diff options
Diffstat (limited to 'src/libstrongswan/plugins/newhope')
17 files changed, 4405 insertions, 0 deletions
diff --git a/src/libstrongswan/plugins/newhope/Makefile.am b/src/libstrongswan/plugins/newhope/Makefile.am new file mode 100644 index 000000000..b01987d22 --- /dev/null +++ b/src/libstrongswan/plugins/newhope/Makefile.am @@ -0,0 +1,33 @@ +AM_CPPFLAGS = \ + -I$(top_srcdir)/src/libstrongswan \ + -I$(top_srcdir)/src/libstrongswan/math/libnttfft + +AM_CFLAGS = \ + $(PLUGIN_CFLAGS) \ + @COVERAGE_CFLAGS@ + +# these files are also used by the tests, we can't directly refer to them +# because of the subdirectory, which would cause distclean to fail +noinst_LTLIBRARIES = libnewhope.la +libnewhope_la_SOURCES = \ + newhope_ke.h newhope_ke.c \ + newhope_noise.h newhope_noise.c \ + newhope_reconciliation.h newhope_reconciliation.c + +libnewhope_la_LIBADD = \ + $(top_builddir)/src/libstrongswan/math/libnttfft/libnttfft.la + +if MONOLITHIC +noinst_LTLIBRARIES += libstrongswan-newhope.la +else +plugin_LTLIBRARIES = libstrongswan-newhope.la +endif + +libstrongswan_newhope_la_SOURCES = \ + newhope_plugin.h newhope_plugin.c + +libstrongswan_newhope_la_LDFLAGS = -module -avoid-version + +libstrongswan_newhope_la_LIBADD = libnewhope.la + + diff --git a/src/libstrongswan/plugins/newhope/Makefile.in b/src/libstrongswan/plugins/newhope/Makefile.in new file mode 100644 index 000000000..be31fb29c --- /dev/null +++ b/src/libstrongswan/plugins/newhope/Makefile.in @@ -0,0 +1,818 @@ +# Makefile.in generated by automake 1.15 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994-2014 Free Software Foundation, Inc. + +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +VPATH = @srcdir@ +am__is_gnu_make = { \ + if test -z '$(MAKELEVEL)'; then \ + false; \ + elif test -n '$(MAKE_HOST)'; then \ + true; \ + elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \ + true; \ + else \ + false; \ + fi; \ +} +am__make_running_with_option = \ + case $${target_option-} in \ + ?) ;; \ + *) echo "am__make_running_with_option: internal error: invalid" \ + "target option '$${target_option-}' specified" >&2; \ + exit 1;; \ + esac; \ + has_opt=no; \ + sane_makeflags=$$MAKEFLAGS; \ + if $(am__is_gnu_make); then \ + sane_makeflags=$$MFLAGS; \ + else \ + case $$MAKEFLAGS in \ + *\\[\ \ ]*) \ + bs=\\; \ + sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ + | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ + esac; \ + fi; \ + skip_next=no; \ + strip_trailopt () \ + { \ + flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ + }; \ + for flg in $$sane_makeflags; do \ + test $$skip_next = yes && { skip_next=no; continue; }; \ + case $$flg in \ + *=*|--*) continue;; \ + -*I) strip_trailopt 'I'; skip_next=yes;; \ + -*I?*) strip_trailopt 'I';; \ + -*O) strip_trailopt 'O'; skip_next=yes;; \ + -*O?*) strip_trailopt 'O';; \ + -*l) strip_trailopt 'l'; skip_next=yes;; \ + -*l?*) strip_trailopt 'l';; \ + -[dEDm]) skip_next=yes;; \ + -[JT]) skip_next=yes;; \ + esac; \ + case $$flg in \ + *$$target_option*) has_opt=yes; break;; \ + esac; \ + done; \ + test $$has_opt = yes +am__make_dryrun = (target_option=n; $(am__make_running_with_option)) +am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) +pkgdatadir = $(datadir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +@MONOLITHIC_TRUE@am__append_1 = libstrongswan-newhope.la +subdir = src/libstrongswan/plugins/newhope +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \ + $(top_srcdir)/m4/config/ltoptions.m4 \ + $(top_srcdir)/m4/config/ltsugar.m4 \ + $(top_srcdir)/m4/config/ltversion.m4 \ + $(top_srcdir)/m4/config/lt~obsolete.m4 \ + $(top_srcdir)/m4/macros/split-package-version.m4 \ + $(top_srcdir)/m4/macros/with.m4 \ + $(top_srcdir)/m4/macros/enable-disable.m4 \ + $(top_srcdir)/m4/macros/add-plugin.m4 \ + $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON) +mkinstalldirs = $(install_sh) -d +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' +am__uninstall_files_from_dir = { \ + test -z "$$files" \ + || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ + || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ + $(am__cd) "$$dir" && rm -f $$files; }; \ + } +am__installdirs = "$(DESTDIR)$(plugindir)" +LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) +libnewhope_la_DEPENDENCIES = \ + $(top_builddir)/src/libstrongswan/math/libnttfft/libnttfft.la +am_libnewhope_la_OBJECTS = newhope_ke.lo newhope_noise.lo \ + newhope_reconciliation.lo +libnewhope_la_OBJECTS = $(am_libnewhope_la_OBJECTS) +AM_V_lt = $(am__v_lt_@AM_V@) +am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) +am__v_lt_0 = --silent +am__v_lt_1 = +libstrongswan_newhope_la_DEPENDENCIES = libnewhope.la +am_libstrongswan_newhope_la_OBJECTS = newhope_plugin.lo +libstrongswan_newhope_la_OBJECTS = \ + $(am_libstrongswan_newhope_la_OBJECTS) +libstrongswan_newhope_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \ + $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \ + $(AM_CFLAGS) $(CFLAGS) $(libstrongswan_newhope_la_LDFLAGS) \ + $(LDFLAGS) -o $@ +@MONOLITHIC_FALSE@am_libstrongswan_newhope_la_rpath = -rpath \ +@MONOLITHIC_FALSE@ $(plugindir) +@MONOLITHIC_TRUE@am_libstrongswan_newhope_la_rpath = +AM_V_P = $(am__v_P_@AM_V@) +am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) +am__v_P_0 = false +am__v_P_1 = : +AM_V_GEN = $(am__v_GEN_@AM_V@) +am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) +am__v_GEN_0 = @echo " GEN " $@; +am__v_GEN_1 = +AM_V_at = $(am__v_at_@AM_V@) +am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) +am__v_at_0 = @ +am__v_at_1 = +DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \ + $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \ + $(AM_CFLAGS) $(CFLAGS) +AM_V_CC = $(am__v_CC_@AM_V@) +am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) +am__v_CC_0 = @echo " CC " $@; +am__v_CC_1 = +CCLD = $(CC) +LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ + $(AM_LDFLAGS) $(LDFLAGS) -o $@ +AM_V_CCLD = $(am__v_CCLD_@AM_V@) +am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) +am__v_CCLD_0 = @echo " CCLD " $@; +am__v_CCLD_1 = +SOURCES = $(libnewhope_la_SOURCES) $(libstrongswan_newhope_la_SOURCES) +DIST_SOURCES = $(libnewhope_la_SOURCES) \ + $(libstrongswan_newhope_la_SOURCES) +am__can_run_installinfo = \ + case $$AM_UPDATE_INFO_DIR in \ + n|no|NO) false;; \ + *) (install-info --version) >/dev/null 2>&1;; \ + esac +am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) +# Read a list of newline-separated strings from the standard input, +# and print each of them once, without duplicates. Input order is +# *not* preserved. +am__uniquify_input = $(AWK) '\ + BEGIN { nonempty = 0; } \ + { items[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in items) print i; }; } \ +' +# Make sure the list of sources is unique. This is necessary because, +# e.g., the same source file might be shared among _SOURCES variables +# for different programs/libraries. +am__define_uniq_tagged_files = \ + list='$(am__tagged_files)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | $(am__uniquify_input)` +ETAGS = etags +CTAGS = ctags +am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +ALLOCA = @ALLOCA@ +AMTAR = @AMTAR@ +AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ +AR = @AR@ +ATOMICLIB = @ATOMICLIB@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +BFDLIB = @BFDLIB@ +BTLIB = @BTLIB@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ +COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DLLIB = @DLLIB@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ +EASY_INSTALL = @EASY_INSTALL@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +FGREP = @FGREP@ +GEM = @GEM@ +GENHTML = @GENHTML@ +GPERF = @GPERF@ +GPRBUILD = @GPRBUILD@ +GREP = @GREP@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LCOV = @LCOV@ +LD = @LD@ +LDFLAGS = @LDFLAGS@ +LEX = @LEX@ +LEXLIB = @LEXLIB@ +LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LIBTOOL = @LIBTOOL@ +LIPO = @LIPO@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@ +MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ +MKDIR_P = @MKDIR_P@ +MYSQLCFLAG = @MYSQLCFLAG@ +MYSQLCONFIG = @MYSQLCONFIG@ +MYSQLLIB = @MYSQLLIB@ +NM = @NM@ +NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +OPENSSL_LIB = @OPENSSL_LIB@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PACKAGE_VERSION_BUILD = @PACKAGE_VERSION_BUILD@ +PACKAGE_VERSION_MAJOR = @PACKAGE_VERSION_MAJOR@ +PACKAGE_VERSION_MINOR = @PACKAGE_VERSION_MINOR@ +PACKAGE_VERSION_REVIEW = @PACKAGE_VERSION_REVIEW@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PERL = @PERL@ +PKG_CONFIG = @PKG_CONFIG@ +PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ +PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ +PLUGIN_CFLAGS = @PLUGIN_CFLAGS@ +PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ +PY_TEST = @PY_TEST@ +RANLIB = @RANLIB@ +RTLIB = @RTLIB@ +RUBY = @RUBY@ +RUBYGEMDIR = @RUBYGEMDIR@ +RUBYINCLUDE = @RUBYINCLUDE@ +RUBYLIB = @RUBYLIB@ +SED = @SED@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +SOCKLIB = @SOCKLIB@ +STRIP = @STRIP@ +UNWINDLIB = @UNWINDLIB@ +VERSION = @VERSION@ +YACC = @YACC@ +YFLAGS = @YFLAGS@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +aikgen_plugins = @aikgen_plugins@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +attest_plugins = @attest_plugins@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +c_plugins = @c_plugins@ +charon_natt_port = @charon_natt_port@ +charon_plugins = @charon_plugins@ +charon_udp_port = @charon_udp_port@ +clearsilver_LIBS = @clearsilver_LIBS@ +cmd_plugins = @cmd_plugins@ +datadir = @datadir@ +datarootdir = @datarootdir@ +dev_headers = @dev_headers@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +fips_mode = @fips_mode@ +gtk_CFLAGS = @gtk_CFLAGS@ +gtk_LIBS = @gtk_LIBS@ +h_plugins = @h_plugins@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +imcvdir = @imcvdir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +ipsec_script = @ipsec_script@ +ipsec_script_upper = @ipsec_script_upper@ +ipsecdir = @ipsecdir@ +ipsecgroup = @ipsecgroup@ +ipseclibdir = @ipseclibdir@ +ipsecuser = @ipsecuser@ +json_CFLAGS = @json_CFLAGS@ +json_LIBS = @json_LIBS@ +libdir = @libdir@ +libexecdir = @libexecdir@ +libiptc_CFLAGS = @libiptc_CFLAGS@ +libiptc_LIBS = @libiptc_LIBS@ +linux_headers = @linux_headers@ +localedir = @localedir@ +localstatedir = @localstatedir@ +manager_plugins = @manager_plugins@ +mandir = @mandir@ +medsrv_plugins = @medsrv_plugins@ +mkdir_p = @mkdir_p@ +nm_CFLAGS = @nm_CFLAGS@ +nm_LIBS = @nm_LIBS@ +nm_ca_dir = @nm_ca_dir@ +nm_plugins = @nm_plugins@ +oldincludedir = @oldincludedir@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ +pdfdir = @pdfdir@ +piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ +pki_plugins = @pki_plugins@ +plugindir = @plugindir@ +pool_plugins = @pool_plugins@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ +random_device = @random_device@ +resolv_conf = @resolv_conf@ +routing_table = @routing_table@ +routing_table_prio = @routing_table_prio@ +runstatedir = @runstatedir@ +s_plugins = @s_plugins@ +sbindir = @sbindir@ +scepclient_plugins = @scepclient_plugins@ +scripts_plugins = @scripts_plugins@ +sharedstatedir = @sharedstatedir@ +soup_CFLAGS = @soup_CFLAGS@ +soup_LIBS = @soup_LIBS@ +srcdir = @srcdir@ +starter_plugins = @starter_plugins@ +strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ +swanctldir = @swanctldir@ +sysconfdir = @sysconfdir@ +systemd_CFLAGS = @systemd_CFLAGS@ +systemd_LIBS = @systemd_LIBS@ +systemd_daemon_CFLAGS = @systemd_daemon_CFLAGS@ +systemd_daemon_LIBS = @systemd_daemon_LIBS@ +systemd_journal_CFLAGS = @systemd_journal_CFLAGS@ +systemd_journal_LIBS = @systemd_journal_LIBS@ +systemdsystemunitdir = @systemdsystemunitdir@ +t_plugins = @t_plugins@ +target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +tss2_CFLAGS = @tss2_CFLAGS@ +tss2_LIBS = @tss2_LIBS@ +urandom_device = @urandom_device@ +xml_CFLAGS = @xml_CFLAGS@ +xml_LIBS = @xml_LIBS@ +AM_CPPFLAGS = \ + -I$(top_srcdir)/src/libstrongswan \ + -I$(top_srcdir)/src/libstrongswan/math/libnttfft + +AM_CFLAGS = \ + $(PLUGIN_CFLAGS) \ + @COVERAGE_CFLAGS@ + + +# these files are also used by the tests, we can't directly refer to them +# because of the subdirectory, which would cause distclean to fail +noinst_LTLIBRARIES = libnewhope.la $(am__append_1) +libnewhope_la_SOURCES = \ + newhope_ke.h newhope_ke.c \ + newhope_noise.h newhope_noise.c \ + newhope_reconciliation.h newhope_reconciliation.c + +libnewhope_la_LIBADD = \ + $(top_builddir)/src/libstrongswan/math/libnttfft/libnttfft.la + +@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-newhope.la +libstrongswan_newhope_la_SOURCES = \ + newhope_plugin.h newhope_plugin.c + +libstrongswan_newhope_la_LDFLAGS = -module -avoid-version +libstrongswan_newhope_la_LIBADD = libnewhope.la +all: all-am + +.SUFFIXES: +.SUFFIXES: .c .lo .o .obj +$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/newhope/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --gnu src/libstrongswan/plugins/newhope/Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; \ + locs=`for p in $$list; do echo $$p; done | \ + sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \ + sort -u`; \ + test -z "$$locs" || { \ + echo rm -f $${locs}; \ + rm -f $${locs}; \ + } + +install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) + @$(NORMAL_INSTALL) + @list='$(plugin_LTLIBRARIES)'; test -n "$(plugindir)" || list=; \ + list2=; for p in $$list; do \ + if test -f $$p; then \ + list2="$$list2 $$p"; \ + else :; fi; \ + done; \ + test -z "$$list2" || { \ + echo " $(MKDIR_P) '$(DESTDIR)$(plugindir)'"; \ + $(MKDIR_P) "$(DESTDIR)$(plugindir)" || exit 1; \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(plugindir)'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(plugindir)"; \ + } + +uninstall-pluginLTLIBRARIES: + @$(NORMAL_UNINSTALL) + @list='$(plugin_LTLIBRARIES)'; test -n "$(plugindir)" || list=; \ + for p in $$list; do \ + $(am__strip_dir) \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(plugindir)/$$f'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(plugindir)/$$f"; \ + done + +clean-pluginLTLIBRARIES: + -test -z "$(plugin_LTLIBRARIES)" || rm -f $(plugin_LTLIBRARIES) + @list='$(plugin_LTLIBRARIES)'; \ + locs=`for p in $$list; do echo $$p; done | \ + sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \ + sort -u`; \ + test -z "$$locs" || { \ + echo rm -f $${locs}; \ + rm -f $${locs}; \ + } + +libnewhope.la: $(libnewhope_la_OBJECTS) $(libnewhope_la_DEPENDENCIES) $(EXTRA_libnewhope_la_DEPENDENCIES) + $(AM_V_CCLD)$(LINK) $(libnewhope_la_OBJECTS) $(libnewhope_la_LIBADD) $(LIBS) + +libstrongswan-newhope.la: $(libstrongswan_newhope_la_OBJECTS) $(libstrongswan_newhope_la_DEPENDENCIES) $(EXTRA_libstrongswan_newhope_la_DEPENDENCIES) + $(AM_V_CCLD)$(libstrongswan_newhope_la_LINK) $(am_libstrongswan_newhope_la_rpath) $(libstrongswan_newhope_la_OBJECTS) $(libstrongswan_newhope_la_LIBADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/newhope_ke.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/newhope_noise.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/newhope_plugin.