diff options
Diffstat (limited to 'src/tests')
| -rw-r--r-- | src/tests/data/pubkey/rsa_kem.vec | 25 | ||||
| -rw-r--r-- | src/tests/test_mceliece.cpp | 32 | ||||
| -rw-r--r-- | src/tests/test_pubkey.cpp | 40 | ||||
| -rw-r--r-- | src/tests/test_pubkey.h | 16 | ||||
| -rw-r--r-- | src/tests/test_rsa.cpp | 20 |
5 files changed, 119 insertions, 14 deletions
diff --git a/src/tests/data/pubkey/rsa_kem.vec b/src/tests/data/pubkey/rsa_kem.vec new file mode 100644 index 000000000..6fb76fcfe --- /dev/null +++ b/src/tests/data/pubkey/rsa_kem.vec @@ -0,0 +1,25 @@ + +# RSA-KEM tests vectors from ISO-18033-2 +# http://www.shoup.net/iso/std4.pdf + +# R values here are -1 from the actual desired value to account for +# some logic in random_integer wrt the bounds + +# Test C.6.2 +E = 65537 +P = 74100103850091296168511028051948833436338123529747970640732238422269665602829 +Q = 79461607023043824134896992211543210236933205105414344240218914846895267687977 +R = 032E45326FA859A72EC235ACFF929B15D1372E30B207255F0611B8F785D764374152E0AC009E509E7BA30CD2F1778E113B64E135CF4E2292C75EFE5288EDFDA3 +C0 = 4603E5324CAB9CEF8365C817052D954D44447B1667099EDC69942D32CD594E4FFCF268AE3836E2C35744AAA53AE201FE499806B67DEDAA26BF72ECBD117A6FC0 +KDF = KDF2(SHA-1) +K = 0E6A26EB7B956CCB8B3BDC1CA975BC57C3989E8FBAD31A224655D800C46954840F + +# Test C.6.4 + +E = 65537 +P = 74100103850091296168511028051948833436338123529747970640732238422269665602829 +Q = 79461607023043824134896992211543210236933205105414344240218914846895267687977 +R = 032E45326FA859A72EC235ACFF929B15D1372E30B207255F0611B8F785D764374152E0AC009E509E7BA30CD2F1778E113B64E135CF4E2292C75EFE5288EDFDA3 +C0 = 4603E5324CAB9CEF8365C817052D954D44447B1667099EDC69942D32CD594E4FFCF268AE3836E2C35744AAA53AE201FE499806B67DEDAA26BF72ECBD117A6FC0 +KDF = KDF2(SHA-256) +K = 10a2403db42a8743cb989de86e668d168cbe6046 diff --git a/src/tests/test_mceliece.cpp b/src/tests/test_mceliece.cpp index d3c646504..5bbe7161a 100644 --- a/src/tests/test_mceliece.cpp +++ b/src/tests/test_mceliece.cpp @@ -11,7 +11,6 @@ #if defined(BOTAN_HAS_MCELIECE) #include <botan/mceliece.h> -#include <botan/mce_kem.h> #include <botan/pubkey.h> #include <botan/oids.h> #include <botan/hmac_drbg.h> @@ -81,13 +80,17 @@ class McEliece_Keygen_Encrypt_Test : public Text_Based_Test rng.clear(); rng.add_entropy(encrypt_seed.data(), encrypt_seed.size()); - Botan::McEliece_KEM_Encryptor kem_enc(mce_priv); - Botan::McEliece_KEM_Decryptor kem_dec(mce_priv); + Botan::PK_KEM_Encryptor kem_enc(mce_priv, "KDF1(SHA-512)"); + Botan::PK_KEM_Decryptor kem_dec(mce_priv, "KDF1(SHA-512)"); - const auto kem = kem_enc.encrypt(rng); - result.test_eq("ciphertext", kem.first, ciphertext); - result.test_eq("encrypt shared", kem.second, shared_key); - result.test_eq("decrypt shared", kem_dec.decrypt_vec(kem.first), shared_key); + Botan::secure_vector<byte> encap_key, prod_shared_key; + kem_enc.encrypt(encap_key, prod_shared_key, 64, rng); + + Botan::secure_vector<byte> dec_shared_key = kem_dec.decrypt(encap_key.data(), encap_key.size(), 64); + + result.test_eq("ciphertext", encap_key, ciphertext); + result.test_eq("encrypt shared", prod_shared_key, shared_key); + result.test_eq("decrypt shared", dec_shared_key, shared_key); return result; } @@ -176,18 +179,19 @@ class McEliece_Tests : public Test { Test::Result result("McEliece KEM"); - Botan::McEliece_KEM_Encryptor pub_op(pk); - Botan::McEliece_KEM_Decryptor priv_op(sk); + Botan::PK_KEM_Encryptor enc_op(pk, "KDF2(SHA-256)"); + Botan::PK_KEM_Decryptor dec_op(sk, "KDF2(SHA-256)"); for(size_t i = 0; i <= Test::soak_level(); i++) { - const std::pair<Botan::secure_vector<byte>,Botan::secure_vector<byte> > ciphertext__sym_key = pub_op.encrypt(Test::rng()); - const Botan::secure_vector<byte>& ciphertext = ciphertext__sym_key.first; - const Botan::secure_vector<byte>& sym_key_encr = ciphertext__sym_key.second; + Botan::secure_vector<byte> salt = Test::rng().random_vec(i); + + Botan::secure_vector<byte> encap_key, shared_key; + enc_op.encrypt(encap_key, shared_key, 