test/test_wcc_invalid_points_ZZZ.c.in - incubator-milagro-crypto-c - Git at Google

 /*
     Licensed to the Apache Software Foundation (ASF) under one
     or more contributor license agreements.  See the NOTICE file
     distributed with this work for additional information
     regarding copyright ownership.  The ASF licenses this file
     to you under the Apache License, Version 2.0 (the
     "License"); you may not use this file except in compliance
     with the License.  You may obtain a copy of the License at

     http://www.apache.org/licenses/LICENSE-2.0

     Unless required by applicable law or agreed to in writing,
     software distributed under the License is distributed on an
     "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
     KIND, either express or implied.  See the License for the
     specific language governing permissions and limitations
     under the License.
 */
 /**
  * @file test_wcc_invalid_points.c
  * @author Samuele Andreoli
  * @brief Test WCC handling of invalid points
  *
  */

 /* Test WCC with invalid, random generated, points */

 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <time.h>
 #include "utils.h"
 #include "config_curve_ZZZ.h"
 #include "config_test.h"
 #include "randapi.h"
 #if CURVE_SECURITY_ZZZ == 128
 #include "wcc_ZZZ.h"
 #elif CURVE_SECURITY_ZZZ == 192
 #include "wcc192_ZZZ.h"
 #elif CURVE_SECURITY_ZZZ == 256
 #include "wcc256_ZZZ.h"
 #endif

 #if CURVE_SECURITY_ZZZ == 128
 #define G2LEN 4*WCC_PFS_ZZZ
 #elif CURVE_SECURITY_ZZZ == 192
 #define G2LEN 8*WCC_PFS_ZZZ
 #elif CURVE_SECURITY_ZZZ == 256
 #define G2LEN 16*WCC_PFS_ZZZ
 #endif

 // #define DEBUG

 int main()
 {

     /* Master secret */
     char ms[WCC_PGS_ZZZ];
     octet MS= {sizeof(ms),sizeof(ms),ms};

     // Sender key
     char akeyG1[2*WCC_PFS_ZZZ+1];
     octet AKeyG1= {0,sizeof(akeyG1), akeyG1};

     // Receiver key
     char bkeyG2[G2LEN];
     octet BKeyG2= {0,sizeof(bkeyG2), bkeyG2};

     // Identities
     char alice_id[256],bob_id[256];
     octet IdA= {0,sizeof(alice_id),alice_id};
     octet IdB= {0,sizeof(bob_id),bob_id};

     // Hash of the identities
     char hida[WCC_PFS_ZZZ], hidb[WCC_PFS_ZZZ];
     octet HIdA = {0,sizeof(hida),hida};
     octet HIdB = {0,sizeof(hidb),hidb};

     // Ephemeral parameters
     char x[WCC_PGS_ZZZ];
     octet X= {0,sizeof(x),x};
     char y[WCC_PGS_ZZZ];
     octet Y= {0,sizeof(y),y};
     char w[WCC_PGS_ZZZ];
     octet W= {0,sizeof(w),w};
     char pia[WCC_PGS_ZZZ];
     octet PIA= {0,sizeof(pia),pia};
     char pib[WCC_PGS_ZZZ];
     octet PIB= {0,sizeof(pib),pib};

     char pgg1[2*WCC_PFS_ZZZ+1];
     octet PgG1= {0,sizeof(pgg1), pgg1};
     char pag1[2*WCC_PFS_ZZZ+1];
     octet PaG1= {0,sizeof(pag1), pag1};
     char pbg2[G2LEN];
     octet PbG2= {0,sizeof(pbg2), pbg2};

     // Invalid points
     char invalidG1[2*WCC_PFS_ZZZ+1];
     octet InvalidG1= {0,sizeof(invalidG1), invalidG1};

     char invalidG2[G2LEN];
     octet InvalidG2= {0,sizeof(invalidG2), invalidG2};

     // Session keys
     char k1[AESKEY_ZZZ];
     octet K1= {0,sizeof(k1),k1};
     char k2[AESKEY_ZZZ];
     octet K2= {0,sizeof(k2),k2};

     char seed[32] = {0};
     octet SEED = {0,sizeof(seed),seed};
     csprng RNG;

     int i, rtn;