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/newhope_reconciliation.Plo@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\ +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ +@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< + +.c.obj: +@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\ +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\ +@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` + +.c.lo: +@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\ +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ +@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +ID: $(am__tagged_files) + $(am__define_uniq_tagged_files); mkid -fID $$unique +tags: tags-am +TAGS: tags + +tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + set x; \ + here=`pwd`; \ + $(am__define_uniq_tagged_files); \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ + fi +ctags: ctags-am + +CTAGS: ctags +ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + $(am__define_uniq_tagged_files); \ + test -z "$(CTAGS_ARGS)$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" +cscopelist: cscopelist-am + +cscopelist-am: $(am__tagged_files) + list='$(am__tagged_files)'; \ + case "$(srcdir)" in \ + [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ + *) sdir=$(subdir)/$(srcdir) ;; \ + esac; \ + for i in $$list; do \ + if test -f "$$i"; then \ + echo "$(subdir)/$$i"; \ + else \ + echo "$$sdir/$$i"; \ + fi; \ + done >> $(top_builddir)/cscope.files + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ + else \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ + || exit 1; \ + fi; \ + done +check-am: all-am +check: check-am +all-am: Makefile $(LTLIBRARIES) +installdirs: + for dir in "$(DESTDIR)$(plugindir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + if test -z '$(STRIP)'; then \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + install; \ + else \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ + fi +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-am + +clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ + clean-pluginLTLIBRARIES mostlyclean-am + +distclean: distclean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-am + +dvi-am: + +html: html-am + +html-am: + +info: info-am + +info-am: + +install-data-am: install-pluginLTLIBRARIES + +install-dvi: install-dvi-am + +install-dvi-am: + +install-exec-am: + +install-html: install-html-am + +install-html-am: + +install-info: install-info-am + +install-info-am: + +install-man: + +install-pdf: install-pdf-am + +install-pdf-am: + +install-ps: install-ps-am + +install-ps-am: + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: uninstall-pluginLTLIBRARIES + +.MAKE: install-am install-strip + +.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \ + clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \ + cscopelist-am ctags ctags-am distclean distclean-compile \ + distclean-generic distclean-libtool distclean-tags distdir dvi \ + dvi-am html html-am info info-am install install-am \ + install-data install-data-am install-dvi install-dvi-am \ + install-exec install-exec-am install-html install-html-am \ + install-info install-info-am install-man install-pdf \ + install-pdf-am install-pluginLTLIBRARIES install-ps \ + install-ps-am install-strip installcheck installcheck-am \ + installdirs maintainer-clean maintainer-clean-generic \ + mostlyclean mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \ + uninstall-am uninstall-pluginLTLIBRARIES + +.PRECIOUS: Makefile + + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/src/libstrongswan/plugins/newhope/newhope_ke.c b/src/libstrongswan/plugins/newhope/newhope_ke.c new file mode 100644 index 000000000..28956d5fb --- /dev/null +++ b/src/libstrongswan/plugins/newhope/newhope_ke.c @@ -0,0 +1,622 @@ +/* + * Copyright (C) 2016 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * Based on public domain code by Erdem Alkim, Léo Ducas, Thomas Pöppelmann, + * and Peter Schwabe. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "newhope_ke.h" +#include "newhope_noise.h" +#include "newhope_reconciliation.h" + +#include <ntt_fft.h> +#include <ntt_fft_reduce.h> +#include <crypto/diffie_hellman.h> +#include <utils/debug.h> + +static const int seed_len = 32; /* 256 bits */ +static const int poly_len = 1792; /* size of 1024 packed 14-bit coefficients */ +static const int rec_len = 256; /* size of 1024 packed 2-bit coefficients */ + +typedef struct private_newhope_ke_t private_newhope_ke_t; + +/** + * Private data of an newhope_ke_t object. + */ +struct private_newhope_ke_t { + + /** + * Public newhope_ke_t interface. + */ + newhope_ke_t public; + + /** + * FFT parameter set + */ + const ntt_fft_params_t *params; + + /** + * Secret noise polynomial s + */ + uint32_t *s; + + /** + * Output polynomial u = a * NTT(s') + NTT(e') + */ + uint32_t *u; + + /** + * Error reconciliation help bits + */ + uint8_t *r; + + /** + * Shared secret + */ + chunk_t shared_secret; + +}; + +/** + * Derive 14-bit coefficients of polynomial a from 256 bit random seed + * using the SHAKE128 extended output function + */ +static uint32_t* derive_a_poly(private_newhope_ke_t *this, chunk_t seed) +{ + uint32_t *a; + uint8_t x[2]; + int i = 0; + xof_t *xof; + + xof = lib->crypto->create_xof(lib->crypto, XOF_SHAKE_128); + if (!xof) + { + DBG1(DBG_LIB, "could not instantiate SHAKE128 XOF"); + return NULL; + } + + if (!xof->set_seed(xof, seed)) + { + DBG1(DBG_LIB, "could not set seed of SHAKE128 XOF"); + xof->destroy(xof); + return NULL; + } + + /* allocate dynamic memory for polynomial a */ + a = (uint32_t*)malloc(this->params->n * sizeof(uint32_t)); + + while (i < this->params->n) + { + if (!xof->get_bytes(xof, sizeof(x), x)) + { + DBG1(DBG_LIB, "could not get bytes from SHAKE128 XOF"); + xof->destroy(xof); + free(a); + return NULL; + } + + /* + * Treat x as a 16 bit unsigned little endian integer + * and truncate to 14 bits + */ + a[i] = uletoh16(x) & 0x3fff; + + if (a[i] < this->params->q) + { + i++; + } + } + xof->destroy(xof); + + return a; +} + +/** + * Pack four 14-bit coefficients into seven consecutive bytes + * + * 1 2 3 + * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * |L 0 0 0 0 0 0 0|L 1 H 0 0 0 0 0|M 1 1 1 1 1 1 1|L 2 2 2 H 1 1 1| + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * |M 2 2 2 2 2 2 2|L 3 3 3 3 3 H 2|H 3 3 3 3 3 3 3|L 0 0 0 0 0 0 0| + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + */ +static void pack_poly(private_newhope_ke_t *this, uint8_t *x, uint32_t *p) +{ + int i; + + for (i = 0; i < this->params->n; i += 4) + { + *x++ = (p[i] & 0xff ); + *x++ = (p[i] >> 8) | (p[i+1] << 6); + *x++ = (p[i+1] >> 2); + *x++ = (p[i+1] >> 10) | (p[i+2] << 4); + *x++ = (p[i+2] >> 4); + *x++ = (p[i+2] >> 12) | (p[i+3] << 2); + *x++ = (p[i+3] >> 6); + } +} + +/** + * Unpack seven consecutive bytes into four 14-bit coefficients + */ +static uint32_t* unpack_poly(private_newhope_ke_t * this, uint8_t *x) +{ + uint32_t *p; + int i; + + p = (uint32_t*)malloc(this->params->n * sizeof(uint32_t)); + + for (i = 0; i < this->params->n; i += 4) + { + p[i] = x[0] | (((uint32_t)x[1] & 0x3f) << 8); + p[i+1] = (x[1] >> 6) | (((uint32_t)x[2]) << 2) + | (((uint32_t)x[3] & 0x0f) << 10); + p[i+2] = (x[3] >> 4) | (((uint32_t)x[4]) << 4) + | (((uint32_t)x[5] & 0x03) << 12); + p[i+3] = (x[5] >> 2) | (((uint32_t)x[6]) << 6); + x += 7; + } + for (i = 0; i < this->params->n; i++) + { + if (p[i] >= this->params->q) + { + DBG1(DBG_LIB, "polynomial coefficient must be smaller than %u", + this->params->q); + free(p); + return NULL; + } + } + return p; +} + +/** + * Multiply and add polynomials in the frequency domain + */ +static uint32_t* multiply_add_poly(private_newhope_ke_t *this, + uint32_t *a, uint32_t *e) +{ + ntt_fft_t *fft; + uint32_t *b, t; + int i; + + /* transform s and h to frequency domain */ + fft = ntt_fft_create(this->params); + fft->transform(fft, this->s, this->s, FALSE); + fft->transform(fft, e, e, FALSE); + fft->destroy(fft); + + b = (uint32_t*)malloc(this->params->n * sizeof(uint32_t)); + + /* compute b = a * s + e in the frequency domain */ + for (i = 0; i < this->params->n; i++) + { + /* convert a[i] to Montgomery domain */ + t = ntt_fft_mreduce(a[i] * this->params->r2, this->params); + + /* compute b[i] = a[i] * s[i] + e[i] in Montgomery domain */ + t = ntt_fft_mreduce(t * this->s[i], this->params) + e[i]; + + /* exit Montgomery domain before transmitting polynomial b */ + b[i] = ntt_fft_mreduce(t, this->params); + } + memwipe(e, this->params->n * sizeof(uint32_t)); + + return b; +} + +/** + * Multiply polynomials in the frequency domain and return to time domain + */ +static uint32_t* multiply_ntt_inv_poly(private_newhope_ke_t *this, uint32_t *b) +{ + ntt_fft_t *fft; + uint32_t *v, t; + int i; + + v = (uint32_t*)malloc(this->params->n * sizeof(uint32_t)); + + for (i = 0; i < this->params->n; i++) + { + /* convert b[i] to Montgomery domain */ + t = ntt_fft_mreduce(b[i] * this->params->r2, this->params); + + /* compute v[i] = b[i] * s[i] in Montgomery domain */ + v[i] = ntt_fft_mreduce(t * this->s[i], this->params); + } + + /* transform v back to time domain */ + fft = ntt_fft_create(this->params); + fft->transform(fft, v, v, TRUE); + fft->destroy(fft); + + return v; +} + +/** + * Pack four 2-bit coefficents into one byte + */ +static void pack_rec(private_newhope_ke_t *this, uint8_t *x, uint8_t *r) +{ + int i; + + for (i = 0; i < this->params->n; i += 4) + { + *x++ = r[i] | r[i+1] << 2 | r[i+2] << 4 | r[i+3] << 6; + } +} + +static uint8_t* unpack_rec(private_newhope_ke_t *this, uint8_t *x) +{ + uint8_t *r; + int i; + + r = (uint8_t*)malloc(this->params->n); + + for (i = 0; i < this->params->n; i += 4) + { + r[i] = (*x) & 0x03; + r[i+1] = (*x >> 2) & 0x03; + r[i+2] = (*x >> 4) & 0x03; + r[i+3] = (*x >> 6) & 0x03; + x++; + } + + return r; +} + +METHOD(diffie_hellman_t, get_my_public_value, bool, + private_newhope_ke_t *this, chunk_t *value) +{ + uint16_t n, q; + int i; + + /* Define some often-used constants */ + n = this->params->n; + q = this->params->q; + + /* are we the initiator? */ + if (this->u == NULL) + { + rng_t *rng; + uint32_t *a = NULL, *b = NULL, *e = NULL; + uint8_t noise_seed_buf[seed_len]; + chunk_t noise_seed = { noise_seed_buf, seed_len}; + chunk_t a_seed; + newhope_noise_t *noise = NULL; + bool success = FALSE; + + /* allocate space for public output value */ + *value = chunk_alloc(poly_len + seed_len); + a_seed = chunk_create(value->ptr + poly_len, seed_len); + + /* create polynomial a from 256 bit random seed */ + rng = lib->crypto->create_rng(lib->crypto, RNG_STRONG); + if (!rng) + { + DBG1(DBG_LIB, "could not instatiate random source"); + return FALSE; + } + if (!rng->get_bytes(rng, seed_len, a_seed.ptr)) + { + DBG1(DBG_LIB, "could not generate seed for polynomial a"); + goto end; + } + + a = derive_a_poly(this, a_seed); + if (a == NULL) + { + goto end; + } + + /* generate random seed for the derivation of noise polynomials */ + if (!rng->get_bytes(rng, seed_len, noise_seed.ptr)) + { + DBG1(DBG_LIB, "could not generate seed for noise polynomials"); + goto end; + } + + /* create noise polynomial generator */ + noise = newhope_noise_create(noise_seed); + if (!noise) + { + goto end; + } + + /* create noise polynomial s from seed with nonce = 0x00 */ + this->s = noise->get_binomial_words(noise, 0x00, n, q); + if (this->s == NULL) + { + goto end; + } + + /* create noise polynomial e from seed with nonce = 0x01 */ + e = noise->get_binomial_words(noise, 0x01, n, q); + if (e == NULL) + { + goto end; + } + + /* compute b = a * NTT(s) + NTT(e) */ + b = multiply_add_poly(this, a, e); + + DBG3(DBG_LIB, " i a[i] b[i]"); + for (i = 0; i < n; i++) + { + DBG3(DBG_LIB, "%4d %5u %5u", i, a[i], b[i]); + } + + /* pack coefficients of polynomial b */ + pack_poly(this, value->ptr, b); + success = TRUE; + + end: + rng->destroy(rng); + DESTROY_IF(noise); + free(a); + free(b); + free(e); + + if (!success) + { + chunk_free(value); + } + return success; + } + else + { + DBG3(DBG_LIB, " i u[i] r[i]"); + for (i = 0; i < n; i++) + { + DBG3(DBG_LIB, "%4d %5u %5u", i, this->u[i], this->r[i]); + } + + /* allocate space for public output value */ + *value = chunk_alloc(poly_len + rec_len); + + /* pack coefficients of polynomial u */ + pack_poly(this, value->ptr, this->u); + + /* pack coefficients of polynomial r */ + pack_rec(this, value->ptr + poly_len, this->r); + + return TRUE; + } +} + +METHOD(diffie_hellman_t, get_shared_secret, bool, + private_newhope_ke_t *this, chunk_t *secret) +{ + if (this->shared_secret.len == 0) + { + *secret = chunk_empty; + return FALSE; + } + *secret = chunk_clone(this->shared_secret); + + return TRUE; +} + +METHOD(diffie_hellman_t, set_other_public_value, bool, + private_newhope_ke_t *this, chunk_t value) +{ + newhope_reconciliation_t * rec; + uint16_t n, q; + int i; + + /* Define some often-used constants */ + n = this->params->n; + q = this->params->q; + + /* are we the responder? */ + if (this->s == NULL) + { + uint32_t *a = NULL, *b = NULL, *e1 = NULL, *e2 = NULL, *v = NULL, t; + uint8_t *rbits = NULL; + uint8_t noise_seed_buf[seed_len]; + chunk_t noise_seed = { noise_seed_buf, seed_len }; + chunk_t a_seed; + newhope_noise_t *noise = NULL; + rng_t *rng = NULL; + bool success = FALSE; + + if (value.len != poly_len + seed_len) + { + DBG1(DBG_LIB, "received %N KE payload of incorrect size", + diffie_hellman_group_names, NH_128_BIT); + return FALSE; + } + a_seed = chunk_create(value.ptr + poly_len, seed_len); + + a = derive_a_poly(this, a_seed); + if (a == NULL) + { + return FALSE; + } + + b = unpack_poly(this, value.ptr); + if (b == NULL) + { + goto end; + } + + /* debug output of polynomials a and b */ + DBG3(DBG_LIB, " i a[i] b[i]"); + for (i = 0; i < n; i++) + { + DBG3(DBG_LIB, "%4d %5u %5u", i, a[i], b[i]); + } + + /* generate random seed for the derivation of noise polynomials */ + rng = lib->crypto->create_rng(lib->crypto, RNG_STRONG); + if (!rng) + { + DBG1(DBG_LIB, "could not instatiate random source"); + goto end; + } + if (!rng->get_bytes(rng, seed_len, noise_seed.ptr)) + { + DBG1(DBG_LIB, "could not generate seed for noise polynomials"); + goto end; + } + + /* create noise polynomial generator */ + noise = newhope_noise_create(noise_seed); + if (!noise) + { + goto end; + } + + /* create noise polynomial s' from seed with nonce = 0x00 */ + this->s = noise->get_binomial_words(noise, 0x00, n, q); + if (this->s == NULL) + { + goto end; + } + + /* create noise polynomial e' from seed with nonce = 0x01 */ + e1 = noise->get_binomial_words(noise, 0x01, n, q); + if (e1 == NULL) + { + goto end; + } + + /* create noise polynomial e'' from seed with nonce = 0x02 */ + e2 = noise->get_binomial_words(noise, 0x02, n, q); + if (e2 == NULL) + { + goto end; + } + + /* compute u = a * NTT(s') + NTT(e') */ + this->u = multiply_add_poly(this, a, e1); + + /* compute v = NTT_inv( b * NTT(s') ) */ + v = multiply_ntt_inv_poly(this, b); + + /* compute v = v + e'' */ + for (i = 0; i < n; i++) + { + t = v[i] + e2[i]; + v[i] = (t < q) ? t : t - q; + } + memwipe(e2, n * sizeof(uint32_t)); + + /* create uniform noise bytes from seed with nonce = 0x02 */ + rbits = noise->get_uniform_bytes(noise, 0x03, n/(4*8)); + + rec = newhope_reconciliation_create(n, q); + this->r = rec->help_reconcile(rec, v, rbits); + free(rbits); + this->shared_secret = rec->reconcile(rec, v, this->r); + rec->destroy(rec); + + DBG4(DBG_LIB, "key: %B", &this->shared_secret); + success = TRUE; + + end: + DESTROY_IF(rng); + DESTROY_IF(noise); + free(a); + free(b); + free(e1); + free(e2); + free(v); + + return success; + } + else + { + uint32_t *v; + + if (value.len != poly_len + rec_len) + { + DBG1(DBG_LIB, "received %N KE payload of incorrect size", + diffie_hellman_group_names, NH_128_BIT); + return FALSE; + } + + this->u = unpack_poly(this, value.ptr); + if (this->u == NULL) + { + return FALSE; + } + + this->r = unpack_rec(this, value.ptr + poly_len); + if (this->r == NULL) + { + return FALSE; + } + + DBG3(DBG_LIB, " i u[i] r[i]"); + for (i = 0; i < n; i++) + { + DBG3(DBG_LIB, "%4d %5u %5u", i, this->u[i], this->r[i]); + } + + /* compute v' = NTT_inv( u * NTT(s) ) */ + v = multiply_ntt_inv_poly(this, this->u); + + rec = newhope_reconciliation_create(n, q); + this->shared_secret = rec->reconcile(rec, v, this->r); + free(v); + rec->destroy(rec); + + DBG4(DBG_LIB, "key: %B", &this->shared_secret); + + return TRUE; + } +} + +METHOD(diffie_hellman_t, get_dh_group, diffie_hellman_group_t, + private_newhope_ke_t *this) +{ + return NH_128_BIT; +} + +METHOD(diffie_hellman_t, destroy, void, + private_newhope_ke_t *this) +{ + chunk_clear(&this->shared_secret); + memwipe(this->s, this->params->n * sizeof(uint32_t)); + free(this->s); + free(this->u); + free(this->r); + free(this); +} + +/* + * Described in header. + */ +newhope_ke_t *newhope_ke_create(diffie_hellman_group_t group, chunk_t g, chunk_t p) +{ + private_newhope_ke_t *this; + + INIT(this, + .public = { + .dh = { + .get_shared_secret = _get_shared_secret, + .set_other_public_value = _set_other_public_value, + .get_my_public_value = _get_my_public_value, + .get_dh_group = _get_dh_group, + .destroy = _destroy, + }, + }, + .params = &ntt_fft_12289_1024, + + ); + + return &this->public; +} diff --git a/src/libstrongswan/plugins/newhope/newhope_ke.h b/src/libstrongswan/plugins/newhope/newhope_ke.h new file mode 100644 index 000000000..677d04f90 --- /dev/null +++ b/src/libstrongswan/plugins/newhope/newhope_ke.h @@ -0,0 +1,50 @@ +/* + * Copyright (C) 2016 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup newhope_ke newhope_ke + * @{ @ingroup newhope_p + */ + +#ifndef NEWHOPE_KE_H_ +#define NEWHOPE_KE_H_ + +typedef struct newhope_ke_t newhope_ke_t; + +#include <library.h> + +/** + * Implementation of a key exchange algorithm using the New Hope algorithm + */ +struct newhope_ke_t { + + /** + * Implements diffie_hellman_t interface. + */ + diffie_hellman_t dh; +}; + +/** + * Creates a new newhope_ke_t object. + * + * @param group New Hope DH group number + * @param g not used + * @param p not used + * @return newhope_ke_t object, NULL if not supported + */ +newhope_ke_t *newhope_ke_create(diffie_hellman_group_t group, chunk_t g, chunk_t p); + +#endif /** NEWHOPE_KE_H_ @}*/ + diff --git a/src/libstrongswan/plugins/newhope/newhope_noise.c b/src/libstrongswan/plugins/newhope/newhope_noise.c new file mode 100644 index 000000000..5ba9f94bd --- /dev/null +++ b/src/libstrongswan/plugins/newhope/newhope_noise.c @@ -0,0 +1,160 @@ +/* + * Copyright (C) 2016 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * Based on public domain code by Erdem Alkim, Léo Ducas, Thomas Pöppelmann, + * and Peter Schwabe. