xref: /openbsd-src/regress/lib/libcrypto/mlkem/mlkem_tests_util.c (revision 0c8143208da561c84f7b79707c41b7c22df337ae) 
1*0c814320Stb /*	$OpenBSD: mlkem_tests_util.c,v 1.5 2024/12/26 00:04:24 tb Exp $ */
2d4ed7533Stb /*
38889493eStb  * Copyright (c) 2024 Google Inc.
48889493eStb  * Copyright (c) 2024 Bob Beck <beck@obtuse.com>
58889493eStb  * Copyright (c) 2024 Theo Buehler <tb@openbsd.org>
675c083a0Sbeck  *
775c083a0Sbeck  * Permission to use, copy, modify, and/or distribute this software for any
875c083a0Sbeck  * purpose with or without fee is hereby granted, provided that the above
975c083a0Sbeck  * copyright notice and this permission notice appear in all copies.
1075c083a0Sbeck  *
1175c083a0Sbeck  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
1275c083a0Sbeck  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
1375c083a0Sbeck  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
1475c083a0Sbeck  * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
1575c083a0Sbeck  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
1675c083a0Sbeck  * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
17d4ed7533Stb  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18d4ed7533Stb  */
1975c083a0Sbeck 
2075c083a0Sbeck #include <err.h>
21d4ed7533Stb #include <stdint.h>
2275c083a0Sbeck #include <stdio.h>
2375c083a0Sbeck #include <string.h>
2475c083a0Sbeck 
258889493eStb #include "bytestring.h"
268889493eStb #include "mlkem.h"
278889493eStb 
288889493eStb #include "mlkem_internal.h"
298889493eStb 
3075c083a0Sbeck #include "mlkem_tests_util.h"
3175c083a0Sbeck 
328889493eStb static void
3375c083a0Sbeck hexdump(const uint8_t *buf, size_t len, const uint8_t *compare)
3475c083a0Sbeck {
3575c083a0Sbeck 	const char *mark = "";
3675c083a0Sbeck 	size_t i;
3775c083a0Sbeck 
3875c083a0Sbeck 	for (i = 1; i <= len; i++) {
3975c083a0Sbeck 		if (compare != NULL)
4075c083a0Sbeck 			mark = (buf[i - 1] != compare[i - 1]) ? "*" : " ";
4175c083a0Sbeck 		fprintf(stderr, " %s0x%02hhx,%s", mark, buf[i - 1],
4275c083a0Sbeck 		    i % 8 && i != len ? "" : "\n");
4375c083a0Sbeck 	}
4475c083a0Sbeck 	fprintf(stderr, "\n");
4575c083a0Sbeck }
4675c083a0Sbeck 
4775c083a0Sbeck int
48*0c814320Stb compare_data(const uint8_t *want, const uint8_t *got, size_t len, const char *msg)
4975c083a0Sbeck {
508889493eStb 	if (memcmp(want, got, len) == 0)
518889493eStb 		return 0;
5275c083a0Sbeck 
53*0c814320Stb 	warnx("FAIL: %s differs", msg);
548889493eStb 	fprintf(stderr, "want:\n");
558889493eStb 	hexdump(want, len, got);
568889493eStb 	fprintf(stderr, "got:\n");
578889493eStb 	hexdump(got, len, want);
588889493eStb 	fprintf(stderr, "\n");
5975c083a0Sbeck 
6075c083a0Sbeck 	return 1;
6175c083a0Sbeck }
6275c083a0Sbeck 
638889493eStb int
64*0c814320Stb mlkem768_encode_private_key(const void *private_key, uint8_t **out_buf,
65*0c814320Stb     size_t *out_len)
6675c083a0Sbeck {
67*0c814320Stb 	CBB cbb;
68*0c814320Stb 	int ret = 0;
698889493eStb 
70*0c814320Stb 	if (!CBB_init(&cbb, MLKEM768_PUBLIC_KEY_BYTES))
71*0c814320Stb 		goto err;
72*0c814320Stb 	if (!MLKEM768_marshal_private_key(&cbb, private_key))
73*0c814320Stb 		goto err;
74*0c814320Stb 	if (!CBB_finish(&cbb, out_buf, out_len))
75*0c814320Stb 		goto err;
76*0c814320Stb 
77*0c814320Stb 	ret = 1;
78*0c814320Stb 
79*0c814320Stb  err:
80*0c814320Stb 	CBB_cleanup(&cbb);
81*0c814320Stb 
82*0c814320Stb 	return ret;
838889493eStb }
848889493eStb 
85*0c814320Stb int
86*0c814320Stb mlkem768_encode_public_key(const void *public_key, uint8_t **out_buf,
87*0c814320Stb     size_t *out_len)
888889493eStb {