     /* non random seed value */
     SEED.len=32;
     for (i=0; i<32; i++) SEED.val[i]=i+1;

     /* initialize random number generator */
     CREATE_CSPRNG(&RNG,&SEED);

     /* TEST RUN: execute a test run with valid points to make sure
      * the protocol runs correctly with valid points
      */

     /* TA: Generate master secret  */
     WCC_ZZZ_RANDOM_GENERATE(&RNG,&MS);

     // Alice's ID
     OCT_jstring(&IdA,"alice@milagro.com");

     // Hash Alice's Id
     HASH_ID(HASH_TYPE_ZZZ,&IdA,&HIdA);

     // TA: Generate Alice's sender key
     WCC_ZZZ_GET_G1_MULTIPLE(&MS,&HIdA,&AKeyG1);

     // Bob's ID
     OCT_jstring(&IdB,"bob@milagro.com");

     // Hash Bob's Id
     HASH_ID(HASH_TYPE_ZZZ,&IdB,&HIdB);

     // TA: Generate Bob's receiver key
     WCC_ZZZ_GET_G2_MULTIPLE(&MS,&HIdB,&BKeyG2);

     // Generate ephemeral parameters
     WCC_ZZZ_RANDOM_GENERATE(&RNG,&X);
     WCC_ZZZ_GET_G1_MULTIPLE(&X,&HIdA,&PaG1);

     WCC_ZZZ_RANDOM_GENERATE(&RNG,&W);
     WCC_ZZZ_GET_G1_MULTIPLE(&W,&HIdA,&PgG1);

     WCC_ZZZ_RANDOM_GENERATE(&RNG,&Y);
     WCC_ZZZ_GET_G2_MULTIPLE(&Y,&HIdB,&PbG2);

     WCC_ZZZ_Hq(HASH_TYPE_ZZZ,&PaG1,&PbG2,&PgG1,&IdB,&PIA);
     WCC_ZZZ_Hq(HASH_TYPE_ZZZ,&PbG2,&PaG1,&PgG1,&IdA,&PIB);

     /* Check that the functions work with valid points */
     rtn = WCC_ZZZ_SENDER_KEY(HASH_TYPE_ZZZ,&X,&PIA,&PIB,&PbG2,&PgG1,&AKeyG1,&IdB,&K1);
     if (rtn != WCC_OK)
     {
         printf("FAILURE Check sender with valid points\n");
         return 1;
     }

     rtn = WCC_ZZZ_RECEIVER_KEY(HASH_TYPE_ZZZ,&Y,&W,&PIA,&PIB,&PaG1,&PgG1,&BKeyG2,&IdA,&K2);
     if (rtn != WCC_OK)
     {
         printf("FAILURE Check receiver with valid points\n");
         return 1;
     }

     if (!OCT_ncomp(&K1,&K2,AESKEY_ZZZ))
     {
         printf("FAILURE Keys do not match\n");
         return 1;
     }

     /* Generate invalid points
      * Randomly generate two octets of the right length to be points in G1 and G2.
      * The probability these are actually valid points is negligible.
      */
     OCT_rand(&InvalidG1,&RNG,InvalidG1.max);
     OCT_rand(&InvalidG2,&RNG,InvalidG2.max);
     // Fix point encoding for G1
     invalidG1[0] = '\x04';

     /* Check handling of invalid points */

     // Invalid Sender PbG2
     rtn = WCC_ZZZ_SENDER_KEY(HASH_TYPE_ZZZ,&X,&PIA,&PIB,&InvalidG2,&PgG1,&AKeyG1,&IdB,&K1);
     if (rtn != WCC_INVALID_POINT)
     {
         printf("FAILURE Handle invalid PbG2: 51 != %d\n", rtn);
         return 1;
     }

     // Invalid Sender PgG1
     rtn = WCC_ZZZ_SENDER_KEY(HASH_TYPE_ZZZ,&X,&PIA,&PIB,&PbG2,&InvalidG1,&AKeyG1,&IdB,&K1);
     if (rtn != WCC_INVALID_POINT)
     {
         printf("FAILURE Handle invalid PgG1: 51 != %d\n", rtn);
         return 1;
     }