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "newhope_noise.h" + +typedef struct private_newhope_noise_t private_newhope_noise_t; + +static const int seed_len = 32; /* 256 bits */ +static const int nonce_len = 12; /* 96 bits */ + +/** + * Private data of an newhope_noise_t object. + */ +struct private_newhope_noise_t { + + /** + * Public newhope_noise_t interface. + */ + newhope_noise_t public; + + /** + * 256 bit seed and 96 bit nonce (44 bytes) + */ + chunk_t seed; + + /** + * ChaCha20 stream + */ + xof_t *xof; + +}; + +METHOD(newhope_noise_t, get_uniform_bytes, uint8_t*, + private_newhope_noise_t *this, uint8_t nonce, uint16_t n) +{ + uint8_t *bytes; + + this->seed.ptr[seed_len] = nonce; + if (!this->xof->set_seed(this->xof, this->seed)) + { + DBG1(DBG_LIB, "could not set seed of CHACHA20 XOF"); + return NULL; + } + + /* allocate dynamic memory for the noise polynomial */ + bytes = (uint8_t*)malloc(n); + + if (!this->xof->get_bytes(this->xof, n, bytes)) + { + DBG1(DBG_LIB, "could not get bytes from SHAKE128 XOF"); + free(bytes); + return NULL; + } + + return bytes; +} + +METHOD(newhope_noise_t, get_binomial_words, uint32_t*, + private_newhope_noise_t *this, uint8_t nonce, uint16_t n, uint16_t q) +{ + uint32_t *np, a, b, d, t; + uint8_t x[4]; + int i = 0, j; + + this->seed.ptr[seed_len] = nonce; + if (!this->xof->set_seed(this->xof, this->seed)) + { + DBG1(DBG_LIB, "could not set seed of CHACHA20 XOF"); + return NULL; + } + + /* allocate dynamic memory for the noise polynomial */ + np = (uint32_t*)malloc(n * sizeof(uint32_t)); + + for (i = 0; i < n; i++) + { + if (!this->xof->get_bytes(this->xof, sizeof(x), x)) + { + DBG1(DBG_LIB, "could not get bytes from SHAKE128 XOF"); + free(np); + return NULL; + } + + /* Treat x as a 32 bit unsigned little endian integer */ + t = uletoh32(x); + + /* Compute Psi_16 distribution */ + d = 0; + for (j = 0; j < 8; j++) + { + d += (t >> j) & 0x01010101; + } + a = ((d >> 8) & 0xff) + (d & 0xff); + b = ((d >> 16) & 0xff) + (d >> 24); + np[i] = (a >= b) ? a - b : a + q - b; + } + + return np; +} + +METHOD(newhope_noise_t, destroy, void, + private_newhope_noise_t *this) +{ + this->xof->destroy(this->xof); + chunk_free(&this->seed); + free(this); +} + +/* + * Described in header. + */ +newhope_noise_t *newhope_noise_create(chunk_t seed) +{ + private_newhope_noise_t *this; + xof_t *xof; + + if (seed.len != seed_len) + { + DBG1(DBG_LIB, "seed for ChaCha20 stream must be 256 bits"); + return NULL; + } + + xof = lib->crypto->create_xof(lib->crypto, XOF_CHACHA20); + if (!xof) + { + DBG1(DBG_LIB, "could not instantiate ChaCha20 stream"); + return NULL; + } + + INIT(this, + .public = { + .get_uniform_bytes = _get_uniform_bytes, + .get_binomial_words = _get_binomial_words, + .destroy = _destroy, + }, + .xof = xof, + .seed = chunk_alloc(seed_len + nonce_len), + ); + + /* initialize seed for ChaCha 20 stream */ + memcpy(this->seed.ptr, seed.ptr, seed_len); + memset(this->seed.ptr + seed_len, 0x00, nonce_len); + + return &this->public; +} diff --git a/src/libstrongswan/plugins/newhope/newhope_noise.h b/src/libstrongswan/plugins/newhope/newhope_noise.h new file mode 100644 index 000000000..d7819d3ad --- /dev/null +++ b/src/libstrongswan/plugins/newhope/newhope_noise.h @@ -0,0 +1,70 @@ +/* + * Copyright (C) 2016 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup newhope_noise newhope_noise + * @{ @ingroup newhope_p + */ + +#ifndef NEWHOPE_NOISE_H_ +#define NEWHOPE_NOISE_H_ + +typedef struct newhope_noise_t newhope_noise_t; + +#include <library.h> + +/** + * Generate pseudo random noise using a ChaCha20 stream + * initialized with a 256 bit seed and an 8 bit nonce + */ +struct newhope_noise_t { + + /** + * Return n pseudo random bytes with a uniform distribution + * + * @param nonce Nonce determining the pseudo random stream + * @param n Number of pseudo random bytes to be returned + * @return Return array with n peudo random bytes + */ + uint8_t* (*get_uniform_bytes)(newhope_noise_t *this, uint8_t nonce, + uint16_t n); + + /** + * Return n pseudo random 32-bit words with a Psi16 binomial distribution + * + * @param nonce Nonce determining the pseudo random stream + * @param n Number of pseudo random Psi16 words to be returned + * @param q Prime number q determining the ring + * @return Return array with n pseudo random 32 bit words + */ + uint32_t* (*get_binomial_words)(newhope_noise_t *this, uint8_t nonce, + uint16_t n, uint16_t q); + + /** + * Destroy a newhope_noise_t object + */ + void (*destroy)(newhope_noise_t *this); +}; + +/** + * Creates a new newhope_noise_t object. + * + * @param seed 256 bit seed (32 byte chunk) + * @return newhope_noise_t object, NULL if not supported + */ +newhope_noise_t *newhope_noise_create(chunk_t seed); + +#endif /** NEWHOPE_NOISE_H_ @}*/ + diff --git a/src/libstrongswan/plugins/newhope/newhope_plugin.c b/src/libstrongswan/plugins/newhope/newhope_plugin.c new file mode 100644 index 000000000..444e61a1d --- /dev/null +++ b/src/libstrongswan/plugins/newhope/newhope_plugin.c @@ -0,0 +1,78 @@ +/* + * Copyright (C) 2016 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "newhope_plugin.h" +#include "newhope_ke.h" + +#include <library.h> + +typedef struct private_newhope_plugin_t private_newhope_plugin_t; + +/** + * private data of newhope_plugin + */ +struct private_newhope_plugin_t { + + /** + * public functions + */ + newhope_plugin_t public; +}; + +METHOD(plugin_t, get_name, char*, + private_newhope_plugin_t *this) +{ + return "newhope"; +} + +METHOD(plugin_t, get_features, int, + private_newhope_plugin_t *this, plugin_feature_t *features[]) +{ + static plugin_feature_t f[] = { + PLUGIN_REGISTER(DH, newhope_ke_create), + PLUGIN_PROVIDE(DH, NH_128_BIT), + PLUGIN_DEPENDS(XOF, XOF_SHAKE_128), + PLUGIN_DEPENDS(XOF, XOF_CHACHA20), + }; + *features = f; + + return countof(f); +} + +METHOD(plugin_t, destroy, void, + private_newhope_plugin_t *this) +{ + free(this); +} + +/* + * see header file + */ +plugin_t *newhope_plugin_create() +{ + private_newhope_plugin_t *this; + + INIT(this, + .public = { + .plugin = { + .get_name = _get_name, + .get_features = _get_features, + .destroy = _destroy, + }, + }, + ); + + return &this->public.plugin; +} diff --git a/src/libstrongswan/plugins/newhope/newhope_plugin.h b/src/libstrongswan/plugins/newhope/newhope_plugin.h new file mode 100644 index 000000000..b04792f10 --- /dev/null +++ b/src/libstrongswan/plugins/newhope/newhope_plugin.h @@ -0,0 +1,42 @@ +/* + * Copyright (C) 2016 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup newhope_p newhope + * @ingroup plugins + * + * @defgroup newhope_plugin newhope_plugin + * @{ @ingroup newhope_p + */ + +#ifndef NEWHOPE_PLUGIN_H_ +#define NEWHOPE_PLUGIN_H_ + +#include <plugins/plugin.h> + +typedef struct newhope_plugin_t newhope_plugin_t; + +/** + * Plugin implementing New Hope-based key exchange + */ +struct newhope_plugin_t { + + /** + * implements plugin interface + */ + plugin_t plugin; +}; + +#endif /** NEWHOPE_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/newhope/newhope_reconciliation.c b/src/libstrongswan/plugins/newhope/newhope_reconciliation.c new file mode 100644 index 000000000..4aed60e30 --- /dev/null +++ b/src/libstrongswan/plugins/newhope/newhope_reconciliation.c @@ -0,0 +1,217 @@ +/* + * Copyright (C) 2016 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * Based on public domain code by Erdem Alkim, Léo Ducas, Thomas Pöppelmann, + * and Peter Schwabe. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + */ + +#include "newhope_reconciliation.h" + +typedef struct private_newhope_reconciliation_t private_newhope_reconciliation_t; + +/** + * Private data of an newhope_reconciliation_t object. + */ +struct private_newhope_reconciliation_t { + + /** + * Public newhope_reconciliation_t interface. + */ + newhope_reconciliation_t public; + + /** + * Array sizes + */ + int n, n4; + + /** + * Multiples of modulus q + */ + int32_t q, q2, q4, q8, q16; +}; + + +static inline int32_t rec_abs(int32_t v) +{ + int32_t mask = v >> 31; + + return (v ^ mask) - mask; +} + +/** + * Auxiliary function used by help_reconcile() method + */ +static int32_t rec_f(private_newhope_reconciliation_t *this, + int32_t v, uint8_t r, int32_t *v0, int32_t *v1) +{ + int32_t x, xit, t, b; + + x = 8 * v + 2 * r; + + /* compute t = x/q */ + b = x * 2730; + t = b >> 25; + b = x - t * this->q; + b = this->q - 1 - b; + b >>= 31; + t -= b; + + r = t & 0x01; + xit = (t >> 1); + *v0 = xit + r ; /* v0 = round(x/(2q)) */ + + t -= 1; + r = t & 0x01; + *v1 = ( t>> 1) + r; + + return rec_abs(x - (*v0) * this->q2); +} + +/** + * Auxiliary function used by reconcile() method + */ +static int32_t rec_g(private_newhope_reconciliation_t *this, int32_t x) +{ + int32_t t, r, b; + + /* t = x/(4*q) */ + b = x * 2730; + t = b >> 27; + b = x - t * this->q4; + b = this->q4 - 1 - b; + b >>= 31; + t -= b; + + r = t & 0x01; + t = (t >> 1) + r; /* t = round(x/(8q)) */ + t *= this->q8; + + return abs(t - x); +} + +METHOD(newhope_reconciliation_t, help_reconcile, uint8_t*, + private_newhope_reconciliation_t *this, uint32_t *v, uint8_t *rbits) +{ + int32_t v0[4], v1[4], v_tmp[4], k; + int i, i0, i1, i2, i3, j; + uint8_t *r, rbit; + + /* allocate output vector */ + r = (uint8_t*)malloc(this->n); + + for (i = 0; i < this->n4/8; i++) + { + for (j = 0; j < 8; j++) + { + i0 = 8*i + j; + i1 = i0 + this->n4; + i2 = i1 + this->n4; + i3 = i2 + this->n4; + + /* iterate through all 256 random bits */ + rbit = (rbits[i] >> j) & 0x01; + + k = rec_f(this, v[i0], rbit, &v0[0], &v1[0]); + k += rec_f(this, v[i1], rbit, &v0[1], &v1[1]); + k += rec_f(this, v[i2], rbit, &v0[2], &v1[2]); + k += rec_f(this, v[i3], rbit, &v0[3], &v1[3]); + + k = (this->q2 - 1 - k) >> 31; + + v_tmp[0] = ((~k) & v0[0]) ^ (k & v1[0]); + v_tmp[1] = ((~k) & v0[1]) ^ (k & v1[1]); + v_tmp[2] = ((~k) & v0[2]) ^ (k & v1[2]); + v_tmp[3] = ((~k) & v0[3]) ^ (k & v1[3]); + + r[i0] = (v_tmp[0] - v_tmp[3]) & 0x03; + r[i1] = (v_tmp[1] - v_tmp[3]) & 0x03; + r[i2] = (v_tmp[2] - v_tmp[3]) & 0x03; + r[i3] = (v_tmp[3] - k + v_tmp[3]) & 0x03; + } + } + + return r; +} + +METHOD(newhope_reconciliation_t, reconcile, chunk_t, + private_newhope_reconciliation_t *this, uint32_t *v, uint8_t *r) +{ + size_t key_len; + uint8_t *key; + int32_t tmp[4], t; + int i, i0, i1, i2, i3, j; + + key_len = this->n4 / 8; + key = (uint8_t*)malloc(key_len); + memset(key, 0x00, key_len); + + for (i = 0; i < key_len; i++) + { + for (j = 0; j < 8; j++) + { + i0 = 8*i + j; + i1 = i0 + this->n4; + i2 = i1 + this->n4; + i3 = i2 + this->n4; + + tmp[0] = this->q16 + 8 * (int32_t)v[i0] - + this->q * (2*r[i0] + r[i3]); + tmp[1] = this->q16 + 8 * (int32_t)v[i1] - + this->q * (2*r[i1] + r[i3]); + tmp[2] = this->q16 + 8 * (int32_t)v[i2] - + this->q * (2*r[i2] + r[i3]); + tmp[3] = this->q16 + 8 * (int32_t)v[i3] - + this->q * ( r[i3]); + + t = rec_g(this, tmp[0]) + rec_g(this, tmp[1]) + + rec_g(this, tmp[2]) + rec_g(this, tmp[3]) - this->q8; + + key[i] |= ((t >> 31) & 0x01) << j; + } + } + + return chunk_create(key, key_len); +} + +METHOD(newhope_reconciliation_t, destroy, void, + private_newhope_reconciliation_t *this) +{ + free(this); +} + +/* + * Described in header. + */ +newhope_reconciliation_t *newhope_reconciliation_create(int n, int32_t q) +{ + private_newhope_reconciliation_t *this; + + INIT(this, + .public = { + .help_reconcile = _help_reconcile, + .reconcile = _reconcile, + .destroy = _destroy, + }, + .n = n, + .n4 = n / 4, + .q = q, + .q2 = 2 * q, + .q4 = 4 * q, + .q8 = 8 * q, + .q16 = 16 * q, + ); + + return &this->public; +} diff --git a/src/libstrongswan/plugins/newhope/newhope_reconciliation.h b/src/libstrongswan/plugins/newhope/newhope_reconciliation.h new file mode 100644 index 000000000..7cbf0d208 --- /dev/null +++ b/src/libstrongswan/plugins/newhope/newhope_reconciliation.h @@ -0,0 +1,70 @@ +/* + * Copyright (C) 2016 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup newhope_reconciliation newhope_reconciliation + * @{ @ingroup newhope_p + */ + +#ifndef NEWHOPE_RECONCILIATION_H_ +#define NEWHOPE_RECONCILIATION_H_ + +typedef struct newhope_reconciliation_t newhope_reconciliation_t; + +#include <library.h> + +/** + * Class assisting the error reconciliation + * resulting in a key exchange error rate < 2^(-60) + */ +struct newhope_reconciliation_t { + + /** + * Generate reconciliation polynomial + * + * @param v polynomial v + * @param rbits pseudo random bit array + * @return return array with reconciliation polynomial + */ + uint8_t* (*help_reconcile)(newhope_reconciliation_t *this, + uint32_t *v, uint8_t *rbits); + + /** + * Use reconciliation polynomial r to derive shared secret + * + * @param v polynomial v or v' + * @param r reconciliation polynomial r + * @return Return shared secret + */ + chunk_t (*reconcile)(newhope_reconciliation_t *this, + uint32_t *v, uint8_t *r); + + /** + * Destroy a newhope_reconciliation_t object + */ + void (*destroy)(newhope_reconciliation_t *this); +}; + +/** + * Creates a new newhope_reconciliation_t object. + * + * @param n array size + * @param q prime modulus + * @return newhope_reconciliation_t object + */ +newhope_reconciliation_t *newhope_reconciliation_create(int n, int32_t q); + +#endif /** NEWHOPE_RECONCILIATION_H_ @}*/ + diff --git a/src/libstrongswan/plugins/newhope/tests/Makefile.am b/src/libstrongswan/plugins/newhope/tests/Makefile.am new file mode 100644 index 000000000..3992e26d1 --- /dev/null +++ b/src/libstrongswan/plugins/newhope/tests/Makefile.am @@ -0,0 +1,25 @@ +TESTS = newhope_tests + +check_PROGRAMS = $(TESTS) + +newhope_tests_SOURCES = \ + suites/test_newhope_ke.c \ + suites/test_newhope_noise.c \ + suites/test_newhope_reconciliation.c \ + newhope_tests.h newhope_tests.c + +newhope_tests_CFLAGS = \ + -I$(top_srcdir)/src/libstrongswan \ + -I$(top_srcdir)/src/libstrongswan/tests \ + -I$(top_srcdir)/src/libstrongswan/math/libnttfft \ + -I$(top_srcdir)/src/libstrongswan/plugins/newhope \ + -DPLUGINDIR=\""$(abs_top_builddir)/src/libstrongswan/plugins\"" \ + -DPLUGINS=\""${s_plugins}\"" \ + @COVERAGE_CFLAGS@ + +newhope_tests_LDFLAGS = @COVERAGE_LDFLAGS@ +newhope_tests_LDADD = \ + $(top_builddir)/src/libstrongswan/libstrongswan.la \ + $(top_builddir)/src/libstrongswan/tests/libtest.la \ + $(top_builddir)/src/libstrongswan/math/libnttfft/libnttfft.la \ + ../libnewhope.la diff --git a/src/libstrongswan/plugins/newhope/tests/Makefile.in b/src/libstrongswan/plugins/newhope/tests/Makefile.in new file mode 100644 index 000000000..07ded5d9d --- /dev/null +++ b/src/libstrongswan/plugins/newhope/tests/Makefile.in @@ -0,0 +1,929 @@ +# Makefile.in generated by automake 1.15 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994-2014 Free Software Foundation, Inc. + +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ +VPATH = @srcdir@ +am__is_gnu_make = { \ + if test -z '$(MAKELEVEL)'; then \ + false; \ + elif test -n '$(MAKE_HOST)'; then \ + true; \ + elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \ + true; \ + else \ + false; \ + fi; \ +} +am__make_running_with_option = \ + case $${target_option-} in \ + ?) ;; \ + *) echo "am__make_running_with_option: internal error: invalid" \ + "target option '$${target_option-}' specified" >&2; \ + exit 1;; \ + esac; \ + has_opt=no; \ + sane_makeflags=$$MAKEFLAGS; \ + if $(am__is_gnu_make); then \ + sane_makeflags=$$MFLAGS; \ + else \ + case $$MAKEFLAGS in \ + *\\[\ \ ]*) \ + bs=\\; \ + sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ + | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ + esac; \ + fi; \ + skip_next=no; \ + strip_trailopt () \ + { \ + flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ + }; \ + for flg in $$sane_makeflags; do \ + test $$skip_next = yes && { skip_next=no; continue; }; \ + case $$flg in \ + *=*|--*) continue;; \ + -*I) strip_trailopt 'I'; skip_next=yes;; \ + -*I?