89*0c814320Stb 	CBB cbb;
90*0c814320Stb 	int ret = 0;
918889493eStb 
92*0c814320Stb 	if (!CBB_init(&cbb, MLKEM768_PUBLIC_KEY_BYTES))
93*0c814320Stb 		goto err;
94*0c814320Stb 	if (!MLKEM768_marshal_public_key(&cbb, public_key))
95*0c814320Stb 		goto err;
96*0c814320Stb 	if (!CBB_finish(&cbb, out_buf, out_len))
97*0c814320Stb 		goto err;
988889493eStb 
99*0c814320Stb 	ret = 1;
100*0c814320Stb 
101*0c814320Stb  err:
102*0c814320Stb 	CBB_cleanup(&cbb);
103*0c814320Stb 
104*0c814320Stb 	return ret;
1058889493eStb }
1068889493eStb 
107*0c814320Stb int
108*0c814320Stb mlkem1024_encode_private_key(const void *private_key, uint8_t **out_buf,
109*0c814320Stb     size_t *out_len)
110*0c814320Stb {
111*0c814320Stb 	CBB cbb;
112*0c814320Stb 	int ret = 0;
113*0c814320Stb 
114*0c814320Stb 	if (!CBB_init(&cbb, MLKEM1024_PUBLIC_KEY_BYTES))
115*0c814320Stb 		goto err;
116*0c814320Stb 	if (!MLKEM1024_marshal_private_key(&cbb, private_key))
117*0c814320Stb 		goto err;
118*0c814320Stb 	if (!CBB_finish(&cbb, out_buf, out_len))
119*0c814320Stb 		goto err;
120*0c814320Stb 
121*0c814320Stb 	ret = 1;
122*0c814320Stb 
123*0c814320Stb  err:
124*0c814320Stb 	CBB_cleanup(&cbb);
125*0c814320Stb 
126*0c814320Stb 	return ret;
127*0c814320Stb }
128*0c814320Stb 
129*0c814320Stb int
130*0c814320Stb mlkem1024_encode_public_key(const void *public_key, uint8_t **out_buf,
131*0c814320Stb     size_t *out_len)
132*0c814320Stb {
133*0c814320Stb 	CBB cbb;
134*0c814320Stb 	int ret = 0;
135*0c814320Stb 
136*0c814320Stb 	if (!CBB_init(&cbb, MLKEM1024_PUBLIC_KEY_BYTES))
137*0c814320Stb 		goto err;
138*0c814320Stb 	if (!MLKEM1024_marshal_public_key(&cbb, public_key))
139*0c814320Stb 		goto err;
140*0c814320Stb 	if (!CBB_finish(&cbb, out_buf, out_len))
141*0c814320Stb 		goto err;
142*0c814320Stb 
143*0c814320Stb 	ret = 1;
144*0c814320Stb 
145*0c814320Stb  err:
146*0c814320Stb 	CBB_cleanup(&cbb);
147*0c814320Stb 
148*0c814320Stb 	return ret;
149*0c814320Stb }
150*0c814320Stb 
151*0c814320Stb int
152*0c814320Stb mlkem768_decap(uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES],
153*0c814320Stb     const uint8_t *ciphertext, size_t ciphertext_len, const void *private_key)
154*0c814320Stb {
155*0c814320Stb 	return MLKEM768_decap(out_shared_secret, ciphertext, ciphertext_len,
156*0c814320Stb 	    private_key);
1578889493eStb }
1588889493eStb 
1598889493eStb void
160*0c814320Stb mlkem768_encap(uint8_t *out_ciphertext,
161*0c814320Stb     uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES],
162*0c814320Stb     const void *public_key)
1638889493eStb {
164*0c814320Stb 	MLKEM768_encap(out_ciphertext, out_shared_secret, public_key);
1658889493eStb }
166*0c814320Stb 
167*0c814320Stb void
168*0c814320Stb mlkem768_encap_external_entropy(uint8_t *out_ciphertext,
169*0c814320Stb     uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES],
170*0c814320Stb     const void *public_key, const uint8_t entropy[MLKEM_ENCAP_ENTROPY])
171*0c814320Stb {
172*0c814320Stb 	MLKEM768_encap_external_entropy(out_ciphertext, out_shared_secret,
173*0c814320Stb 	    public_key, entropy);
174*0c814320Stb }
175*0c814320Stb 
176*0c814320Stb void
177*0c814320Stb mlkem768_generate_key(uint8_t *out_encoded_public_key,
178*0c814320Stb     uint8_t optional_out_seed[MLKEM_SEED_BYTES], void *out_private_key)
179*0c814320Stb {
180*0c814320Stb 	MLKEM768_generate_key(out_encoded_public_key, optional_out_seed,
181*0c814320Stb 	    out_private_key);
182*0c814320Stb }
183*0c814320Stb 
184*0c814320Stb void
185*0c814320Stb mlkem768_generate_key_external_entropy(uint8_t *out_encoded_public_key,
