StarsAC/sqisign_new
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

initial version of SQIsign

Browse Source 
Co-authored-by: Jorge Chavez-Saab <jorgechavezsaab@gmail.com>
Co-authored-by: Maria Corte-Real Santos <36373796+mariascrs@users.noreply.github.com>
Co-authored-by: Luca De Feo <github@defeo.lu>
Co-authored-by: Jonathan Komada Eriksen <jonathan.eriksen97@gmail.com>
Co-authored-by: Basil Hess <bhe@zurich.ibm.com>
Co-authored-by: Antonin Leroux <18654258+tonioecto@users.noreply.github.com>
Co-authored-by: Patrick Longa <plonga@microsoft.com>
Co-authored-by: Lorenz Panny <lorenz@yx7.cc>
Co-authored-by: Francisco Rodríguez-Henríquez <francisco.rodriguez@tii.ae>
Co-authored-by: Sina Schaeffler <108983332+syndrakon@users.noreply.github.com>
Co-authored-by: Benjamin Wesolowski <19474926+Calodeon@users.noreply.github.com>
This commit is contained in:
SQIsign team
2023-06-01 00:00:00 +00:00
committed by Lorenz Panny
commit 28ff420dd0
285 changed files with 70301 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
test/CMakeLists.txt Normal file
View File

@@ -0,0 +1,25 @@
# SPDX-License-Identifier: Apache-2.0
FOREACH(SVARIANT ${SVARIANT_S})
string(TOLOWER ${SVARIANT} SVARIANT_LOWER)
string(TOUPPER ${SVARIANT} SVARIANT_UPPER)
add_executable(sqisign_test_kat_${SVARIANT} test_kat.c)
target_link_libraries(sqisign_test_kat_${SVARIANT} sqisign_${SVARIANT_LOWER}_test)
target_include_directories(sqisign_test_kat_${SVARIANT} PRIVATE ${PROJECT_SOURCE_DIR}/src/nistapi/${SVARIANT_LOWER} ${INC_PUBLIC} ${INC_INTBIG} ${INC_PRECOMP_${SVARIANT_UPPER}} ${INC_QUATERNION} ${INC_KLPT} ${INC_GF_${SVARIANT_UPPER}} ${INC_EC} ${INC_COMMON} ${INC_ID2ISO} ${INC_PROTOCOLS})
add_executable(sqisign_bench_${SVARIANT} bench.c)
target_link_libraries(sqisign_bench_${SVARIANT} sqisign_${SVARIANT_LOWER})
target_include_directories(sqisign_bench_${SVARIANT} PUBLIC ${PROJECT_SOURCE_DIR}/src/common ${INC_PUBLIC} ${PROJECT_SOURCE_DIR}/src/nistapi/${SVARIANT_LOWER})
add_executable(sqisign_test_scheme_${SVARIANT} test_sqisign.c)
target_link_libraries(sqisign_test_scheme_${SVARIANT} sqisign_${SVARIANT_LOWER})
target_include_directories(sqisign_test_scheme_${SVARIANT} PUBLIC ${PROJECT_SOURCE_DIR}/src/common ${INC_PUBLIC} ${PROJECT_SOURCE_DIR}/src/nistapi/${SVARIANT_LOWER})
add_executable(sqisign_test_prof_${SVARIANT} test_sqisign_prof.c)
target_link_libraries(sqisign_test_prof_${SVARIANT} sqisign_${SVARIANT_LOWER})
target_include_directories(sqisign_test_prof_${SVARIANT} PUBLIC ${PROJECT_SOURCE_DIR}/src/common ${INC_PUBLIC} ${PROJECT_SOURCE_DIR}/src/nistapi/${SVARIANT_LOWER})
add_test(sqisign_${SVARIANT}_KAT sqisign_test_kat_${SVARIANT})
add_test(sqisign_${SVARIANT}_SELFTEST sqisign_test_scheme_${SVARIANT})
ENDFOREACH()

