Skip to content

Commit

Permalink
test improvements for ML-KEM
Browse files Browse the repository at this point in the history
Signed-off-by: Abhinav Saxena <abhinav.saxena@thalesgroup.com>
  • Loading branch information
abhinav-thales committed Oct 8, 2024
1 parent 329869f commit e08e63c
Show file tree
Hide file tree
Showing 2 changed files with 32 additions and 5 deletions.
3 changes: 0 additions & 3 deletions tests/test_acvp_vectors.py
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,6 @@
ml_dsa_ver = "ACVP_Vectors/ML-DSA-sigVer-FIPS204/internalProjection.json"

@helpers.filtered_test
@pytest.mark.skipif(sys.platform.startswith("win"), reason="Not needed on Windows")
@pytest.mark.parametrize('kem_name', helpers.available_kems_by_name())
def test_acvp_vec_kem_keygen(kem_name):
if not(helpers.is_kem_enabled_by_name(kem_name)): pytest.skip('Not enabled')
Expand All @@ -45,7 +44,6 @@ def test_acvp_vec_kem_keygen(kem_name):
assert(variantFound == True)

@helpers.filtered_test
@pytest.mark.skipif(sys.platform.startswith("win"), reason="Not needed on Windows")
@pytest.mark.parametrize('kem_name', helpers.available_kems_by_name())
def test_acvp_vec_kem_encdec_aft(kem_name):

Expand Down Expand Up @@ -106,7 +104,6 @@ def test_acvp_vec_kem_encdec_val(kem_name):


@helpers.filtered_test
@pytest.mark.skipif(sys.platform.startswith("win"), reason="Not needed on Windows")
@pytest.mark.parametrize('sig_name', helpers.available_sigs_by_name())
def test_vectors_sig(sig_name):
if not(helpers.is_sig_enabled_by_name(sig_name)): pytest.skip('Not enabled')
Expand Down
34 changes: 32 additions & 2 deletions tests/test_kem.c
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
#include <string.h>

#include <oqs/oqs.h>

#include <oqs/sha3.h>
#if OQS_USE_PTHREADS
#include <pthread.h>
#endif
Expand Down Expand Up @@ -127,6 +127,37 @@ static OQS_STATUS kem_test_correctness(const char *method_name) {
printf("shared secrets are equal\n");
}

if ((0 == strcasecmp(method_name, "ML-KEM-512")) || (0 == strcasecmp(method_name, "ML-KEM-768")) || (0 == strcasecmp(method_name, "ML-KEM-1024"))) {
// buffer to hold z and c. z is always 32 bytes
uint8_t *buff_z_c = NULL;
int length_z_c = 32 + kem->length_ciphertext;
buff_z_c = malloc(length_z_c) ;
if (NULL == buff_z_c) {
fprintf(stderr, "ERROR: malloc failed\n");
goto err;
}
// test rejection key by corrupting the private key
secret_key[0] += 1;
uint8_t shared_secret_r[32]; // expected output
memcpy(buff_z_c, &secret_key[kem->length_secret_key - 32], 32);
memcpy(&buff_z_c[32], ciphertext, kem->length_ciphertext);
// calculate expected secret in case of corrupted cipher : shake256(z || c)
OQS_SHA3_shake256(shared_secret_r, 32, buff_z_c, length_z_c);
OQS_MEM_secure_free(buff_z_c, length_z_c);
rc = OQS_KEM_decaps(kem, shared_secret_d, ciphertext, secret_key);
if (rc != OQS_SUCCESS) {
fprintf(stderr, "ERROR: OQS_KEM_decaps failed for rejection testcase\n");
goto err;
}
rv = memcmp(shared_secret_d, shared_secret_r, kem->length_shared_secret);
if (rv != 0) {
fprintf(stderr, "ERROR: shared secrets are not equal for rejection key in decapsulation \n");
OQS_print_hex_string("shared_secret_d", shared_secret_e, kem->length_shared_secret);
OQS_print_hex_string("shared_secret_r", shared_secret_r, kem->length_shared_secret);
goto err;
}
secret_key[0] -= 1; // restore private key
}
// test invalid encapsulation (call should either fail or result in invalid shared secret)
OQS_randombytes(ciphertext, kem->length_ciphertext);
OQS_TEST_CT_DECLASSIFY(ciphertext, kem->length_ciphertext);
Expand Down Expand Up @@ -178,7 +209,6 @@ static OQS_STATUS kem_test_correctness(const char *method_name) {
OQS_MEM_insecure_free(ciphertext - sizeof(magic_t));
}
OQS_KEM_free(kem);

return ret;
}

Expand Down

0 comments on commit e08e63c

Please sign in to comment.