186*0c814320Stb     void *out_private_key, const uint8_t entropy[MLKEM_SEED_BYTES])
187*0c814320Stb {
188*0c814320Stb 	MLKEM768_generate_key_external_entropy(out_encoded_public_key,
189*0c814320Stb 	    out_private_key, entropy);
1908889493eStb }
1918889493eStb 
1928889493eStb int
193*0c814320Stb mlkem768_parse_private_key(void *out_private_key, CBS *private_key_cbs)
1948889493eStb {
195*0c814320Stb 	return MLKEM768_parse_private_key(out_private_key, private_key_cbs);
1968889493eStb }
1978889493eStb 
1988889493eStb int
199*0c814320Stb mlkem768_parse_public_key(void *out_public_key, CBS *public_key_cbs)
2008889493eStb {
201*0c814320Stb 	return MLKEM768_parse_public_key(out_public_key, public_key_cbs);
202*0c814320Stb }
2038889493eStb 
204*0c814320Stb void
205*0c814320Stb mlkem768_public_from_private(void *out_public_key, const void *private_key)
206*0c814320Stb {
207*0c814320Stb 	MLKEM768_public_from_private(out_public_key, private_key);
2088889493eStb }
2098889493eStb 
2108889493eStb int
211*0c814320Stb mlkem1024_decap(uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES],
212*0c814320Stb     const uint8_t *ciphertext, size_t ciphertext_len, const void *private_key)
2138889493eStb {
214*0c814320Stb 	return MLKEM1024_decap(out_shared_secret, ciphertext, ciphertext_len,
215*0c814320Stb 	    private_key);
216*0c814320Stb }
2178889493eStb 
218*0c814320Stb void
219*0c814320Stb mlkem1024_encap(uint8_t *out_ciphertext,
220*0c814320Stb     uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES],
221*0c814320Stb     const void *public_key)
222*0c814320Stb {
223*0c814320Stb 	MLKEM1024_encap(out_ciphertext, out_shared_secret, public_key);
224*0c814320Stb }
2258889493eStb 
226*0c814320Stb void
227*0c814320Stb mlkem1024_encap_external_entropy(uint8_t *out_ciphertext,
228*0c814320Stb     uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES],
229*0c814320Stb     const void *public_key, const uint8_t entropy[MLKEM_ENCAP_ENTROPY])
230*0c814320Stb {
231*0c814320Stb 	MLKEM1024_encap_external_entropy(out_ciphertext, out_shared_secret,
232*0c814320Stb 	    public_key, entropy);
233*0c814320Stb }
2348889493eStb 
235*0c814320Stb void
236*0c814320Stb mlkem1024_generate_key(uint8_t *out_encoded_public_key,
237*0c814320Stb     uint8_t optional_out_seed[MLKEM_SEED_BYTES], void *out_private_key)
238*0c814320Stb {
239*0c814320Stb 	MLKEM1024_generate_key(out_encoded_public_key, optional_out_seed,
240*0c814320Stb 	    out_private_key);
241*0c814320Stb }
2428889493eStb 
243*0c814320Stb void
244*0c814320Stb mlkem1024_generate_key_external_entropy(uint8_t *out_encoded_public_key,
245*0c814320Stb     void *out_private_key, const uint8_t entropy[MLKEM_SEED_BYTES])
246*0c814320Stb {
247*0c814320Stb 	MLKEM1024_generate_key_external_entropy(out_encoded_public_key,
248*0c814320Stb 	    out_private_key, entropy);
2498889493eStb }
2508889493eStb 
2518889493eStb int
252*0c814320Stb mlkem1024_parse_private_key(void *out_private_key, CBS *private_key_cbs)
2538889493eStb {
254*0c814320Stb 	return MLKEM1024_parse_private_key(out_private_key, private_key_cbs);
255*0c814320Stb }
2568889493eStb 
257*0c814320Stb void
258*0c814320Stb mlkem1024_public_from_private(void *out_public_key, const void *private_key)
259*0c814320Stb {
260*0c814320Stb 	MLKEM1024_public_from_private(out_public_key, private_key);
2618889493eStb }
2628889493eStb 
2638889493eStb int
264*0c814320Stb mlkem1024_parse_public_key(void *out_public_key, CBS *public_key_cbs)
2658889493eStb {
266*0c814320Stb 	return MLKEM1024_parse_public_key(out_public_key, public_key_cbs);
26775c083a0Sbeck }
268