From: Andreas Steffen Date: Tue, 17 Nov 2020 18:27:20 +0000 (+0100) Subject: newhope: Removed legacy Newhope key exchange method X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cbd802b3233a9dd53c4642cb357b10eb358e6654;p=thirdparty%2Fstrongswan.git newhope: Removed legacy Newhope key exchange method --- diff --git a/configure.ac b/configure.ac index 17febb898b..209635a0bf 100644 --- a/configure.ac +++ b/configure.ac @@ -152,7 +152,6 @@ ARG_DISBL_SET([kdf], [disable KDF (prf+) implementation plugin.]) ARG_ENABL_SET([md4], [enable MD4 software implementation plugin.]) ARG_DISBL_SET([md5], [disable MD5 software implementation plugin.]) ARG_ENABL_SET([mgf1], [enable the MGF1 software implementation plugin.]) -ARG_ENABL_SET([newhope], [enable New Hope crypto plugin.]) ARG_DISBL_SET([nonce], [disable nonce generation plugin.]) ARG_ENABL_SET([ntru], [enables the NTRU crypto plugin.]) ARG_ENABL_SET([frodo], [enable FrodoKEM Post Quantum Safe plugin.]) @@ -1589,7 +1588,6 @@ ADD_PLUGIN([ntru], [s charon scripts nm cmd]) ADD_PLUGIN([frodo], [s charon scripts nm cmd]) ADD_PLUGIN([oqs], [s charon scripts nm cmd]) ADD_PLUGIN([drbg], [s charon pki scripts nm cmd]) -ADD_PLUGIN([newhope], [s charon scripts nm cmd]) ADD_PLUGIN([curl], [s charon pki scripts nm cmd]) ADD_PLUGIN([files], [s charon pki scripts nm cmd]) ADD_PLUGIN([winhttp], [s charon pki scripts]) @@ -1755,7 +1753,6 @@ AM_CONDITIONAL(USE_CCM, test x$ccm = xtrue) AM_CONDITIONAL(USE_GCM, test x$gcm = xtrue) AM_CONDITIONAL(USE_AF_ALG, test x$af_alg = xtrue) AM_CONDITIONAL(USE_NTRU, test x$ntru = xtrue) -AM_CONDITIONAL(USE_NEWHOPE, test x$newhope = xtrue) AM_CONDITIONAL(USE_DRBG, test x$drbg = xtrue) AM_CONDITIONAL(USE_OQS, test x$oqs = xtrue) AM_CONDITIONAL(USE_FRODO, test x$frodo = xtrue) @@ -1876,7 +1873,6 @@ AM_CONDITIONAL(USE_CONFTEST, test x$conftest = xtrue) AM_CONDITIONAL(USE_LIBSTRONGSWAN, test x$charon = xtrue -o x$pki = xtrue -o x$conftest = xtrue -o x$fast = xtrue -o x$imcv = xtrue -o x$nm = xtrue -o x$tkm = xtrue -o x$cmd = xtrue -o x$tls = xtrue -o x$tnc_tnccs = xtrue -o x$aikgen = xtrue -o x$svc = xtrue -o x$systemd = xtrue) AM_CONDITIONAL(USE_LIBCHARON, test x$charon = xtrue -o x$conftest = xtrue -o x$nm = xtrue -o x$tkm = xtrue -o x$cmd = xtrue -o x$svc = xtrue -o x$systemd = xtrue) AM_CONDITIONAL(USE_LIBIPSEC, test x$libipsec = xtrue) -AM_CONDITIONAL(USE_LIBNTTFFT, test x$newhope = xtrue) AM_CONDITIONAL(USE_LIBTNCIF, test x$tnc_tnccs = xtrue -o x$imcv = xtrue) AM_CONDITIONAL(USE_LIBTNCCS, test x$tnc_tnccs = xtrue) AM_CONDITIONAL(USE_LIBPTTLS, test x$tnc_tnccs = xtrue) @@ -1979,8 +1975,6 @@ AC_CONFIG_FILES([ src/Makefile src/include/Makefile src/libstrongswan/Makefile - src/libstrongswan/math/libnttfft/Makefile - src/libstrongswan/math/libnttfft/tests/Makefile src/libstrongswan/plugins/aes/Makefile src/libstrongswan/plugins/cmac/Makefile src/libstrongswan/plugins/des/Makefile @@ -2038,8 +2032,6 @@ AC_CONFIG_FILES([ src/libstrongswan/plugins/af_alg/Makefile src/libstrongswan/plugins/drbg/Makefile src/libstrongswan/plugins/ntru/Makefile - src/libstrongswan/plugins/newhope/Makefile - src/libstrongswan/plugins/newhope/tests/Makefile src/libstrongswan/plugins/frodo/Makefile src/libstrongswan/plugins/oqs/Makefile src/libstrongswan/plugins/oqs/tests/Makefile diff --git a/src/checksum/Makefile.am b/src/checksum/Makefile.am index 6c1224daca..00fd7aa154 100644 --- a/src/checksum/Makefile.am +++ b/src/checksum/Makefile.am @@ -48,11 +48,6 @@ if USE_RADIUS libs += $(DESTDIR)$(ipseclibdir)/libradius.so endif -if USE_LIBNTTFFT - deps += $(top_builddir)/src/libstrongswan/math/libnttfft/libnttfft.la - libs += $(DESTDIR)$(ipseclibdir)/libnttfft.so -endif - if USE_LIBPTTLS deps += $(top_builddir)/src/libpttls/libpttls.la libs += $(DESTDIR)$(ipseclibdir)/libpttls.so diff --git a/src/libstrongswan/Makefile.am b/src/libstrongswan/Makefile.am index bb0fd5d43f..773a4e7b33 100644 --- a/src/libstrongswan/Makefile.am +++ b/src/libstrongswan/Makefile.am @@ -266,13 +266,6 @@ else SUBDIRS = . endif -# build libnttfft used by some plugins -###################################### - -if USE_LIBNTTFFT - SUBDIRS += math/libnttfft -endif - # build plugins with their own Makefile ####################################### @@ -668,13 +661,6 @@ if MONOLITHIC endif endif -if USE_NEWHOPE - SUBDIRS += plugins/newhope -if MONOLITHIC - libstrongswan_la_LIBADD += plugins/newhope/libstrongswan-newhope.la -endif -endif - if USE_DRBG SUBDIRS += plugins/drbg if MONOLITHIC @@ -712,14 +698,6 @@ endif SUBDIRS += tests -if USE_LIBNTTFFT - SUBDIRS += math/libnttfft/tests -endif - -if USE_NEWHOPE - SUBDIRS += plugins/newhope/tests -endif - if USE_OQS SUBDIRS += plugins/oqs/tests endif diff --git a/src/libstrongswan/crypto/key_exchange.c b/src/libstrongswan/crypto/key_exchange.c index 5cff4ab665..748dc67080 100644 --- a/src/libstrongswan/crypto/key_exchange.c +++ b/src/libstrongswan/crypto/key_exchange.c @@ -56,9 +56,7 @@ ENUM_NEXT(key_exchange_method_names, NTRU_112_BIT, NTRU_256_BIT, MODP_NULL, "NTRU_128", "NTRU_192", "NTRU_256"); -ENUM_NEXT(key_exchange_method_names, NH_128_BIT, NH_128_BIT, NTRU_256_BIT, - "NEWHOPE_128"); -ENUM_NEXT(key_exchange_method_names, KE_KYBER_L1, KE_SIKE_L5, NH_128_BIT, +ENUM_NEXT(key_exchange_method_names, KE_KYBER_L1, KE_SIKE_L5, NTRU_256_BIT, "KYBER_L1", "KYBER_L3", "KYBER_L5", @@ -123,9 +121,7 @@ ENUM_NEXT(key_exchange_method_names_short, NTRU_112_BIT, NTRU_256_BIT, MODP_NULL "ntru128", "ntru192", "ntru256"); -ENUM_NEXT(key_exchange_method_names_short, NH_128_BIT, NH_128_BIT, NTRU_256_BIT, - "newhope128"); -ENUM_NEXT(key_exchange_method_names_short, KE_KYBER_L1, KE_SIKE_L5, NH_128_BIT, +ENUM_NEXT(key_exchange_method_names_short, KE_KYBER_L1, KE_SIKE_L5, NTRU_256_BIT, "kyber1", "kyber3", "kyber5", @@ -768,7 +764,6 @@ bool key_exchange_verify_pubkey(key_exchange_method_t ke, chunk_t value) case NTRU_128_BIT: case NTRU_192_BIT: case NTRU_256_BIT: - case NH_128_BIT: case KE_KYBER_L1: case KE_KYBER_L3: case KE_KYBER_L5: diff --git a/src/libstrongswan/crypto/key_exchange.h b/src/libstrongswan/crypto/key_exchange.h index 91fe372d70..d789e38909 100644 --- a/src/libstrongswan/crypto/key_exchange.h +++ b/src/libstrongswan/crypto/key_exchange.h @@ -73,7 +73,6 @@ enum key_exchange_method_t { NTRU_128_BIT = 1031, NTRU_192_BIT = 1032, NTRU_256_BIT = 1033, - NH_128_BIT = 1040, /** NIST round 3 KEM candidates, in PRIVATE USE */ KE_KYBER_L1 = 1050, KE_KYBER_L3 = 1051, diff --git a/src/libstrongswan/crypto/proposal/proposal.c b/src/libstrongswan/crypto/proposal/proposal.c index 869f08f098..f00134d958 100644 --- a/src/libstrongswan/crypto/proposal/proposal.c +++ b/src/libstrongswan/crypto/proposal/proposal.c @@ -1232,7 +1232,6 @@ static bool proposal_add_supported_ike(private_proposal_t *this, bool aead) case NTRU_128_BIT: case NTRU_192_BIT: case NTRU_256_BIT: - case NH_128_BIT: add_algorithm(this, KEY_EXCHANGE_METHOD, group, 0); break; default: diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords_static.txt b/src/libstrongswan/crypto/proposal/proposal_keywords_static.txt index 3db04cf307..8c3e055967 100644 --- a/src/libstrongswan/crypto/proposal/proposal_keywords_static.txt +++ b/src/libstrongswan/crypto/proposal/proposal_keywords_static.txt @@ -180,7 +180,6 @@ ntru112, KEY_EXCHANGE_METHOD, NTRU_112_BIT, 0 ntru128, KEY_EXCHANGE_METHOD, NTRU_128_BIT, 0 ntru192, KEY_EXCHANGE_METHOD, NTRU_192_BIT, 0 ntru256, KEY_EXCHANGE_METHOD, NTRU_256_BIT, 0 -newhope128, KEY_EXCHANGE_METHOD, NH_128_BIT, 0 kyber1, KEY_EXCHANGE_METHOD, KE_KYBER_L1, 0 kyber3, KEY_EXCHANGE_METHOD, KE_KYBER_L3, 0 kyber5, KEY_EXCHANGE_METHOD, KE_KYBER_L5, 0 diff --git a/src/libstrongswan/math/libnttfft/Makefile.am b/src/libstrongswan/math/libnttfft/Makefile.am deleted file mode 100644 index ec98abeadb..0000000000 --- a/src/libstrongswan/math/libnttfft/Makefile.am +++ /dev/null @@ -1,15 +0,0 @@ -AM_CPPFLAGS = \ - -I$(top_srcdir)/src/libstrongswan - -AM_CFLAGS = \ - @COVERAGE_CFLAGS@ - -AM_LDFLAGS = \ - -no-undefined - -ipseclib_LTLIBRARIES = libnttfft.la - -libnttfft_la_SOURCES = \ - ntt_fft_reduce.h ntt_fft.h ntt_fft.c \ - ntt_fft_params.h ntt_fft_params.c - diff --git a/src/libstrongswan/math/libnttfft/ntt_fft.c b/src/libstrongswan/math/libnttfft/ntt_fft.c deleted file mode 100644 index 2596f3ad6f..0000000000 --- a/src/libstrongswan/math/libnttfft/ntt_fft.c +++ /dev/null @@ -1,208 +0,0 @@ -/* - * Copyright (C) 2014-2016 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "ntt_fft.h" -#include "ntt_fft_reduce.h" - -/** - * Described in header. - */ -void libnttfft_init(void) -{ - /* empty */ -} - -typedef struct private_ntt_fft_t private_ntt_fft_t; - -/** - * Private data structure for ntt_fft_t object - */ -struct private_ntt_fft_t { - - /** - * Public interface. - */ - ntt_fft_t public; - - /** - * FFT parameter set used as constants - */ - const ntt_fft_params_t *p; - -}; - -METHOD(ntt_fft_t, get_size, uint16_t, - private_ntt_fft_t *this) -{ - return this->p->n; -} - -METHOD(ntt_fft_t, get_modulus, uint16_t, - private_ntt_fft_t *this) -{ - return this->p->q; -} - -/** - * Do an FFT butterfly operation - * - * x[i1] ---|+|------- x[i1] - * \/ - * /\ w[iw] - * x[i2] ---|-|--|*|-- x[i2] - * - */ -static void butterfly(private_ntt_fft_t *this, uint32_t *x, int i1,int i2, int iw) -{ - uint32_t xp, xm; - - xp = x[i1] + x[i2]; - xm = x[i1] + (this->p->q - x[i2]); - if (xp >= this->p->q) - { - xp -= this->p->q; - } - x[i1] = xp; - x[i2] = ntt_fft_mreduce(xm * this->p->wr[iw], this->p); -} - -/** - * Trivial butterfly operation of last FFT stage - */ -static void butterfly_last(private_ntt_fft_t *this, uint32_t *x, int i1) -{ - uint32_t xp, xm; - int i2 = i1 + 1; - - xp = x[i1] + x[i2]; - xm = x[i1] + (this->p->q - x[i2]); - if (xp >= this->p->q) - { - xp -= this->p->q; - } - if (xm >= this->p->q) - { - xm -= this->p->q; - } - x[i1] = xp; - x[i2] = xm; -} - -METHOD(ntt_fft_t, transform, void, - private_ntt_fft_t *this, uint32_t *a, uint32_t *b, bool inverse) -{ - int stage, i, j, k, m, n, s, t, iw, i_rev; - uint32_t tmp; - - /* we are going to use the transform size n a lot */ - n = this->p->n; - s = this->p->s; - - if (!inverse) - { - /* apply linear phase needed for negative wrapped convolution */ - for (i = 0; i < n; i++) - { - b[i] = ntt_fft_mreduce(a[i] * this->p->wf[s*i], this->p); - } - } - else if (a != b) - { - /* copy if input and output array are not the same */ - for (i = 0; i < n; i++) - { - b[i] = a[i]; - } - } - - m = n; - k = 1; - - for (stage = this->p->stages; stage > 0; stage--) - { - m >>= 1; - t = 0; - - for (j = 0; j < k; j++) - { - if (stage == 1) - { - butterfly_last(this, b, t); - } - else - { - for (i = 0; i < m; i++) - { - iw = s * (inverse ? (n - i * k) : (i * k)); - butterfly(this, b, t + i, t + i + m, iw); - } - } - t += 2*m; - } - k <<= 1; - } - - /* Sort output in bit-reverse order */ - for (i = 0; i < n; i++) - { - i_rev = this->p->rev[i]; - - if (i_rev > i) - { - tmp = b[i]; - b[i] = b[i_rev]; - b[i_rev] = tmp; - } - } - - /** - * Compensate the linear phase needed for negative wrapped convolution - * and normalize the output array with 1/n mod q after the inverse FFT. - */ - if (inverse) - { - for (i = 0; i < n; i++) - { - b[i] = ntt_fft_mreduce(b[i] * this->p->wi[i], this->p); - } - } -} - -METHOD(ntt_fft_t, destroy, void, - private_ntt_fft_t *this) -{ - free(this); -} - -/** - * See header. - */ -ntt_fft_t *ntt_fft_create(const ntt_fft_params_t *params) -{ - private_ntt_fft_t *this; - - INIT(this, - .public = { - .get_size = _get_size, - .get_modulus = _get_modulus, - .transform = _transform, - .destroy = _destroy, - }, - .p = params, - ); - - return &this->public; -} diff --git a/src/libstrongswan/math/libnttfft/ntt_fft.h b/src/libstrongswan/math/libnttfft/ntt_fft.h deleted file mode 100644 index 3f347b1a23..0000000000 --- a/src/libstrongswan/math/libnttfft/ntt_fft.h +++ /dev/null @@ -1,80 +0,0 @@ -/* - * Copyright (C) 2014 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup ntt_p libnttfft - * - * @defgroup ntt_fft ntt_fft - * @{ @ingroup ntt_p - */ - -#ifndef NTT_FFT_H_ -#define NTT_FFT_H_ - -#include "ntt_fft_params.h" - -#include - -typedef struct ntt_fft_t ntt_fft_t; - -/** - * Implements a Number Theoretic Transform (NTT) via the FFT algorithm - */ -struct ntt_fft_t { - - /** - * Get the size of the Number Theoretic Transform - * - * @result Transform size - */ - uint16_t (*get_size)(ntt_fft_t *this); - - /** - * Get the prime modulus of the Number Theoretic Transform - * - * @result Prime modulus - */ - uint16_t (*get_modulus)(ntt_fft_t *this); - - /** - * Compute the [inverse] NTT of a polynomial - * - * @param a Coefficient of input polynomial - * @param b Coefficient of output polynomial - * @param inverse TRUE if the inverse NTT has to be computed - */ - void (*transform)(ntt_fft_t *this, uint32_t *a, uint32_t *b, bool inverse); - - /** - * Destroy ntt_fft_t object - */ - void (*destroy)(ntt_fft_t *this); -}; - -/** - * Create a ntt_fft_t object for a given FFT parameter set - * - * @param params FFT parameters - */ -ntt_fft_t *ntt_fft_create(const ntt_fft_params_t *params); - -/** - * Dummy libnttfft initialization function needed for integrity test - */ -void libnttfft_init(void); - - -#endif /** NTT_FFT_H_ @}*/ diff --git a/src/libstrongswan/math/libnttfft/ntt_fft_params.c b/src/libstrongswan/math/libnttfft/ntt_fft_params.c deleted file mode 100644 index 8d5a5a353b..0000000000 --- a/src/libstrongswan/math/libnttfft/ntt_fft_params.c +++ /dev/null @@ -1,653 +0,0 @@ -/* - * Copyright (C) 2014-2016 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "ntt_fft_params.h" - -/** - * FFT twiddle factors in Montgomery form for q = 12289 and n = 1024 - */ -static const uint16_t wr_12289_1024[] = { - 4075, 3051, 2031, 1207, 9987, 10092, 2948, 9273, 11973, 9094, - 3202, 9430, 7377, 5092, 3728, 10626, 4536, 1062, 2882, 6039, - 975, 10908, 6065, 2249, 11889, 4978, 10431, 7270, 12138, 4890, - 6119, 4895, 6364, 4611, 4737, 10911, 6212, 9452, 8455, 8758, - 11316, 1479, 11026, 11847, 2920, 7901, 6190, 8374, 4789, 1170, - 8174, 7278, 241, 11809, 1058, 2686, 8724, 9650, 5868, 4885, - 5874, 5179, 7991, 10600, 3262, 81, 3969, 10146, 5594, 3748, - 11606, 3400, 6843, 3504, 11939, 7428, 7591, 3289, 1404, 7351, - 3818, 2747, 11713, 8643, 5681, 8011, 11580, 2126, 5862, 4591, - 3757, 12047, 431, 8830, 2555, 2305, 2344, 4255, 11871, 4096, - - 4080, 3296, 1747, 11869, 3998, 11567, 1489, 11516, 11279, 11955, - 8212, 9140, 5456, 9275, 12071, 1607, 5009, 11950, 7967, 9424, - 7083, 2975, 10596, 3066, 2766, 355, 5106, 4414, 7373, 4896, - 6413, 7012, 11785, 12171, 6507, 11618, 3988, 11077, 2057, 2481, - 10968, 9005, 11130, 4654, 6844, 3553, 2051, 2187, 8851, 3584, - 3570, 2884, 6137, 5777, 426, 8585, 2839, 3932, 8333, 2780, - 1041, 1853, 4774, 435, 9026, 12159, 5919, 7384, 5435, 8246, - 10806, 1067, 3127, 5755, 11637, 4919, 7540, 790, 1843, 4284, - 1003, 12280, 11848, 2969, 10302, 949, 9634, 5084, 3336, 3707, - 9597, 3271, 522, 1000, 12133, 4645, 6403, 6522, 64, 3136, - - 6196, 8668, 6906, 6591, 3445, 9048, 948, 9585, 2683, 8577, - 2447, 9302, 1105, 4989, 10970, 9103, 3643, 6461, 9364, 4143, - 6383, 5542, 1200, 9644, 5574, 2768, 453, 9908, 6221, 9893, - 5486, 10745, 10367, 4134, 5942, 8511, 11502, 10593, 2919, 7852, - 3789, 1326, 3529, 875, 6008, 11745, 10211, 8779, 56, 2744, - 11566, 1440, 9115, 4231, 10695, 7917, 6974, 9923, 6956, 9041, - 605, 5067, 2503, 12046, 382, 6429, 7796, 1045, 2049, 2089, - 4049, 1777, 1050, 2294, 1805, 2422, 8077, 2525, 835, 4048, - 1728, 10938, 7535, 545, 2127, 5911, 6992, 10805, 1018, 726, - 10996, 10377, 4624, 5374, 5257, 11813, 1254, 1, 49, 2401, - - 7048, 1260, 295, 2166, 7822, 2319, 3030, 1002, 12231, 9447, - 8210, 9042, 654, 7468, 9551, 1017, 677, 8595, 3329, 3364, - 5079, 3091, 3991, 11224, 9260, 11336, 2459, 9890, 5339, 3542, - 1512, 354, 5057, 2013, 325, 3636, 6118, 4846, 3963, 9852, - 3477, 10616, 4046, 1630, 6136, 5728, 10314, 1537, 1579, 3637, - 6167, 7247, 11011, 11112, 3772, 493, 11868, 3949, 9166, 6730, - 10256, 