135
test/bench.c Normal file
View File

@@ -0,0 +1,135 @@
// SPDX-License-Identifier: Apache-2.0
#include <sig.h>
#include <stdlib.h>
#include <string.h>
#include <stdio.h>
#include <inttypes.h>
#include <api.h>
#if defined(TARGET_OS_UNIX) && (defined(TARGET_ARM) || defined(TARGET_ARM64) || defined(TARGET_OTHER))
#include <time.h>
#endif
#if (defined(TARGET_ARM) || defined(TARGET_ARM64) || defined(TARGET_S390X) || defined(TARGET_OTHER))
#define print_unit printf("nsec\n");
#else
#define print_unit printf("cycles\n");
#endif
static int bench_sig(int runs, int csv);
static inline int64_t cpucycles(void);
int main(int argc, char *argv[]) {
int rc = 0;
#ifndef NDEBUG
fprintf(stderr, "\x1b[31mIt looks like SQIsign was compiled with assertions enabled.\n"
"This will severely impact performance measurements.\x1b[0m\n");
#endif
if (argc < 2) {
printf("One argument needed\n");
rc = 1;
goto end;
}
int runs = atoi(argv[1]);
rc = bench_sig(runs, 0);
end:
return rc;
}
#if (defined(TARGET_ARM) || defined(TARGET_ARM64) || defined(TARGET_S390X))
#define BENCH_UNITS "nsec"
#else
#define BENCH_UNITS "cycles"
#endif
int cmpfunc (const void *a, const void *b) {
return ( *(uint64_t *)a - * (uint64_t *)b );
}
#define BENCH_CODE_1(r) \
cycles = 0; \
for (i = 0; i < (r); ++i) { \
cycles1 = cpucycles();
#define BENCH_CODE_2(name, csv) \
cycles2 = cpucycles(); \
if(i < LIST_SIZE) \
cycles_list[i] = (cycles2 - cycles1);\
cycles = cycles + (cycles2 - cycles1); \
} \
qsort(cycles_list, (runs < LIST_SIZE)? runs : LIST_SIZE, sizeof(uint64_t), cmpfunc);\
if (csv) \
printf("%2" PRId64 ",", cycles_list[(runs < LIST_SIZE)? runs/2 : LIST_SIZE/2]); \
else { \
printf(" %-20s-> median: %2" PRId64 ", average: %2" PRId64 " ", name, \
cycles_list[(runs < LIST_SIZE)? runs/2 : LIST_SIZE/2], (cycles / runs)); \
printf("%s\n", BENCH_UNITS); \
}
#define LIST_SIZE 10000
static int bench_sig(int runs, int csv) {
int rc = 0;
int i;
int64_t cycles, cycles1, cycles2;
int64_t cycles_list[10000];
const int m_len = 32;
unsigned char *pk = calloc(CRYPTO_PUBLICKEYBYTES, 1);
unsigned char *sk = calloc(CRYPTO_SECRETKEYBYTES, 1);
unsigned char *sig = calloc(CRYPTO_BYTES + m_len, 1);
unsigned char *m = calloc(m_len, 1);
unsigned long long len = CRYPTO_BYTES;
if (csv) {
printf("%s,", CRYPTO_ALGNAME);
} else {
printf("Benchmarking %s\n", CRYPTO_ALGNAME);
}
BENCH_CODE_1(runs);
sqisign_keypair(pk, sk);
BENCH_CODE_2("sqisign_keypair", csv);
BENCH_CODE_1(runs);
sqisign_sign(sig, &len, m, m_len, sk);
BENCH_CODE_2("sqisign_sign", csv);
len = 32;
BENCH_CODE_1(runs);
sqisign_open(m, &len, sig, CRYPTO_BYTES, pk);
BENCH_CODE_2("sqisign_verify", csv);
if (csv) {
printf("\n");
}
free(pk);
free(sk);
free(sig);
free(m);
return rc;
}
static inline int64_t cpucycles(void) {
#if (defined(TARGET_AMD64) || defined(TARGET_X86))
unsigned int hi, lo;
asm volatile ("rdtsc" : "=a" (lo), "=d"(hi));
return ((int64_t) lo) | (((int64_t) hi) << 32);
#elif (defined(TARGET_S390X))
uint64_t tod;
asm volatile("stckf %0\n" : "=Q" (tod) : : "cc");
return (tod * 1000 / 4096);
#else
struct timespec time;
clock_gettime(CLOCK_REALTIME, &time);
return (int64_t)(time.tv_sec * 1e9 + time.tv_nsec);
#endif
}

