diff options
author | Stefan Koelbl <kste@google.com> | 2023-06-21 12:20:20 +0000 |
---|---|---|
committer | Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com> | 2023-11-01 23:01:16 +0000 |
commit | f714cb2935906a2f085c3b89d7e206af94627b56 (patch) | |
tree | 7c3af3839c3531fa1305b2ef176bf4f2a8d7560f /tool | |
parent | d2a2913cf8b5913c77570b5b8d734547b3eabaf9 (diff) | |
download | boringssl-f714cb2935906a2f085c3b89d7e206af94627b56.zip boringssl-f714cb2935906a2f085c3b89d7e206af94627b56.tar.gz boringssl-f714cb2935906a2f085c3b89d7e206af94627b56.tar.bz2 |
Add basic C implementation of SPHINCS+-SHA2-128s.
The implementation is based on the current round 3 specification with
the modifications to FORS indices generation suggest on the mailing
list. The implementation passes test vectors and uses the default SHA256 implementation of BoringSSL.
Change-Id: Iab2dbaf5f692d490577dc940d9f3e298a72e9193
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/60965
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
Diffstat (limited to 'tool')
-rw-r--r-- | tool/speed.cc | 129 |
1 files changed, 87 insertions, 42 deletions
diff --git a/tool/speed.cc b/tool/speed.cc index f05be90..942dcad 100644 --- a/tool/speed.cc +++ b/tool/speed.cc @@ -67,6 +67,7 @@ OPENSSL_MSVC_PRAGMA(warning(pop)) #include "../crypto/fipsmodule/ec/internal.h" #include "../crypto/internal.h" #include "../crypto/trust_token/internal.h" +#include "../crypto/spx/internal.h" #include "internal.h" // g_print_json is true if printed output is JSON formatted. @@ -278,7 +279,7 @@ static bool TimeFunctionParallel(TimeResults *results, results->num_calls = 0; results->us = 0; - for (const auto& pair : thread_results) { + for (const auto &pair : thread_results) { if (!pair.ok) { return false; } @@ -305,8 +306,8 @@ static bool SpeedRSA(const std::string &selected) { const uint8_t *key; const size_t key_len; } kRSAKeys[] = { - {"RSA 2048", kDERRSAPrivate2048, kDERRSAPrivate2048Len}, - {"RSA 4096", kDERRSAPrivate4096, kDERRSAPrivate4096Len}, + {"RSA 2048", kDERRSAPrivate2048, kDERRSAPrivate2048Len}, + {"RSA 4096", kDERRSAPrivate4096, kDERRSAPrivate4096Len}, }; for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(kRSAKeys); i++) { @@ -492,7 +493,6 @@ static bool SpeedAEADChunk(const EVP_AEAD *aead, std::string name, OPENSSL_memset(ad.get(), 0, ad_len); auto tag_storage = std::make_unique<uint8_t[]>(overhead_len + kAlignment); - uint8_t *const in = static_cast<uint8_t *>(align_pointer(in_storage.get(), kAlignment)); OPENSSL_memset(in, 0, chunk_len); @@ -947,15 +947,14 @@ static bool SpeedSPAKE2(const std::string &selected) { static const uint8_t kAliceName[] = {'A'}; static const uint8_t kBobName[] = {'B'}; static const uint8_t kPassword[] = "password"; - bssl::UniquePtr<SPAKE2_CTX> alice(SPAKE2_CTX_new(spake2_role_alice, - kAliceName, sizeof(kAliceName), kBobName, - sizeof(kBobName))); + bssl::UniquePtr<SPAKE2_CTX> alice( + SPAKE2_CTX_new(spake2_role_alice, kAliceName, sizeof(kAliceName), + kBobName, sizeof(kBobName))); uint8_t alice_msg[SPAKE2_MAX_MSG_SIZE]; size_t alice_msg_len; if (!SPAKE2_generate_msg(alice.get(), alice_msg, &alice_msg_len, - sizeof(alice_msg), - kPassword, sizeof(kPassword))) { + sizeof(alice_msg), kPassword, sizeof(kPassword))) { fprintf(stderr, "SPAKE2_generate_msg failed.