10984, 9789, 390, 6821, 2426, 8273, 12129, 4449, 9088, - 2908, 7313, 1956, 9821, 1958, 9919, 6760, 11726, 9280, 27, - 1323, 3382, 5961, 9442, 7965, 9326, 2281, 1168, 8076, 2476, - 10723, 9289, 468, 10643, 5369, 5012, 12097, 2881, 5990, 10863, - - 3860, 4805, 1954, 9723, 9445, 8112, 4240, 11136, 4948, 8961, - 8974, 9611, 3957, 9558, 1360, 5195, 8775, 12149, 5429, 7952, - 8689, 7935, 7856, 3985, 10930, 7143, 5915, 7188, 8120, 4632, - 5766, 12176, 6752, 11334, 2361, 5088, 3532, 1022, 922, 8311, - 1702, 9664, 6554, 1632, 6234, 10530, 12121, 4057, 2169, 7969, - 9522, 11885, 4782, 827, 3656, 7098, 3710, 9744, 10474, 9377, - 4780, 729, 11143, 5291, 1190, 9154, 6142, 6022, 142, 6958, - 9139, 5407, 6874, 5023, 347, 4714, 9784, 145, 7105, 4053, - 1973, 10654, 5908, 6845, 3602, 4452, 9235, 10111, 3879, 5736, - 10706, 8456, 8807, 1428, 8527, 12286, 12142, 5086, 3434, 8509, - - 11404, 5791, 1112, 5332, 3199, 9283, 174, 8526, 12237, 9741, - 10327, 2174, 8214, 9238, 10258, 11082, 2302, 2197, 9341, 3016, - 316, 3195, 9087, 2859, 4912, 7197, 8561, 1663, 7753, 11227, - 9407, 6250, 11314, 1381, 6224, 10040, 400, 7311, 1858, 5019, - 151, 7399, 6170, 7394, 5925, 7678, 7552, 1378, 6077, 2837, - 3834, 3531, 973, 10810, 1263, 442, 9369, 4388, 6099, 3915, - 7500, 11119, 4115, 5011, 12048, 480, 11231, 9603, 3565, 2639, - 6421, 7404, 6415, 7110, 4298, 1689, 9027, 12208, 8320, 2143, - 6695, 8541, 683, 8889, 5446, 8785, 350, 4861, 4698, 9000, - 10885, 4938, 8471, 9542, 576, 3646, 6608, 4278, 709, 10163, - - 6427, 7698, 8532, 242, 11858, 3459, 9734, 9984, 9945, 8034, - 418, 8193, 8209, 8993, 10542, 420, 8291, 722, 10800, 773, - 1010, 334, 4077, 3149, 6833, 3014, 218, 10682, 7280, 339, - 4322, 2865, 5206, 9314, 1693, 9223, 9523, 11934, 7183, 7875, - 4916, 7393, 5876, 5277, 504, 118, 5782, 671, 8301, 1212, - 10232, 9808, 1321, 3284, 1159, 7635, 5445, 8736, 10238, 10102, - 3438, 8705, 8719, 9405, 6152, 6512, 11863, 3704, 9450, 8357, - 3956, 9509, 11248, 10436, 7515, 11854, 3263, 130, 6370, 4905, - 6854, 4043, 1483, 11222, 9162, 6534, 652, 7370, 4749, 11499, - 10446, 8005, 11286, 9, 441, 9320, 1987, 11340, 2655, 7205, - - 8953, 8582, 2692, 9018, 11767, 11289, 156, 7644, 5886, 5767, - 12225, 9153, 6093, 3621, 5383, 5698, 8844, 3241, 11341, 2704, - 9606, 3712, 9842, 2987, 11184, 7300, 1319, 3186, 8646, 5828, - 2925, 8146, 5906, 6747, 11089, 2645, 6715, 9521, 11836, 2381, - 6068, 2396, 6803, 1544, 1922, 8155, 6347, 3778, 787, 1696, - 9370, 4437, 8500, 10963, 8760, 11414, 6281, 544, 2078, 3510, - 12233, 9545, 723, 10849, 3174, 8058, 1594, 4372, 5315, 2366, - 5333, 3248, 11684, 7222, 9786, 243, 11907, 5860, 4493, 11244, - 10240, 10200, 8240, 10512, 11239, 9995, 10484, 9867, 4212, 9764, - 11454, 8241, 10561, 1351, 4754, 11744, 10162, 6378, 5297, 1484, - - 11271, 11563, 1293, 1912, 7665, 6915, 7032, 476, 11035, 12288, - 12240, 9888, 5241, 11029, 11994, 10123, 4467, 9970, 9259, 11287, - 58, 2842, 4079, 3247, 11635, 4821, 2738, 11272, 11612, 3694, - 8960, 8925, 7210, 9198, 8298, 1065, 3029, 953, 9830, 2399, - 6950, 8747, 10777, 11935, 7232, 10276, 11964, 8653, 6171, 7443, - 8326, 2437, 8812, 1673, 8243, 10659, 6153, 6561, 1975, 10752, - 10710, 8652, 6122, 5042, 1278, 1177, 8517, 11796, 421, 8340, - 3123, 5559, 2033, 1305, 2500, 11899, 5468, 9863, 4016, 160, - 7840, 3201, 9381, 4976, 10333, 2468, 10331, 2370, 5529, 563, - 3009, 12262, 10966, 8907, 6328, 2847, 4324, 2963, 10008, 11121, - - 4213, 9813, 1566, 3000, 11821, 1646, 6920, 7277, 192, 9408, - 6299, 1426, 8429, 7484, 10335, 2566, 2844, 4177, 8049, 1153, - 7341, 3328, 3315, 2678, 8332, 2731, 10929, 7094, 3514, 140, - 6860, 4337, 3600, 4354, 4433, 8304, 1359, 5146, 6374, 5101, - 4169, 7657, 6523, 113, 5537, 955, 9928, 7201, 8757, 11267, - 11367, 3978, 10587, 2625, 5735, 10657, 6055, 1759, 168, 8232, - 10120, 4320, 2767, 404, 7507, 11462, 8633, 5191, 8579, 2545, - 1815, 2912, 7509, 11560, 1146, 6998, 11099, 3135, 6147, 6267, - 12147, 5331, 3150, 6882, 5415, 7266, 11942, 7575, 2505, 12144, - 5184, 8236, 10316, 1635, 6381, 5444, 8687, 7837, 3054, 2178, - - 8410, 6553, 1583, 3833, 3482, 10861, 3762, 3, 147, 7203, - 8855, 3780, 885, 6498, 11177, 6957, 9090, 3006, 12115, 3763, - 52, 2548, 1962, 10115, 4075 -}; - -/** - * FFT phase shift in forward transform for q = 12289 and n = 1024 - */ -static const uint16_t wf_12289_1024[] = { - 3186, 10013, 8646, 11366, 5828, 3929, 2925, 8186, 8146, 7866, - 5906, 4475, 6747, 10362, 11089, 3889, 2645, 6226, 6715, 10138, - 9521, 5202, 11836, 9118, 2381, 4378, 6068, 5609, 2396, 4483, - 6803, 10754, 1544, 10808, 1922, 1165, 8155, 7929, 6347, 7562, - 3778, 1868, 787, 5509, 1696, 11872, 9370, 4145, 4437, 6481, - 8500, 10344, 10963, 3007, 8760, 12164, 11414, 6164, 6281, 7100, - 544, 3808, 2078, 2257, 3510, 12281, 12233, 11897, 9545, 5370, - 723, 5061, 10849, 2209, 3174, 9929, 8058, 7250, 1594, 11158, - 4372, 6026, 5315, 338, 2366, 4273, 5333, 464, 3248, 10447, - 11684, 8054, 7222, 1398, 9786, 7057, 243, 1701, 11907, 9615, - - 5860, 4153, 4493, 6873, 11244, 4974, 10240, 10235, 10200, 9955, - 8240, 8524, 10512, 12139, 11239, 4939, 9995, 8520, 10484, 11943, - 9867, 7624, 4212, 4906, 9764, 6903, 11454, 6444, 8241, 8531, - 10561, 193, 1351, 9457, 4754, 8700, 11744, 8474, 10162, 9689, - 6378, 7779, 5297, 212, 1484, 10388, 11271, 5163, 11563, 7207, - 1293, 9051, 1912, 1095, 7665, 4499, 6915, 