Add packaging of Xoodyak for NIST LWC round 3

XKCP · May 20, 2021 · 5b86778 · 5b86778
1 parent cba6e9d
commit 5b86778
Show file tree

Hide file tree

Showing 5 changed files with 131 additions and 3 deletions.
diff --git a/tests/SUPERCOP/SUPERCOP.build b/tests/SUPERCOP/SUPERCOP.build
@@ -282,12 +282,12 @@ The fragments below allow to make the desired packages for SUPERCOP and eBASH
     </fragment>
 
     <fragment name="crypto_aead/Xoodyak_aead/kcp" inherits="Xoodyak">
-        <c>tests/SUPERCOP/Xoodyak_aead/encrypt.c</c>
-        <h>tests/SUPERCOP/Xoodyak_aead/api.h</h>
+        <c>tests/SUPERCOP/Xoodyak_aead_round3/encrypt.c</c>
+        <h>tests/SUPERCOP/Xoodyak_aead_round3/api.h</h>
     </fragment>
 
     <fragment name="Xoodyak_aead_SelfTest" inherits="crypto_aead/Xoodyak_aead/kcp crypto_aead_test">
-        <c>tests/SUPERCOP/Xoodyak_aead/selftest.c</c>
+        <c>tests/SUPERCOP/Xoodyak_aead_round3/selftest.c</c>
     </fragment>
 
     <group all="supercopXoodyak">

diff --git a/tests/SUPERCOP/Xoodyak_aead_round3/api.h b/tests/SUPERCOP/Xoodyak_aead_round3/api.h
@@ -0,0 +1,5 @@
+#define CRYPTO_KEYBYTES     16
+#define CRYPTO_NSECBYTES    0
+#define CRYPTO_NPUBBYTES    16
+#define CRYPTO_ABYTES       16
+#define CRYPTO_NOOVERLAP    1
diff --git a/tests/SUPERCOP/Xoodyak_aead_round3/crypto_aead.h b/tests/SUPERCOP/Xoodyak_aead_round3/crypto_aead.h
@@ -0,0 +1 @@
+/* Placeholder for crypto_aead.h */
diff --git a/tests/SUPERCOP/Xoodyak_aead_round3/encrypt.c b/tests/SUPERCOP/Xoodyak_aead_round3/encrypt.c
@@ -0,0 +1,90 @@
+/*
+The eXtended Keccak Code Package (XKCP)
+https://github.com/XKCP/XKCP
+
+Xoodyak, designed by Joan Daemen, Seth Hoffert, Michaël Peeters, Gilles Van Assche and Ronny Van Keer.
+
+Implementation by Ronny Van Keer, hereby denoted as "the implementer".
+
+For more information, feedback or questions, please refer to the Keccak Team website:
+https://keccak.team/
+
+To the extent possible under law, the implementer has waived all copyright
+and related or neighboring rights to the source code in this file.
+http://creativecommons.org/publicdomain/zero/1.0/
+*/
+
+#include "crypto_aead.h"
+#include "api.h"
+#include "Xoodyak.h"
+#include <string.h>
+
+#if !defined(CRYPTO_KEYBYTES)
+    #define CRYPTO_KEYBYTES     16
+#endif
+#if !defined(CRYPTO_NPUBBYTES)
+    #define CRYPTO_NPUBBYTES    16
+#endif
+
+#define TAGLEN  16
+
+int crypto_aead_encrypt(
+    unsigned char *c, unsigned long long *clen,
+    const unsigned char *m, unsigned long long mlen,
+    const unsigned char *ad, unsigned long long adlen,
+    const unsigned char *nsec,
+    const unsigned char *npub,
+    const unsigned char *k)
+{
+    Xoodyak_Instance    instance;
+
+    (void)nsec;
+
+    Xoodyak_Initialize(&instance, k, CRYPTO_KEYBYTES, npub, CRYPTO_NPUBBYTES, NULL, 0);
+    Xoodyak_Absorb(&instance, ad, (size_t)adlen);
+    Xoodyak_Encrypt(&instance, m, c, (size_t)mlen);
+    Xoodyak_Squeeze(&instance, c + mlen, TAGLEN);
+    *clen = mlen + TAGLEN;
+    #if 0
+    {
+        unsigned int i;
+        for (i = 0; i < *clen; ++i )
+        {
+            printf("\\x%02x", c[i] );
+        }
+        printf("\n");
+    }
+    #endif
+    return 0;
+}
+
+int crypto_aead_decrypt(
+    unsigned char *m, unsigned long long *mlen,
+    unsigned char *nsec,
+    const unsigned char *c, unsigned long long clen,
+    const unsigned char *ad, unsigned long long adlen,
+    const unsigned char *npub,
+    const unsigned char *k)
+{
+    Xoodyak_Instance    instance;
+    unsigned char        tag[TAGLEN];
+    unsigned long long    mlen_;
+
+    (void)nsec;
+
+    *mlen = 0;
+    if (clen < TAGLEN) {
+        return -1;
+    }
+    mlen_ = clen - TAGLEN;
+    Xoodyak_Initialize(&instance, k, CRYPTO_KEYBYTES, npub, CRYPTO_NPUBBYTES, NULL, 0);
+    Xoodyak_Absorb(&instance, ad, (size_t)adlen);
+    Xoodyak_Decrypt(&instance, c, m, (size_t)mlen_);
+    Xoodyak_Squeeze(&instance, tag, TAGLEN);
+    if (memcmp(tag, c + mlen_, TAGLEN) != 0) {
+        memset(m, 0, (size_t)mlen_);
+        return -1;
+    }
+    *mlen = mlen_;
+    return 0;
+}
diff --git a/tests/SUPERCOP/Xoodyak_aead_round3/selftest.c b/tests/SUPERCOP/Xoodyak_aead_round3/selftest.c
@@ -0,0 +1,32 @@
+/*
+The eXtended Keccak Code Package (XKCP)
+https://github.com/XKCP/XKCP
+
+Xoodyak, designed by Joan Daemen, Seth Hoffert, Michaël Peeters, Gilles Van Assche and Ronny Van Keer.
+
+Implementation by Ronny Van Keer, hereby denoted as "the implementer".
+
+For more information, feedback or questions, please refer to the Keccak Team website:
+https://keccak.team/
+
+To the extent possible under law, the implementer has waived all copyright
+and related or neighboring rights to the source code in this file.
+http://creativecommons.org/publicdomain/zero/1.0/
+*/
+
+#include "test_crypto_aead.h"
+
+int main()
+{
+    const unsigned char *key = (const unsigned char *)
+        "\x5a\x4b\x3c\x2d\x1e\x0f\x00\xf1\xe2\xd3\xc4\xb5\xa6\x97\x88\x79";
+    const unsigned char *nonce = (const unsigned char *)
+        "\x6b\x4c\x2d\x0e\xef\xd0\xb1\x92\x72\x53\x34\x15\xf6\xd7\xb8\x99";
+    const unsigned char *AD = (const unsigned char *)
+        "\x32\xf3\xb4\x75\x35\xf6";
+    const unsigned char *plaintext = (const unsigned char *)
+        "\xe4\x65\xe5\x66\xe6\x67\xe7";
+    const unsigned char *ciphertext = (const unsigned char *)
+        "\x6e\x68\x08\x1c\x7e\xac\xbf\x72\xe2\xa6\x77\xa6\x0e\x44\x27\x48\xd7\xa8\x6e\x78\x8e\xb9\xd4";
+    return test_crypto_aead(key, 16, nonce, 16, AD, 6, plaintext, 7, ciphertext, 16);
+}