\n"); return false; } @@ -1129,6 +1128,52 @@ static bool SpeedKyber(const std::string &selected) { return true; } +static bool SpeedSpx(const std::string &selected) { + if (!selected.empty() && selected.find("spx") == std::string::npos) { + return true; + } + + TimeResults results; + if (!TimeFunctionParallel(&results, []() -> bool { + uint8_t public_key[32], private_key[64]; + spx_generate_key(public_key, private_key); + return true; + })) { + return false; + } + + results.Print("SPHINCS+-SHA2-128s key generation"); + + uint8_t public_key[32], private_key[64]; + spx_generate_key(public_key, private_key); + static const uint8_t kMessage[] = {0, 1, 2, 3, 4, 5}; + + if (!TimeFunctionParallel(&results, [&private_key]() -> bool { + uint8_t out[SPX_SIGNATURE_BYTES]; + spx_sign(out, private_key, kMessage, sizeof(kMessage), true); + return true; + })) { + return false; + } + + results.Print("SPHINCS+-SHA2-128s signing"); + + uint8_t signature[SPX_SIGNATURE_BYTES]; + spx_sign(signature, private_key, kMessage, sizeof(kMessage), true); + + if (!TimeFunctionParallel(&results, [&public_key, &signature]() -> bool { + return spx_verify(signature, public_key, kMessage, sizeof(kMessage)) == + 1; + })) { + fprintf(stderr, "SPHINCS+-SHA2-128s verify failed.\n"); + return false; + } + + results.Print("SPHINCS+-SHA2-128s verify"); + + return true; +} + static bool SpeedHashToCurve(const std::string &selected) { if (!selected.empty() && selected.find("hashtocurve") == std::string::npos) { return true; @@ -1184,26 +1229,26 @@ static bool SpeedBase64(const std::string &selected) { } static const char kInput[] = - "MIIDtTCCAp2gAwIBAgIJALW2IrlaBKUhMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV" - "BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX" - "aWRnaXRzIFB0eSBMdGQwHhcNMTYwNzA5MDQzODA5WhcNMTYwODA4MDQzODA5WjBF" - "MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50" - "ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB" - "CgKCAQEAugvahBkSAUF1fC49vb1bvlPrcl80kop1iLpiuYoz4Qptwy57+EWssZBc" - "HprZ5BkWf6PeGZ7F5AX1PyJbGHZLqvMCvViP6pd4MFox/igESISEHEixoiXCzepB" - "rhtp5UQSjHD4D4hKtgdMgVxX+LRtwgW3mnu/vBu7rzpr/DS8io99p3lqZ1Aky+aN" - "lcMj6MYy8U+YFEevb/V0lRY9oqwmW7BHnXikm/vi6sjIS350U8zb/mRzYeIs2R65" - "LUduTL50+UMgat9ocewI2dv8aO9Dph+8NdGtg8LFYyTTHcUxJoMr1PTOgnmET19W" - "JH4PrFwk7ZE1QJQQ1L4iKmPeQistuQIDAQABo4GnMIGkMB0GA1UdDgQWBBT5m6Vv" - "zYjVYHG30iBE+j2XDhUE8jB1BgNVHSMEbjBsgBT5m6VvzYjVYHG30iBE+j2XDhUE" - "8qFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV" - "BAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJALW2IrlaBKUhMAwGA1UdEwQF" - "MAMBAf8wDQYJKoZIhvcNAQELBQADggEBAD7Jg68SArYWlcoHfZAB90Pmyrt5H6D8" - "LRi+W2Ri1fBNxREELnezWJ2scjl4UMcsKYp4Pi950gVN+62IgrImcCNvtb5I1Cfy" - "/MNNur9ffas6X334D0hYVIQTePyFk3umI+2mJQrtZZyMPIKSY/sYGQHhGGX6wGK+" - "GO/og0PQk/Vu6D+GU2XRnDV0YZg1lsAsHd21XryK6fDmNkEMwbIWrts4xc7scRrG" - "HWy+iMf6/7p/Ak/SIicM4XSwmlQ8pPxAZPr+E2LoVd9pMpWUwpW2UbtO5wsGTrY5" - "sO45tFNN/y+jtUheB1C2ijObG/tXELaiyCdM+S/waeuv0MXtI4xnn1A="; + "MIIDtTCCAp2gAwIBAgIJALW2IrlaBKUhMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV" + "BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX" + "aWRnaXRzIFB0eSBMdGQwHhcNMTYwNzA5MDQzODA5WhcNMTYwODA4MDQzODA5WjBF" + "MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50" + "ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB" + "CgKCAQEAugvahBkSAUF1fC49vb1bvlPrcl80kop1iLpiuYoz4Qptwy57+EWssZBc" + "HprZ5BkWf6PeGZ7F5AX1PyJbGHZLqvMCvViP6pd4MFox/igESISEHEixoiXCzepB" + "rhtp5UQSjHD4D4hKtgdMgVxX+LRtwgW3mnu/vBu7rzpr/DS8io99p3lqZ1Aky+aN" + "lcMj6MYy8U+YFEevb/V0lRY9oqwmW7BHnXikm/vi6sjIS350U8zb/mRzYeIs2R65" + "LUduTL50+UMgat9ocewI2dv8aO9Dph+8NdGtg8LFYyTTHcUxJoMr1PTOgnmET19W" + "JH4PrFwk7ZE1QJQQ1L4iKmPeQistuQIDAQABo4GnMIGkMB0GA1UdDgQWBBT5m6Vv" + "zYjVYHG30iBE+j2XDhUE8jB1BgNVHSMEbjBsgBT5m6VvzYjVYHG30iBE+j2XDhUE" + "8qFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV" + "BAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJALW2IrlaBKUhMAwGA1UdEwQF" + "MAMBAf8wDQYJKoZIhvcNAQELBQADggEBAD7Jg68SArYWlcoHfZAB90Pmyrt5H6D8" + "LRi+W2Ri1fBNxREELnezWJ2scjl4UMcsKYp4Pi950gVN+62IgrImcCNvtb5I1Cfy" + "/MNNur9ffas6X334D0hYVIQTePyFk3umI+2mJQrtZZyMPIKSY/sYGQHhGGX6wGK+" + "GO/og0PQk/Vu6D+GU2XRnDV0YZg1lsAsHd21XryK6fDmNkEMwbIWrts4xc7scRrG" + "HWy+iMf6/7p/Ak/SIicM4XSwmlQ8pPxAZPr+E2LoVd9pMpWUwpW2UbtO5wsGTrY5" + "sO45tFNN/y+jtUheB1C2ijObG/tXELaiyCdM+S/waeuv0MXtI4xnn1A="; TimeResults results; if (!TimeFunctionParallel(&results, [&]() -> bool { @@ -1549,8 +1594,7 @@ bool Speed(const std::vector<std::string> &args) { char *ptr; unsigned long long val = strtoull(start, &ptr, 10); if (ptr == start /* no numeric characters found */ || - errno == ERANGE /* overflow */ || - static_cast<size_t>(val) != val) { + errno == ERANGE /* overflow */ || static_cast<size_t>(val) != val) { fprintf(stderr, "Error parsing -chunks argument\n"); return false; } @@ -1609,16 +1653,17 @@ bool Speed(const std::vector<std::string> &args) { !SpeedHash(EVP_sha256(), "SHA-256", selected) || !SpeedHash(EVP_sha512(), "SHA-512", selected) || !SpeedHash(EVP_blake2b256(), "BLAKE2b-256", selected) || - !SpeedRandom(selected) || - !SpeedECDH(selected) || - !SpeedECDSA(selected) || - !Speed25519(selected) || - !SpeedSPAKE2(selected) || - !SpeedScrypt(selected) || - !SpeedRSAKeyGen(selected) || - !SpeedHRSS(selected) || - !SpeedKyber(selected) || - !SpeedHashToCurve(selected) || + !SpeedRandom(selected) || // + !SpeedECDH(selected) || // + !SpeedECDSA(selected) || // + !Speed25519(selected) || // + !SpeedSPAKE2(selected) || // + !SpeedScrypt(selected) || // + !SpeedRSAKeyGen(selected) || // + !SpeedHRSS(selected) || // + !SpeedKyber(selected) || // + !SpeedSpx(selected) || // + !SpeedHashToCurve(selected) || // !SpeedTrustToken("TrustToken-Exp1-Batch1", TRUST_TOKEN_experiment_v1(), 1, selected) || !SpeedTrustToken("TrustToken-Exp1-Batch10", TRUST_TOKEN_experiment_v1(), @@ -1631,7 +1676,7 @@ bool Speed(const std::vector<std::string> &args) { TRUST_TOKEN_experiment_v2_pmb(), 1, selected) || !SpeedTrustToken("TrustToken-Exp2PMB-Batch10", TRUST_TOKEN_experiment_v2_pmb(), 10, selected) || - !SpeedBase64(selected) || + !SpeedBase64(selected) || // !SpeedSipHash(selected)) { return false; } |