*) strip_trailopt 'I';; \ + -*O) strip_trailopt 'O'; skip_next=yes;; \ + -*O?*) strip_trailopt 'O';; \ + -*l) strip_trailopt 'l'; skip_next=yes;; \ + -*l?*) strip_trailopt 'l';; \ + -[dEDm]) skip_next=yes;; \ + -[JT]) skip_next=yes;; \ + esac; \ + case $$flg in \ + *$$target_option*) has_opt=yes; break;; \ + esac; \ + done; \ + test $$has_opt = yes +am__make_dryrun = (target_option=n; $(am__make_running_with_option)) +am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) +pkgdatadir = $(datadir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +TESTS = newhope_tests$(EXEEXT) +check_PROGRAMS = $(am__EXEEXT_1) +subdir = src/libstrongswan/plugins/newhope/tests +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \ + $(top_srcdir)/m4/config/ltoptions.m4 \ + $(top_srcdir)/m4/config/ltsugar.m4 \ + $(top_srcdir)/m4/config/ltversion.m4 \ + $(top_srcdir)/m4/config/lt~obsolete.m4 \ + $(top_srcdir)/m4/macros/split-package-version.m4 \ + $(top_srcdir)/m4/macros/with.m4 \ + $(top_srcdir)/m4/macros/enable-disable.m4 \ + $(top_srcdir)/m4/macros/add-plugin.m4 \ + $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON) +mkinstalldirs = $(install_sh) -d +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = +am__EXEEXT_1 = newhope_tests$(EXEEXT) +am__dirstamp = $(am__leading_dot)dirstamp +am_newhope_tests_OBJECTS = \ + suites/newhope_tests-test_newhope_ke.$(OBJEXT) \ + suites/newhope_tests-test_newhope_noise.$(OBJEXT) \ + suites/newhope_tests-test_newhope_reconciliation.$(OBJEXT) \ + newhope_tests-newhope_tests.$(OBJEXT) +newhope_tests_OBJECTS = $(am_newhope_tests_OBJECTS) +newhope_tests_DEPENDENCIES = \ + $(top_builddir)/src/libstrongswan/libstrongswan.la \ + $(top_builddir)/src/libstrongswan/tests/libtest.la \ + $(top_builddir)/src/libstrongswan/math/libnttfft/libnttfft.la \ + ../libnewhope.la +AM_V_lt = $(am__v_lt_@AM_V@) +am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) +am__v_lt_0 = --silent +am__v_lt_1 = +newhope_tests_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(newhope_tests_CFLAGS) \ + $(CFLAGS) $(newhope_tests_LDFLAGS) $(LDFLAGS) -o $@ +AM_V_P = $(am__v_P_@AM_V@) +am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) +am__v_P_0 = false +am__v_P_1 = : +AM_V_GEN = $(am__v_GEN_@AM_V@) +am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) +am__v_GEN_0 = @echo " GEN " $@; +am__v_GEN_1 = +AM_V_at = $(am__v_at_@AM_V@) +am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) +am__v_at_0 = @ +am__v_at_1 = +DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \ + $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \ + $(AM_CFLAGS) $(CFLAGS) +AM_V_CC = $(am__v_CC_@AM_V@) +am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) +am__v_CC_0 = @echo " CC " $@; +am__v_CC_1 = +CCLD = $(CC) +LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ + $(AM_LDFLAGS) $(LDFLAGS) -o $@ +AM_V_CCLD = $(am__v_CCLD_@AM_V@) +am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) +am__v_CCLD_0 = @echo " CCLD " $@; +am__v_CCLD_1 = +SOURCES = $(newhope_tests_SOURCES) +DIST_SOURCES = $(newhope_tests_SOURCES) +am__can_run_installinfo = \ + case $$AM_UPDATE_INFO_DIR in \ + n|no|NO) false;; \ + *) (install-info --version) >/dev/null 2>&1;; \ + esac +am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) +# Read a list of newline-separated strings from the standard input, +# and print each of them once, without duplicates. Input order is +# *not* preserved. +am__uniquify_input = $(AWK) '\ + BEGIN { nonempty = 0; } \ + { items[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in items) print i; }; } \ +' +# Make sure the list of sources is unique. This is necessary because, +# e.g., the same source file might be shared among _SOURCES variables +# for different programs/libraries. +am__define_uniq_tagged_files = \ + list='$(am__tagged_files)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | $(am__uniquify_input)` +ETAGS = etags +CTAGS = ctags +am__tty_colors_dummy = \ + mgn= red= grn= lgn= blu= brg= std=; \ + am__color_tests=no +am__tty_colors = { \ + $(am__tty_colors_dummy); \ + if test "X$(AM_COLOR_TESTS)" = Xno; then \ + am__color_tests=no; \ + elif test "X$(AM_COLOR_TESTS)" = Xalways; then \ + am__color_tests=yes; \ + elif test "X$$TERM" != Xdumb && { test -t 1; } 2>/dev/null; then \ + am__color_tests=yes; \ + fi; \ + if test $$am__color_tests = yes; then \ + red='[0;31m'; \ + grn='[0;32m'; \ + lgn='[1;32m'; \ + blu='[1;34m'; \ + mgn='[0;35m'; \ + brg='[1m'; \ + std='[m'; \ + fi; \ +} +am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +ALLOCA = @ALLOCA@ +AMTAR = @AMTAR@ +AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ +AR = @AR@ +ATOMICLIB = @ATOMICLIB@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +BFDLIB = @BFDLIB@ +BTLIB = @BTLIB@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ +COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DLLIB = @DLLIB@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ +EASY_INSTALL = @EASY_INSTALL@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +FGREP = @FGREP@ +GEM = @GEM@ +GENHTML = @GENHTML@ +GPERF = @GPERF@ +GPRBUILD = @GPRBUILD@ +GREP = @GREP@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LCOV = @LCOV@ +LD = @LD@ +LDFLAGS = @LDFLAGS@ +LEX = @LEX@ +LEXLIB = @LEXLIB@ +LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LIBTOOL = @LIBTOOL@ +LIPO = @LIPO@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@ +MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ +MKDIR_P = @MKDIR_P@ +MYSQLCFLAG = @MYSQLCFLAG@ +MYSQLCONFIG = @MYSQLCONFIG@ +MYSQLLIB = @MYSQLLIB@ +NM = @NM@ +NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +OPENSSL_LIB = @OPENSSL_LIB@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PACKAGE_VERSION_BUILD = @PACKAGE_VERSION_BUILD@ +PACKAGE_VERSION_MAJOR = @PACKAGE_VERSION_MAJOR@ +PACKAGE_VERSION_MINOR = @PACKAGE_VERSION_MINOR@ +PACKAGE_VERSION_REVIEW = @PACKAGE_VERSION_REVIEW@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PERL = @PERL@ +PKG_CONFIG = @PKG_CONFIG@ +PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ +PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ +PLUGIN_CFLAGS = @PLUGIN_CFLAGS@ +PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PACKAGE_VERSION = @PYTHON_PACKAGE_VERSION@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ +PY_TEST = @PY_TEST@ +RANLIB = @RANLIB@ +RTLIB = @RTLIB@ +RUBY = @RUBY@ +RUBYGEMDIR = @RUBYGEMDIR@ +RUBYINCLUDE = @RUBYINCLUDE@ +RUBYLIB = @RUBYLIB@ +SED = @SED@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +SOCKLIB = @SOCKLIB@ +STRIP = @STRIP@ +UNWINDLIB = @UNWINDLIB@ +VERSION = @VERSION@ +YACC = @YACC@ +YFLAGS = @YFLAGS@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +aikgen_plugins = @aikgen_plugins@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +attest_plugins = @attest_plugins@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +c_plugins = @c_plugins@ +charon_natt_port = @charon_natt_port@ +charon_plugins = @charon_plugins@ +charon_udp_port = @charon_udp_port@ +clearsilver_LIBS = @clearsilver_LIBS@ +cmd_plugins = @cmd_plugins@ +datadir = @datadir@ +datarootdir = @datarootdir@ +dev_headers = @dev_headers@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +fips_mode = @fips_mode@ +gtk_CFLAGS = @gtk_CFLAGS@ +gtk_LIBS = @gtk_LIBS@ +h_plugins = @h_plugins@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +imcvdir = @imcvdir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +ipsec_script = @ipsec_script@ +ipsec_script_upper = @ipsec_script_upper@ +ipsecdir = @ipsecdir@ +ipsecgroup = @ipsecgroup@ +ipseclibdir = @ipseclibdir@ +ipsecuser = @ipsecuser@ +json_CFLAGS = @json_CFLAGS@ +json_LIBS = @json_LIBS@ +libdir = @libdir@ +libexecdir = @libexecdir@ +libiptc_CFLAGS = @libiptc_CFLAGS@ +libiptc_LIBS = @libiptc_LIBS@ +linux_headers = @linux_headers@ +localedir = @localedir@ +localstatedir = @localstatedir@ +manager_plugins = @manager_plugins@ +mandir = @mandir@ +medsrv_plugins = @medsrv_plugins@ +mkdir_p = @mkdir_p@ +nm_CFLAGS = @nm_CFLAGS@ +nm_LIBS = @nm_LIBS@ +nm_ca_dir = @nm_ca_dir@ +nm_plugins = @nm_plugins@ +oldincludedir = @oldincludedir@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ +pdfdir = @pdfdir@ +piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ +pki_plugins = @pki_plugins@ +plugindir = @plugindir@ +pool_plugins = @pool_plugins@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ +random_device = @random_device@ +resolv_conf = @resolv_conf@ +routing_table = @routing_table@ +routing_table_prio = @routing_table_prio@ +runstatedir = @runstatedir@ +s_plugins = @s_plugins@ +sbindir = @sbindir@ +scepclient_plugins = @scepclient_plugins@ +scripts_plugins = @scripts_plugins@ +sharedstatedir = @sharedstatedir@ +soup_CFLAGS = @soup_CFLAGS@ +soup_LIBS = @soup_LIBS@ +srcdir = @srcdir@ +starter_plugins = @starter_plugins@ +strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ +swanctldir = @swanctldir@ +sysconfdir = @sysconfdir@ +systemd_CFLAGS = @systemd_CFLAGS@ +systemd_LIBS = @systemd_LIBS@ +systemd_daemon_CFLAGS = @systemd_daemon_CFLAGS@ +systemd_daemon_LIBS = @systemd_daemon_LIBS@ +systemd_journal_CFLAGS = @systemd_journal_CFLAGS@ +systemd_journal_LIBS = @systemd_journal_LIBS@ +systemdsystemunitdir = @systemdsystemunitdir@ +t_plugins = @t_plugins@ +target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +tss2_CFLAGS = @tss2_CFLAGS@ +tss2_LIBS = @tss2_LIBS@ +urandom_device = @urandom_device@ +xml_CFLAGS = @xml_CFLAGS@ +xml_LIBS = @xml_LIBS@ +newhope_tests_SOURCES = \ + suites/test_newhope_ke.c \ + suites/test_newhope_noise.c \ + suites/test_newhope_reconciliation.c \ + newhope_tests.h newhope_tests.c + +newhope_tests_CFLAGS = \ + -I$(top_srcdir)/src/libstrongswan \ + -I$(top_srcdir)/src/libstrongswan/tests \ + -I$(top_srcdir)/src/libstrongswan/math/libnttfft \ + -I$(top_srcdir)/src/libstrongswan/plugins/newhope \ + -DPLUGINDIR=\""$(abs_top_builddir)/src/libstrongswan/plugins\"" \ + -DPLUGINS=\""${s_plugins}\"" \ + @COVERAGE_CFLAGS@ + +newhope_tests_LDFLAGS = @COVERAGE_LDFLAGS@ +newhope_tests_LDADD = \ + $(top_builddir)/src/libstrongswan/libstrongswan.la \ + $(top_builddir)/src/libstrongswan/tests/libtest.la \ + $(top_builddir)/src/libstrongswan/math/libnttfft/libnttfft.la \ + ../libnewhope.la + +all: all-am + +.SUFFIXES: +.SUFFIXES: .c .lo .o .obj +$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/newhope/tests/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --gnu src/libstrongswan/plugins/newhope/tests/Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): + +clean-checkPROGRAMS: + @list='$(check_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list +suites/$(am__dirstamp): + @$(MKDIR_P) suites + @: > suites/$(am__dirstamp) +suites/$(DEPDIR)/$(am__dirstamp): + @$(MKDIR_P) suites/$(DEPDIR) + @: > suites/$(DEPDIR)/$(am__dirstamp) +suites/newhope_tests-test_newhope_ke.$(OBJEXT): \ + suites/$(am__dirstamp) suites/$(DEPDIR)/$(am__dirstamp) +suites/newhope_tests-test_newhope_noise.$(OBJEXT): \ + suites/$(am__dirstamp) suites/$(DEPDIR)/$(am__dirstamp) +suites/newhope_tests-test_newhope_reconciliation.$(OBJEXT): \ + suites/$(am__dirstamp) suites/$(DEPDIR)/$(am__dirstamp) + +newhope_tests$(EXEEXT): $(newhope_tests_OBJECTS) $(newhope_tests_DEPENDENCIES) $(EXTRA_newhope_tests_DEPENDENCIES) + @rm -f newhope_tests$(EXEEXT) + $(AM_V_CCLD)$(newhope_tests_LINK) $(newhope_tests_OBJECTS) $(newhope_tests_LDADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + -rm -f suites/*.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/newhope_tests-newhope_tests.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/newhope_tests-test_newhope_ke.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/newhope_tests-test_newhope_noise.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/newhope_tests-test_newhope_reconciliation.Po@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\ +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ +@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< + +.c.obj: +@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\ +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\ +@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` + +.c.lo: +@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\ +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ +@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $< + +suites/newhope_tests-test_newhope_ke.o: suites/test_newhope_ke.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(newhope_tests_CFLAGS) $(CFLAGS) -MT suites/newhope_tests-test_newhope_ke.o -MD -MP -MF suites/$(DEPDIR)/newhope_tests-test_newhope_ke.Tpo -c -o suites/newhope_tests-test_newhope_ke.o `test -f 'suites/test_newhope_ke.c' || echo '$(srcdir)/'`suites/test_newhope_ke.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/newhope_tests-test_newhope_ke.Tpo suites/$(DEPDIR)/newhope_tests-test_newhope_ke.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_newhope_ke.c' object='suites/newhope_tests-test_newhope_ke.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(newhope_tests_CFLAGS) $(CFLAGS) -c -o suites/newhope_tests-test_newhope_ke.o `test -f 'suites/test_newhope_ke.c' || echo '$(srcdir)/'`suites/test_newhope_ke.c + +suites/newhope_tests-test_newhope_ke.obj: suites/test_newhope_ke.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(newhope_tests_CFLAGS) $(CFLAGS) -MT suites/newhope_tests-test_newhope_ke.obj -MD -MP -MF suites/$(DEPDIR)/newhope_tests-test_newhope_ke.Tpo -c -o suites/newhope_tests-test_newhope_ke.obj `if test -f 'suites/test_newhope_ke.c'; then $(CYGPATH_W) 'suites/test_newhope_ke.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_newhope_ke.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/newhope_tests-test_newhope_ke.Tpo suites/$(DEPDIR)/newhope_tests-test_newhope_ke.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_newhope_ke.c' object='suites/newhope_tests-test_newhope_ke.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(newhope_tests_CFLAGS) $(CFLAGS) -c -o suites/newhope_tests-test_newhope_ke.obj `if test -f 'suites/test_newhope_ke.c'; then $(CYGPATH_W) 'suites/test_newhope_ke.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_newhope_ke.c'; fi` + +suites/newhope_tests-test_newhope_noise.o: suites/test_newhope_noise.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(newhope_tests_CFLAGS) $(CFLAGS) -MT suites/newhope_tests-test_newhope_noise.o -MD -MP -MF suites/$(DEPDIR)/newhope_tests-test_newhope_noise.Tpo -c -o suites/newhope_tests-test_newhope_noise.o `test -f 'suites/test_newhope_noise.c' || echo '$(srcdir)/'`suites/test_newhope_noise.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/newhope_tests-test_newhope_noise.Tpo suites/$(DEPDIR)/newhope_tests-test_newhope_noise.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_newhope_noise.c' object='suites/newhope_tests-test_newhope_noise.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(newhope_tests_CFLAGS) $(CFLAGS) -c -o suites/newhope_tests-test_newhope_noise.o `test -f 'suites/test_newhope_noise.c' || echo '$(srcdir)/'`suites/test_newhope_noise.c + +suites/newhope_tests-test_newhope_noise.obj: suites/test_newhope_noise.