11538, 7032, 68, - 476, 3332, 11035, 3511, 12288, 12282, 12240, 11946, 9888, 7771, - 5241, 12109, 11029, 3469, 11994, 10224, 10123, 9416, 4467, 6691, - 9970, 8345, 9259, 3368, 11287, 5275, 58, 406, 2842, 7605, - 4079, 3975, 3247, 10440, 11635, 7711, 4821, 9169, 2738, 6877, - - 11272, 5170, 11612, 7550, 3694, 1280, 8960, 1275, 8925, 1030, - 7210, 1314, 9198, 2941, 8298, 8930, 1065, 7455, 3029, 8914, - 953, 6671, 9830, 7365, 2399, 4504, 6950, 11783, 8747, 12073, - 10777, 1705, 11935, 9811, 7232, 1468, 10276, 10487, 11964, 10014, - 8653, 11415, 6171, 6330, 7443, 2945, 8326, 9126, 2437, 4770, - 8812, 239, 1673, 11711, 8243, 8545, 10659, 879, 6153, 6204, - 6561, 9060, 1975, 1536, 10752, 1530, 10710, 1236, 8652, 11408, - 6122, 5987, 5042, 10716, 1278, 8946, 1177, 8239, 8517, 10463, - 11796, 8838, 421, 2947, 8340, 9224, 3123, 9572, 5559, 2046, - 2033, 1942, 1305, 9135, 2500, 5211, 11899, 9559, 5468, 1409, - - 9863, 7596, 4016, 3534, 160, 1120, 7840, 5724, 3201, 10118, - 9381, 4222, 4976, 10254, 10333, 10886, 2468, 4987, 10331, 10872, - 2370, 4301, 5529, 1836, 563, 3941, 3009, 8774, 12262, 12100, - 10966, 3028, 8907, 904, 6328, 7429, 2847, 7640, 4324, 5690, - 2963, 8452, 10008, 8611, 11121, 4113, 4213, 4913, 9813, 7246, - 1566, 10962, 3000, 8711, 11821, 9013, 1646, 11522, 6920, 11573, - 7277, 1783, 192, 1344, 9408, 4411, 6299, 7226, 1426, 9982, - 8429, 9847, 7484, 3232, 10335, 10900, 2566, 5673, 2844, 7619, - 4177, 4661, 8049, 7187, 1153, 8071, 7341, 2231, 3328, 11007, - 3315, 10916, 2678, 6457, 8332, 9168, 2731, 6828, 10929, 2769, - - 7094, 502, 3514, 20, 140, 980, 6860, 11153, 4337, 5781, - 3600, 622, 4354, 5900, 4433, 6453, 8304, 8972, 1359, 9513, - 5146, 11444, 6374, 7751, 5101, 11129, 4169, 4605, 7657, 4443, - 6523, 8794, 113, 791, 5537, 1892, 955, 6685, 9928, 8051, - 7201, 1251, 8757, 12143, 11267, 5135, 11367, 5835, 3978, 3268, - 10587, 375, 2625, 6086, 5735, 3278, 10657, 865, 6055, 5518, - 1759, 24, 168, 1176, 8232, 8468, 10120, 9395, 4320, 5662, - 2767, 7080, 404, 2828, 7507, 3393, 11462, 6500, 8633, 11275, - 5191, 11759, 8579, 10897, 2545, 5526, 1815, 416, 2912, 8095, - 7509, 3407, 11560, 7186, 1146, 8022, 6998, 12119, 11099, 3959, - - 3135, 9656, 6147, 6162, 6267, 7002, 12147, 11295, 5331, 450, - 3150, 9761, 6882, 11307, 5415, 1038, 7266, 1706, 11942, 9860, - 7575, 3869, 2505, 5246, 12144, 11274, 5184, 11710, 8236, 8496, - 10316, 10767, 1635, 11445, 6381, 7800, 5444, 1241, 8687, 11653, - 7837, 5703, 3054, 9089, 2178, 2957, 8410, 9714, 6553, 9004, - 1583, 11081, 3833, 2253, 3482, 12085, 10861, 2293, 3762, 1756, - 3, 21, 147, 1029, 7203, 1265, 8855, 540, 3780, 1882, - 885, 6195, 6498, 8619, 11177, 4505, 6957, 11832, 9090, 2185, - 3006, 8753, 12115, 11071, 3763, 1763, 52, 364, 2548, 5547, - 1962, 1445, 10115, 9360, 4075, 3947, 3051, 9068, 2031, 1928, - - 1207, 8449, 9987, 8464, 10092, 9199, 2948, 8347, 9273, 3466, - 11973, 10077, 9094, 2213, 3202, 10125, 9430, 4565, 7377, 2483, - 5092, 11066, 3728, 1518, 10626, 648, 4536, 7174, 1062, 7434, - 2882, 7885, 6039, 5406, 975, 6825, 10908, 2622, 6065, 5588, - 2249, 3454, 11889, 9489, 4978, 10268, 10431, 11572, 7270, 1734, - 12138, 11232, 4890, 9652, 6119, 5966, 4895, 9687, 6364, 7681, - 4611, 7699, 4737, 8581, 10911, 2643, 6212, 6617, 9452, 4719, - 8455, 10029, 8758, 12150, 11316, 5478, 1479, 10353, 11026, 3448, - 11847, 9195, 2920, 8151, 7901, 6151, 6190, 6463, 8374, 9462, - 4789, 8945, 1170, 8190, 8174, 8062, 7278, 1790, 241, 1687, - - 11809, 8929, 1058, 7406, 2686, 6513, 8724, 11912, 9650, 6105, - 5868, 4209, 4885, 9617, 5874, 4251, 5179, 11675, 7991, 6781, - 10600, 466, 3262, 10545, 81, 567, 3969, 3205, 10146, 9577, - 5594, 2291, 3748, 1658, 11606, 7508, 3400, 11511, 6843, 11034, - 3504, 12239, 11939, 9839, 7428, 2840, 7591, 3981, 3289, 10734, - 1404, 9828, 7351, 2301, 3818, 2148, 2747, 6940, 11713, 8257, - 8643, 11345, 5681, 2900, 8011, 6921, 11580, 7326, 2126, 2593, - 5862, 4167, 4591, 7559, 3757, 1721, 12047, 10595, 431, 3017, - 8830, 365, 2555, 5596, 2305, 3846, 2344, 4119, 4255, 5207, - 11871, 9363, 4096, 4094, 4080, 3982, 3296, 10783, 1747, 12229, - - 11869, 9349, 3998, 3408, 11567, 7235, 1489, 10423, 11516, 6878, - 11279, 5219, 11955, 9951, 8212, 8328, 9140, 2535, 5456, 1325, - 9275, 3480, 12071, 10763, 1607, 11249, 5009, 10485, 11950, 9916, - 7967, 6613, 9424, 4523, 7083, 425, 2975, 8536, 10596, 438, - 3066, 9173, 2766, 7073, 355, 2485, 5106, 11164, 4414, 6320, - 7373, 2455, 4896, 9694, 6413, 8024, 7012, 12217, 11785, 8761, - 12171, 11463, 6507, 8682, 11618, 7592, 3988, 3338, 11077, 3805, - 2057, 2110, 2481, 5078, 10968, 3042, 9005, 1590, 11130, 4176, - 4654, 8000, 6844, 11041, 3553, 293, 2051, 2068, 2187, 3020, - 8851, 512, 3584, 510, 3570, 412, 2884, 7899, 6137, 6092, - - 5777, 3572, 426, 2982, 8585, 10939, 2839, 7584, 3932, 2946, - 8333, 9175, 2780, 7171, 1041, 7287, 1853, 682, 4774, 8840, - 435, 3045, 9026, 1737, 12159, 11379, 5919, 4566, 7384, 2532, - 5435, 1178, 8246, 8566, 10806, 1908, 1067, 7469, 3127, 9600, - 5755, 3418, 11637, 7725, 4919, 9855, 7540, 3624, 790, 5530, - 1843, 612, 4284, 5410, 1003, 7021, 12280, 12226, 11848, 9202, - 2969, 8494, 10302, 10669, 949, 6643, 9634, 5993, 5084, 11010, - 3336, 11063, 3707, 1371, 9597, 5734, 3271, 10608, 522, 3654, - 1000, 7000, 12133, 11197, 4645, 7937, 6403, 7954, 6522, 8787, - 64, 448, 3136, 9663, 6196, 6505, 8668, 