gestumblinde

Gestumblinde - reference implementation of SLH-DSA
git clone git://www.tkruger.se/gestumblinde.git
Log | Files | Refs | README

test_xmss.c (4517B)

      1 #include "test_xmss.h"
      2 
      3 void test_xmss_node() {
      4   json_t *tv = json_load_file(TEST_FILENAME_JSON, 0, NULL);
      5 
      6   if (tv == NULL) {
      7     fprintf(stderr, "Could not open JSON test file\n");
      8     exit(1);
      9   }
     10 
     11   uint32_t adrs[ADRS_LEN];
     12   if (read_key_array(adrs, ADRS_LEN * sizeof(*adrs), KEY_XMSS_ADDRESS, tv)) {
     13     fprintf(stderr, "Could not read address from JSON!\n");
     14     exit(1);
     15   }
     16 
     17   uint8_t sk_seed[ENN];
     18   if (read_key_array(sk_seed, ENN, KEY_XMSS_SK_SEED, tv)) {
     19     fprintf(stderr, "Could not read the sk_seed from JSON!\n");
     20     exit(1);
     21   }
     22 
     23   uint8_t pk_seed[ENN];
     24   if (read_key_array(pk_seed, ENN, KEY_XMSS_PK_SEED, tv)) {
     25     fprintf(stderr, "Could not read the pk_seed from JSON!\n");
     26     exit(1);
     27   }
     28 
     29   uint64_t i = read_key_uint64(KEY_XMSS_NODEI, tv);
     30   uint64_t z = read_key_uint64(KEY_XMSS_NODEZ, tv);
     31 
     32   uint8_t cnode[ENN];
     33   if (read_key_array(cnode, ENN, KEY_XMSS_NODE, tv)) {
     34     fprintf(stderr, "Could not read the node from JSON!\n");
     35     exit(1);
     36   }
     37 
     38   uint8_t node[ENN];
     39   int rv = xmss_node(node, sk_seed, i, z, pk_seed, adrs);
     40 
     41   CU_ASSERT_EQUAL(rv, ENN);
     42 
     43   size_t j;
     44   for (j = 0; j < ENN; j++) {
     45     CU_ASSERT_EQUAL(node[j], cnode[j]);
     46   }
     47 }
     48 
     49 void test_xmss_sign() {
     50   json_t *tv = json_load_file(TEST_FILENAME_JSON, 0, NULL);
     51 
     52   if (tv == NULL) {
     53     fprintf(stderr, "Could not open JSON test file\n");
     54     exit(1);
     55   }
     56 
     57   uint32_t adrs[ADRS_LEN];
     58   if (read_key_array(adrs, ADRS_LEN * sizeof(*adrs), KEY_XMSS_ADDRESS, tv)) {
     59     fprintf(stderr, "Could not read address from JSON!\n");
     60     exit(1);
     61   }
     62 
     63   uint8_t sk_seed[ENN];
     64   if (read_key_array(sk_seed, ENN, KEY_XMSS_SK_SEED, tv)) {
     65     fprintf(stderr, "Could not read the sk_seed from JSON!\n");
     66     exit(1);
     67   }
     68 
     69   uint8_t pk_seed[ENN];
     70   if (read_key_array(pk_seed, ENN, KEY_XMSS_PK_SEED, tv)) {
     71     fprintf(stderr, "Could not read the pk_seed from JSON!\n");
     72     exit(1);
     73   }
     74 
     75   uint64_t idx = read_key_uint64(KEY_XMSS_SIGNIDX, tv);
     76   uint8_t msg[ENN];
     77   if (read_key_array(msg, ENN, KEY_XMSS_MSG, tv)) {
     78     fprintf(stderr, "Could not read the message from JSON!\n");
     79     exit(1);
     80   }
     81 
     82   uint8_t csig[(WOTSP_LEN + HP) * ENN];
     83   if (read_key_array(csig, (WOTSP_LEN + HP) * ENN, KEY_XMSS_SIGNATURE, tv)) {