254
test/test_kat.c Normal file
View File

@@ -0,0 +1,254 @@
// SPDX-License-Identifier: Apache-2.0 and Unknown
/*
NIST-developed software is provided by NIST as a public service. You may use, copy, and distribute copies of the software in any medium, provided that you keep intact this entire notice. You may improve, modify, and create derivative works of the software or any portion of the software, and you may copy and distribute such modifications or works. Modified works should carry a notice stating that you changed the software and should note the date and nature of any such change. Please explicitly acknowledge the National Institute of Standards and Technology as the source of the software.
NIST-developed software is expressly provided "AS IS." NIST MAKES NO WARRANTY OF ANY KIND, EXPRESS, IMPLIED, IN FACT, OR ARISING BY OPERATION OF LAW, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND DATA ACCURACY. NIST NEITHER REPRESENTS NOR WARRANTS THAT THE OPERATION OF THE SOFTWARE WILL BE UNINTERRUPTED OR ERROR-FREE, OR THAT ANY DEFECTS WILL BE CORRECTED. NIST DOES NOT WARRANT OR MAKE ANY REPRESENTATIONS REGARDING THE USE OF THE SOFTWARE OR THE RESULTS THEREOF, INCLUDING BUT NOT LIMITED TO THE CORRECTNESS, ACCURACY, RELIABILITY, OR USEFULNESS OF THE SOFTWARE.
You are solely responsible for determining the appropriateness of using and distributing the software and you assume all risks associated with its use, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and the unavailability or interruption of operation. This software is not intended to be used in any situation where a failure could cause risk of injury or damage to property. The software developed by NIST employees is not subject to copyright protection within the United States.
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <ctype.h>
#include <rng.h>
#include <sig.h>
#include <api.h>
#define MAX_MARKER_LEN 50
#define KAT_SUCCESS 0
#define KAT_FILE_OPEN_ERROR -1
#define KAT_DATA_ERROR -3
#define KAT_CRYPTO_FAILURE -4
#define KAT_VERIFICATION_ERROR -5
static int FindMarker(FILE *infile, const char *marker);
static int ReadHex(FILE *infile, unsigned char *A, int Length, char *str);
static int test_sig_kat(int cnt);
int main(int argc, char *argv[]) {
int rc = 0;
int cnt = (argc > 1 ? atoi(argv[1]) : -1);
rc = test_sig_kat(cnt);
return rc;
}
static int test_sig_kat(int cnt) {
unsigned char seed[48];
unsigned char *m, *sm, *m1, *sm_rsp;
unsigned long long mlen, smlen, mlen1;
int count;
int done;
unsigned char pk[CRYPTO_PUBLICKEYBYTES], sk[CRYPTO_SECRETKEYBYTES];
int ret_val;
char fn_rsp[64];
FILE *fp_rsp;
unsigned char pk_rsp[CRYPTO_PUBLICKEYBYTES], sk_rsp[CRYPTO_SECRETKEYBYTES];
sprintf(fn_rsp, "../../KAT/PQCsignKAT_%d_%s.rsp", CRYPTO_SECRETKEYBYTES, CRYPTO_ALGNAME);
if ( (fp_rsp = fopen(fn_rsp, "r")) == NULL ) {
printf("Couldn't open <%s> for read\n", fn_rsp);
return KAT_FILE_OPEN_ERROR;
}
done = 0;
do {
if ( FindMarker(fp_rsp, "count = ") ) {
ret_val = fscanf(fp_rsp, "%d", &count);
} else {
done = 1;
break;
}
if (cnt != -1 && cnt != count)
continue;
if ( !ReadHex(fp_rsp, seed, 48, "seed = ") ) {
printf("ERROR: unable to read 'seed' from <%s>\n", fn_rsp);
return KAT_DATA_ERROR;
}
randombytes_init(seed, NULL, 256);
if ( FindMarker(fp_rsp, "mlen = ") ) {
ret_val = fscanf(fp_rsp, "%lld", &mlen);
} else {
printf("ERROR: unable to read 'mlen' from <%s>\n", fn_rsp);
return KAT_DATA_ERROR;
}
m = (unsigned char *)calloc(mlen, sizeof(unsigned char));
m1 = (unsigned char *)calloc(mlen, sizeof(unsigned char));