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(newhope_tests_CFLAGS) $(CFLAGS) -MT suites/newhope_tests-test_newhope_noise.obj -MD -MP -MF suites/$(DEPDIR)/newhope_tests-test_newhope_noise.Tpo -c -o suites/newhope_tests-test_newhope_noise.obj `if test -f 'suites/test_newhope_noise.c'; then $(CYGPATH_W) 'suites/test_newhope_noise.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_newhope_noise.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/newhope_tests-test_newhope_noise.Tpo suites/$(DEPDIR)/newhope_tests-test_newhope_noise.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_newhope_noise.c' object='suites/newhope_tests-test_newhope_noise.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(newhope_tests_CFLAGS) $(CFLAGS) -c -o suites/newhope_tests-test_newhope_noise.obj `if test -f 'suites/test_newhope_noise.c'; then $(CYGPATH_W) 'suites/test_newhope_noise.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_newhope_noise.c'; fi` + +suites/newhope_tests-test_newhope_reconciliation.o: suites/test_newhope_reconciliation.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(newhope_tests_CFLAGS) $(CFLAGS) -MT suites/newhope_tests-test_newhope_reconciliation.o -MD -MP -MF suites/$(DEPDIR)/newhope_tests-test_newhope_reconciliation.Tpo -c -o suites/newhope_tests-test_newhope_reconciliation.o `test -f 'suites/test_newhope_reconciliation.c' || echo '$(srcdir)/'`suites/test_newhope_reconciliation.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/newhope_tests-test_newhope_reconciliation.Tpo suites/$(DEPDIR)/newhope_tests-test_newhope_reconciliation.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_newhope_reconciliation.c' object='suites/newhope_tests-test_newhope_reconciliation.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(newhope_tests_CFLAGS) $(CFLAGS) -c -o suites/newhope_tests-test_newhope_reconciliation.o `test -f 'suites/test_newhope_reconciliation.c' || echo '$(srcdir)/'`suites/test_newhope_reconciliation.c + +suites/newhope_tests-test_newhope_reconciliation.obj: suites/test_newhope_reconciliation.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(newhope_tests_CFLAGS) $(CFLAGS) -MT suites/newhope_tests-test_newhope_reconciliation.obj -MD -MP -MF suites/$(DEPDIR)/newhope_tests-test_newhope_reconciliation.Tpo -c -o suites/newhope_tests-test_newhope_reconciliation.obj `if test -f 'suites/test_newhope_reconciliation.c'; then $(CYGPATH_W) 'suites/test_newhope_reconciliation.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_newhope_reconciliation.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/newhope_tests-test_newhope_reconciliation.Tpo suites/$(DEPDIR)/newhope_tests-test_newhope_reconciliation.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_newhope_reconciliation.c' object='suites/newhope_tests-test_newhope_reconciliation.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(newhope_tests_CFLAGS) $(CFLAGS) -c -o suites/newhope_tests-test_newhope_reconciliation.obj `if test -f 'suites/test_newhope_reconciliation.c'; then $(CYGPATH_W) 'suites/test_newhope_reconciliation.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_newhope_reconciliation.c'; fi` + +newhope_tests-newhope_tests.o: newhope_tests.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(newhope_tests_CFLAGS) $(CFLAGS) -MT newhope_tests-newhope_tests.o -MD -MP -MF $(DEPDIR)/newhope_tests-newhope_tests.Tpo -c -o newhope_tests-newhope_tests.o `test -f 'newhope_tests.c' || echo '$(srcdir)/'`newhope_tests.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/newhope_tests-newhope_tests.Tpo $(DEPDIR)/newhope_tests-newhope_tests.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='newhope_tests.c' object='newhope_tests-newhope_tests.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(newhope_tests_CFLAGS) $(CFLAGS) -c -o newhope_tests-newhope_tests.o `test -f 'newhope_tests.c' || echo '$(srcdir)/'`newhope_tests.c + +newhope_tests-newhope_tests.obj: newhope_tests.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(newhope_tests_CFLAGS) $(CFLAGS) -MT newhope_tests-newhope_tests.obj -MD -MP -MF $(DEPDIR)/newhope_tests-newhope_tests.Tpo -c -o newhope_tests-newhope_tests.obj `if test -f 'newhope_tests.c'; then $(CYGPATH_W) 'newhope_tests.c'; else $(CYGPATH_W) '$(srcdir)/newhope_tests.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/newhope_tests-newhope_tests.Tpo $(DEPDIR)/newhope_tests-newhope_tests.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='newhope_tests.c' object='newhope_tests-newhope_tests.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(newhope_tests_CFLAGS) $(CFLAGS) -c -o newhope_tests-newhope_tests.obj `if test -f 'newhope_tests.c'; then $(CYGPATH_W) 'newhope_tests.c'; else $(CYGPATH_W) '$(srcdir)/newhope_tests.c'; fi` + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +ID: $(am__tagged_files) + $(am__define_uniq_tagged_files); mkid -fID $$unique +tags: tags-am +TAGS: tags + +tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + set x; \ + here=`pwd`; \ + $(am__define_uniq_tagged_files); \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ + fi +ctags: ctags-am + +CTAGS: ctags +ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + $(am__define_uniq_tagged_files); \ + test -z "$(CTAGS_ARGS)$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" +cscopelist: cscopelist-am + +cscopelist-am: $(am__tagged_files) + list='$(am__tagged_files)'; \ + case "$(srcdir)" in \ + [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ + *) sdir=$(subdir)/$(srcdir) ;; \ + esac; \ + for i in $$list; do \ + if test -f "$$i"; then \ + echo "$(subdir)/$$i"; \ + else \ + echo "$$sdir/$$i"; \ + fi; \ + done >> $(top_builddir)/cscope.files + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +check-TESTS: $(TESTS) + @failed=0; all=0; xfail=0; xpass=0; skip=0; \ + srcdir=$(srcdir); export srcdir; \ + list=' $(TESTS) '; \ + $(am__tty_colors); \ + if test -n "$$list"; then \ + for tst in $$list; do \ + if test -f ./$$tst; then dir=./; \ + elif test -f $$tst; then dir=; \ + else dir="$(srcdir)/"; fi; \ + if $(TESTS_ENVIRONMENT) $${dir}$$tst $(AM_TESTS_FD_REDIRECT); then \ + all=`expr $$all + 1`; \ + case " $(XFAIL_TESTS) " in \ + *[\ \ ]$$tst[\ \ ]*) \ + xpass=`expr $$xpass + 1`; \ + failed=`expr $$failed + 1`; \ + col=$$red; res=XPASS; \ + ;; \ + *) \ + col=$$grn; res=PASS; \ + ;; \ + esac; \ + elif test $$? -ne 77; then \ + all=`expr $$all + 1`; \ + case " $(XFAIL_TESTS) " in \ + *[\ \ ]$$tst[\ \ ]*) \ + xfail=`expr $$xfail + 1`; \ + col=$$lgn; res=XFAIL; \ + ;; \ + *) \ + failed=`expr $$failed + 1`; \ + col=$$red; res=FAIL; \ + ;; \ + esac; \ + else \ + skip=`expr $$skip + 1`; \ + col=$$blu; res=SKIP; \ + fi; \ + echo "$${col}$$res$${std}: $$tst"; \ + done; \ + if test "$$all" -eq 1; then \ + tests="test"; \ + All=""; \ + else \ + tests="tests"; \ + All="All "; \ + fi; \ + if test "$$failed" -eq 0; then \ + if test "$$xfail" -eq 0; then \ + banner="$$All$$all $$tests passed"; \ + else \ + if test "$$xfail" -eq 1; then failures=failure; else failures=failures; fi; \ + banner="$$All$$all $$tests behaved as expected ($$xfail expected $$failures)"; \ + fi; \ + else \ + if test "$$xpass" -eq 0; then \ + banner="$$failed of $$all $$tests failed"; \ + else \ + if test "$$xpass" -eq 1; then passes=pass; else passes=passes; fi; \ + banner="$$failed of $$all $$tests did not behave as expected ($$xpass unexpected $$passes)"; \ + fi; \ + fi; \ + dashes="$$banner"; \ + skipped=""; \ + if test "$$skip" -ne 0; then \ + if test "$$skip" -eq 1; then \ + skipped="($$skip test was not run)"; \ + else \ + skipped="($$skip tests were not run)"; \ + fi; \ + test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \ + dashes="$$skipped"; \ + fi; \ + report=""; \ + if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \ + report="Please report to $(PACKAGE_BUGREPORT)"; \ + test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \ + dashes="$$report"; \ + fi; \ + dashes=`echo "$$dashes" | sed s/./=/g`; \ + if test "$$failed" -eq 0; then \ + col="$$grn"; \ + else \ + col="$$red"; \ + fi; \ + echo "$${col}$$dashes$${std}"; \ + echo "$${col}$$banner$${std}"; \ + test -z "$$skipped" || echo "$${col}$$skipped$${std}"; \ + test -z "$$report" || echo "$${col}$$report$${std}"; \ + echo "$${col}$$dashes$${std}"; \ + test "$$failed" -eq 0; \ + else :; fi + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ + else \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ + || exit 1; \ + fi; \ + done +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS) + $(MAKE) $(AM_MAKEFLAGS) check-TESTS +check: check-am +all-am: Makefile +installdirs: +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + if test -z '$(STRIP)'; then \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + install; \ + else \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ + fi +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + -rm -f suites/$(DEPDIR)/$(am__dirstamp) + -rm -f suites/$(am__dirstamp) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-am + +clean-am: clean-checkPROGRAMS clean-generic clean-libtool \ + mostlyclean-am + +distclean: distclean-am + -rm -rf ./$(DEPDIR) suites/$(DEPDIR) + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-am + +dvi-am: + +html: html-am + +html-am: + +info: info-am + +info-am: + +install-data-am: + +install-dvi: install-dvi-am + +install-dvi-am: + +install-exec-am: + +install-html: install-html-am + +install-html-am: + +install-info: install-info-am + +install-info-am: + +install-man: + +install-pdf: install-pdf-am + +install-pdf-am: + +install-ps: install-ps-am + +install-ps-am: + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) suites/$(DEPDIR) + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: + +.MAKE: check-am install-am install-strip + +.PHONY: CTAGS GTAGS TAGS all all-am check check-TESTS check-am clean \ + clean-checkPROGRAMS clean-generic clean-libtool cscopelist-am \ + ctags ctags-am distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-ps install-ps-am install-strip installcheck \ + installcheck-am installdirs maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-compile \ + mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ + tags tags-am uninstall uninstall-am + +.PRECIOUS: Makefile + + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/src/libstrongswan/plugins/newhope/tests/newhope_tests.c b/src/libstrongswan/plugins/newhope/tests/newhope_tests.c new file mode 100644 index 000000000..1cc9a2d91 --- /dev/null +++ b/src/libstrongswan/plugins/newhope/tests/newhope_tests.c @@ -0,0 +1,60 @@ +/* + * Copyright (C) 2014 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <test_runner.h> + +#include <library.h> + +/* declare test suite constructors */ +#define TEST_SUITE(x) test_suite_t* x(); +#include "newhope_tests.h" +#undef TEST_SUITE + +static test_configuration_t tests[] = { +#define TEST_SUITE(x) \ + { .suite = x, }, +#include "newhope_tests.h" + { .suite = NULL, } +}; + +static bool test_runner_init(bool init) +{ + if (init) + { + char *plugins, *plugindir; + + plugins = lib->settings->get_str(lib->settings, + "tests.load", PLUGINS); + plugindir = lib->settings->get_str(lib->settings, + "tests.plugindir", PLUGINDIR); + plugin_loader_add_plugindirs(plugindir, plugins); + if (!lib->plugins->load(lib->plugins, plugins)) + { + return FALSE; + } + } + else + { + lib->processor->set_threads(lib->processor, 0); + lib->processor->cancel(lib->processor); + lib->plugins->unload(lib->plugins); + } + return TRUE; +} + +int main(int argc, char *argv[]) +{ + return test_runner_run("newhope", tests, test_runner_init); +} diff --git a/src/libstrongswan/plugins/newhope/tests/newhope_tests.h b/src/libstrongswan/plugins/newhope/tests/newhope_tests.h new file mode 100644 index 000000000..3f81434e6 --- /dev/null +++ b/src/libstrongswan/plugins/newhope/tests/newhope_tests.h @@ -0,0 +1,18 @@ +/* + * Copyright (C) 2016 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +TEST_SUITE(newhope_ke_suite_create) +TEST_SUITE(newhope_noise_suite_create) +TEST_SUITE(newhope_reconciliation_suite_create) diff --git a/src/libstrongswan/plugins/newhope/tests/suites/test_newhope_ke.c b/src/libstrongswan/plugins/newhope/tests/suites/test_newhope_ke.c new file mode 100644 index 000000000..33b744fe1 --- /dev/null +++ b/src/libstrongswan/plugins/newhope/tests/suites/test_newhope_ke.c @@ -0,0 +1,193 @@ +/* + * Copyright (C) 2016 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "test_suite.h" + +#include <newhope_ke.h> + +#include <library.h> + +#include <time.h> + +const int count = 1000; + +START_TEST(test_newhope_ke_good) +{ + chunk_t i_msg, r_msg, i_shared_secret, r_shared_secret; + diffie_hellman_t *i_nh, *r_nh; + struct timespec start, stop; + int i; + + clock_gettime(CLOCK_THREAD_CPUTIME_ID, &start); + + for (i = 0; i < count; i++) + { + i_nh = lib->crypto->create_dh(lib->crypto, NH_128_BIT); + ck_assert(i_nh != NULL); + ck_assert(i_nh->get_dh_group(i_nh) == NH_128_BIT); + + ck_assert(i_nh->get_my_public_value(i_nh, &i_msg)); + ck_assert(i_msg.len = 1824); + + r_nh = lib->crypto->create_dh(lib->crypto, NH_128_BIT); + ck_assert(r_nh != NULL); + + ck_assert(r_nh->set_other_public_value(r_nh, i_msg)); + ck_assert(r_nh->get_my_public_value(r_nh, &r_msg)); + ck_assert(r_msg.len == 2048); + + ck_assert(r_nh->get_shared_secret(r_nh, &r_shared_secret)); + ck_assert(r_shared_secret.len == 32); + + ck_assert(i_nh->set_other_public_value(i_nh, r_msg)); + ck_assert(i_nh->get_shared_secret(i_nh, &i_shared_secret)); + ck_assert(i_shared_secret.len == 32); + ck_assert(chunk_equals(i_shared_secret, r_shared_secret)); + + /* cleanup */ + chunk_clear(&i_shared_secret); + chunk_clear(&r_shared_secret); + chunk_free(&i_msg); + chunk_free(&r_msg); + i_nh->destroy(i_nh); + r_nh->destroy(r_nh); + } + + clock_gettime(CLOCK_THREAD_CPUTIME_ID, &stop); + + DBG0(DBG_LIB, "%d Newhope DH loops in %d ms\n", count, + (stop.tv_nsec - start.tv_nsec) / 1000000 + + (stop.tv_sec - start.tv_sec) * 1000); +} +END_TEST + +START_TEST(test_newhope_ke_wrong) +{ + chunk_t i_msg, r_msg, i_shared_secret, r_shared_secret; + diffie_hellman_t *i_nh, *r_nh; + + i_nh = lib->crypto->create_dh(lib->crypto, NH_128_BIT); + ck_assert(i_nh != NULL); + ck_assert(i_nh->get_my_public_value(i_nh, &i_msg)); + + r_nh = lib->crypto->create_dh(lib->crypto, NH_128_BIT); + ck_assert(r_nh != NULL); + ck_assert(r_nh->set_other_public_value(r_nh, i_msg)); + ck_assert(r_nh->get_my_public_value(r_nh, &r_msg)); + + /* destroy 1st instance of i_nh */ + i_nh->destroy(i_nh); + chunk_free(&i_msg); + + /* create 2nd instance of i_nh */ + i_nh = lib->crypto->create_dh(lib->crypto, NH_128_BIT); + ck_assert(i_nh != NULL); + ck_assert(i_nh->get_my_public_value(i_nh, &i_msg)); + ck_assert(i_nh->set_other_public_value(i_nh, r_msg)); + + ck_assert(r_nh->get_shared_secret(r_nh, &r_shared_secret)); + ck_assert(i_nh->get_shared_secret(i_nh, &i_shared_secret)); + ck_assert(!chunk_equals(i_shared_secret, r_shared_secret)); + + /* cleanup */ + chunk_clear(&i_shared_secret); + chunk_clear(&r_shared_secret); + chunk_free(&i_msg); + chunk_free(&r_msg); + i_nh->destroy(i_nh); + r_nh->destroy(r_nh); +} +END_TEST + +START_TEST(test_newhope_ke_fail_i) +{ + diffie_hellman_t *i_nh; + char buf_ff[2048]; + int i; + + chunk_t i_msg; + + chunk_t r_msg[] = { + chunk_empty, + chunk_from_chars(0x00), + chunk_create(buf_ff, 2047), + chunk_create(buf_ff, 2048), + }; + + memset(buf_ff, 0xff, sizeof(buf_ff)); + + for (i = 0; i < countof(r_msg); i++) + { + i_nh = lib->crypto->create_dh(lib->crypto, NH_128_BIT); + ck_assert(i_nh != NULL); + ck_assert(i_nh->get_my_public_value(i_nh, &i_msg)); + ck_assert(!i_nh->set_other_public_value(i_nh, r_msg[i])); + chunk_free(&i_msg); + i_nh->destroy(i_nh); + } +} +END_TEST + +START_TEST(test_newhope_ke_fail_r) +{ + diffie_hellman_t *r_nh; + char buf_ff[1824]; + int i; + + chunk_t i_msg[] = { + chunk_empty, + chunk_from_chars(0x00), + chunk_create(buf_ff, 1823), + chunk_create(buf_ff, 1824), + }; + + memset(buf_ff, 0xff, sizeof(buf_ff)); + + for (i = 0; i < countof(i_msg); i++) + { + r_nh = lib->crypto->create_dh(lib->crypto, NH_128_BIT); + ck_assert(r_nh != NULL); + ck_assert(!r_nh->set_other_public_value(r_nh, i_msg[i])); + r_nh->destroy(r_nh); + } +} +END_TEST + +Suite *newhope_ke_suite_create() +{ + Suite *s; + TCase *tc; + + s = suite_create("newhope_ke"); + + tc = tcase_create("ke_good"); + test_case_set_timeout(tc, 30); + tcase_add_test(tc, test_newhope_ke_good); + suite_add_tcase(s, tc); + + tc = tcase_create("ke_wrong"); + tcase_add_test(tc, test_newhope_ke_wrong); + suite_add_tcase(s, tc); + + tc = tcase_create("ke_fail_i"); + tcase_add_test(tc, test_newhope_ke_fail_i); + suite_add_tcase(s, tc); + + tc = tcase_create("ke_fail_r"); + tcase_add_test(tc, test_newhope_ke_fail_r); + suite_add_tcase(s, tc); + + return s; +} diff --git a/src/libstrongswan/plugins/newhope/tests/suites/test_newhope_noise.c b/src/libstrongswan/plugins/newhope/tests/suites/test_newhope_noise.c new file mode 100644 index 000000000..96dd16787 --- /dev/null +++ b/src/libstrongswan/plugins/newhope/tests/suites/test_newhope_noise.c @@ -0,0 +1,676 @@ +/* + * Copyright (C) 2016 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "test_suite.h" + +#include <newhope_noise.h> + +#include <library.h> + +static const uint16_t n = 1024; +static const uint16_t q = 12289; + +static const size_t seed_len = 32; + +typedef struct { + uint8_t key; + uint8_t nonce; + uint8_t uniform[64]; + uint32_t poly[1024]; +} noise_t; + +static noise_t noises[] = { + { 0x00, 0x00, /* polynomial s */ + { 0x9f, 0x07, 0xe7, 0xbe, 0x55, 0x51, 0x38, 0x7a, 0x98, 0xba, + 0x97, 0x7c, 0x73, 0x2d, 0x08, 0x0d, 0xcb, 0x0f, 0x29, 0xa0, + 0x48, 0xe3, 0x65, 0x69, 0x12, 0xc6, 0x53, 0x3e, 0x32, 0xee, + 0x7a, 0xed, 0x29, 0xb7, 0x21, 0x76, 0x9c, 0xe6, 0x4e, 0x43, + 0xd5, 0x71, 0x33, 0xb0, 0x74, 0xd8, 0x39, 0xd5, 0x31, 0xed, + 0x1f, 0x28, 0x51, 0x0a, 0xfb, 0x45, 0xac, 0xe1, 0x0a, 0x1f, + 0x4b, 0x79, 0x4d, 0x6f }, + { 12286, 12288, 12287, 5, 4, 12288, 12286, 12287, 2, 2, + 2, 12288, 2, 12284, 1, 12288, 12288, 12288, 6, 12288, + 0, 4, 1, 12285, 12286, 2, 12284, 12287, 1, 5, + 5, 12286, 12288, 2, 12286, 0, 3, 1, 0, 2, + 0, 0, 4, 12283, 12284, 4, 0, 12288, 3, 12288, + 0, 4, 1, 12288, 12286, 0, 3, 1, 12286, 12287, + 12285, 3, 2, 3, 12286, 0, 6, 6, 12288, 12284, + 0, 12282, 1, 0, 4, 1, 0, 3, 2, 2, + 3, 3, 2, 12288, 3, 1, 12287, 12285, 0, 12288, + 0, 0, 12288, 12287, 12284, 12286, 0, 12288, 4, 4, + 12288, 5, 12286, 2, 12288, 5, 1, 12283, 1, 12288, + 1, 12288, 12287, 12285, 2, 2, 12285, 12284, 0, 12285, + 12287, 0, 1, 0, 2, 12288, 12288, 12287, 0, 4, + 12288, 12285, 12288, 0, 2, 1, 12287, 3, 1, 3, + 5, 12286, 1, 0, 12286, 0, 4, 0, 12288, 1, + 12288, 4, 5, 12283, 12288, 1, 3, 12283, 12286, 5, + 1, 12286, 12287, 12286, 0, 12287, 12285, 1, 0, 0, + 1, 3, 0, 0, 0, 12284, 12286, 2, 4, 12288, + 6, 1, 2, 12288, 1, 12287, 12286, 12284, 12287, 1, + 3, 12284, 0, 0, 6, 12286, 7, 5, 2, 3, + 12285, 12287, 12285, 2, 3, 12283, 2, 12284, 12288, 3, + 12288, 1, 4, 12287, 2, 12288, 12288, 1, 12286, 12284, + 2, 1, 5, 12286, 0, 12288, 0, 0, 0, 12287, + 1, 0, 3, 0, 0, 6, 2, 12283, 1, 3, + 3, 12284, 3, 1, 12286, 2, 12288, 0, 6, 1, + 1, 12285, 12287, 12288, 4, 2, 12288, 3, 12286, 12288, + 12287, 3, 3, 2, 7, 4, 12287, 12286, 12287, 2, + 2, 12287, 1, 12288, 1, 12287, 12283, 12287, 12288, 1, + 12283, 0, 12286, 12288, 4, 12287, 12286, 12286, 2, 2, + 12287, 5, 12288, 4, 0, 12287, 1, 3, 12286, 2, + 1, 1, 12288, 12287, 5, 12288, 0, 0, 1, 0, + 12286, 6, 2, 1, 2, 5, 12286, 6, 12286, 12288, + 0, 12286, 3, 12283, 12288, 12284, 0, 7, 2, 6, + 1, 12288, 12285, 12284, 1, 0, 0, 2, 12288, 12288, + 12288, 3, 3, 1, 3, 12286, 4, 3, 12284, 4, + 1, 12287, 12287, 12285, 0, 12287, 12287, 12287, 12286, 12288, + 1, 12287, 1, 0, 12288, 2, 0, 4, 0, 12287, + 12285, 12285, 5, 3, 12282, 0, 12287, 5, 12287, 1, + 12283, 12288, 12288, 3, 1, 1, 3, 12288, 12283, 5, + 12288, 12288, 5, 5, 1, 12286, 12286, 12288, 1, 2, + 1, 3, 12287, 12288, 12284, 12287, 1, 12287, 0, 12286, + 12285, 1, 12287, 12282, 12286, 12287, 0, 12285, 4, 2, + 1, 12282, 0, 1, 12288, 12285, 12284, 12286, 12286, 12287, + 12288, 1, 12288, 4, 12287, 4, 12287, 12287, 0, 1, + 12287, 3, 1, 12286, 12286, 4, 6, 12288, 1, 12285, + 12286, 12287, 0, 12287, 12287, 1, 12286, 5, 0, 2, + 12283, 12284, 1, 12286, 0, 12287, 12286, 12288, 1, 4, + 4, 12283, 2, 6, 1, 12288, 12286, 2, 7, 2, + 1, 12288, 5, 12284, 12288, 12288, 1, 7, 3, 12283, + 1, 12286, 2, 12288, 12287, 1, 12286, 1, 12286, 12288, + 12287, 3, 2, 2, 0, 12284, 12287, 1, 1, 12284, + 12286, 1, 2, 1, 0, 12285, 1, 0, 1, 2, + 2, 4, 12288, 1, 12288, 5, 0, 12287, 12288, 2, + 0, 12288, 12287, 0, 12288, 12288, 0, 0, 12285, 4, + 2, 12288, 0, 2, 0, 12288, 1, 3, 12287, 12288, + 12288, 12288, 12286, 0, 12285, 12286, 12287, 3, 0, 12286, + 2, 1, 12285, 2, 12288, 0, 5, 0, 1, 12288, + 12288, 4, 3, 3, 12286, 2, 12288, 4, 12288, 6, + 2, 12286, 4, 12287, 2, 12287, 0, 12284, 12288, 0, + 12286, 12288, 3, 4, 12286, 12288, 1, 3, 12286, 3, + 4, 1, 1, 6, 3, 1, 1, 0, 12288, 4, + 0, 12288, 0, 0, 0, 12288, 2, 4, 2, 12287, + 0, 0, 3, 2, 3, 4, 0, 3, 2, 12288, + 2, 4, 6, 12286, 12284, 12287, 1, 0, 0, 4, + 1, 3, 12282, 1, 2, 2, 0, 3, 12282, 2, + 12287, 2, 12288, 4, 12288, 3, 3, 12283, 12288, 12288, + 12286, 12287, 5, 4, 3, 3, 12288, 12284, 2, 2, + 0, 12288, 1, 3, 3, 4, 12284, 12288, 0, 1, + 12284, 0, 12286, 12287, 0, 0, 12287, 0, 1, 6, + 12288, 1, 12284, 12287, 12282, 12288, 4, 12287, 1, 12286, + 1, 12286, 12286, 1, 4, 0, 12288, 1, 12288, 1, + 12285, 3, 1, 0, 1, 0, 12288, 12287, 2, 2, + 0, 12288, 3, 12284, 2, 12288, 12288, 12288, 12287, 3, + 3, 0, 12286, 12286, 1, 2, 12286, 12287, 0, 1, + 12288, 12287, 12287, 12288, 12288, 1, 9, 1, 12288, 12287, + 2, 1, 1, 0, 12287, 12287, 2, 2, 12288, 12285, + 1, 12287, 4, 0, 2, 1, 1, 3, 12284, 12286, + 1, 2, 12288, 12287, 4, 1, 12285, 0, 1, 2, + 12288, 1, 3, 0, 12286, 0, 12288, 12286, 12287, 12286, + 1, 12284, 1, 2, 2, 12288, 0, 12288, 1, 12284, + 2, 3, 12287, 1, 12285, 12288, 0, 1, 12284, 2, + 12288, 12286, 12286, 3, 12288, 12282, 3, 12287, 12288, 12287, + 4, 12287, 1, 2, 9, 12283, 12286, 12286, 0, 4, + 12288, 12288, 4, 0, 1, 1, 2, 12284, 1, 1, + 0, 12288, 1, 0, 12287, 1, 1, 5, 2, 1, + 12288, 3, 12287, 5, 4, 1, 4, 12287, 12285, 3, + 12286, 1, 3, 0, 12287, 0, 12286, 12287, 12287, 12287, + 3, 2, 12286, 12284, 2, 12288, 1, 1, 12288, 3, + 1, 3, 12284, 3, 12282, 12288, 3, 0, 2, 12288, + 0, 5, 0, 2, 0, 12281, 12285, 4, 3, 4, + 2, 12284, 0, 0, 2, 2, 12287, 12284, 2, 12286, + 1, 12288, 1, 12286, 12286, 12287, 4, 0, 6, 3, + 0, 3, 12288, 12288, 12288, 12287, 3, 1, 1, 1, + 2, 12287, 12284, 3, 12286, 12280, 3, 12284, 12287, 12288, + 5, 12288, 12284, 2, 12285, 4, 3, 12286, 6, 2, + 1, 12287, 0, 1, 2, 12286, 1, 0, 12287, 0, + 1, 1, 12286, 2, 12285, 0, 1, 12288, 0, 1, + 12288, 1, 12288, 12287, 12287, 12285, 12282, 12288, 2, 12288, + 2, 12284, 1, 12284, 12287, 12286, 12288, 0, 12288, 1, + 12283, 12286, 5, 3, 0, 12286, 12286, 3, 1, 0, + 1, 12288, 12288, 4, 1, 12286, 12287, 12285, 2, 0, + 2, 12287, 1, 12285, 12288, 12286, 12288, 2, 2, 12285, + 3, 12286, 12285, 12287 } + }, + { 0x00, 0x01, /* polynomial e */ + { 0x46, 0xf0, 0xf6, 0xef, 0xee, 0x15, 0xc8, 0xf1, 0xb1, 0x98, + 0xcb, 0x49, 0xd9, 0x2b, 0x99, 0x08, 0x67, 0x90, 0x51, 0x59, + 0x44, 0x0c, 0xc7, 0x23, 0x91, 0x6d, 0xc0, 0x01, 0x28, 0x26, + 0x98, 0x10, 0x39, 0xce, 0x17, 0x66, 0xaa, 0x25, 0x42, 0xb0, + 0x5d, 0xb3, 0xbd, 0x80, 0x9a, 0xb1, 0x42, 0x48, 0x9d, 0x5d, + 0xbf, 0xe1, 0x27, 0x3e, 0x73, 0x99, 0x63, 0x7b, 0x4b, 0x32, + 0x13, 0x76, 0x8a, 0xaa }, + { 12283, 1, 12288, 4, 0, 12285, 5, 1, 1, 2, + 3, 4, 12288, 0, 3, 1, 1, 0, 12286, 6, + 1, 0, 1, 0, 4, 2, 12288, 3, 0, 5, + 1, 5, 2, 12285, 4, 12288, 3, 2, 12288, 2, + 12288, 12285, 12287, 6, 12282, 1, 12286, 7, 12287, 4, + 2, 2, 12288, 12285, 0, 2, 0, 12288, 1, 12287, + 12287, 2, 1, 2, 1, 12285, 12288, 12286, 1, 2, + 12287, 12288, 12288, 1, 0, 12287, 0, 4, 2, 6, + 12287, 12285, 12283, 12285, 5, 12283, 12286, 1, 12283, 2, + 3, 12286, 12285, 2, 5, 12286, 3, 0, 3, 12286, + 5, 12285, 12287, 12288, 1, 5, 3, 5, 1, 1, + 1, 12288, 5, 0, 12288, 3, 2, 12288, 12285, 12288, + 5, 6, 0, 2, 1, 12287, 12288, 12287, 3, 12284, + 2, 0, 3, 0, 0, 12288, 0, 2, 2, 2, + 0, 1, 2, 2, 0, 0, 12287, 12285, 0, 4, + 1, 12283, 3, 5, 12288, 12286, 12287, 6, 2, 0, + 0, 12287, 2, 2, 12288, 0, 2, 12288, 12287, 12288, + 12288, 1, 12288, 1, 12288, 2, 4, 2, 1, 1, + 0, 12287, 3, 2, 6, 2, 1, 12288, 12285, 6, + 0, 1, 12284, 12287, 12287, 12286, 5, 4, 0, 5, + 12287, 12286, 12288, 12286, 0, 3, 1, 12287, 12287, 12288, + 12288, 12286, 1, 0, 3, 12287, 3, 1, 12283, 1, + 12288, 5, 1, 4, 12286, 12287, 2, 0, 0, 0, + 12281, 12286, 0, 8, 5, 0, 4, 0, 12287, 5, + 1, 3, 2, 12286, 12286, 12288, 12285, 12285, 12287, 0, + 12284, 12287, 1, 0, 2, 1, 12286, 12288, 2, 12285, + 0, 0, 0, 1, 0, 6, 1, 12288, 12287, 12287, + 0, 3, 12288, 12288, 12287, 0, 12287, 1, 3, 0, + 0, 12286, 12286, 4, 4, 12287, 1, 3, 4, 12287, + 12284, 2, 12288, 12286, 12283, 12285, 1, 3, 1, 12288, + 0, 3, 3, 12284, 12285, 5, 3, 12288, 3, 4, + 3, 1, 12288, 0, 12288, 1, 0, 0, 3, 0, + 3, 2, 12287, 12288, 0, 12288, 0, 2, 12285, 4, + 0, 12287, 12287, 1, 1, 1, 12287, 12285, 4, 12282, + 3, 1, 1, 12288, 2, 4, 12285, 12286, 3, 1, + 0, 12287, 12283, 12285, 2, 5, 1, 1, 12288, 12288, + 0, 8, 3, 12287, 12285, 12287, 12286, 12284, 1, 12286, + 1, 12288, 2, 3, 12288, 12288, 2, 12288, 12284, 12285, + 0, 3, 12288, 12288, 2, 3, 7, 12287, 3, 3, + 3, 12284, 0, 0, 1, 12283, 5, 0, 1, 12288, + 3, 12286, 12287, 12286, 0, 0, 12287, 12283, 4, 12283, + 0, 0, 3, 12285, 5, 12286, 12282, 12288, 1, 12287, + 12288, 1, 5, 2, 12287, 2, 12288, 7, 12288, 3, + 5, 1, 0, 12287, 1, 12287, 3, 2, 4, 2, + 12287, 12286, 12288, 2, 5, 1, 12286, 4, 0, 2, + 6, 12286, 2, 12286, 3, 12288, 5, 12285, 0, 2, + 12287, 5, 12286, 12284, 7, 12285, 12286, 12284, 12287, 1, + 12288, 12284, 12286, 2, 4, 2, 2, 12283, 12286, 2, + 2, 12283, 1, 12286, 1, 0, 12284, 3, 0, 4, + 1, 0, 4, 12288, 0, 12287, 12287, 12287, 12286, 12284, + 12288, 3, 1, 12285, 0, 3, 8, 4, 2, 12288, + 3, 12287, 12287, 2, 3, 12288, 12286, 2, 12286, 12288, + 0, 1, 12287, 12285, 0, 12285, 12288, 12287, 1, 12287, + 0, 12284, 0, 1, 1, 12285, 0, 0, 0, 12287, + 12287, 3, 0, 4, 12288, 1, 12288, 12285, 12283, 0, + 12286, 12286, 12285, 12285, 12287, 1, 0, 2, 3, 1, + 2, 12286, 12288, 3, 12286, 12288, 12288, 6, 2, 2, + 0, 12288, 2, 5, 12288, 0, 12284, 12282, 12286, 1, + 12288, 12288, 12286, 12288, 3, 12286, 2, 0, 12283, 0, + 4, 2, 12288, 0, 12286, 0, 4, 3, 12286, 12287, + 4, 12288, 3, 2, 12283, 1, 1, 1, 3, 12286, + 4, 0, 12288, 12285, 12287, 0, 0, 12286, 4, 0, + 12286, 2, 12288, 12288, 12285, 12283, 5, 3, 12286, 12288, + 4, 1, 12283, 0, 12288, 0, 12287, 12287, 0, 3, + 12287, 12287, 2, 2, 3, 0, 1, 4, 12288, 3, + 3, 0, 12284, 12285, 4, 12288, 1, 12287, 0, 1, + 12283, 1, 12284, 12287, 12286, 12285, 0, 0, 3, 12285, + 3, 1, 12288, 12287, 12284, 12282, 5, 3, 3, 2, + 12285, 4, 12288, 0, 3, 12288, 4, 0, 12283, 12288, + 2, 12285, 12288, 12282, 0, 2, 12285, 3, 1, 12284, + 1, 5, 7, 12286, 5, 12285, 1, 2, 0, 4, + 12283, 12287, 12286, 2, 12280, 12287, 12288, 2, 12285, 12286, + 2, 1, 2, 1, 2, 2, 3, 3, 0, 0, + 4, 2, 12288, 12286, 4, 0, 1, 12288, 2, 12287, + 12288, 12288, 1, 3, 12283, 12288, 1, 12287, 1, 1, + 3, 12288, 12288, 1, 2, 1, 1, 12283, 7, 12286, + 12288, 1, 12288, 12287, 12284, 7, 2, 12285, 12286, 0, + 0, 0, 2, 4, 12288, 0, 12284, 12285, 12286, 2, + 12284, 2, 4, 6, 3, 12287, 12288, 12285, 1, 2, + 12286, 0, 0, 12287, 12288, 0, 12286, 2, 1, 1, + 1, 3, 1, 12285, 4, 0, 12287, 12288, 12287, 0, + 12288, 12287, 12288, 12287, 12288, 12288, 0, 12287, 12284, 0, + 12288, 12285, 3, 2, 4, 2, 12284, 3, 1, 3, + 4, 12288, 12285, 12284, 12287, 1, 4, 0, 2, 12288, + 4, 12288, 12287, 3, 1, 0, 0, 12284, 12287, 2, + 4, 12287, 2, 12288, 0, 2, 2, 3, 12287, 12286, + 8, 12286, 12285, 0, 12285, 2, 3, 5, 12287, 12288, + 6, 12288, 12284, 0, 0, 3, 1, 2, 12284, 2, + 1, 3, 2, 0, 0, 12288, 12287, 12288, 1, 12288, + 4, 3, 12284, 1, 3, 12288, 12283, 12288, 1, 1, + 2, 1, 1, 3, 1, 12288, 0, 12288, 2, 0, + 0, 12284, 12283, 3, 12288, 0, 2, 12287, 0, 0, + 12286, 12286, 0, 0, 2, 4, 12288, 1, 2, 3, + 2, 12286, 12286, 1, 2, 4, 12288, 12288, 12284, 12287, + 6, 2, 12288, 12286, 0, 0, 3, 12286, 12288, 12287, + 12286, 12287, 3, 1, 12286, 0, 4, 3, 12286, 5, + 2, 1, 12287, 12286, 4, 12287, 0, 5, 12288, 0, + 12288, 2, 2, 1, 1, 0, 0, 12288, 12288, 12288, + 0, 0, 12288, 12287, 5, 1, 12288, 1, 10, 1, + 0, 0, 2, 2, 2, 0, 12288, 4, 2, 12283, + 3, 1, 1, 12285, 2, 12285, 5, 7, 5, 12288, + 0, 12287, 5, 1, 12288, 12286, 12287, 0, 0, 0, + 12287, 1, 3, 12288 } + }, + { 0x01, 0x00, /* polynomial s' */ + { 0x3a, 0xeb, 0x52, 0x24, 0xec, 0xf8, 0x49, 0x92, 0x9b, 0x9d, + 0x82, 0x8d, 0xb1, 0xce, 0xd4, 0xdd, 0x83, 0x20, 0x25, 0xe8, + 0x01, 0x8b, 0x81, 0x60, 0xb8, 0x22, 0x84, 0xf3, 0xc9, 0x49, + 0xaa, 0x5a, 0x8e, 0xca, 0x00, 0xbb, 0xb4, 0xa7, 0x3b, 0xda, + 0xd1, 0x92, 0xb5, 0xc4, 0x2f, 0x73, 0xf2, 0xfd, 0x4e, 0x27, + 0x36, 0x44, 0xc8, 0xb3, 0x61, 0x25, 0xa6, 0x4a, 0xdd, 0xeb, + 0x00, 0x6c, 0x13, 0xa0 }, + { 5, 4, 4, 12288, 12286, 1, 12287, 12288, 2, 12288, + 12288, 12287, 2, 2, 12284, 12288, 12288, 3, 2, 3, + 12287, 2, 2, 0, 0, 2, 5, 12285, 5, 12287, + 2, 12282, 12286, 2, 1, 2, 1, 1, 12288, 12285, + 12287, 12286, 2, 0, 0, 12285, 0, 0, 12287, 12286, + 12285, 12286, 2, 12288, 12288, 0, 1, 2, 12286, 2, + 1, 0, 0, 2, 1, 12288, 1, 12287, 1, 0, + 0, 2, 12285, 2, 2, 12288, 12286, 3, 12287, 0, + 1, 1, 0, 2, 12287, 2, 1, 2, 3, 0, + 0, 1, 12288, 12288, 2, 12287, 12286, 12286, 6, 12288, + 0, 0, 4, 0, 12286, 0, 4, 12288, 12288, 5, + 12287, 12288, 12285, 2, 12285, 12288, 1, 0, 2, 12288, + 12286, 1, 3, 12285, 2, 2, 1, 1, 12288, 12288, + 12287, 1, 12288, 3, 0, 12285, 4, 12285, 12287, 2, + 2, 12287, 12287, 12286, 12288, 12284, 2, 12286, 4, 1, + 0, 12286, 12284, 3, 12286, 3, 12286, 3, 4, 1, + 12288, 12282, 2, 2, 12284, 0, 12286, 12283, 3, 0, + 4, 2, 4, 2, 12285, 10, 12288, 8, 3, 2, + 2, 0, 1, 0, 0, 12286, 2, 12284, 4, 1, + 12287, 12287, 1, 1, 12286, 1, 0, 12285, 12288, 12286, + 12287, 2, 1, 12284, 12288, 12285, 12285, 3, 0, 1, + 4, 4, 1, 0, 2, 1, 12288, 1, 12287, 0, + 12286, 4, 2, 3, 3, 12285, 12288, 12288, 5, 2, + 0, 4, 3, 12287, 12287, 5, 2, 3, 12284, 0, + 8, 1, 1, 0, 5, 12288, 12288, 12288, 12286, 6, + 3, 12288, 12286, 12287, 4, 12288, 2, 12288, 12284, 12287, + 4, 12288, 0, 0, 3, 0, 4, 4, 12287, 0, + 3, 0, 12285, 12287, 12288, 12288, 0, 0, 12287, 12288, + 12286, 0, 0, 12285, 12288, 4, 12287, 1, 2, 12288, + 12285, 5, 4, 12283, 2, 0, 12288, 2, 0, 0, + 12286, 12284, 3, 3, 3, 12287, 1, 1, 0, 1, + 3, 12288, 4, 4, 0, 2, 0, 1, 12286, 12284, + 2, 2, 12287, 3, 2, 12288, 3, 12286, 2, 12286, + 12288, 4, 3, 12288, 2, 12288, 2, 1, 12288, 12288, + 7, 12288, 12288, 0, 12288, 1, 12284, 12288, 12288, 12287, + 12287, 1, 12285, 12287, 12287, 1, 0, 2, 12286, 3, + 12288, 12288, 12287, 3, 5, 0, 0, 12287, 2, 12287, + 12288, 8, 12287, 1, 2, 12288, 12284, 3, 0, 12287, + 12284, 3, 0, 2, 1, 3, 4, 12287, 12286, 12288, + 12286, 0, 0, 12287, 12285, 0, 12286, 2, 1, 12287, + 12288, 5, 12287, 12287, 12286, 2, 12283, 0, 0, 12286, + 2, 12284, 5, 0, 1, 12287, 0, 3, 1, 12285, + 12288, 0, 3, 12287, 2, 12286, 0, 1, 12288, 1, + 12284, 12281, 12284, 12288, 12285, 2, 5, 4, 12286, 0, + 12287, 12288, 12286, 12285, 3, 12282, 1, 12287, 2, 0, + 6, 12288, 4, 12286, 3, 12288, 12286, 12284, 3, 1, + 6, 3, 2, 1, 2, 1, 1, 12288, 12287, 1, + 3, 3, 1, 0, 0, 12288, 3, 12284, 12285, 12284, + 1, 3, 12286, 0, 1, 12285, 12287, 1, 12285, 2, + 0, 1, 12287, 1, 4, 3, 1, 12287, 0, 5, + 1, 12288, 2, 1, 1, 4, 3, 12286, 3, 3, + 2, 12287, 3, 12286, 0, 12288, 12285, 2, 3, 12286, + 0, 12287, 5, 4, 1, 1, 12287, 12288, 2, 0, + 0, 0, 2, 0, 12286, 4, 12288, 12288, 12285, 12286, + 2, 12288, 12288, 0, 12288, 12286, 12284, 12287, 1, 5, + 0, 12285, 12287, 2, 4, 3, 12285, 12287, 12288, 0, + 12288, 12287, 12286, 2, 12288, 12286, 12284, 1, 2, 12287, + 4, 1, 4, 4, 12284, 2, 0, 12288, 3, 1, + 0, 4, 1, 6, 0, 12286, 12288, 12287, 12287, 0, + 12284, 12285, 2, 12286, 1, 0, 3, 12288, 1, 2, + 12284, 12286, 12285, 12283, 12285, 0, 12285, 2, 0, 2, + 1, 3, 1, 12286, 12288, 1, 4, 0, 0, 12287, + 12287, 12286, 0, 1, 12286, 0, 2, 12288, 2, 12287, + 0, 0, 12286, 12287, 4, 6, 12286, 0, 12288, 0, + 0, 12287, 2, 3, 4, 1, 3, 12286, 4, 0, + 12288, 12286, 12287, 12287, 12288, 4, 12285, 1, 12286, 12286, + 2, 12288, 0, 0, 1, 5, 12285, 1, 12281, 3, + 12281, 2, 3, 0, 12284, 12288, 5, 0, 0, 12288, + 0, 0, 12288, 12286, 3, 12287, 0, 2, 12288, 0, + 3, 12288, 12286, 0, 12286, 12287, 12284, 0, 12286, 1, + 12287, 12282, 12287, 12288, 0, 5, 12288, 2, 1, 12288, + 1, 12285, 5, 2, 12286, 12285, 12287, 0, 2, 12288, + 1, 12288, 1, 12286, 0, 2, 12287, 12287, 6, 12286, + 12288, 0, 12286, 4, 6, 12287, 12287, 2, 2, 12285, + 