     84     fprintf(stderr, "Could not read the signature from JSON!\n");
     85     exit(1);
     86   }
     87 
     88   uint8_t sig[(WOTSP_LEN + HP) * ENN];
     89 
     90   xmss_sign(sig, msg, sk_seed, idx, pk_seed, adrs);
     91 
     92   size_t j;
     93   for (j = 0; j < (WOTSP_LEN + HP) * ENN; j++) {
     94     CU_ASSERT_EQUAL(sig[j], csig[j]);
     95   }
     96 }
     97 
     98 void test_xmss_verify() {
     99   json_t *tv = json_load_file(TEST_FILENAME_JSON, 0, NULL);
    100 
    101   if (tv == NULL) {
    102     fprintf(stderr, "Could not open JSON test file\n");
    103     exit(1);
    104   }
    105 
    106   uint32_t adrs[ADRS_LEN];
    107   if (read_key_array(adrs, ADRS_LEN * sizeof(*adrs), KEY_XMSS_ADDRESS, tv)) {
    108     fprintf(stderr, "Could not read address from JSON!\n");
    109     exit(1);
    110   }
    111 
    112   uint8_t sk_seed[ENN];
    113   if (read_key_array(sk_seed, ENN, KEY_XMSS_SK_SEED, tv)) {
    114     fprintf(stderr, "Could not read the sk_seed from JSON!\n");
    115     exit(1);
    116   }
    117 
    118   uint8_t pk_seed[ENN];
    119   if (read_key_array(pk_seed, ENN, KEY_XMSS_PK_SEED, tv)) {
    120     fprintf(stderr, "Could not read the pk_seed from JSON!\n");
    121     exit(1);
    122   }
    123 
    124   uint64_t idx = read_key_uint64(KEY_XMSS_SIGNIDX, tv);
    125   uint8_t msg[ENN];
    126   if (read_key_array(msg, ENN, KEY_XMSS_MSG, tv)) {
    127     fprintf(stderr, "Could not read the message from JSON!\n");
    128     exit(1);
    129   }
    130 
    131   uint8_t sig[(WOTSP_LEN + HP) * ENN];
    132   if (read_key_array(sig, (WOTSP_LEN + HP) * ENN, KEY_XMSS_SIGNATURE, tv)) {
    133     fprintf(stderr, "Could not read the signature from JSON!\n");
    134     exit(1);
    135   }
    136 
    137   uint8_t pk[ENN];
    138   xmss_node(pk, sk_seed, 0, HP, pk_seed, adrs);
    139 
    140   // verify good (sig,msg) pair
    141   uint8_t comp_pk[ENN];
    142   xmss_pk_from_sig(comp_pk, idx, sig, msg, pk_seed, adrs);
    143   CU_ASSERT_EQUAL(memcmp(pk, comp_pk, ENN), 0);
    144 
    145   // verify fails with bitflipped signature
    146   uint8_t corr_sig[(WOTSP_LEN + HP) * ENN];
    147   memcpy(corr_sig, sig, (WOTSP_LEN + HP) * ENN);
    148   corr_sig[3] ^= 0x10;
    149   xmss_pk_from_sig(comp_pk, idx, corr_sig, msg, pk_seed, adrs);
    150   CU_ASSERT_NOT_EQUAL(memcmp(pk, comp_pk, ENN), 0);
    151 
    152   // verify fails with bitflipped message
    153   uint8_t corr_msg[ENN];
    154   memcpy(corr_msg, msg, ENN);
    155   corr_msg[3] ^= 0x04;
    156   xmss_pk_from_sig(comp_pk, idx, sig, corr_msg, pk_seed, adrs);
    157   CU_ASSERT_NOT_EQUAL(memcmp(pk, comp_pk, ENN), 0);
    158 
    159   // verify fails with wrong index
    160   uint64_t badidx = idx ^ 0x01;
    161   xmss_pk_from_sig(comp_pk, badidx, sig, msg, pk_seed, adrs);
    162   CU_ASSERT_NOT_EQUAL(memcmp(pk, comp_pk, ENN), 0);
    163 }