summaryrefslogtreecommitdiff
path: root/src/regress/lib/libcrypto/mlkem/mlkem1024_iteration_test.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/regress/lib/libcrypto/mlkem/mlkem1024_iteration_test.c')
-rw-r--r--src/regress/lib/libcrypto/mlkem/mlkem1024_iteration_test.c52
1 files changed, 20 insertions, 32 deletions
diff --git a/src/regress/lib/libcrypto/mlkem/mlkem1024_iteration_test.c b/src/regress/lib/libcrypto/mlkem/mlkem1024_iteration_test.c
index 2b03a724ab..e6a4d4f906 100644
--- a/src/regress/lib/libcrypto/mlkem/mlkem1024_iteration_test.c
+++ b/src/regress/lib/libcrypto/mlkem/mlkem1024_iteration_test.c
@@ -1,7 +1,8 @@
1/* $OpenBSD: mlkem1024_iteration_test.c,v 1.2 2024/12/14 19:16:24 tb Exp $ */ 1/* $OpenBSD: mlkem1024_iteration_test.c,v 1.3 2024/12/20 00:07:12 tb Exp $ */
2/* 2/*
3 * Copyright (c) 2024, Google Inc. 3 * Copyright (c) 2024 Google Inc.
4 * Copyright (c) 2024, Bob Beck <beck@obtuse.com> 4 * Copyright (c) 2024 Bob Beck <beck@obtuse.com>
5 * Copyright (c) 2024 Theo Buehler <tb@openbsd.org>
5 * 6 *
6 * Permission to use, copy, modify, and/or distribute this software for any 7 * Permission to use, copy, modify, and/or distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above 8 * purpose with or without fee is hereby granted, provided that the above
@@ -16,32 +17,17 @@
16 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 */ 18 */
18 19
20#include <err.h>
19#include <stdint.h> 21#include <stdint.h>
20#include <stdio.h> 22#include <stdio.h>
21#include <stdlib.h> 23#include <stdlib.h>
22 24
23#include <openssl/bytestring.h> 25#include "mlkem.h"
24#include <openssl/mlkem.h>
25 26
26#include "mlkem_internal.h" 27#include "mlkem_internal.h"
27#include "mlkem_tests_util.h" 28#include "mlkem_tests_util.h"
28#include "sha3_internal.h" 29#include "sha3_internal.h"
29 30
30static int
31encode_private_key(const struct MLKEM1024_private_key *priv, uint8_t **out_buf,
32 size_t *out_len)
33{
34 CBB cbb;
35 if (!CBB_init(&cbb, MLKEM1024_PUBLIC_KEY_BYTES))
36 return 0;
37 if (!MLKEM1024_marshal_private_key(&cbb, priv))
38 return 0;
39 if (!CBB_finish(&cbb, out_buf, out_len))
40 return 0;
41 CBB_cleanup(&cbb);
42 return 1;
43}
44
45/* 31/*
46 * The structure of this test is taken from 32 * The structure of this test is taken from
47 * https://github.com/C2SP/CCTV/blob/main/ML-KEM/README.md?ref=words.filippo.io#accumulated-pq-crystals-vectors 33 * https://github.com/C2SP/CCTV/blob/main/ML-KEM/README.md?ref=words.filippo.io#accumulated-pq-crystals-vectors
@@ -52,8 +38,8 @@ encode_private_key(const struct MLKEM1024_private_key *priv, uint8_t **out_buf,
52 * (The RNG stream starts with 7f9c2ba4e88f827d616045507605853e.) 38 * (The RNG stream starts with 7f9c2ba4e88f827d616045507605853e.)
53 */ 39 */
54 40
55static void 41static int
56MlkemIterativeTest() 42MlkemIterativeTest(void)
57{ 43{
58 /* https://github.com/C2SP/CCTV/tree/main/ML-KEM */ 44 /* https://github.com/C2SP/CCTV/tree/main/ML-KEM */
59 /* 45 /*
@@ -101,8 +87,9 @@ MlkemIterativeTest()
101 */ 87 */
102 shake_out(&drng, seed, sizeof(seed)); 88 shake_out(&drng, seed, sizeof(seed));
103 if (i == 0) { 89 if (i == 0) {
104 TEST_DATAEQ(seed, kExpectedSeedStart, 90 if (compare_data(seed, kExpectedSeedStart,
105 sizeof(kExpectedSeedStart), "seed start"); 91 sizeof(kExpectedSeedStart), 0, "seed start") != 0)
92 errx(1, "compare_data");
106 } 93 }
107 94
108 /* generate ek as encoded_public_key */ 95 /* generate ek as encoded_public_key */
@@ -115,8 +102,9 @@ MlkemIterativeTest()
115 sizeof(encoded_public_key)); 102 sizeof(encoded_public_key));
116 103
117 /* marshal priv to dk as encoded_private_key */ 104 /* marshal priv to dk as encoded_private_key */
118 TEST(!encode_private_key(&priv, &encoded_private_key, 105 if (!mlkem1024_encode_private_key(&priv, &encoded_private_key,
119 &encoded_private_key_len), "encode_private_key"); 106 &encoded_private_key_len))
107 errx(1, "mlkem1024_encode_private_key");
120 108
121 /* hash in dk */ 109 /* hash in dk */
122 shake_update(&results, encoded_private_key, 110 shake_update(&results, encoded_private_key,
@@ -141,21 +129,21 @@ MlkemIterativeTest()
141 sizeof(invalid_ciphertext)); 129 sizeof(invalid_ciphertext));
142 130
143 /* generte k as shared secret from invalid ciphertext */ 131 /* generte k as shared secret from invalid ciphertext */
144 TEST(!MLKEM1024_decap(shared_secret, invalid_ciphertext, 132 if (!MLKEM1024_decap(shared_secret, invalid_ciphertext,
145 sizeof(invalid_ciphertext), &priv), "decap failed!"); 133 sizeof(invalid_ciphertext), &priv))
134 errx(1, "decap failed");
146 135
147 /* hash in k */ 136 /* hash in k */
148 shake_update(&results, shared_secret, sizeof(shared_secret)); 137 shake_update(&results, shared_secret, sizeof(shared_secret));
149 } 138 }
150 shake_xof(&results); 139 shake_xof(&results);
151 shake_out(&results, out, 32); 140 shake_out(&results, out, sizeof(out));
152 141
153 TEST_DATAEQ(out, kExpectedAdam, 32, "final result hash"); 142 return compare_data(kExpectedAdam, out, sizeof(out), i, "final result hash");
154} 143}
155 144
156int 145int
157main(int argc, char **argv) 146main(int argc, char **argv)
158{ 147{
159 MlkemIterativeTest(); 148 return MlkemIterativeTest();
160 exit(failure);
161} 149}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-03 09:18:54 +0000