     // Invalid Sender AKeyG1
     rtn = WCC_ZZZ_SENDER_KEY(HASH_TYPE_ZZZ,&X,&PIA,&PIB,&PbG2,&PgG1,&InvalidG1,&IdB,&K1);
     if (rtn != WCC_INVALID_POINT)
     {
         printf("FAILURE Handle invalid AKeyG1: 51 != %d\n", rtn);
         return 1;
     }

     // Invalid Receiver PaG1
     rtn = WCC_ZZZ_RECEIVER_KEY(HASH_TYPE_ZZZ,&Y,&W,&PIA,&PIB,&InvalidG1,&PgG1,&BKeyG2,&IdA,&K2);
     if (rtn != WCC_INVALID_POINT)
     {
         printf("FAILURE Handle invalid PaG1: 51 != %d\n", rtn);
         return 1;
     }

     // Invalid Receiver PgG1
     rtn = WCC_ZZZ_RECEIVER_KEY(HASH_TYPE_ZZZ,&Y,&W,&PIA,&PIB,&PaG1,&InvalidG1,&BKeyG2,&IdA,&K2);
     if (rtn != WCC_INVALID_POINT)
     {
         printf("FAILURE Handle invalid PgG1: 51 != %d\n", rtn);
         return 1;
     }

     // Invalid Receiver BKeyG2
     rtn = WCC_ZZZ_RECEIVER_KEY(HASH_TYPE_ZZZ,&Y,&W,&PIA,&PIB,&PaG1,&PgG1,&InvalidG2,&IdA,&K2);
     if (rtn != WCC_INVALID_POINT)
     {
         printf("FAILURE Handle invalid BKeyG2: 51 != %d\n", rtn);
         return 1;
     }

     KILL_CSPRNG(&RNG);
     printf("SUCCESS! WCC INVALID POINT HANDLING TEST\n");
     return 0;
 }
	/*
	Licensed to the Apache Software Foundation (ASF) under one
	or more contributor license agreements. See the NOTICE file
	distributed with this work for additional information
	regarding copyright ownership. The ASF licenses this file
	to you under the Apache License, Version 2.0 (the
	"License"); you may not use this file except in compliance
	with the License. You may obtain a copy of the License at

	http://www.apache.org/licenses/LICENSE-2.0

	Unless required by applicable law or agreed to in writing,
	software distributed under the License is distributed on an
	"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	KIND, either express or implied. See the License for the
	specific language governing permissions and limitations
	under the License.
	*/
	/**
	* @file test_wcc_invalid_points.c
	* @author Samuele Andreoli
	* @brief Test WCC handling of invalid points
	*
	*/

	/* Test WCC with invalid, random generated, points */

	#include <stdio.h>
	#include <stdlib.h>
	#include <string.h>
	#include <time.h>
	#include "utils.h"
	#include "config_curve_ZZZ.h"
	#include "config_test.h"
	#include "randapi.h"
	#if CURVE_SECURITY_ZZZ == 128
	#include "wcc_ZZZ.h"
	#elif CURVE_SECURITY_ZZZ == 192
	#include "wcc192_ZZZ.h"
	#elif CURVE_SECURITY_ZZZ == 256
	#include "wcc256_ZZZ.h"
	#endif

	#if CURVE_SECURITY_ZZZ == 128
	#define G2LEN 4*WCC_PFS_ZZZ
	#elif CURVE_SECURITY_ZZZ == 192
	#define G2LEN 8*WCC_PFS_ZZZ
	#elif CURVE_SECURITY_ZZZ == 256
	#define G2LEN 16*WCC_PFS_ZZZ
	#endif

	// #define DEBUG

	int main()
	{

	/* Master secret */
	char ms[WCC_PGS_ZZZ];
	octet MS= {sizeof(ms),sizeof(ms),ms};

	// Sender key
	char akeyG1[2*WCC_PFS_ZZZ+1];
	octet AKeyG1= {0,sizeof(akeyG1), akeyG1};