11520, 6906, 11475, - - 6591, 9270, 3445, 11826, 9048, 1891, 948, 6636, 9585, 5650, - 2683, 6492, 8577, 10883, 2447, 4840, 9302, 3669, 1105, 7735, - 4989, 10345, 10970, 3056 -}; - -/** - * FFT phase shift and scaling inverse transform for q = 12289 and n = 1024 - */ -static const uint16_t wi_12289_1024[] = { - 12277, 5265, 9530, 3117, 5712, 816, 10650, 3277, 9246, 4832, - 5957, 851, 10655, 10300, 3227, 461, 3577, 511, 73, 1766, - 5519, 2544, 2119, 7325, 2802, 5667, 11343, 3376, 5749, 6088, - 7892, 2883, 3923, 2316, 3842, 4060, 580, 3594, 2269, 9102, - 6567, 9716, 1388, 5465, 7803, 8137, 2918, 3928, 9339, 10112, - 11978, 10489, 3254, 3976, 568, 8859, 11799, 12219, 12279, 10532, - 12038, 8742, 4760, 680, 8875, 4779, 7705, 8123, 2916, 10950, - 6831, 4487, 641, 10625, 5029, 2474, 2109, 5568, 2551, 2120, - 3814, 4056, 2335, 10867, 3308, 11006, 6839, 977, 10673, 8547, - 1221, 1930, 7298, 11576, 8676, 2995, 3939, 7585, 11617, 12193, - - 5253, 2506, 358, 8829, 6528, 11466, 1638, 234, 1789, 10789, - 6808, 11506, 8666, 1238, 3688, 4038, 4088, 584, 1839, 7285, - 8063, 4663, 9444, 10127, 8469, 4721, 2430, 9125, 11837, 1691, - 10775, 6806, 6239, 6158, 7902, 4640, 4174, 5863, 11371, 3380, - 3994, 11104, 6853, 979, 3651, 11055, 6846, 978, 7162, 9801, - 10178, 1454, 7230, 4544, 9427, 8369, 11729, 12209, 10522, 10281, - 8491, 1213, 5440, 9555, 1365, 195, 3539, 11039, 1577, 5492, - 11318, 5128, 11266, 3365, 7503, 4583, 7677, 8119, 4671, 5934, - 7870, 6391, 913, 1886, 2025, 5556, 7816, 11650, 6931, 9768, - 3151, 9228, 6585, 7963, 11671, 6934, 11524, 6913, 11521, 5157, - - 7759, 2864, 9187, 3068, 5705, 815, 1872, 2023, 289, 5308, - 6025, 7883, 9904, 4926, 7726, 8126, 4672, 2423, 9124, 3059, - 437, 1818, 7282, 6307, 901, 7151, 11555, 8673, 1239, 177, - 5292, 756, 108, 1771, 253, 8814, 10037, 4945, 2462, 7374, - 2809, 5668, 7832, 4630, 2417, 5612, 7824, 8140, 4674, 7690, - 11632, 8684, 11774, 1682, 5507, 7809, 11649, 10442, 8514, 6483, - 9704, 6653, 2706, 10920, 1560, 3734, 2289, 327, 7069, 4521, - 4157, 4105, 2342, 10868, 12086, 12260, 3507, 501, 10605, 1515, - 1972, 7304, 2799, 3911, 7581, 1083, 7177, 6292, 4410, 630, - 90, 3524, 2259, 7345, 6316, 6169, 6148, 6145, 4389, 627, - - 10623, 12051, 12255, 8773, 6520, 2687, 3895, 2312, 5597, 11333, - 1619, 5498, 2541, 363, 3563, 509, 7095, 11547, 12183, 3496, - 2255, 9100, 1300, 7208, 8052, 6417, 7939, 9912, 1416, 5469, - 6048, 864, 1879, 2024, 9067, 6562, 2693, 7407, 9836, 10183, - 8477, 1211, 173, 7047, 8029, 1147, 3675, 525, 75, 7033, - 8027, 8169, 1167, 7189, 1027, 7169, 9802, 6667, 2708, 3898, - 4068, 9359, 1337, 191, 5294, 6023, 2616, 7396, 11590, 8678, - 8262, 6447, 921, 10665, 12057, 3478, 4008, 11106, 12120, 3487, - 9276, 10103, 6710, 11492, 8664, 8260, 1180, 10702, 5040, 720, - 3614, 5783, 9604, 1372, 196, 28, 4, 10534, 5016, 11250, - - 10385, 12017, 8739, 3004, 9207, 6582, 6207, 7909, 4641, 663, - 7117, 8039, 2904, 3926, 4072, 7604, 6353, 11441, 3390, 5751, - 11355, 10400, 8508, 2971, 2180, 2067, 5562, 11328, 6885, 11517, - 6912, 2743, 3903, 11091, 3340, 9255, 10100, 4954, 7730, 6371, - 9688, 1384, 7220, 2787, 9176, 4822, 4200, 600, 7108, 2771, - 3907, 9336, 8356, 8216, 8196, 4682, 4180, 9375, 6606, 7966, - 1138, 10696, 1528, 5485, 11317, 8639, 10012, 6697, 7979, 4651, - 2420, 7368, 11586, 10433, 3246, 7486, 2825, 10937, 3318, 474, - 7090, 4524, 5913, 7867, 4635, 9440, 11882, 3453, 5760, 4334, - 9397, 3098, 10976, 1568, 224, 32, 10538, 3261, 3977, 9346, - - 10113, 8467, 11743, 12211, 3500, 500, 1827, 261, 5304, 7780, - 2867, 10943, 6830, 7998, 11676, 1668, 5505, 2542, 9141, 4817, - 9466, 6619, 11479, 5151, 4247, 7629, 4601, 5924, 6113, 6140, - 9655, 6646, 2705, 2142, 306, 7066, 2765, 395, 1812, 3770, - 11072, 8604, 10007, 11963, 1709, 9022, 4800, 7708, 9879, 6678, - 954, 5403, 4283, 4123, 589, 8862, 1266, 3692, 2283, 9104, - 11834, 12224, 7013, 4513, 7667, 6362, 4420, 2387, 341, 7071, - 9788, 6665, 9730, 1390, 10732, 10311, 1473, 1966, 3792, 7564, - 11614, 10437, 1491, 213, 1786, 9033, 3046, 9213, 10094, 1442, - 206, 1785, 255, 1792, 256, 10570, 1510, 7238, 1034, 7170, - - 6291, 7921, 11665, 3422, 4000, 2327, 2088, 5565, 795, 10647, - 1521, 5484, 2539, 7385, 1055, 7173, 8047, 11683, 1669, 1994, - 3796, 5809, 4341, 9398, 11876, 12230, 10525, 12037, 12253, 3506, - 4012, 9351, 4847, 2448, 7372, 9831, 3160, 2207, 5582, 2553, - 7387, 6322, 9681, 1383, 10731, 1533, 219, 5298, 4268, 7632, - 6357, 9686, 8406, 4712, 9451, 10128, 4958, 5975, 11387, 8649, - 11769, 6948, 11526, 12180, 1740, 10782, 6807, 2728, 7412, 4570, - 4164, 4106, 11120, 12122, 8754, 11784, 3439, 5758, 11356, 6889, - 9762, 11928, 1704, 1999, 10819, 12079, 12259, 7018, 11536, 1648, - 1991, 2040, 2047, 2048, 10826, 12080, 8748, 8272, 8204, 1172, - - 1923, 7297, 2798, 7422, 6327, 4415, 7653, 6360, 11442, 12168, - 7005, 8023, 9924, 8440, 8228, 2931, 7441, 1063, 3663, 5790, - 9605, 10150, 1450, 8985, 11817, 10466, 10273, 12001, 3470, 7518, - 1074, 1909, 7295, 9820, 4914, 702, 5367, 7789, 8135, 9940, - 1420, 3714, 11064, 12114, 12264, 1752, 5517, 9566, 11900, 1700, - 3754, 5803, 829, 1874, 7290, 2797, 10933, 5073, 7747, 8129, - 6428, 6185, 11417, 1631, 233, 5300, 9535, 10140, 11982, 8734, - 8270, 2937, 10953, 8587, 8249, 2934, 9197, 4825, 5956, 4362, - 9401, 1343, 3703, 529, 10609, 12049, 6988, 6265, 895, 3639, - 4031, 4087, 4095, 585, 