sm = (unsigned char *)calloc(mlen + CRYPTO_BYTES, sizeof(unsigned char));
sm_rsp = (unsigned char *)calloc(mlen + CRYPTO_BYTES, sizeof(unsigned char));
if ( !ReadHex(fp_rsp, m, (int)mlen, "msg = ") ) {
printf("ERROR: unable to read 'msg' from <%s>\n", fn_rsp);
return KAT_DATA_ERROR;
}
// Generate the public/private keypair
if ( (ret_val = sqisign_keypair(pk, sk)) != 0) {
printf("crypto_sign_keypair returned <%d>\n", ret_val);
return KAT_CRYPTO_FAILURE;
}
if ( !ReadHex(fp_rsp, pk_rsp, CRYPTO_PUBLICKEYBYTES, "pk = ") ) {
printf("ERROR: unable to read 'pk' from <%s>\n", fn_rsp);
return KAT_DATA_ERROR;
}
if ( !ReadHex(fp_rsp, sk_rsp, CRYPTO_SECRETKEYBYTES, "sk = ") ) {
printf("ERROR: unable to read 'sk' from <%s>\n", fn_rsp);
return KAT_DATA_ERROR;
}
if (memcmp(pk, pk_rsp, CRYPTO_PUBLICKEYBYTES) != 0) {
printf("ERROR: pk is different from <%s>\n", fn_rsp);
return KAT_VERIFICATION_ERROR;
}
if (memcmp(sk, sk_rsp, CRYPTO_SECRETKEYBYTES) != 0) {
printf("ERROR: sk is different from <%s>\n", fn_rsp);
return KAT_VERIFICATION_ERROR;
}
if ( (ret_val = sqisign_sign(sm, &smlen, m, mlen, sk)) != 0) {
printf("crypto_sign returned <%d>\n", ret_val);
return KAT_CRYPTO_FAILURE;
}
if ( !ReadHex(fp_rsp, sm_rsp, smlen, "sm = ") ) {
printf("ERROR: unable to read 'sm' from <%s>\n", fn_rsp);
return KAT_DATA_ERROR;
}
if (memcmp(sm, sm_rsp, smlen) != 0) {
printf("ERROR: sm is different from <%s>\n", fn_rsp);
return KAT_VERIFICATION_ERROR;
}
if ( (ret_val = sqisign_open(m1, &mlen1, sm, smlen, pk)) != 0) {
printf("crypto_sign_open returned <%d>\n", ret_val);
return KAT_CRYPTO_FAILURE;
}
if ( mlen != mlen1 ) {
printf("crypto_sign_open returned bad 'mlen': Got <%lld>, expected <%lld>\n", mlen1, mlen);
return KAT_CRYPTO_FAILURE;
}
if ( memcmp(m, m1, mlen) ) {
printf("crypto_sign_open returned bad 'm' value\n");
return KAT_CRYPTO_FAILURE;
}
free(m);
free(m1);
free(sm);
free(sm_rsp);
} while ( !done );
fclose(fp_rsp);
printf("Known Answer Tests PASSED. \n");
printf("\n\n");
return KAT_SUCCESS;
}
//
// ALLOW TO READ HEXADECIMAL ENTRY (KEYS, DATA, TEXT, etc.)
//
static int
FindMarker(FILE *infile, const char *marker) {
char line[MAX_MARKER_LEN];
int i, len;
int curr_line;
len = (int)strlen(marker);
if ( len > MAX_MARKER_LEN - 1 ) {
len = MAX_MARKER_LEN - 1;
}
for ( i = 0; i < len; i++ ) {
curr_line = fgetc(infile);
line[i] = curr_line;
if (curr_line == EOF ) {
return 0;
}
}
line[len] = '\0';
while ( 1 ) {
if ( !strncmp(line, marker, len) ) {
return 1;
}
for ( i = 0; i < len - 1; i++ ) {
line[i] = line[i + 1];
}
curr_line = fgetc(infile);
line[len - 1] = curr_line;
if (curr_line == EOF ) {
return 0;
}
line[len] = '\0';
}
// shouldn't get here
return 0;
}
//
// ALLOW TO READ HEXADECIMAL ENTRY (KEYS, DATA, TEXT, etc.)
//
static int
ReadHex(FILE *infile, unsigned char *A, int Length, char *str) {
int i, ch, started;
unsigned char ich;
if ( Length == 0 ) {
A[0] = 0x00;
return 1;
}
memset(A, 0x00, Length);
started = 0;
if ( FindMarker(infile, str) )
while ( (ch = fgetc(infile)) != EOF ) {
if ( !isxdigit(ch) ) {
if ( !started ) {
if ( ch == '\n' ) {
break;
} else {
continue;
}
} else {
break;
}
}
started = 1;
if ( (ch >= '0') && (ch <= '9') ) {
ich = ch - '0';
} else if ( (ch >= 'A') && (ch <= 'F') ) {
ich = ch - 'A' + 10;
} else if ( (ch >= 'a') && (ch <= 'f') ) {
ich = ch - 'a' + 10;
} else { // shouldn't ever get here
ich = 0;
}
for ( i = 0; i < Length - 1; i++ ) {
A[i] = (A[i] << 4) | (A[i + 1] >> 4);
}
A[Length - 1] = (A[Length - 1] << 4) | ich;
} else {
return 0;
}
return 1;
}

