1 package kyber
2
3
4
5
6 import (
7 "bytes"
8 "crypto/sha256"
9 "fmt"
10 "testing"
11
12 "github.com/cloudflare/circl/internal/nist"
13 "github.com/cloudflare/circl/kem/schemes"
14 )
15
16 func TestPQCgenKATKem(t *testing.T) {
17 kats := []struct {
18 name string
19 want string
20 }{
21
22 {"Kyber1024", "89248f2f33f7f4f7051729111f3049c409a933ec904aedadf035f30fa5646cd5"},
23 {"Kyber768", "a1e122cad3c24bc51622e4c242d8b8acbcd3f618fee4220400605ca8f9ea02c2"},
24 {"Kyber512", "e9c2bd37133fcb40772f81559f14b1f58dccd1c816701be9ba6214d43baf4547"},
25 }
26 for _, kat := range kats {
27 kat := kat
28 t.Run(kat.name, func(t *testing.T) {
29 testPQCgenKATKem(t, kat.name, kat.want)
30 })
31 }
32 }
33
34 func testPQCgenKATKem(t *testing.T, name, expected string) {
35 scheme := schemes.ByName(name)
36 if scheme == nil {
37 t.Fatal()
38 }
39
40 var seed [48]byte
41 kseed := make([]byte, scheme.SeedSize())
42 eseed := make([]byte, scheme.EncapsulationSeedSize())
43 for i := 0; i < 48; i++ {
44 seed[i] = byte(i)
45 }
46 f := sha256.New()
47 g := nist.NewDRBG(&seed)
48 fmt.Fprintf(f, "# %s\n\n", name)
49 for i := 0; i < 100; i++ {
50 g.Fill(seed[:])
51 fmt.Fprintf(f, "count = %d\n", i)
52 fmt.Fprintf(f, "seed = %X\n", seed)
53 g2 := nist.NewDRBG(&seed)
54
55
56
57
58 g2.Fill(kseed[:32])
59 g2.Fill(kseed[32:])
60
61 g2.Fill(eseed)
62 pk, sk := scheme.DeriveKeyPair(kseed)
63 ppk, _ := pk.MarshalBinary()
64 psk, _ := sk.MarshalBinary()
65 ct, ss, _ := scheme.EncapsulateDeterministically(pk, eseed)
66 ss2, _ := scheme.Decapsulate(sk, ct)
67 if !bytes.Equal(ss, ss2) {
68 t.Fatal()
69 }
70 fmt.Fprintf(f, "pk = %X\n", ppk)
71 fmt.Fprintf(f, "sk = %X\n", psk)
72 fmt.Fprintf(f, "ct = %X\n", ct)
73 fmt.Fprintf(f, "ss = %X\n\n", ss)
74 }
75 if fmt.Sprintf("%x", f.Sum(nil)) != expected {
76 t.Fatal()
77 }
78 }
79
View as plain text