10617, 8539, 4731, 4187, 9376, 3095, - - 9220, 10095, 10220, 1460, 10742, 12068, 1724, 5513, 11321, 6884, - 2739, 5658, 6075, 4379, 11159, 10372, 8504, 4726, 9453, 3106, - 7466, 11600, 10435, 8513, 9994, 8450, 9985, 3182, 10988, 8592, - 2983, 9204, 4826, 2445, 5616, 6069, 867, 3635, 5786, 11360, - 5134, 2489, 10889, 12089, 1727, 7269, 2794, 9177, 1311, 5454, - 9557, 6632, 2703, 9164, 10087, 1441, 3717, 531, 3587, 2268, - 324, 5313, 759, 1864, 5533, 2546, 7386, 9833, 8427, 4715, - 11207, 1601, 7251, 4547, 11183, 12131, 1733, 10781, 10318, 1474, - 10744, 5046, 4232, 11138, 10369, 6748, 964, 7160, 4534, 7670, - 8118, 8182, 4680, 11202, 6867, 981, 8918, 1274, 182, 26, - - 7026, 8026, 11680, 12202, 10521, 1503, 7237, 4545, 5916, 9623, - 8397, 11733, 10454, 3249, 9242, 6587, 941, 1890, 270, 10572, - 6777, 9746, 6659, 6218, 6155, 6146, 878, 1881, 7291, 11575, - 12187, 1741, 7271, 8061, 11685, 6936, 4502, 9421, 4857, 4205, - 7623, 1089, 10689, 1527, 8996, 10063, 11971, 10488, 6765, 2722, - 3900, 9335, 11867, 6962, 11528, 5158, 4248, 4118, 5855, 2592, - 5637, 6072, 2623, 7397, 8079, 9932, 4930, 5971, 853, 3633, - 519, 8852, 11798, 3441, 11025, 1575, 225, 8810, 11792, 12218, - 3501, 9278, 3081, 9218, 4828, 7712, 8124, 11694, 12204, 3499, - 4011, 573, 3593, 5780, 7848, 9899, 10192, 1456, 208, 7052, - - 2763, 7417, 11593, 10434, 12024, 8740, 11782, 10461, 3250, 5731, - 7841, 9898, 1414, 202, 3540, 7528, 2831, 2160, 10842, 5060, - 4234, 4116, 588, 84 -}; - -/** - * Bit-reversed indices for n = 1024 - */ -static const uint16_t rev_1024[] = { - 0, 512, 256, 768, 128, 640, 384, 896, 64, 576, - 320, 832, 192, 704, 448, 960, 32, 544, 288, 800, - 160, 672, 416, 928, 96, 608, 352, 864, 224, 736, - 480, 992, 16, 528, 272, 784, 144, 656, 400, 912, - 80, 592, 336, 848, 208, 720, 464, 976, 48, 560, - 304, 816, 176, 688, 432, 944, 112, 624, 368, 880, - 240, 752, 496, 1008, 8, 520, 264, 776, 136, 648, - 392, 904, 72, 584, 328, 840, 200, 712, 456, 968, - 40, 552, 296, 808, 168, 680, 424, 936, 104, 616, - 360, 872, 232, 744, 488, 1000, 24, 536, 280, 792, - - 152, 664, 408, 920, 88, 600, 344, 856, 216, 728, - 472, 984, 56, 568, 312, 824, 184, 696, 440, 952, - 120, 632, 376, 888, 248, 760, 504, 1016, 4, 516, - 260, 772, 132, 644, 388, 900, 68, 580, 324, 836, - 196, 708, 452, 964, 36, 548, 292, 804, 164, 676, - 420, 932, 100, 612, 356, 868, 228, 740, 484, 996, - 20, 532, 276, 788, 148, 660, 404, 916, 84, 596, - 340, 852, 212, 724, 468, 980, 52, 564, 308, 820, - 180, 692, 436, 948, 116, 628, 372, 884, 244, 756, - 500, 1012, 12, 524, 268, 780, 140, 652, 396, 908, - - 76, 588, 332, 844, 204, 716, 460, 972, 44, 556, - 300, 812, 172, 684, 428, 940, 108, 620, 364, 876, - 236, 748, 492, 1004, 28, 540, 284, 796, 156, 668, - 412, 924, 92, 604, 348, 860, 220, 732, 476, 988, - 60, 572, 316, 828, 188, 700, 444, 956, 124, 636, - 380, 892, 252, 764, 508, 1020, 2, 514, 258, 770, - 130, 642, 386, 898, 66, 578, 322, 834, 194, 706, - 450, 962, 34, 546, 290, 802, 162, 674, 418, 930, - 98, 610, 354, 866, 226, 738, 482, 994, 18, 530, - 274, 786, 146, 658, 402, 914, 82, 594, 338, 850, - - 210, 722, 466, 978, 50, 562, 306, 818, 178, 690, - 434, 946, 114, 626, 370, 882, 242, 754, 498, 1010, - 10, 522, 266, 778, 138, 650, 394, 906, 74, 586, - 330, 842, 202, 714, 458, 970, 42, 554, 298, 810, - 170, 682, 426, 938, 106, 618, 362, 874, 234, 746, - 490, 1002, 26, 538, 282, 794, 154, 666, 410, 922, - 90, 602, 346, 858, 218, 730, 474, 986, 58, 570, - 314, 826, 186, 698, 442, 954, 122, 634, 378, 890, - 250, 762, 506, 1018, 6, 518, 262, 774, 134, 646, - 390, 902, 70, 582, 326, 838, 198, 710, 454, 966, - - 38, 550, 294, 806, 166, 678, 422, 934, 102, 614, - 358, 870, 230, 742, 486, 998, 22, 534, 278, 790, - 150, 662, 406, 918, 86, 598, 342, 854, 214, 726, - 470, 982, 54, 566, 310, 822, 182, 694, 438, 950, - 118, 630, 374, 886, 246, 758, 502, 1014, 14, 526, - 270, 782, 142, 654, 398, 910, 78, 590, 334, 846, - 206, 718, 462, 974, 46, 558, 302, 814, 174, 686, - 430, 942, 110, 622, 366, 878, 238, 750, 494, 1006, - 30, 542, 286, 798, 158, 670, 414, 926, 94, 606, - 350, 862, 222, 734, 478, 990, 62, 574, 318, 830, - - 190, 702, 446, 958, 126, 638, 382, 894, 254, 766, - 510, 1022, 1, 513, 257, 769, 129, 641, 385, 897, - 65, 577, 321, 833, 193, 705, 449, 961, 33, 545, - 289, 801, 161, 673, 417, 929, 97, 609, 353, 865, - 225, 737, 481, 993, 17, 529, 273, 785, 145, 657, - 401, 913, 81, 593, 337, 849, 209, 721, 465, 977, - 49, 561, 305, 817, 177, 689, 433, 945, 113, 625, - 369, 881, 241, 753, 497, 1009, 9, 521, 265, 777, - 137, 649, 393, 905, 73, 585, 329, 841, 201, 713, - 457, 969, 41, 553, 297, 809, 169, 681, 425, 937, - - 105, 617, 361, 873, 233, 745, 489, 1001, 25, 537, - 281, 793, 153, 665, 409, 921, 89, 601, 345, 857, - 217, 729, 473, 985, 57, 569, 313, 825, 185, 697, - 441, 953, 121, 633, 377, 889, 249, 761, 505, 1017, - 5, 517, 261, 773, 133, 645, 389, 901, 69, 581, - 325, 837, 197, 709, 453, 965, 37, 549, 293, 805, - 165, 677, 421, 933, 101, 613, 357, 869, 229, 741, - 485, 997, 21, 533, 277, 789, 149, 661, 405, 917, - 85, 597, 341, 853, 213, 725, 469, 981, 53, 565, - 309, 821, 181, 693, 437, 949, 117, 629, 373, 885, - - 245, 757, 501, 1013, 13, 525, 269, 781, 141, 653, - 397, 909, 77, 589, 333, 845, 205, 717, 461, 973, - 45, 557, 301, 813, 173, 685, 429, 941, 109, 621, - 365, 877, 237, 749, 