1, 12288, 12285, 12286, 5, 12288, 1, 2, 1, 7, + 12286, 5, 12288, 12287, 12286, 12284, 1, 2, 12287, 4, + 1, 1, 0, 1, 2, 12285, 2, 12288, 12284, 1, + 1, 12287, 12286, 12285, 12287, 1, 12287, 3, 1, 12286, + 0, 12286, 3, 3, 12288, 2, 12288, 5, 12288, 1, + 2, 0, 12287, 1, 12287, 7, 2, 3, 0, 12287, + 2, 12284, 12284, 12281, 12286, 12285, 12287, 12287, 0, 12288, + 3, 4, 3, 2, 3, 1, 12288, 12286, 0, 12288, + 12286, 1, 12286, 6, 12287, 1, 6, 5, 3, 1, + 12286, 2, 1, 3, 1, 12286, 12285, 3, 2, 0, + 0, 12284, 1, 1, 3, 3, 1, 1, 12288, 0, + 12284, 1, 12288, 0, 0, 12287, 0, 4, 12285, 0, + 4, 12283, 1, 1, 0, 12285, 0, 12286, 0, 0, + 1, 0, 12286, 0, 12288, 3, 4, 0, 2, 1, + 12287, 2, 12288, 1, 0, 12288, 0, 12288, 6, 12288, + 12287, 12286, 3, 12284, 0, 12288, 12284, 12286, 12287, 12288, + 12288, 12288, 4, 0, 2, 6, 12286, 1, 4, 12288, + 2, 1, 0, 5, 2, 1, 12285, 0, 0, 12285, + 4, 12286, 5, 1, 3, 2, 12287, 2, 0, 2, + 7, 12283, 12288, 12288, 3, 0, 3, 12288, 3, 12286, + 12288, 12287, 12288, 3, 0, 2, 4, 1, 12284, 2, + 12288, 12286, 12287, 1, 1, 12288, 0, 12288, 12283, 6, + 2, 1, 12288, 3, 12287, 12288, 1, 1, 12285, 0, + 12286, 12287, 12288, 1, 2, 12287, 0, 4, 0, 12286, + 2, 1, 12288, 12285, 12287, 0, 2, 12287, 6, 2, + 0, 12287, 12288, 2, 12288, 12284, 12288, 12285, 4, 1, + 12288, 12284, 12287, 4, 12284, 1, 3, 12284, 12282, 0, + 12286, 12287, 2, 12286, 3, 4, 2, 12288, 3, 3, + 1, 3, 12287, 12283 } + }, + { 0x01, 0x01, /* polynomial e' */ + { 0x58, 0xd8, 0x6a, 0xcd, 0xe2, 0x79, 0x61, 0x98, 0xfd, 0xea, + 0xcf, 0x2a, 0xc0, 0xfd, 0xf0, 0x72, 0x86, 0x32, 0xdc, 0xe9, + 0xc6, 0x45, 0x81, 0x80, 0x67, 0x06, 0x72, 0x28, 0xa6, 0xfe, + 0x41, 0x2b, 0x78, 0x88, 0x58, 0x6d, 0x58, 0x47, 0x3e, 0xb7, + 0x46, 0x60, 0xd8, 0x2f, 0xa0, 0x83, 0xe4, 0xbc, 0x81, 0xdd, + 0xc6, 0x29, 0x8b, 0xee, 0xf9, 0xec, 0x90, 0x39, 0x9d, 0x46, + 0xbf, 0x2d, 0x7c, 0xdf }, + { 12287, 3, 3, 1, 12285, 4, 1, 5, 12287, 12285, + 12285, 12285, 1, 12288, 12287, 12288, 2, 3, 12283, 12288, + 12285, 0, 0, 12286, 12287, 12288, 12288, 12288, 12288, 1, + 12288, 2, 2, 5, 5, 0, 12287, 12286, 3, 3, + 2, 2, 1, 0, 2, 12287, 12285, 3, 1, 3, + 5, 2, 12287, 12287, 2, 0, 4, 2, 0, 0, + 1, 5, 12288, 6, 4, 12287, 1, 0, 12283, 0, + 1, 12286, 2, 0, 2, 1, 12284, 12282, 0, 6, + 1, 2, 5, 12288, 6, 12288, 12284, 2, 1, 2, + 12288, 12283, 12288, 3, 12288, 12288, 2, 12286, 12283, 1, + 12285, 0, 0, 12286, 12288, 12286, 12288, 12286, 4, 0, + 1, 12285, 3, 1, 2, 12285, 12287, 12284, 12287, 12285, + 12286, 1, 12288, 3, 5, 5, 3, 12285, 12286, 12288, + 0, 1, 12287, 12284, 2, 4, 12288, 12287, 0, 12288, + 12288, 12285, 12288, 12284, 3, 0, 2, 0, 2, 0, + 1, 1, 1, 12287, 1, 12284, 12285, 0, 12284, 1, + 12284, 2, 12288, 5, 4, 1, 1, 12284, 1, 3, + 2, 6, 3, 2, 3, 12284, 0, 0, 4, 2, + 6, 2, 2, 2, 6, 12288, 0, 1, 12286, 1, + 5, 1, 12283, 2, 0, 12284, 1, 12286, 4, 1, + 2, 4, 6, 12288, 12288, 12284, 1, 0, 3, 12286, + 1, 0, 3, 12288, 12287, 2, 2, 0, 12285, 12286, + 0, 12288, 4, 2, 12282, 12287, 1, 12288, 12287, 12286, + 12284, 1, 4, 2, 7, 12288, 12283, 12288, 5, 12288, + 12288, 12287, 3, 2, 12287, 5, 12287, 12286, 12288, 12287, + 0, 12282, 12288, 12288, 0, 3, 12287, 2, 12287, 12284, + 6, 12285, 2, 3, 3, 12284, 2, 4, 12286, 5, + 0, 2, 12287, 3, 0, 12284, 12286, 0, 2, 12286, + 12287, 3, 1, 4, 1, 12286, 12288, 1, 2, 0, + 12285, 12287, 2, 0, 0, 0, 3, 12286, 12287, 2, + 0, 0, 0, 12286, 4, 1, 12287, 0, 0, 2, + 5, 0, 12284, 1, 1, 12288, 2, 12286, 12288, 2, + 2, 12282, 1, 12286, 4, 12286, 3, 12287, 12287, 12286, + 5, 5, 0, 12288, 3, 12285, 1, 12287, 7, 12286, + 2, 12287, 1, 12285, 2, 12287, 12288, 0, 4, 12281, + 0, 12286, 3, 1, 12285, 2, 2, 12285, 5, 0, + 12285, 2, 12288, 1, 3, 12287, 1, 12288, 1, 5, + 12287, 1, 0, 3, 2, 12286, 12286, 12288, 3, 0, + 12287, 12288, 0, 12286, 12285, 0, 12286, 12288, 3, 12287, + 12288, 2, 6, 0, 2, 12285, 1, 1, 7, 7, + 12284, 12284, 5, 0, 12288, 12288, 4, 3, 1, 2, + 12287, 0, 12288, 12284, 2, 5, 1, 2, 0, 12288, + 1, 12284, 2, 3, 0, 12287, 12285, 2, 12288, 12288, + 7, 1, 12287, 1, 12286, 2, 3, 4, 12288, 12288, + 12286, 12286, 3, 12288, 1, 12286, 12286, 0, 12283, 12288, + 2, 0, 7, 2, 12287, 0, 0, 12286, 4, 1, + 12288, 12288, 1, 2, 12287, 12282, 3, 5, 0, 12288, + 12288, 12286, 12286, 12286, 4, 2, 0, 1, 12284, 3, + 12283, 5, 12287, 2, 2, 12288, 1, 12284, 1, 0, + 1, 3, 12288, 2, 12287, 1, 12286, 12288, 0, 12287, + 12288, 2, 2, 12286, 0, 12287, 12288, 12284, 0, 2, + 2, 2, 1, 3, 12285, 12285, 1, 12285, 2, 6, + 2, 0, 12288, 0, 0, 3, 2, 12287, 1, 12286, + 0, 12287, 0, 1, 12285, 12287, 6, 12288, 2, 0, + 12286, 2, 4, 12288, 2, 5, 12285, 12286, 0, 12284, + 12288, 3, 3, 3, 12287, 4, 2, 0, 12283, 2, + 12287, 0, 1, 12287, 2, 12288, 12287, 3, 2, 7, + 7, 1, 12287, 12288, 2, 6, 1, 3, 2, 0, + 2, 2, 3, 12288, 3, 4, 2, 0, 5, 12285, + 3, 12285, 3, 12285, 1, 1, 12287, 12285, 2, 12285, + 5, 0, 7, 2, 12284, 0, 12285, 7, 1, 12288, + 12288, 0, 12288, 12287, 5, 0, 2, 0, 2, 12286, + 1, 12286, 0, 12286, 12285, 4, 12286, 2, 12288, 12287, + 12287, 1, 12286, 12287, 12287, 12286, 12287, 12288, 6, 5, + 2, 5, 12283, 12286, 12286, 12288, 1, 0, 3, 12286, + 5, 0, 12287, 12288, 12288, 12287, 12286, 2, 1, 0, + 1, 2, 3, 1, 12286, 2, 1, 6, 12288, 1, + 12286, 1, 12288, 0, 1, 0, 12283, 0, 2, 12288, + 3, 1, 12287, 12288, 4, 0, 3, 12286, 0, 1, + 12283, 4, 1, 4, 12287, 5, 0, 12287, 12288, 3, + 3, 12282, 1, 4, 2, 3, 0, 2, 6, 12282, + 12285, 12288, 12287, 12288, 2, 12285, 1, 0, 12287, 12288, + 12286, 0, 0, 4, 12288, 12287, 1, 0, 2, 5, + 2, 12287, 1, 7, 12284, 0, 12287, 12286, 2, 1, + 12287, 0, 1, 12284, 12287, 12287, 12285, 12285, 3, 12282, + 12286, 1, 1, 12288, 12282, 12287, 1, 1, 2, 2, + 3, 1, 12287, 5, 12282, 0, 0, 12287, 1, 3, + 12288, 3, 12285, 12286, 2, 0, 12288, 12288, 5, 12285, + 4, 12288, 12287, 0, 1, 4, 1, 2, 12288, 0, + 2, 1, 12288, 4, 6, 12288, 1, 12287, 4, 1, + 12285, 12288, 3, 0, 12288, 12285, 2, 0, 12286, 2, + 1, 12288, 1, 12288, 12284, 3, 0, 2, 2, 12288, + 12287, 12286, 4, 12288, 2, 0, 0, 3, 4, 0, + 12288, 12282, 6, 2, 12283, 12287, 2, 6, 1, 2, + 12288, 2, 12283, 3, 12287, 3, 4, 0, 0, 12285, + 0, 12288, 12287, 12284, 12286, 3, 1, 12286, 2, 0, + 12287, 12286, 12286, 12288, 5, 2, 12288, 12286, 0, 12287, + 0, 3, 2, 12287, 12286, 0, 1, 12287, 2, 0, + 12286, 5, 12285, 12288, 12288, 12288, 12286, 4, 1, 12285, + 12284, 12288, 12286, 1, 1, 12287, 2, 12286, 3, 2, + 12283, 12283, 4, 2, 12283, 5, 0, 1, 0, 5, + 12287, 1, 1, 0, 3, 10, 12287, 3, 12288, 12288, + 12287, 2, 2, 0, 4, 12288, 12283, 12288, 1, 12287, + 3, 0, 0, 1, 12288, 12284, 0, 12286, 12287, 0, + 12287, 2, 1, 7, 12288, 12287, 0, 4, 12287, 12286, + 3, 4, 12287, 12288, 12285, 12287, 12288, 12285, 12286, 7, + 1, 1, 12288, 3, 12287, 3, 1, 4, 2, 5, + 12282, 3, 0, 12286, 12288, 0, 12285, 0, 2, 3, + 0, 12286, 3, 2, 12285, 0, 0, 12287, 1, 0, + 0, 6, 2, 12287, 12284, 7, 5, 0, 1, 6, + 2, 4, 1, 12286, 12288, 2, 12287, 3, 4, 12283, + 0, 12288, 2, 2, 12286, 0, 2, 2, 12288, 12285, + 12287, 12285, 12288, 0 } + }, + { 0x01, 0x02, /* polynomial e'' */ + { 0x20, 0x37, 0x77, 0x8a, 0x9c, 0x19, 0xde, 0xf0, 0x65, 0x9e, + 0x0f, 0xa5, 0xfc, 0x0e, 0x78, 0xfe, 0x55, 0x89, 0xc9, 0x88, + 0x41, 0xa2, 0x5a, 0x1e, 0xa4, 0x66, 0xcd, 0x3a, 0x29, 0x42, + 0xd1, 0x25, 0xf2, 0x84, 0xd7, 0xee, 0xd5, 0x53, 0x86, 0x5b, + 0xa3, 0x93, 0x4e, 0xee, 0xc7, 0x5b, 0xe5, 0x52, 0x68, 0x19, + 0xdf, 0x63, 0xfb, 0x91, 0x3d, 0xe9, 0x5d, 0xd6, 0xeb, 0x81, + 0x3d, 0xac, 0xf1, 0xad }, + { 12286, 12286, 1, 12287, 1, 12286, 12287, 12287, 12284, 1, + 12287, 2, 12284, 0, 2, 12288, 0, 1, 0, 12285, + 12288, 4, 2, 12287, 12282, 12288, 12285, 12288, 2, 12288, + 6, 7, 12286, 12286, 1, 4, 12287, 12287, 3, 1, + 3, 3, 2, 12285, 0, 1, 12288, 1, 1, 12287, + 0, 0, 1, 0, 12287, 12283, 12283, 12288, 12287, 0, + 0, 2, 12286, 3, 3, 0, 12286, 12282, 3, 6, + 3, 3, 12285, 1, 1, 12288, 1, 0, 12288, 0, + 12287, 4, 1, 0, 12285, 12288, 1, 1, 1, 3, + 12286, 0, 12288, 0, 12287, 12287, 3, 5, 1, 12287, + 12287, 0, 0, 0, 12283, 0, 0, 12288, 0, 12287, + 12286, 12284, 12286, 0, 12286, 3, 5, 12287, 0, 12287, + 1, 3, 2, 6, 1, 12287, 1, 1, 12285, 4, + 12282, 12288, 12288, 3, 2, 12287, 3, 3, 12288, 12286, + 2, 5, 12288, 12287, 12288, 3, 0, 12283, 3, 3, + 1, 0, 12288, 2, 2, 12287, 12286, 4, 12287, 12288, + 0, 0, 12286, 1, 4, 4, 12286, 12287, 4, 12288, + 2, 1, 1, 12288, 12287, 3, 12287, 12286, 12285, 12288, + 4, 1, 0, 12287, 3, 12286, 12287, 4, 0, 12287, + 12286, 12287, 3, 1, 1, 12285, 12287, 0, 12285, 2, + 5, 2, 12285, 3, 2, 12285, 12287, 2, 0, 12288, + 2, 5, 2, 12283, 1, 1, 0, 12286, 12288, 3, + 1, 12286, 12283, 0, 1, 2, 2, 1, 12287, 12287, + 4, 4, 1, 0, 0, 12288, 12287, 12284, 12284, 7, + 0, 12288, 5, 4, 12288, 12288, 1, 0, 1, 1, + 2, 12288, 12288, 5, 1, 0, 12287, 3, 3, 0, + 1, 12288, 12288, 3, 12285, 12288, 3, 5, 4, 1, + 12285, 12285, 12288, 12285, 12288, 12285, 4, 1, 3, 12285, + 4, 0, 12288, 12286, 5, 12287, 12285, 12288, 4, 12288, + 0, 12287, 12286, 0, 12286, 12283, 0, 12287, 12284, 1, + 12288, 12288, 3, 12286, 1, 2, 12286, 3, 1, 12285, + 12286, 12285, 0, 12285, 12288, 0, 2, 12283, 0, 1, + 2, 1, 2, 3, 3, 12285, 0, 0, 0, 12288, + 12283, 4, 12286, 2, 1, 3, 3, 12284, 2, 4, + 3, 12286, 12282, 12286, 0, 12286, 12287, 3, 12288, 12288, + 2, 12287, 12286, 3, 0, 12286, 1, 1, 0, 12287, + 2, 0, 0, 1, 12286, 1, 0, 12283, 0, 12288, + 2, 5, 12288, 12287, 2, 1, 12288, 2, 2, 5, + 2, 12286, 12286, 2, 12284, 12287, 0, 12284, 0, 12284, + 12286, 12286, 12288, 12287, 12287, 2, 1, 12287, 12287, 1, + 5, 0, 0, 12288, 2, 12285, 6, 2, 12288, 12288, + 12286, 2, 12285, 0, 0, 0, 12288, 3, 12286, 1, + 1, 0, 3, 0, 12286, 12288, 12287, 3, 2, 12287, + 12288, 1, 12288, 12282, 2, 0, 12288, 12286, 12285, 12281, + 4, 1, 7, 12283, 12287, 12288, 1, 6, 0, 12288, + 5, 1, 1, 12286, 12286, 0, 12287, 12285, 12287, 1, + 12288, 12286, 12286, 12288, 2, 12287, 12287, 12288, 12286, 12288, + 12282, 12284, 12286, 0, 12285, 12285, 3, 12288, 12287, 12288, + 2, 0, 2, 0, 12288, 12286, 3, 12288, 12286, 12287, + 1, 1, 1, 0, 5, 5, 12285, 12288, 3, 12286, + 1, 2, 12285, 1, 4, 12288, 1, 4, 1, 3, + 4, 12286, 0, 7, 2, 12288, 2, 12287, 0, 2, + 12283, 12286, 0, 12288, 12286, 4, 1, 12284, 7, 12285, + 0, 12284, 12287, 0, 0, 3, 4, 12284, 0, 1, + 0, 1, 12285, 1, 12286, 12284, 12287, 0, 7, 1, + 4, 12282, 12288, 0, 2, 12285, 12288, 12287, 12287, 12283, + 0, 1, 3, 12285, 12286, 3, 12288, 12288, 12284, 12286, + 12288, 1, 0, 2, 12287, 0, 12286, 4, 12288, 0, + 12284, 0, 0, 2, 12286, 0, 0, 12286, 12287, 1, + 12288, 0, 12284, 1, 12288, 12288, 1, 1, 12282, 12284, + 12288, 12285, 12285, 12288, 1, 12286, 2, 0, 0, 12284, + 2, 12288, 0, 0, 12285, 0, 3, 0, 0, 12285, + 12286, 5, 3, 12287, 5, 2, 12287, 0, 1, 12286, + 12287, 1, 12286, 1, 12288, 0, 0, 12282, 5, 12282, + 12287, 12288, 12287, 1, 0, 3, 4, 6, 1, 1, + 12287, 12284, 12286, 12287, 12286, 2, 1, 12288, 3, 0, + 3, 0, 12286, 1, 0, 12288, 1, 12284, 4, 0, + 4, 12288, 1, 4, 1, 12286, 4, 0, 2, 1, + 1, 4, 12287, 2, 1, 12288, 4, 3, 2, 12287, + 0, 1, 12287, 1, 12285, 12286, 2, 2, 0, 12286, + 12287, 0, 12288, 12285, 5, 12288, 0, 0, 12288, 3, + 12288, 0, 4, 0, 12288, 12286, 12287, 0, 0, 2, + 12283, 0, 12281, 1, 1, 3, 4, 2, 12284, 5, + 12288, 2, 3, 4, 12287, 3, 12288, 12287, 12288, 2, + 12286, 2, 0, 12286, 12286, 5, 12288, 2, 12288, 7, + 12286, 12286, 4, 12288, 12288, 12288, 5, 12287, 7, 12286, + 12282, 2, 12284, 0, 12288, 0, 2, 12283, 2, 5, + 4, 1, 12288, 12283, 5, 12288, 12288, 0, 0, 0, + 6, 1, 12286, 6, 4, 12287, 2, 12288, 12287, 12286, + 4, 5, 0, 1, 2, 1, 4, 12286, 1, 2, + 1, 1, 0, 12288, 12282, 1, 1, 3, 12284, 12288, + 0, 12287, 1, 12286, 12288, 6, 1, 5, 12287, 12285, + 2, 12288, 12288, 12284, 0, 12287, 2, 3, 5, 1, + 12286, 1, 12287, 0, 12284, 1, 5, 12283, 1, 1, + 12287, 12283, 12288, 0, 12287, 3, 0, 12288, 12286, 12287, + 8, 0, 0, 12288, 1, 3, 2, 3, 12287, 9, + 2, 3, 4, 12288, 3, 0, 12288, 12283, 0, 0, + 2, 4, 12287, 2, 12287, 12286, 12287, 2, 12287, 2, + 3, 1, 3, 1, 0, 1, 1, 5, 3, 12285, + 1, 12281, 12287, 12286, 1, 4, 12287, 12286, 12285, 4, + 2, 0, 12288, 12288, 12286, 12287, 12288, 1, 3, 4, + 0, 1, 12285, 4, 3, 12284, 1, 12288, 12285, 12288, + 0, 12281, 12288, 12285, 12285, 1, 12284, 12286, 12287, 0, + 0, 12287, 1, 12282, 4, 4, 12288, 1, 4, 12286, + 5, 4, 1, 5, 3, 1, 0, 6, 12288, 0, + 12288, 2, 12286, 12287, 6, 0, 12288, 0, 12287, 1, + 4, 0, 12282, 4, 1, 12286, 1, 12282, 3, 12285, + 12283, 12286, 12288, 4, 12284, 12286, 12286, 0, 12286, 0, + 0, 1, 12286, 1, 1, 4, 12284, 0, 3, 2, + 12288, 1, 2, 12287, 2, 1, 12288, 0, 1, 2, + 12286, 0, 6, 12285, 0, 1, 4, 0, 0, 3, + 2, 12287, 12285, 7, 1, 3, 1, 0, 12286, 12288, + 0, 12287, 1, 12286 } + } +}; + +START_TEST(test_newhope_noise_uniform) +{ + newhope_noise_t *noise; + uint8_t seed_buf[seed_len], *uniform; + chunk_t seed = { seed_buf, seed_len }; + + memset(seed_buf, 0x00, seed_len - 1); + seed_buf[seed_len - 1] = noises[_i].key; + + noise = newhope_noise_create(seed); + ck_assert(noise != NULL); + uniform = noise->get_uniform_bytes(noise, noises[_i].nonce, 64); + ck_assert(uniform != NULL); + ck_assert(memeq(uniform, noises[_i].uniform, 64)); + free(uniform); + noise->destroy(noise); +} +END_TEST + +START_TEST(test_newhope_noise_poly) +{ + newhope_noise_t *noise; + uint8_t seed_buf[seed_len]; + uint32_t *poly; + int i; + chunk_t seed = { seed_buf, seed_len }; + + memset(seed_buf, 0x00, seed_len - 1); + seed_buf[seed_len - 1] = noises[_i].key; + + noise = newhope_noise_create(seed); + ck_assert(noise != NULL); + poly = noise->get_binomial_words(noise, noises[_i].nonce, n, q); + ck_assert(poly != NULL); + for (i = 0; i < n; i++) + { + ck_assert(poly[i] == noises[_i].poly[i]); + } + free(poly); + noise->destroy(noise); +} +END_TEST + +static size_t seed_lengths[] = { 0, 1, 31, 33 }; + +START_TEST(test_newhope_noise_fail) +{ + newhope_noise_t *noise; + chunk_t seed; + + seed = chunk_alloc(seed_lengths[_i]); + memset(seed.ptr, 0x00, seed.len); + + noise = newhope_noise_create(seed); + ck_assert(noise == NULL); + chunk_free(&seed); +} +END_TEST + +Suite *newhope_noise_suite_create() +{ + Suite *s; + TCase *tc; + + s = suite_create("newhope_noise"); + + tc = tcase_create("noise_uniform"); + tcase_add_loop_test(tc, test_newhope_noise_uniform, 0, countof(noises)); + suite_add_tcase(s, tc); + + tc = tcase_create("noise_poly"); + tcase_add_loop_test(tc, test_newhope_noise_poly, 0, countof(noises)); + suite_add_tcase(s, tc); + + tc = tcase_create("noise_fail"); + tcase_add_loop_test(tc, test_newhope_noise_fail, 0, countof(seed_lengths)); + suite_add_tcase(s, tc); + + return s; +} diff --git a/src/libstrongswan/plugins/newhope/tests/suites/test_newhope_reconciliation.c b/src/libstrongswan/plugins/newhope/tests/suites/test_newhope_reconciliation.c new file mode 100644 index 000000000..4432e34d6 --- /dev/null +++ b/src/libstrongswan/plugins/newhope/tests/suites/test_newhope_reconciliation.c @@ -0,0 +1,344 @@ +/* + * Copyright (C) 2016 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "test_suite.h" + +#include <newhope_reconciliation.h> + +#include <library.h> + +static const uint16_t n = 1024; +static const uint16_t q = 12289; + +static uint32_t r_v[] = { + 7832, 2714, 1942, 12135, 6869, 11272, 11601, 1783, 9639, 1465, + 4603, 8158, 1418, 6162, 3907, 6653, 1091, 3026, 4540, 4797, + 2751, 29, 768, 5580, 1304, 5262, 1644, 11294, 12257, 10466, + 170, 8458, 7185, 6850, 8790, 11277, 10980, 5507, 10693, 9766, + 7230, 3980, 796, 11125, 8042, 9022, 10207, 7577, 5041, 192, + 10308, 7905, 8520, 3814, 3372, 11772, 11290, 418, 2744, 4782, + 3072, 10921, 10721, 6100, 1021, 7943, 7426, 2142, 6618, 757, + 5033, 9336, 9332, 3410, 6613, 11776, 1525, 9567, 5371, 1290, + 3685, 11054, 11228, 10703, 70, 11215, 8992, 2855, 2962, 10104, + 10083, 8146, 7599, 3428, 4316, 10056, 1245, 9776, 7867, 1381, + 6540, 11273, 6626, 3708, 5348, 4521, 3760, 1771, 12037, 2681, + 3044, 10226, 5133, 5013, 7851, 7187, 1965, 6776, 223, 3003, + 4800, 10128, 9592, 8917, 10664, 7076, 2081, 5621, 2694, 8245, + 10979, 929, 10593, 10429, 6890, 6222, 5891, 6633, 12124, 1508, + 508, 9650, 2480, 10302, 3958, 4519, 5309, 8675, 6963, 5281, + 8265, 4851, 7173, 2537, 1176, 259, 6422, 6782, 1429, 7231, + 4948, 8137, 11341, 12090, 5395, 8087, 3098, 6724, 7462, 9973, + 149, 7331, 562, 9753, 1227, 768, 7520, 12107, 6199, 6503, + 9876, 306, 3876, 1903, 6306, 10288, 10184, 9401, 68, 5246, + 630, 10136, 133, 12082, 648, 8537, 3896, 4482, 12011, 5407, + 5305, 4301, 6551, 714, 5902, 11915, 3121, 5428, 5441, 5140, + 10139, 2091, 