lilliput-ae-reference-implementation

Implementations of Lilliput-AE submitted to the NIST LWC standardization process
git clone https://git.kevinlegouguec.net/lilliput-ae-reference-implementation
Log | Files | Refs | README

test-ae-decrypt.c (5339B)

      1 #include <stdio.h>
      2 #include <stdint.h>
      3 #include <string.h>
      4 
      5 #include "lilliput-ae.h"
      6 
      7 #include "test-helpers.h"
      8 
      9 
     10 struct vector
     11 {
     12     char *name;
     13     uint8_t key[KEY_BYTES];
     14     uint8_t nonce[NONCE_BYTES];
     15     size_t auth_len;
     16     uint8_t *auth;
     17     uint8_t *ciphertext;
     18     size_t ciphertext_len;
     19     uint8_t tag[TAG_BYTES];
     20     uint8_t *message;
     21 };
     22 
     23 typedef struct vector vector;
     24 
     25 
     26 const vector VECTORS[] = {
     27     {
     28         .name = "order",
     29         .key = {
     30             0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
     31             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
     32         },
     33         .nonce = {
     34             0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
     35             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e
     36         },
     37         .auth_len = 64,
     38         .auth = (uint8_t[]) {
     39             0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
     40             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
     41             0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
     42             0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
     43             0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
     44             0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
     45             0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
     46             0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
     47         },
     48         .ciphertext_len = 64,
     49         .ciphertext = (uint8_t[]) {
     50             0xa2, 0xd5, 0xa6, 0x38, 0xca, 0xcf, 0xce, 0x90,
     51             0xaf, 0xc3, 0xb8, 0x99, 0x36, 0xba, 0xf1, 0x12,
     52             0x94, 0x13, 0x87, 0xb8, 0x7e, 0x6c, 0x07, 0x48,
     53             0x25, 0x25, 0x66, 0xd8, 0xa4, 0x05, 0xc9, 0xd3,
     54             0xc0, 0xaa, 0x27, 0xc6, 0xa6, 0x67, 0x53, 0x8f,
     55             0xcc, 0xd9, 0xd3, 0xdb, 0xf5, 0xdc, 0xad, 0xa0,
     56             0x4b, 0x3e, 0x9a, 0xfb, 0x7c, 0xe9, 0x17, 0x9c,
     57             0xb8, 0x17, 0x13, 0x9f, 0x32, 0x70, 0x5c, 0x62
     58         },
     59         .tag = {
     60             0x04, 0xaa, 0xc8, 0x19, 0x32, 0x70, 0x32, 0x24,
     61             0xe8, 0x27, 0xb7, 0xab, 0xec, 0xd8, 0x2f, 0x6c
     62         },
     63         .message = (uint8_t[]) {
     64             0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
     65             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
     66             0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
     67             0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
     68             0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
     69             0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
     70             0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
     71             0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
     72         }
     73     },
     74     {
     75         .name = "order-padded",
     76         .key = {
     77             0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
     78             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
     79         },
     80         .nonce = {
     81             0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
     82             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e
     83         },
     84         .auth_len = 66,
     85         .auth = (uint8_t[]) {
     86             0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
     87             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
     88             0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
     89             0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
     90             0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
     91             0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
     92             0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
     93             0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
     94             0x40, 0x01
     95         },
     96         .ciphertext_len = 66,
     97         .ciphertext = (uint8_t[]) {
     98             0xa2, 0xd5, 0xa6, 0x38, 0xca, 0xcf, 0xce, 0x90,
     99             0xaf, 0xc3, 0xb8, 0x99, 0x36, 0xba, 0xf1, 0x12,
    100             0x94, 0x13, 0x87, 0xb8, 0x7e, 0x6c, 0x07, 0x48,
    101             0x25, 0x25, 0x66, 0xd8, 0xa4, 0x05, 0xc9, 0xd3,
    102             0xc0, 0xaa, 0x27, 0xc6, 0xa6, 0x67, 0x53, 0x8f,
    103             0xcc, 0xd9, 0xd3, 0xdb, 0xf5, 0xdc, 0xad, 0xa0,
    104             0x4b, 0x3e, 0x9a, 0xfb, 0x7c, 0xe9, 0x17, 0x9c,
    105             0xb8, 0x17, 0x13, 0x9f, 0x32, 0x70, 0x5c, 0x62,
    106             0x88, 0x5a
    107         },
    108         .tag = {
    109             0x64, 0xa2, 0x24, 0x03, 0xc5, 0x79, 0x4f, 0xec,
    110             0xe7, 0x7d, 0xc1, 0xf6, 0xc9, 0xc6, 0x77, 0x2c
    111         },
    112         .message = (uint8_t[]) {
    113             0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
    114             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
    115             0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
    116             0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
    117             0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
    118             0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
    119             0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
    120             0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
    121             0x40, 0x01
    122         }
    123     }
    124 };
    125 
    126 
    127 int main()
    128 {
    129     int diff = 0;
    130 
    131     for (const vector *v=VECTORS; v<ARRAY_END(VECTORS); v++)
    132     {
    133         uint8_t message[v->ciphertext_len];
    134 
    135         if (! lilliput_ae_decrypt(
    136                 v->ciphertext_len, v->ciphertext,
    137                 v->auth_len, v->auth,
    138                 v->key, v->nonce,
    139                 v->tag,
    140                 message
    141             ))
    142         {
    143             REPORT_INVALID(v->name);
    144             diff++;
    145             continue;
    146         }
    147 
    148         if (memcmp(message, v->message, v->ciphertext_len) != 0)
    149         {
    150             REPORT_DIFFERENCE(v->name, "ciphertext");
    151             diff++;
    152         }
    153     }
    154 
    155     return diff;
    156 }