	// Receiver key
	char bkeyG2[G2LEN];
	octet BKeyG2= {0,sizeof(bkeyG2), bkeyG2};

	// Identities
	char alice_id[256],bob_id[256];
	octet IdA= {0,sizeof(alice_id),alice_id};
	octet IdB= {0,sizeof(bob_id),bob_id};

	// Hash of the identities
	char hida[WCC_PFS_ZZZ], hidb[WCC_PFS_ZZZ];
	octet HIdA = {0,sizeof(hida),hida};
	octet HIdB = {0,sizeof(hidb),hidb};

	// Ephemeral parameters
	char x[WCC_PGS_ZZZ];
	octet X= {0,sizeof(x),x};
	char y[WCC_PGS_ZZZ];
	octet Y= {0,sizeof(y),y};
	char w[WCC_PGS_ZZZ];
	octet W= {0,sizeof(w),w};
	char pia[WCC_PGS_ZZZ];
	octet PIA= {0,sizeof(pia),pia};
	char pib[WCC_PGS_ZZZ];
	octet PIB= {0,sizeof(pib),pib};

	char pgg1[2*WCC_PFS_ZZZ+1];
	octet PgG1= {0,sizeof(pgg1), pgg1};
	char pag1[2*WCC_PFS_ZZZ+1];
	octet PaG1= {0,sizeof(pag1), pag1};
	char pbg2[G2LEN];
	octet PbG2= {0,sizeof(pbg2), pbg2};

	// Invalid points
	char invalidG1[2*WCC_PFS_ZZZ+1];
	octet InvalidG1= {0,sizeof(invalidG1), invalidG1};

	char invalidG2[G2LEN];
	octet InvalidG2= {0,sizeof(invalidG2), invalidG2};

	// Session keys
	char k1[AESKEY_ZZZ];
	octet K1= {0,sizeof(k1),k1};
	char k2[AESKEY_ZZZ];
	octet K2= {0,sizeof(k2),k2};

	char seed[32] = {0};
	octet SEED = {0,sizeof(seed),seed};
	csprng RNG;

	int i, rtn;

	/* non random seed value */
	SEED.len=32;
	for (i=0; i<32; i++) SEED.val[i]=i+1;

	/* initialize random number generator */
	CREATE_CSPRNG(&RNG,&SEED);

	/* TEST RUN: execute a test run with valid points to make sure
	* the protocol runs correctly with valid points
	*/

	/* TA: Generate master secret */
	WCC_ZZZ_RANDOM_GENERATE(&RNG,&MS);

	// Alice's ID
	OCT_jstring(&IdA,"alice@milagro.com");

	// Hash Alice's Id
	HASH_ID(HASH_TYPE_ZZZ,&IdA,&HIdA);

	// TA: Generate Alice's sender key
	WCC_ZZZ_GET_G1_MULTIPLE(&MS,&HIdA,&AKeyG1);

	// Bob's ID
	OCT_jstring(&IdB,"bob@milagro.com");

	// Hash Bob's Id
	HASH_ID(HASH_TYPE_ZZZ,&IdB,&HIdB);

	// TA: Generate Bob's receiver key
	WCC_ZZZ_GET_G2_MULTIPLE(&MS,&HIdB,&BKeyG2);

	// Generate ephemeral parameters
	WCC_ZZZ_RANDOM_GENERATE(&RNG,&X);
	WCC_ZZZ_GET_G1_MULTIPLE(&X,&HIdA,&PaG1);

	WCC_ZZZ_RANDOM_GENERATE(&RNG,&W);
	WCC_ZZZ_GET_G1_MULTIPLE(&W,&HIdA,&PgG1);

	WCC_ZZZ_RANDOM_GENERATE(&RNG,&Y);
	WCC_ZZZ_GET_G2_MULTIPLE(&Y,&HIdB,&PbG2);

	WCC_ZZZ_Hq(HASH_TYPE_ZZZ,&PaG1,&PbG2,&PgG1,&IdB,&PIA);
	WCC_ZZZ_Hq(HASH_TYPE_ZZZ,&PbG2,&PaG1,&PgG1,&IdA,&PIB);