875, 9478, 11576, 8663, 10514, 1018, 8780, 6445, + 2501, 4204, 1276, 7474, 10594, 3808, 4367, 11469, 4875, 1899, + 9136, 1507, 6235, 6367, 3851, 7341, 9925, 4629, 9588, 3150, + 4739, 6109, 4850, 9944, 11565, 4995, 8383, 9623, 6248, 3020, + 1730, 3368, 3431, 8617, 6478, 7182, 8720, 1927, 6493, 9285, + 9779, 2800, 3730, 1754, 3772, 3124, 7569, 10008, 9240, 2493, + 4402, 5851, 2050, 8630, 5054, 8421, 1536, 7671, 5467, 9075, + 5881, 4355, 4554, 11354, 4048, 10335, 11033, 4252, 2558, 4363, + 10448, 327, 1675, 4755, 8227, 7705, 398, 10398, 9913, 4129, + 6571, 10743, 280, 6634, 796, 7264, 3916, 11349, 1415, 1187, + 692, 9980, 1647, 4267, 1001, 12229, 6040, 268, 1308, 531, + 3141, 7209, 1941, 4684, 10261, 1415, 8381, 4919, 11450, 1494, + 8237, 11023, 3380, 4448, 10101, 9232, 11040, 7799, 4958, 741, + 2234, 10436, 11442, 5073, 2908, 2355, 31, 7222, 5457, 3746, + 8920, 122, 8960, 5708, 1750, 11161, 4847, 3199, 7954, 2151, + 9419, 11678, 8997, 12016, 9690, 9605, 10718, 3735, 1617, 9574, + 10384, 11604, 9311, 687, 7145, 11891, 6529, 5052, 1342, 8735, + 7644, 6062, 6338, 8563, 2502, 5284, 220, 5224, 3771, 11067, + 11609, 2972, 3799, 2566, 7488, 6369, 7704, 6095, 3598, 12112, + 8545, 2026, 746, 3206, 2814, 8740, 1491, 5950, 8413, 4043, + 12036, 6082, 4131, 1941, 6942, 9396, 11267, 8912, 7344, 10371, + 9205, 9520, 12038, 4345, 8024, 10999, 8408, 4673, 6682, 8893, + 8668, 10099, 7658, 11896, 4276, 2042, 10707, 9793, 3152, 11961, + 3269, 5512, 5736, 5938, 9457, 10439, 10777, 6656, 3174, 9043, + 6046, 2519, 11912, 5244, 6214, 2071, 11317, 5285, 891, 6184, + 3819, 1563, 1474, 654, 5147, 2380, 10760, 4816, 3378, 1414, + 7784, 10067, 1809, 6320, 4789, 9359, 2747, 9424, 9074, 9473, + 3300, 6244, 104, 7612, 1105, 4276, 573, 1988, 923, 12047, + 7948, 4860, 3949, 4971, 6956, 2831, 2034, 289, 10946, 6970, + 3191, 5122, 2175, 1300, 6198, 256, 6433, 11646, 9119, 9723, + 1046, 5967, 1124, 6449, 2817, 692, 4649, 3089, 5050, 11261, + 2220, 3052, 12012, 10110, 1394, 2877, 10089, 11696, 4462, 5504, + 66, 2500, 5384, 7461, 5712, 8649, 9536, 7670, 2385, 3469, + 782, 2876, 7772, 6118, 142, 5396, 10951, 10556, 3450, 10602, + 1604, 7909, 3323, 39, 10258, 2262, 7113, 11313, 10203, 10846, + 9275, 4316, 965, 6006, 4458, 7926, 3171, 1797, 4659, 5336, + 5543, 250, 9230, 10720, 11970, 4511, 4311, 11763, 1283, 4044, + 2643, 3744, 4490, 5984, 8868, 8760, 11738, 6037, 9164, 7601, + 7544, 11117, 7322, 2081, 4034, 10791, 11491, 7027, 1615, 5338, + 8528, 3424, 2126, 927, 1650, 6068, 3812, 10958, 7574, 11032, + 6954, 6132, 2598, 9458, 11346, 1974, 3273, 1040, 10331, 8587, + 11017, 6864, 8246, 5328, 11330, 6779, 8761, 4342, 4595, 8610, + 161, 4622, 6411, 10708, 7896, 11431, 12097, 9500, 3376, 9561, + 10730, 2248, 3069, 1434, 8838, 566, 6397, 5881, 4956, 4203, + 8362, 6047, 3484, 4784, 9901, 8989, 862, 8817, 12186, 9876, + 9748, 1905, 5696, 9028, 5721, 2940, 10235, 2326, 2134, 6167, + 1019, 10851, 1253, 5588, 9149, 6532, 3959, 11598, 4068, 3299, + 8264, 9787, 7089, 2829, 6755, 6156, 455, 5900, 2839, 5921, + 2140, 7428, 2688, 11175, 9247, 6727, 11711, 1762, 6244, 3336, + 2308, 9922, 7883, 7007, 10890, 7013, 8452, 2743, 1482, 6927, + 7846, 6128, 5114, 4868, 7487, 4584, 6785, 460, 6747, 8894, + 9855, 12242, 3365, 1450, 6614, 3974, 5200, 3247, 2779, 8695, + 828, 10940, 2304, 376, 3027, 3898, 10351, 1879, 10262, 2512, + 5487, 4280, 10297, 8480, 9481, 7905, 197, 8361, 4927, 705, + 9671, 6722, 2589, 8772, 1078, 333, 8696, 6267, 7420, 4471, + 8994, 5038, 5318, 1846, 2574, 8779, 10724, 825, 7399, 7073, + 4422, 8385, 5171, 8849, 11344, 10735, 8483, 2241, 11738, 6581, + 10699, 2777, 6531, 4678, 7608, 10871, 3501, 9239, 7252, 11828, + 7873, 9606, 4526, 5958, 8505, 11233, 9638, 2421, 5652, 3095, + 9049, 11347, 6274, 1405, 11114, 11208, 5703, 10774, 3011, 11633, + 5741, 9601, 5507, 4527, 3501, 5707, 8698, 178, 12091, 325, + 6056, 635, 3772, 12169, 10509, 6528, 3573, 3675, 3389, 3161, + 1148, 2687, 3509, 6639, 10452, 11804, 5355, 1085, 9580, 7106, + 1396, 8279, 4881, 3402, 7803, 8801, 6142, 7623, 4386, 9291, + 1502, 500, 11809, 6655, 2674, 10061, 1650, 5422, 8936, 10011, + 1193, 9619, 1435, 8285, 4038, 9984, 9732, 4477, 1251, 7106, + 7817, 10062, 3378, 5608, 2395, 2563, 1957, 3768, 4160, 7267, + 11631, 2171, 4771, 6927, 4330, 10482, 6204, 11022, 7895, 1924, + 3648, 1991, 6628, 10136, 2916, 5416, 7827, 1479, 2312, 9991, + 7915, 5431, 10911, 10979, 4527, 436, 10521, 5725, 2201, 10198, + 662, 1691, 8867, 10008, 9359, 5291, 567, 5725, 10329, 4772, + 2813, 7323, 5646, 1861, 9922, 1831, 9356, 1219, 4107, 9999, + 4569, 9092, 833, 1602, 4258, 1443, 1484, 4036, 5415, 3767, + 9992, 412, 9343, 2251, 10513, 9067, 1494, 11893, 744, 1978, + 11259, 3614, 7459, 5254, 4232, 5148, 4119, 11550, 6425, 4933, + 4292, 10521, 9657, 9632, 4613, 7738, 5561, 8806, 3501, 3731, + 11329, 2693, 11581, 6393, 10176, 10773, 1790, 1809, 9186, 12085, + 5418, 7223, 1077, 1527, 10917, 4236, 7668, 11754, 6655, 7696, + 1809, 11512, 3618, 5857, 7512, 1044, 7970, 6825, 4897, 2870, + 126, 8619, 10445, 3883, 4238, 4051, 399, 1580, 9893, 11046, + 2955, 6520, 5435, 1891, 1254, 12135, 4122, 10512, 11960, 6196, + 3443, 10118, 1689, 10877 +}; + +static uint32_t i_v[] = { + 8355, 2010, 1416, 12110, 6361, 11296, 11668, 1446, 9822, 947, + 5422, 8211, 1824, 6158, 3458, 6435, 685, 2707, 4804, 4929, + 3204, 12158, 674, 5703, 1125, 5085, 1358, 10956, 12216, 11164, + 12112, 8359, 7018, 7038, 9099, 11789, 10574, 5991, 10736, 9335, + 7898, 4429, 587, 11156, 7912, 9063, 9673, 6792, 5530, 648, + 10203, 7284, 7935, 4177, 3514, 11488, 10998, 12254, 2913, 4827, + 2446, 10965, 10718, 5569, 1023, 8150, 7440, 1928, 6384, 802, + 4726, 9738, 10374, 3842, 6761, 11788, 1133, 9413, 5818, 1099, + 3710, 11315, 11667, 10285, 12431, 11195, 9193, 2842, 2267, 9902, + 10076, 7409, 6751, 3748, 4487, 9961, 1547, 10060, 7443, 1276, + 6827, 10798, 6323, 4038, 5508, 4006, 3300, 1774, 255, 2688, + 3238, 10275, 4911, 5648, 7842, 7506, 1769, 6425, 195, 3176, + 4455, 10337, 9451, 8912, 10445, 7646, 2837, 5109, 3033, 8668, + 10295, 744, 10869, 10204, 6825, 6326, 6299, 7208, 11886, 1246, + 704, 9626, 2538, 10932, 3903, 4545, 5111, 9006, 6698, 5008, + 8464, 4679, 7230, 2223, 707, 705, 6592, 6207, 1114, 7645, + 5374, 7595, 11064, 746, 5585, 8248, 2921, 7004, 6595, 9985, + 506, 7147, 793, 9605, 596, 962, 8223, 11771, 6438, 6663, + 9519, 12013, 4302, 2216, 6633, 10351, 10096, 9645, 347, 4601, + 596, 10448, 12051, 12376, 1544, 8939, 5114, 4052, 11408, 5947, + 5368, 4270, 6747, 423, 6283, 11211, 2574, 5974, 5533, 5143, + 9757, 2155, 729, 9776, 11989, 8808, 11057, 1519, 9187, 5996, + 2966, 3865, 1409, 8023, 10648, 4397, 5082, 10832, 4769, 2068, + 9226, 1790, 5911, 6534, 3780, 7312, 9388, 5014, 9054, 3445, + 4659, 6203, 5234, 9490, 11060, 4214, 8978, 9789, 6201, 3088, + 1988, 3057, 3762, 8725, 7322, 7583, 8233, 1394, 6534, 9221, + 9736, 2738, 3837, 2595, 4012, 3674, 7505, 10231, 8080, 2402, + 3977, 5928, 1942, 8421, 5507, 8422, 1238, 6909, 5800, 9613, + 6083, 4382, 4669, 11670, 4032, 10762, 11623, 4387, 3728, 4656, + 9701, 722, 1255, 4495, 8158, 7762, 792, 10307, 9813, 3904, + 6081, 11003, 12045, 6718, 1089, 7327, 4381, 11188, 943, 1740, + 563, 10251, 756, 5027, 848, 325, 6547, 12288, 1222, 12189, + 3641, 7314, 2049, 5254, 10043, 1068, 7906, 4741, 11639, 1981, + 7660, 10911, 2746, 4536, 10068, 9700, 11057, 8114, 5556, 253, + 2292, 10686, 11848, 5306, 3092, 2570, 12167, 7101, 5245, 3463, + 8627, 12513, 9010, 5356, 1633, 10462, 4545, 3614, 7245, 1887, + 9738, 11902, 8716, 12035, 9958, 9421, 11063, 3759, 883, 9754, + 10730, 11706, 9132, 540, 6726, 11382, 7038, 4407, 1225, 8606, + 7689, 5894, 6553, 7908, 2454, 4939, 613, 5811, 3580, 11792, + 11364, 3153, 3698, 2604, 7470, 6053, 7699, 6018, 4289, 11497, + 8580, 2249, 718, 2444, 2972, 8812, 1710, 6317, 8718, 4194, + 12288, 5837, 3698, 2216, 7402, 9045, 11194, 8500, 7238, 10686, + 9409, 9867, 12264, 3859, 7673, 11659, 8496, 4618, 6465, 8811, + 9114, 10740, 7738, 11850, 4142, 2493, 11136, 9623, 3071, 11701, + 2925, 5043, 6151, 6221, 9642, 10846, 11145, 6315, 3741, 9123, + 5131, 2585, 11337, 4786, 5844, 1485, 11505, 5205, 797, 5955, + 3717, 1756, 1551, 1122, 5057, 2585, 10857, 5129, 3557, 1254, + 7750, 9688, 2462, 6415, 4345, 9460, 2957, 8793, 9210, 9242, + 3487, 6506, 11888, 7563, 1078, 4486, 406, 2261, 867, 11965, + 7979, 4533, 3654, 4747, 6636, 3166, 2114, 380, 9715, 7132, + 2982, 5024, 1817, 1231, 6210, 12377, 6280, 10882, 9937, 9587, + 633, 5668, 899, 6176, 2431, 956, 5022, 3094, 4658, 11168, + 2989, 2654, 11990, 10494, 1691, 3017, 10044, 11882, 4020, 5342, + 11911, 2426, 5748, 7592, 6340, 9214, 9357, 7169, 2109, 3210, + 415, 3024, 7791, 5684, 246, 5134, 11335, 10092, 3133, 10427, + 1502, 7739, 3272, 169, 9521, 2550, 7327, 11309, 10815, 10146, + 9157, 4579, 1022, 6447, 4233, 8488, 2958, 1715, 4215, 4965, + 5728, 551, 8942, 10845, 11881, 4472, 4331, 304, 1183, 3798, + 1968, 3993, 4889, 6145, 8841, 8816, 11283, 6578, 9212, 8161, + 7003, 11574, 7764, 1678, 4138, 10444, 11880, 7101, 1390, 4743, + 8320, 3026, 2338, 1203, 1562, 6502, 3103, 10770, 7608, 11097, + 6745, 6037, 2926, 9489, 10782, 1853, 3482, 524, 11063, 8299, + 11092, 6838, 7779, 4598, 11245, 7274, 8908, 3886, 4440, 8651, + 11949, 5344, 6954, 11015, 8333, 11347, 12677, 8716, 3514, 9892, + 10366, 2029, 2875, 1540, 9013, 250, 6393, 5618, 4565, 3687, + 8340, 6420, 3632, 5032, 9408, 9738, 961, 8653, 12315, 10459, + 9883, 2074, 5357, 9341, 4850, 2514, 9746, 2605, 2394, 5928, + 808, 10443, 1589, 5673, 9176, 6593, 3404, 12254, 4230, 3630, + 7958, 10065, 7471, 2432, 6626, 6517, 382, 6131, 2888, 5440, + 1571, 7341, 2841, 11202, 9462, 7180, 11206, 1433, 6183, 3882, + 2105, 9906, 8076, 7074, 10572, 7262, 8456, 2979, 1095, 6891, + 8025, 5914, 5380, 4300, 7363, 4989, 6788, 1043, 6836, 8710, + 10099, 12310, 3997, 2102, 7002, 4041, 4948, 2601, 2958, 8665, + 984, 10820, 1940, 541, 3377, 3533, 9357, 2049, 10721, 2732, + 5355, 4280, 10281, 8056, 9557, 7749, 611, 8255, 4854, 708, + 9199, 7033, 2582, 8343, 820, 944, 8651, 5547, 7052, 4723, + 8972, 5594, 5314, 1938, 2539, 8789, 10341, 12368, 7475, 6903, + 4436, 8346, 5391, 8336, 10864, 10397, 8517, 2078, 12127, 6612, + 10511, 2970, 6576, 5166, 7744, 10934, 3186, 9515, 6831, 12085, + 7284, 9791, 4755, 6341, 8713, 11526, 9392, 2122, 5743, 2776, + 9581, 11396, 7006, 1465, 11235, 10997, 5776, 10401, 2929, 11732, + 5847, 9512, 6068, 3934, 3730, 5813, 9195, 410, 11698, 896, + 6321, 1310, 3478, 11649, 10201, 6850, 3612, 3451, 3569, 3266, + 747, 3151, 3352, 6497, 10445, 11501, 5306, 1026, 9712, 7294, + 813, 8005, 5090, 2905, 7903, 8358, 6290, 7756, 3955, 9471, + 1858, 699, 11847, 7292, 2165, 10556, 1038, 5289, 8693, 9698, + 1702, 10228, 1412, 8681, 3330, 10042, 8888, 4257, 1201, 7422, + 7956, 10019, 3011, 5956, 2188, 2407, 1986, 3847, 4345, 7427, + 12091, 1763, 3885, 6731, 4172, 10828, 6129, 10972, 7878, 2189, + 3988, 2125, 6536, 10663, 3100, 5129, 7656, 1053, 2303, 10149, + 8087, 5666, 11151, 10962, 4905, 779, 10113, 5451, 1509, 9590, + 735, 1626, 8419, 10607, 9293, 5778, 907, 5527, 10408, 5454, + 2266, 7131, 6332, 2055, 10105, 1188, 9842, 2059, 4417, 10026, + 4339, 9779, 680, 1731, 4958, 1589, 1866, 3797, 5058, 3735, + 9899, 543, 9330, 2436, 10757, 9010, 1270, 12232, 1122, 2222, + 10945, 3733, 7454, 5251, 4185, 5118, 4331, 12022, 5900, 4767, + 4393, 10252, 9957, 9653, 4674, 7705, 5694, 9123, 3882, 3137, + 11627, 2712, 11985, 6346, 9990, 10760, 1869, 1778, 8899, 12168, + 5207, 7250, 1088, 1131, 11567, 4337, 8286, 11660, 7152, 8010, + 2286, 11335, 2984, 5740, 7114, 806, 7579, 7119, 5122, 2917, + 541, 7913, 10555, 3684, 4720, 3954, 517, 1526, 9712, 10854, + 1921, 6897, 4704, 2141, 1602, 11880, 4548, 10569, 11521, 6408, + 3609, 9752, 1960, 10934 +}; + +static uint8_t rbits[] = { + 0x3f, 0xff, 0xaf, 0x0f, 0x6b, 0xb2, 0xb8, 0x46, 0x53, 0x44, + 0x95, 0x98, 0x0a, 0x85, 0x0c, 0xfc, 0xc4, 0x86, 0xcc, 0x69, + 0xc6, 0xd9, 0xfa, 0xee, 0x19, 0xa6, 0x34, 0x0f, 0x35, 0xc4, + 0xdc, 0x08 +}; + +static uint8_t r_ref[] = { + 0, 3, 3, 1, 1, 1, 0, 1, 0, 3, 2, 0, 1, 1, 3, 0, 2, 1, 0, 3, + 2, 1, 2, 3, 3, 0, 2, 0, 1, 3, 3, 2, 3, 3, 0, 3, 0, 2, 2, 0, + 1, 1, 2, 0, 1, 1, 2, 1, 3, 0, 0, 3, 1, 1, 0, 0, 0, 2, 0, 1, + 0, 2, 3, 1, 3, 0, 3, 1, 0, 0, 2, 1, 3, 3, 1, 3, 2, 1, 0, 2, + 0, 0, 3, 3, 0, 1, 2, 2, 0, 1, 0, 3, 2, 2, 1, 1, 3, 0, 3, 3, + 2, 2, 0, 2, 1, 0, 0, 0, 3, 0, 3, 1, 2, 1, 1, 0, 3, 3, 2, 1, + 3, 3, 2, 2, 1, 3, 0, 0, 2, 2, 3, 1, 1, 2, 2, 2, 0, 2, 0, 2, + 0, 0, 1, 2, 2, 2, 3, 1, 2, 0, 3, 0, 1, 3, 2, 3, 3, 1, 1, 2, + 0, 0, 2, 1, 2, 2, 0, 2, 2, 2, 2, 1, 1, 3, 1, 3, 3, 1, 2, 2, + 3, 0, 1, 0, 0, 2, 2, 1, 3, 2, 2, 2, 3, 1, 1, 0, 0, 3, 2, 3, + 0, 0, 3, 3, 2, 2, 2, 2, 1, 1, 0, 1, 2, 1, 3, 2, 0, 3, 0, 2, + 3, 3, 3, 3, 2, 3, 3, 3, 3, 2, 1, 0, 2, 3, 2, 1, 2, 0, 3, 0, + 2, 2, 1, 1, 2, 1, 2, 0, 1, 2, 1, 3, 0, 0, 2, 3, 0, 3, 1, 0, + 2, 2, 2, 1, 2, 0, 3, 1, 0, 0, 3, 0, 2, 3, 1, 0, 2, 3, 3, 0, + 0, 0, 3, 0, 2, 3, 2, 0, 2, 2, 1, 0, 1, 2, 1, 3, 3, 3, 1, 2, + 1, 2, 3, 1, 1, 2, 2, 0, 3, 0, 3, 3, 1, 3, 3, 3, 1, 3, 0, 3, + 0, 0, 1, 2, 1, 0, 3, 0, 0, 2, 1, 3, 3, 3, 1, 1, 2, 3, 1, 0, + 1, 1, 3, 3, 0, 3, 1, 3, 1, 2, 2, 2, 1, 3, 1, 2, 1, 3, 0, 1, + 2, 2, 2, 3, 3, 2, 2, 3, 1, 2, 2, 1, 2, 1, 0, 0, 0, 1, 3, 2, + 0, 3, 1, 1, 2, 1, 3, 2, 3, 2, 0, 1, 0, 1, 3, 0, 2, 3, 1, 3, + 0, 1, 1, 3, 1, 1, 1, 0, 2, 3, 2, 1, 2, 0, 3, 3, 2, 0, 1, 0, + 3, 3, 3, 1, 2, 2, 1, 0, 3, 3, 0, 2, 3, 1, 1, 1, 3, 3, 1, 3, + 3, 0, 1, 0, 2, 0, 1, 1, 0, 0, 3, 2, 2, 3, 0, 2, 2, 0, 1, 1, + 1, 3, 1, 1, 1, 0, 1, 2, 3, 2, 2, 3, 1, 1, 3, 3, 3, 1, 2, 0, + 0, 0, 2, 2, 2, 3, 2, 0, 0, 1, 3, 0, 0, 0, 2, 0, 1, 0, 3, 0, + 3, 1, 0, 1, 1, 1, 2, 2, 2, 0, 0, 2, 2, 0, 3, 1, 0, 2, 2, 0, + 2, 0, 0, 1, 1, 0, 1, 2, 3, 2, 3, 2, 3, 3, 3, 0, 2, 1, 2, 2, + 1, 0, 1, 1, 1, 2, 1, 3, 2, 0, 3, 3, 0, 0, 1, 1, 1, 2, 2, 2, + 0, 1, 1, 2, 0, 2, 0, 1, 2, 0, 1, 3, 2, 2, 3, 0, 0, 1, 1, 2, + 3, 1, 2, 0, 3, 0, 2, 1, 0, 0, 0, 1, 1, 1, 1, 3, 0, 0, 0, 3, + 2, 3, 2, 1, 0, 3, 1, 1, 1, 1, 3, 0, 0, 1, 1, 1, 0, 3, 2, 2, + 3, 1, 1, 3, 0, 1, 1, 3, 0, 3, 2, 2, 0, 3, 1, 3, 1, 0, 0, 1, + 1, 0, 0, 1, 0, 3, 2, 2, 0, 1, 3, 0, 1, 3, 3, 2, 1, 3, 1, 1, + 3, 3, 2, 1, 1, 3, 1, 0, 2, 1, 1, 3, 3, 3, 1, 3, 1, 3, 0, 1, + 2, 2, 0, 3, 3, 2, 1, 1, 1, 3, 0, 2, 0, 3, 3, 1, 2, 3, 1, 3, + 0, 0, 0, 1, 3, 3, 0, 2, 3, 0, 1, 3, 0, 0, 3, 0, 2, 2, 3, 3, + 3, 3, 2, 1, 0, 3, 1, 1, 1, 2, 2, 0, 3, 2, 0, 2, 2, 3, 1, 0, + 3, 3, 1, 2, 3, 0, 1, 1, 0, 3, 3, 1, 1, 3, 0, 2, 1, 2, 2, 2, + 2, 3, 2, 3, 0, 0, 3, 1, 1, 0, 3, 2, 3, 2, 3, 3, 2, 2, 3, 1, + 3, 2, 1, 0, 1, 0, 2, 2, 1, 3, 1, 2, 3, 3, 1, 3, 2, 1, 3, 2, + 2, 3, 1, 1, 3, 3, 3, 3, 2, 0, 0, 3, 3, 3, 2, 3, 2, 0, 3, 0, + 3, 1, 2, 0, 3, 0, 2, 2, 2, 3, 1, 2, 2, 1, 3, 3, 0, 1, 3, 0, + 0, 1, 3, 2, 1, 1, 0, 1, 3, 3, 1, 1, 0, 1, 2, 2, 2, 0, 2, 3, + 1, 2, 1, 1, 3, 2, 3, 3, 1, 0, 1, 3, 2, 3, 2, 2, 1, 2, 3, 1, + 3, 2, 3, 1, 3, 3, 0, 3, 1, 1, 3, 2, 1, 2, 2, 0, 1, 1, 2, 3, + 1, 3, 0, 0, 3, 0, 3, 0, 1, 2, 0, 2, 2, 3, 2, 0, 0, 0, 3, 0, + 2, 0, 0, 2, 2, 2, 3, 1, 3, 2, 3, 2, 0, 1, 2, 1, 1, 3, 0, 3, + 2, 0, 2, 2, 3, 2, 1, 0, 1, 1, 0, 2, 0, 3, 2, 0, 2, 3, 1, 3, + 2, 2, 2, 2, 3, 1, 0, 2, 3, 3, 3, 2, 0, 0, 3, 3, 1, 2, 2, 3, + 0, 1, 1, 1, 3, 2, 1, 0, 0, 1, 2, 3, 3, 0, 1, 1, 1, 1, 0, 1, + 0, 2, 3, 3, 3, 3, 0, 2, 3, 0, 1, 0, 0, 1, 1, 3, 2, 2, 0, 0, + 2, 2, 1, 3 +}; + +static chunk_t shared_secret = chunk_from_chars( + 0x14, 0x22, 0x06, 0xe3, 0x48, 0xf3, 0xfa, 0xfc, 0x21, 0x0d, + 0x5d, 0x51, 0x19, 0x7f, 0x16, 0x4e, 0xe6, 0xd3, 0x10, 0xa9, + 0xf5, 0xab, 0xfc, 0x96, 0x11, 0x1b, 0xc3, 0x4a, 0x89, 0xf9, + 0x66, 0x55 +); + +START_TEST(test_newhope_rec_good) +{ + newhope_reconciliation_t *rec; + chunk_t i_shared_secret, r_shared_secret; + uint8_t *r; + + rec = newhope_reconciliation_create(n, q); + ck_assert(rec != NULL); + + r = rec->help_reconcile(rec, r_v, rbits); + ck_assert(memeq(r, r_ref, n)); + + r_shared_secret = rec->reconcile(rec, r_v, r); + ck_assert(chunk_equals(r_shared_secret, shared_secret)); + + i_shared_secret = rec->reconcile(rec, i_v, r); + ck_assert(chunk_equals(i_shared_secret, shared_secret)); + + /* cleanup */ + rec->destroy(rec); + chunk_free(&i_shared_secret); + chunk_free(&r_shared_secret); + free(r); +} +END_TEST + +Suite *newhope_reconciliation_suite_create() +{ + Suite *s; + TCase *tc; + + s = suite_create("newhope_reconciliation"); + + tc = tcase_create("rec_good"); + tcase_add_test(tc, test_newhope_rec_good); + suite_add_tcase(s, tc); + + return s; +} |