2A, 0x43, 0xA9, 0x28, 697: 0xB0, 0x2F, 0x89, 0x01, 0x6B, 0x39, 0x8C, 0x5E, 698: 0x80, 0x61, 0xD9, 0xEE, 0x0F, 0x41, 0x75, 0xB5, 699: 0xAE, 0xB6, 0xC2, 0x42, 0x49, 0x8D, 0x89, 0xD8, 700: 0xF4, 0x78, 0x1D, 0x90, 0x46, 0x26, 0x4C, 0x56, 701: 0xB7, 0xC0, 0xD9, 0x98, 0x7B, 0x07, 0xA1, 0x20) 702: } 703: }; 704: 705: START_TEST(test_ntru_privkey) 706: { 707: rng_t *entropy; 708: drbg_t *drbg; 709: ntru_private_key_t *privkey; 710: ntru_public_key_t *pubkey; 711: ntru_param_set_t *params; 712: uint32_t strength; 713: chunk_t encoding, privkey_encoding, pubkey_encoding; 714: 715: params = TEST_FUNCTION(ntru, ntru_param_set_get_by_id, 716: privkey_tests[_i].id); 717: strength = params->sec_strength_len * BITS_PER_BYTE; 718: 719: /* entropy rng will be owned by drbg */ 720: entropy = rng_tester_create(privkey_tests[_i].entropy); 721: drbg = lib->crypto->create_drbg(lib->crypto, DRBG_HMAC_SHA256, strength, 722: entropy, chunk_from_str("IKE NTRU-KE")); 723: ck_assert(drbg != NULL); 724: 725: privkey = TEST_FUNCTION(ntru, ntru_private_key_create, drbg, params); 726: ck_assert(privkey); 727: ck_assert(privkey->get_id(privkey) == privkey_tests[_i].id); 728: 729: privkey_encoding = privkey->get_encoding(privkey); 730: encoding = privkey_tests[_i].encoding; 731: ck_assert(chunk_equals(privkey_encoding, encoding)); 732: 733: /* load private key as a packed blob */ 734: privkey->destroy(privkey); 735: privkey = TEST_FUNCTION(ntru, ntru_private_key_create_from_data, 736: drbg, chunk_empty); 737: ck_assert(privkey == NULL); 738: 739: encoding = chunk_clone(encoding); 740: encoding.ptr[0] = NTRU_PUBKEY_TAG; 741: privkey = TEST_FUNCTION(ntru, ntru_private_key_create_from_data, 742: drbg, encoding); 743: ck_assert(privkey == NULL); 744: 745: encoding.ptr[0] = NTRU_PRIVKEY_TRITS_TAG; 746: privkey = TEST_FUNCTION(ntru, ntru_private_key_create_from_data, 747: drbg, encoding); 748: if (params->is_product_form) 749: { 750: ck_assert(privkey == NULL); 751: } 752: else 753: { 754: ck_assert(privkey != NULL); 755: privkey->destroy(privkey); 756: } 757: 758: encoding.ptr[0] = NTRU_PRIVKEY_INDICES_TAG; 759: privkey = TEST_FUNCTION(ntru, ntru_private_key_create_from_data, 760: drbg, encoding); 761: if (params->is_product_form) 762: { 763: ck_assert(privkey != NULL); 764: privkey->destroy(privkey); 765: } 766: else 767: { 768: ck_assert(privkey == NULL); 769: } 770: 771: encoding.ptr[0] = NTRU_PRIVKEY_DEFAULT_TAG; 772: encoding.ptr[1] = NTRU_OID_LEN - 1; 773: privkey = TEST_FUNCTION(ntru, ntru_private_key_create_from_data, 774: drbg, encoding); 775: ck_assert(privkey == NULL); 776: 777: encoding.ptr[1] = NTRU_OID_LEN; 778: encoding.ptr[2] = 0xff; 779: privkey = TEST_FUNCTION(ntru, ntru_private_key_create_from_data, 780: drbg, encoding); 781: ck_assert(privkey == NULL); 782: 783: encoding.ptr[2] = params->oid[0]; 784: privkey = TEST_FUNCTION(ntru, ntru_private_key_create_from_data, 785: drbg, encoding); 786: privkey_encoding = privkey->get_encoding(privkey); 787: ck_assert(chunk_equals(privkey_encoding, encoding)); 788: 789: pubkey = privkey->get_public_key(privkey); 790: pubkey_encoding = pubkey->get_encoding(pubkey); 791: 792: encoding.ptr[0] = NTRU_PUBKEY_TAG; 793: encoding.len = pubkey_encoding.len; 794: ck_assert(chunk_equals(pubkey_encoding, encoding)); 795: 796: /* load public key as a packed blob */ 797: pubkey->destroy(pubkey); 798: pubkey = TEST_FUNCTION(ntru, ntru_public_key_create_from_data, 799: drbg, encoding); 800: pubkey_encoding = pubkey->get_encoding(pubkey); 801: ck_assert(chunk_equals(pubkey_encoding, encoding)); 802: 803: chunk_free(&encoding); 804: privkey->destroy(privkey); 805: pubkey->destroy(pubkey); 806: drbg->destroy(drbg); 807: } 808: END_TEST 809: 810: START_TEST(test_ntru_ke) 811: { 812: chunk_t pub_key, cipher_text, i_shared_secret, r_shared_secret; 813: diffie_hellman_t *i_ntru, *r_ntru; 814: char buf[10]; 815: int k, n, len; 816: 817: k = (_i) / countof(parameter_sets); 818: n = (_i) % countof(parameter_sets); 819: 820: len = snprintf(buf, sizeof(buf), "%N", diffie_hellman_group_names, 821: params[k].group); 822: ck_assert(len == 8); 823: ck_assert(streq(buf, params[k].group_name)); 824: 825: lib->settings->set_str(lib->settings, 826: "libstrongswan.plugins.ntru.parameter_set", parameter_sets[n]); 827: 828: i_ntru = lib->crypto->create_dh(lib->crypto, params[k].group); 829: ck_assert(i_ntru != NULL); 830: ck_assert(i_ntru->get_dh_group(i_ntru) == params[k].group); 831: 832: ck_assert(i_ntru->get_my_public_value(i_ntru, &pub_key)); 833: ck_assert(pub_key.len > 0); 834: 835: r_ntru = lib->crypto->create_dh(lib->crypto, params[k].group); 836: ck_assert(r_ntru != NULL); 837: 838: ck_assert(r_ntru->set_other_public_value(r_ntru, pub_key)); 839: ck_assert(r_ntru->get_my_public_value(r_ntru, &cipher_text)); 840: ck_assert(cipher_text.len > 0); 841: 842: ck_assert(r_ntru->get_shared_secret(r_ntru, &r_shared_secret)); 843: ck_assert(r_shared_secret.len > 0); 844: 845: ck_assert(i_ntru->set_other_public_value(i_ntru, cipher_text)); 846: ck_assert(i_ntru->get_shared_secret(i_ntru, &i_shared_secret)); 847: ck_assert(chunk_equals(i_shared_secret, r_shared_secret)); 848: 849: chunk_clear(&i_shared_secret); 850: chunk_clear(&r_shared_secret); 851: chunk_free(&pub_key); 852: chunk_free(&cipher_text); 853: i_ntru->destroy(i_ntru); 854: r_ntru->destroy(r_ntru); 855: } 856: END_TEST 857: 858: START_TEST(test_ntru_retransmission) 859: { 860: diffie_hellman_t *i_ntru; 861: chunk_t pub_key1, pub_key2; 862: 863: i_ntru = lib->crypto->create_dh(lib->crypto, NTRU_256_BIT); 864: ck_assert(i_ntru->get_my_public_value(i_ntru, &pub_key1)); 865: ck_assert(i_ntru->get_my_public_value(i_ntru, &pub_key2)); 866: ck_assert(chunk_equals(pub_key1, pub_key2)); 867: 868: chunk_free(&pub_key1); 869: chunk_free(&pub_key2); 870: i_ntru->destroy(i_ntru); 871: } 872: END_TEST 873: 874: chunk_t oid_tests[] = { 875: { NULL, 0 }, 876: chunk_from_chars(0x00), 877: chunk_from_chars(0x01), 878: chunk_from_chars(0x02), 879: chunk_from_chars(0x02, 0x03, 0x00, 0x03, 0x10), 880: chunk_from_chars(0x01, 0x04, 0x00, 0x03, 0x10), 881: chunk_from_chars(0x01, 0x03, 0x00, 0x03, 0x10), 882: chunk_from_chars(0x01, 0x03, 0xff, 0x03, 0x10), 883: }; 884: 885: START_TEST(test_ntru_pubkey_oid) 886: { 887: diffie_hellman_t *r_ntru; 888: chunk_t cipher_text; 889: 890: r_ntru = lib->crypto->create_dh(lib->crypto, NTRU_128_BIT); 891: ck_assert(!r_ntru->set_other_public_value(r_ntru, oid_tests[_i])); 892: ck_assert(r_ntru->get_my_public_value(r_ntru, &cipher_text)); 893: ck_assert(cipher_text.len == 0); 894: r_ntru->destroy(r_ntru); 895: } 896: END_TEST 897: 898: START_TEST(test_ntru_wrong_set) 899: { 900: diffie_hellman_t *i_ntru, *r_ntru; 901: chunk_t pub_key, cipher_text; 902: 903: lib->settings->set_str(lib->settings, 904: "libstrongswan.plugins.ntru.parameter_set", 905: "x9_98_bandwidth"); 906: i_ntru = lib->crypto->create_dh(lib->crypto, NTRU_112_BIT); 907: ck_assert(i_ntru->get_my_public_value(i_ntru, &pub_key)); 908: 909: lib->settings->set_str(lib->settings, 910: "libstrongswan.plugins.ntru.parameter_set", 911: "optimum"); 912: r_ntru = lib->crypto->create_dh(lib->crypto, NTRU_112_BIT); 913: ck_assert(!r_ntru->set_other_public_value(r_ntru, pub_key)); 914: ck_assert(r_ntru->get_my_public_value(r_ntru, &cipher_text)); 915: ck_assert(cipher_text.len == 0); 916: 917: chunk_free(&pub_key); 918: chunk_free(&cipher_text); 919: i_ntru->destroy(i_ntru); 920: r_ntru->destroy(r_ntru); 921: } 922: END_TEST 923: 924: START_TEST(test_ntru_ciphertext) 925: { 926: char buf_00[604], buf_ff[604]; 927: 928: chunk_t test[] = { 929: chunk_empty, 930: chunk_from_chars(0x00), 931: chunk_create(buf_00, sizeof(buf_00)), 932: chunk_create(buf_ff, sizeof(buf_ff)), 933: }; 934: 935: diffie_hellman_t *i_ntru; 936: chunk_t pub_key, shared_secret; 937: int i; 938: 939: memset(buf_00, 0x00, sizeof(buf_00)); 940: memset(buf_ff, 0xff, sizeof(buf_ff)); 941: 942: for (i = 0; i < countof(test); i++) 943: { 944: i_ntru = lib->crypto->create_dh(lib->crypto, NTRU_128_BIT); 945: ck_assert(i_ntru->get_my_public_value(i_ntru, &pub_key)); 946: ck_assert(!i_ntru->set_other_public_value(i_ntru, test[i])); 947: ck_assert(!i_ntru->get_shared_secret(i_ntru, &shared_secret)); 948: ck_assert(shared_secret.len == 0); 949: 950: chunk_free(&pub_key); 951: i_ntru->destroy(i_ntru); 952: } 953: } 954: END_TEST 955: 956: START_TEST(test_ntru_wrong_ciphertext) 957: { 958: diffie_hellman_t *i_ntru, *r_ntru, *m_ntru; 959: chunk_t pub_key_i, pub_key_m, cipher_text, shared_secret; 960: 961: i_ntru = lib->crypto->create_dh(lib->crypto, NTRU_128_BIT); 962: r_ntru = lib->crypto->create_dh(lib->crypto, NTRU_128_BIT); 963: m_ntru = lib->crypto->create_dh(lib->crypto, NTRU_128_BIT); 964: 965: ck_assert(i_ntru->get_my_public_value(i_ntru, &pub_key_i)); 966: ck_assert(m_ntru->get_my_public_value(m_ntru, &pub_key_m)); 967: ck_assert(r_ntru->set_other_public_value(r_ntru, pub_key_m)); 968: ck_assert(r_ntru->get_my_public_value(r_ntru, &cipher_text)); 969: ck_assert(!i_ntru->set_other_public_value(i_ntru, cipher_text)); 970: ck_assert(!i_ntru->get_shared_secret(i_ntru, &shared_secret)); 971: ck_assert(shared_secret.len == 0); 972: 973: chunk_free(&pub_key_i); 974: chunk_free(&pub_key_m); 975: chunk_free(&cipher_text); 976: i_ntru->destroy(i_ntru); 977: m_ntru->destroy(m_ntru); 978: r_ntru->destroy(r_ntru); 979: } 980: END_TEST 981: 982: Suite *ntru_suite_create() 983: { 984: Suite *s; 985: TCase *tc; 986: 987: s = suite_create("ntru"); 988: 989: tc = tcase_create("trits"); 990: tcase_add_loop_test(tc, test_ntru_trits, 0, countof(trits_tests)); 991: suite_add_tcase(s, tc); 992: 993: tc = tcase_create("poly"); 994: tcase_add_loop_test(tc, test_ntru_poly, 0, countof(trits_tests)); 995: suite_add_tcase(s, tc); 996: 997: tc = tcase_create("ring_mult"); 998: tcase_add_loop_test(tc, test_ntru_ring_mult, 0, countof(ring_mult_tests)); 999: suite_add_tcase(s, tc); 1000: 1001: tc = tcase_create("array"); 1002: tcase_add_loop_test(tc, test_ntru_array, 0, countof(array_tests)); 1003: suite_add_tcase(s, tc); 1004: 1005: tc = tcase_create("param_set"); 1006: tcase_add_test(tc, test_ntru_param_set); 1007: suite_add_tcase(s, tc); 1008: 1009: tc = tcase_create("privkey"); 1010: tcase_add_loop_test(tc, test_ntru_privkey, 0, countof(privkey_tests)); 1011: suite_add_tcase(s, tc); 1012: 1013: tc = tcase_create("ke"); 1014: tcase_add_loop_test(tc, test_ntru_ke, 0, 1015: countof(params) * countof(parameter_sets)); 1016: suite_add_tcase(s, tc); 1017: 1018: tc = tcase_create("retransmission"); 1019: tcase_add_test(tc, test_ntru_retransmission); 1020: suite_add_tcase(s, tc); 1021: 1022: tc = tcase_create("pubkey_oid"); 1023: tcase_add_loop_test(tc, test_ntru_pubkey_oid, 0, countof(oid_tests)); 1024: suite_add_tcase(s, tc); 1025: 1026: tc = tcase_create("wrong_set"); 1027: tcase_add_test(tc, test_ntru_wrong_set); 1028: suite_add_tcase(s, tc); 1029: 1030: tc = tcase_create("ciphertext"); 1031: tcase_add_test(tc, test_ntru_ciphertext); 1032: suite_add_tcase(s, tc); 1033: 1034: tc = tcase_create("wrong_ciphertext"); 1035: tcase_add_test(tc, test_ntru_wrong_ciphertext); 1036: suite_add_tcase(s, tc); 1037: return s; 1038: }