	/* Check that the functions work with valid points */
	rtn = WCC_ZZZ_SENDER_KEY(HASH_TYPE_ZZZ,&X,&PIA,&PIB,&PbG2,&PgG1,&AKeyG1,&IdB,&K1);
	if (rtn != WCC_OK)
	{
	printf("FAILURE Check sender with valid points\n");
	return 1;
	}

	rtn = WCC_ZZZ_RECEIVER_KEY(HASH_TYPE_ZZZ,&Y,&W,&PIA,&PIB,&PaG1,&PgG1,&BKeyG2,&IdA,&K2);
	if (rtn != WCC_OK)
	{
	printf("FAILURE Check receiver with valid points\n");
	return 1;
	}

	if (!OCT_ncomp(&K1,&K2,AESKEY_ZZZ))
	{
	printf("FAILURE Keys do not match\n");
	return 1;
	}

	/* Generate invalid points
	* Randomly generate two octets of the right length to be points in G1 and G2.
	* The probability these are actually valid points is negligible.
	*/
	OCT_rand(&InvalidG1,&RNG,InvalidG1.max);
	OCT_rand(&InvalidG2,&RNG,InvalidG2.max);
	// Fix point encoding for G1
	invalidG1[0] = '\x04';

	/* Check handling of invalid points */

	// Invalid Sender PbG2
	rtn = WCC_ZZZ_SENDER_KEY(HASH_TYPE_ZZZ,&X,&PIA,&PIB,&InvalidG2,&PgG1,&AKeyG1,&IdB,&K1);
	if (rtn != WCC_INVALID_POINT)
	{
	printf("FAILURE Handle invalid PbG2: 51 != %d\n", rtn);
	return 1;
	}

	// Invalid Sender PgG1
	rtn = WCC_ZZZ_SENDER_KEY(HASH_TYPE_ZZZ,&X,&PIA,&PIB,&PbG2,&InvalidG1,&AKeyG1,&IdB,&K1);
	if (rtn != WCC_INVALID_POINT)
	{
	printf("FAILURE Handle invalid PgG1: 51 != %d\n", rtn);
	return 1;
	}

	// Invalid Sender AKeyG1
	rtn = WCC_ZZZ_SENDER_KEY(HASH_TYPE_ZZZ,&X,&PIA,&PIB,&PbG2,&PgG1,&InvalidG1,&IdB,&K1);
	if (rtn != WCC_INVALID_POINT)
	{
	printf("FAILURE Handle invalid AKeyG1: 51 != %d\n", rtn);
	return 1;
	}

	// Invalid Receiver PaG1
	rtn = WCC_ZZZ_RECEIVER_KEY(HASH_TYPE_ZZZ,&Y,&W,&PIA,&PIB,&InvalidG1,&PgG1,&BKeyG2,&IdA,&K2);
	if (rtn != WCC_INVALID_POINT)
	{
	printf("FAILURE Handle invalid PaG1: 51 != %d\n", rtn);
	return 1;
	}

	// Invalid Receiver PgG1
	rtn = WCC_ZZZ_RECEIVER_KEY(HASH_TYPE_ZZZ,&Y,&W,&PIA,&PIB,&PaG1,&InvalidG1,&BKeyG2,&IdA,&K2);
	if (rtn != WCC_INVALID_POINT)
	{
	printf("FAILURE Handle invalid PgG1: 51 != %d\n", rtn);
	return 1;
	}

	// Invalid Receiver BKeyG2
	rtn = WCC_ZZZ_RECEIVER_KEY(HASH_TYPE_ZZZ,&Y,&W,&PIA,&PIB,&PaG1,&PgG1,&InvalidG2,&IdA,&K2);
	if (rtn != WCC_INVALID_POINT)
	{
	printf("FAILURE Handle invalid BKeyG2: 51 != %d\n", rtn);
	return 1;
	}

	KILL_CSPRNG(&RNG);
	printf("SUCCESS! WCC INVALID POINT HANDLING TEST\n");
	return 0;
	}