110
test/test_sqisign.c Normal file
View File

@@ -0,0 +1,110 @@
// SPDX-License-Identifier: Apache-2.0
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <ctype.h>
#include <rng.h>
#include <sig.h>
#include <api.h>
#ifdef ENABLE_CT_TESTING
#include <valgrind/memcheck.h>
#endif
#ifdef ENABLE_CT_TESTING
static void print_hex(const unsigned char *hex, int len) {
unsigned char *copy = calloc(len, 1);
memcpy(copy, hex, len); // make a copy that we can tell valgrind is okay to leak
VALGRIND_MAKE_MEM_DEFINED(copy, len);
for (int i = 0; i < len; ++i) {
printf("%02x", copy[i]);
}
printf("\n");
free(copy);
}
#else
static void print_hex(const unsigned char *hex, int len) {
for (int i = 0; i < len; ++i) {
printf("%02x", hex[i]);
}
printf("\n");
}
#endif
static int test_sqisign() {
unsigned char *pk = calloc(CRYPTO_PUBLICKEYBYTES, 1);
unsigned char *sk = calloc(CRYPTO_SECRETKEYBYTES, 1);
unsigned char *sig = calloc(CRYPTO_BYTES + 32, 1);
unsigned char seed[48] = { 0 };
unsigned char msg[32] = { 0 };
unsigned long long msglen = 32;
randombytes_init(seed, NULL, 256);
printf("Testing Keygen, Sign, Open: %s\n", CRYPTO_ALGNAME);
int res = sqisign_keypair(pk, sk);
if (res != 0) {
res = -1;
goto err;
}
#ifdef ENABLE_CT_TESTING
VALGRIND_MAKE_MEM_DEFINED(pk, CRYPTO_PUBLICKEYBYTES);
#endif
unsigned long long smlen = CRYPTO_BYTES + 32;
res = sqisign_sign(sig, &smlen, msg, 32, sk);
if (res != 0) {
res = -1;
goto err;
}
printf("pk: ");
print_hex(pk, CRYPTO_PUBLICKEYBYTES);
printf("sk: ");
print_hex(sk, CRYPTO_SECRETKEYBYTES);
printf("sm: ");
print_hex(sig, smlen);
#ifdef ENABLE_CT_TESTING
VALGRIND_MAKE_MEM_DEFINED(sig, smlen);
#endif
res = sqisign_open(msg, &msglen, sig, smlen, pk);
if (res != 0) {
res = -1;
goto err;
}
sig[0] = ~sig[0];
res = sqisign_open(msg, &msglen, sig, smlen, pk);
if (res != 1) {
res = -1;
goto err;
} else {
res = 0;
}
err:
free(pk);
free(sk);
free(sig);
return res;
}
int main(int argc, char *argv[]) {
int rc = 0;
rc = test_sqisign();
if (rc != 0) {
printf("test failed for %s\n", argv[1]);
}
return rc;
}

102
test/test_sqisign_prof.c Normal file
View File

File diff suppressed because one or more lines are too long