64, Test::rng(), salt); - const Botan::secure_vector<byte> sym_key_decr = priv_op.decrypt(ciphertext.data(), ciphertext.size()); + Botan::secure_vector<byte> shared_key2 = dec_op.decrypt(encap_key, 64, salt); - result.test_eq("same key", sym_key_decr, sym_key_encr); + result.test_eq("same key", shared_key, shared_key2); } return result; } diff --git a/src/tests/test_pubkey.cpp b/src/tests/test_pubkey.cpp index 89d79bec8..a596824a7 100644 --- a/src/tests/test_pubkey.cpp +++ b/src/tests/test_pubkey.cpp @@ -249,6 +249,46 @@ PK_Encryption_Decryption_Test::run_one_test(const std::string&, const VarMap& va return result; } +Test::Result PK_KEM_Test::run_one_test(const std::string&, const VarMap& vars) + { + const std::vector<uint8_t> K = get_req_bin(vars, "K"); + const std::vector<uint8_t> C0 = get_req_bin(vars, "C0"); + const std::vector<uint8_t> salt = get_opt_bin(vars, "Salt"); + const std::string kdf = get_req_str(vars, "KDF"); + + Test::Result result(algo_name() + "/" + kdf + " KEM"); + + std::unique_ptr<Botan::Private_Key> privkey = load_private_key(vars); + + const size_t desired_key_len = K.size(); + + Botan::PK_KEM_Encryptor enc(*privkey, kdf); + + Fixed_Output_RNG fixed_output_rng(get_req_bin(vars, "R")); + + Botan::secure_vector<byte> produced_encap_key, shared_key; + enc.encrypt(produced_encap_key, + shared_key, + desired_key_len, + fixed_output_rng, + salt); + + result.test_eq("C0 matches", produced_encap_key, C0); + result.test_eq("K matches", shared_key, K); + + Botan::PK_KEM_Decryptor dec(*privkey, kdf); + + const Botan::secure_vector<uint8_t> decr_shared_key = + dec.decrypt(C0.data(), C0.size(), + desired_key_len, + salt.data(), + salt.size()); + + result.test_eq("decrypted K matches", decr_shared_key, K); + + return result; + } + Test::Result PK_Key_Agreement_Test::run_one_test(const std::string&, const VarMap& vars) { const std::vector<uint8_t> shared = get_req_bin(vars, "K"); diff --git a/src/tests/test_pubkey.h b/src/tests/test_pubkey.h index edb36f07b..beb1b2ea2 100644 --- a/src/tests/test_pubkey.h +++ b/src/tests/test_pubkey.h @@ -87,6 +87,22 @@ class PK_Key_Agreement_Test : public Text_Based_Test Test::Result run_one_test(const std::string& header, const VarMap& vars) override; }; +class PK_KEM_Test : public Text_Based_Test + { + public: + //using Text_Based_Test::Text_Based_Test; + + PK_KEM_Test(const std::string& algo, + const std::string& test_src, + const std::vector<std::string>& required_keys, + const std::vector<std::string>& optional_keys = {}) : + Text_Based_Test(algo, test_src, required_keys, optional_keys) {} + + virtual std::unique_ptr<Botan::Private_Key> load_private_key(const VarMap& vars) = 0; + private: + Test::Result run_one_test(const std::string& header, const VarMap& vars) override; + }; + class PK_Key_Generation_Test : public Test { protected: diff --git a/src/tests/test_rsa.cpp b/src/tests/test_rsa.cpp index 2720ae49a..6c89a5b29 100644 --- a/src/tests/test_rsa.cpp +++ b/src/tests/test_rsa.cpp @@ -38,6 +38,25 @@ class RSA_ES_KAT_Tests : public PK_Encryption_Decryption_Test } }; +class RSA_KEM_Tests : public PK_KEM_Test + { + public: + RSA_KEM_Tests() : PK_KEM_Test("RSA", "pubkey/rsa_kem.vec", + {"E", "P", "Q", "R", "C0", "KDF", "OutLen", "K"}) + {} + + std::unique_ptr<Botan::Private_Key> load_private_key(const VarMap& vars) override + { + const BigInt p = get_req_bn(vars, "P"); + const BigInt q = get_req_bn(vars, "Q"); + const BigInt e = get_req_bn(vars, "E"); + + std::unique_ptr<Botan::Private_Key> key(new Botan::RSA_PrivateKey(Test::rng(), p, q, e)); + return key; + } + + }; + class RSA_Signature_KAT_Tests : public PK_Signature_Generation_Test { public: @@ -100,6 +119,7 @@ class RSA_Keygen_Tests : public PK_Key_Generation_Test BOTAN_REGISTER_TEST("rsa_encrypt", RSA_ES_KAT_Tests); BOTAN_REGISTER_TEST("rsa_sign", RSA_Signature_KAT_Tests); BOTAN_REGISTER_TEST("rsa_verify", RSA_Signature_Verify_Tests); +BOTAN_REGISTER_TEST("rsa_kem", RSA_KEM_Tests); BOTAN_REGISTER_TEST("rsa_keygen", RSA_Keygen_Tests); #endif |