lilliput-ae-reference-implementation

Implementations of Lilliput-AE submitted to the NIST LWC standardization process
git clone https://git.kevinlegouguec.net/lilliput-ae-reference-implementation
Log | Files | Refs | README

test-ae-roundtrip.c (2875B)

      1 #include <stdio.h>
      2 #include <stdint.h>
      3 #include <string.h>
      4 
      5 #include "lilliput-ae.h"
      6 
      7 #include "test-helpers.h"
      8 
      9 
     10 struct vector
     11 {
     12     char *name;
     13     uint8_t key[KEY_BYTES];
     14     uint8_t nonce[NONCE_BYTES];
     15     size_t auth_len;
     16     uint8_t *auth;
     17     size_t message_len;
     18     uint8_t *message;
     19 };
     20 
     21 typedef struct vector vector;
     22 
     23 
     24 /* Keys and nonces generated with /dev/urandom. */
     25 
     26 const vector VECTORS[] = {
     27     {
     28         .name = "short",
     29         .key = {
     30             0xdc, 0xd8, 0xcb, 0x6d, 0xf9, 0xda, 0xf2, 0xc9,
     31             0x7c, 0xc1, 0x6a, 0xff, 0x7e, 0x1d, 0x27, 0xa3
     32         },
     33         .nonce = {
     34             0xcd, 0x6f, 0x24, 0xe1, 0xf8, 0xcd, 0x64, 0xde,
     35             0x18, 0x2f, 0x92, 0xab, 0xdb, 0xfa, 0xff
     36         },
     37         .auth_len = 8,
     38         .auth = (uint8_t*)"deadbeef",
     39         .message_len = 4,
     40         .message = (uint8_t[]){
     41             0xde, 0xad, 0xbe, 0xef
     42         }
     43     },
     44     {
     45         .name = "block-sized",
     46         .key = {
     47             0x3f, 0x75, 0x05, 0x0a, 0xc1, 0xc6, 0xb5, 0xe0,
     48             0x57, 0x2e, 0x60, 0x9e, 0x32, 0xab, 0xbe, 0xd0
     49         },
     50         .nonce = {
     51             0xcd, 0x7d, 0xb0, 0xa0, 0x62, 0xdf, 0xda, 0x0a,
     52             0x23, 0x7a, 0x17, 0x32, 0x60, 0x42, 0xef
     53         },
     54         .auth_len = 13,
     55         .auth = (uint8_t*)"some metadata",
     56         .message_len = 2*BLOCK_BYTES,
     57         .message = (uint8_t*)"32-byte long, i.e. 2*BLOCK_BYTES"
     58     },
     59     {
     60         .name = "arbitrarily long",
     61         .key = {
     62             0x13, 0x6a, 0x99, 0xfd, 0xbf, 0x88, 0xac, 0xf8,
     63             0x92, 0x7b, 0x27, 0xb1, 0x10, 0xa5, 0xe8, 0x73
     64         },
     65         .nonce = {
     66             0x59, 0x41, 0xa7, 0x53, 0x0f, 0xde, 0xf1, 0xb1,
     67             0xca, 0xd5, 0x80, 0xc4, 0x1c, 0x16, 0x2b
     68         },
     69         .auth_len = 30,
     70         .auth = (uint8_t*)"a bunch of associated metadata",
     71         .message_len = 59,
     72         .message = (uint8_t*)"here comes the placeholder: foobar ipsum dolor sit baz quux"
     73     }
     74 };
     75 
     76 
     77 int main()
     78 {
     79     int diff = 0;
     80 
     81     for (const vector *v=VECTORS; v<ARRAY_END(VECTORS); v++)
     82     {
     83         uint8_t ciphertext[v->message_len];
     84         uint8_t tag[TAG_BYTES];
     85 
     86         lilliput_ae_encrypt(
     87             v->message_len, v->message,
     88             v->auth_len, v->auth,
     89             v->key, v->nonce,
     90             ciphertext,
     91             tag
     92         );
     93 
     94         uint8_t deciphered[v->message_len];
     95         bool valid = lilliput_ae_decrypt(
     96             v->message_len, ciphertext,
     97             v->auth_len, v->auth,
     98             v->key, v->nonce, tag,
     99             deciphered
    100         );
    101 
    102         if (!valid)
    103         {
    104             REPORT_INVALID(v->name);
    105             diff++;
    106             continue;
    107         }
    108 
    109         if (memcmp(deciphered, v->message, v->message_len) != 0)
    110         {
    111             REPORT_DIFFERENCE(v->name, "deciphered plaintext");
    112             diff++;
    113             continue;
    114         }
    115     }
    116 
    117     return diff;
    118 }