1 files changed, 81 insertions, 0 deletions
diff --git a/python/genkat_aead.py b/python/genkat_aead.py
new file mode 100755
index 0000000..e9f9101
--- /dev/null
+++ b/python/genkat_aead.py
@@ -0,0 +1,81 @@
+#!/usr/bin/env python3
+
+import lilliput
+from os import makedirs, path
+
+
+MAX_MESSAGE_LENGTH = 32
+MAX_ADATA_LENGTH = 32
+
+CRYPTO_NPUBBYTES = 120//8
+
+
+def bstr(buf):
+    return ''.join('{:02X}'.format(b) for b in buf)
+
+
+def print_bstr(output, label, buf):
+    print('{l} = {b}'.format(l=label, b=bstr(buf)), file=output)
+
+
+class DecryptionError(Exception):
+    def __init__(self, expected, actual, mode, keylen):
+        self.expected = expected
+        self.actual = actual
+        self.mode = mode
+        self.keylen = keylen
+        
+    def __str__(self):
+        return '({s.mode} / {s.keylen}) Expected {exp}; got {act}'.format(
+            s=self,
+            exp=bstr(self.expected),
+            act=bstr(self.actual)
+        )
+
+
+def generate_test_vectors(mode, keylen):
+    print('generating for', mode, keylen)
+
+    directory = 'crypto_aead/lilliputae{mode}{keylen}v1'.format(
+        mode=mode*'i', keylen=keylen
+    )
+
+    makedirs(directory, exist_ok=True)
+
+    output_path = path.join(
+        directory, 'LWC_AEAD_KAT_{keylen}_120.txt'.format(keylen=keylen)
+    )
+
+    with open(output_path, 'w') as output:
+
+        count = 1
+        for mlen in range(MAX_MESSAGE_LENGTH+1):
+            for adlen in range(MAX_ADATA_LENGTH+1):
+                print('Count = {c}'.format(c=count), file=output)
+
+                msg = bytes(range(mlen))
+                ad = bytes(range(adlen))
+
+                print_bstr(output, 'Key', bytes(range(keylen//8)))
+                print_bstr(output, 'Nonce', bytes(range(CRYPTO_NPUBBYTES)))
+                print_bstr(output, 'PT', msg)
+                print_bstr(output, 'AD', ad)
+
+                ct, tag = lilliput.mainEnc(msg, ad, mode, keylen)
+
+                print_bstr(output, 'CT', ct+tag)
+
+                msg2 = lilliput.mainDec(ct, tag, ad, mode, keylen)
+
+                if msg != msg2:
+                    raise DecryptionError(msg, msg2, mode, keylen)
+
+                count+=1
+
+                print(file=output)
+
+
+if __name__ == '__main__':
+    for mode in 1, 2:
+        for keylen in 128, 192, 256:
+            generate_test_vectors(mode, keylen)