493, 1005, 29, 541, 285, 797, - 157, 669, 413, 925, 93, 605, 349, 861, 221, 733, - 477, 989, 61, 573, 317, 829, 189, 701, 445, 957, - 125, 637, 381, 893, 253, 765, 509, 1021, 3, 515, - 259, 771, 131, 643, 387, 899, 67, 579, 323, 835, - 195, 707, 451, 963, 35, 547, 291, 803, 163, 675, - 419, 931, 99, 611, 355, 867, 227, 739, 483, 995, - - 19, 531, 275, 787, 147, 659, 403, 915, 83, 595, - 339, 851, 211, 723, 467, 979, 51, 563, 307, 819, - 179, 691, 435, 947, 115, 627, 371, 883, 243, 755, - 499, 1011, 11, 523, 267, 779, 139, 651, 395, 907, - 75, 587, 331, 843, 203, 715, 459, 971, 43, 555, - 299, 811, 171, 683, 427, 939, 107, 619, 363, 875, - 235, 747, 491, 1003, 27, 539, 283, 795, 155, 667, - 411, 923, 91, 603, 347, 859, 219, 731, 475, 987, - 59, 571, 315, 827, 187, 699, 443, 955, 123, 635, - 379, 891, 251, 763, 507, 1019, 7, 519, 263, 775, - - 135, 647, 391, 903, 71, 583, 327, 839, 199, 711, - 455, 967, 39, 551, 295, 807, 167, 679, 423, 935, - 103, 615, 359, 871, 231, 743, 487, 999, 23, 535, - 279, 791, 151, 663, 407, 919, 87, 599, 343, 855, - 215, 727, 471, 983, 55, 567, 311, 823, 183, 695, - 439, 951, 119, 631, 375, 887, 247, 759, 503, 1015, - 15, 527, 271, 783, 143, 655, 399, 911, 79, 591, - 335, 847, 207, 719, 463, 975, 47, 559, 303, 815, - 175, 687, 431, 943, 111, 623, 367, 879, 239, 751, - 495, 1007, 31, 543, 287, 799, 159, 671, 415, 927, - - 95, 607, 351, 863, 223, 735, 479, 991, 63, 575, - 319, 831, 191, 703, 447, 959, 127, 639, 383, 895, - 255, 767, 511, 1023 -}; - -const ntt_fft_params_t ntt_fft_12289_1024 = { - 12289, 12287, 18, 3186, (1<<18)-1, 1024, 12277, 10, - wr_12289_1024, wf_12289_1024, wi_12289_1024, 1, rev_1024 -}; - -/** - * FFT phase shift and scaling inverse transform for q = 12289 and n = 512 - */ -static const uint16_t wi_12289_512[] = { - 12265, 6771, 11424, 9011, 6203, 11914, 9021, 6454, 7154, 146, - 11038, 4238, 5604, 10397, 11498, 3495, 7846, 7684, 1160, 4538, - 845, 2776, 3317, 5836, 6389, 11667, 6508, 1136, 11309, 12269, - 11787, 9520, 5461, 3121, 5832, 1373, 1282, 10058, 4218, 5102, - 7628, 4670, 6616, 1389, 9057, 2442, 2307, 5063, 7878, 10945, - 10506, 716, 767, 3276, 3578, 1327, 5043, 7376, 8176, 3678, - 3837, 6599, 4649, 4860, 11385, 9261, 189, 3515, 8348, 10453, - 7988, 1417, 7302, 1403, 2035, 8067, 2171, 6565, 11169, 8755, - 4693, 10880, 2730, 7078, 3154, 10347, 10243, 2717, 3065, 9342, - 3451, 1826, 4050, 3343, 1573, 6302, 881, 11053, 10759, 10753, - - 3229, 6085, 11410, 3744, 578, 12050, 7519, 3163, 9344, 5959, - 874, 2275, 1802, 10821, 2478, 10584, 216, 506, 7785, 4924, - 5618, 3375, 4834, 3359, 9348, 10975, 11259, 11014, 11009, 4739, - 7119, 5412, 3120, 4578, 1849, 8314, 4684, 11883, 7014, 8921, - 3944, 5598, 2873, 2065, 8820, 180, 4518, 343, 7, 8778, - 8957, 12221, 751, 7790, 11194, 3238, 5082, 7126, 1901, 12077, - 4510, 2600, 3815, 3589, 2832, 12096, 3758, 5845, 5386, 7383, - 4665, 346, 3769, 7350, 150, 3765, 2334, 2054, 7315, 5416, - 8136, 2674, 10588, 5232, 10891, 4235, 1842, 11825, 8016, 11951, - 6263, 1131, 5039, 2360, 10080, 7228, 6919, 392, 8, 10032, - - 8481, 5189, 6125, 125, 9282, 1945, 5808, 8144, 417, 6780, - 10421, 4727, 4360, 11124, 1481, 1535, 7806, 6680, 7911, 3171, - 7087, 2151, 6063, 8400, 1927, 7814, 4423, 4103, 8360, 923, - 2276, 3056, 10345, 7735, 3669, 4840, 10883, 6492, 5650, 6636, - 1891, 11826, 9270, 11475, 11520, 6505, 9663, 448, 8787, 7954, - 7937, 11197, 7000, 3654, 10608, 5734, 1371, 11063, 11010, 5993, - 6643, 10669, 8494, 9202, 12226, 7021, 5410, 612, 5530, 3624, - 9855, 7725, 3418, 9600, 7469, 1908, 8566, 1178, 2532, 4566, - 11379, 1737, 3045, 8840, 682, 7287, 7171, 9175, 2946, 7584, - 10939, 2982, 3572, 6092, 7899, 412, 510, 512, 3020, 2068, - - 293, 11041, 8000, 4176, 1590, 3042, 5078, 2110, 3805, 3338, - 7592, 8682, 11463, 8761, 12217, 8024, 9694, 2455, 6320, 11164, - 2485, 7073, 9173, 438, 8536, 425, 4523, 6613, 9916, 10485, - 11249, 10763, 3480, 1325, 2535, 8328, 9951, 5219, 6878, 10423, - 7235, 3408, 9349, 12229, 10783, 3982, 4094, 9363, 5207, 4119, - 3846, 5596, 365, 3017, 10595, 1721, 7559, 4167, 2593, 7326, - 6921, 2900, 11345, 8257, 6940, 2148, 2301, 9828, 10734, 3981, - 2840, 9839, 12239, 11034, 11511, 7508, 1658, 2291, 9577, 3205, - 567, 10545, 466, 6781, 11675, 4251, 9617, 4209, 6105, 11912, - 6513, 7406, 8929, 1687, 1790, 8062, 8190, 8945, 9462, 6463, - - 6151, 8151, 9195, 3448, 10353, 5478, 12150, 10029, 4719, 6617, - 2643, 8581, 7699, 7681, 9687, 5966, 9652, 11232, 1734, 11572, - 10268, 9489, 3454, 5588, 2622, 6825, 5406, 7885, 7434, 7174, - 648, 1518, 11066, 2483, 4565, 10125, 2213, 10077, 3466, 8347, - 9199, 8464, 8449, 1928, 9068, 3947, 9360, 1445, 5547, 364, - 1763, 11071, 8753, 2185, 11832, 4505, 8619, 6195, 1882, 540, - 1265, 1029, 21, 1756, 2293, 12085, 2253, 11081, 9004, 9714, - 2957, 9089, 5703, 11653, 1241, 7800, 11445, 10767, 8496, 11710, - 11274, 5246, 3869, 9860, 1706, 1038, 11307, 9761, 450, 11295, - 7002, 6162, 9656, 3959, 12119, 8022, 7186, 3407, 8095, 416, - - 5526, 10897, 11759, 11275, 6500, 3393, 2828, 7080, 5662, 9395, - 8468, 1176 -}; - -/** - * Bit-reversed indices for n = 512 - */ -static const uint16_t rev_512[] = { - 0, 256, 128, 384, 64, 320, 192, 448, 32, 288, - 160, 416, 96, 352, 224, 480, 16, 272, 144, 400, - 80, 336, 208, 464, 48, 304, 176, 432, 112, 368, - 240, 496, 8, 264, 136, 392, 72, 328, 200, 456, - 40, 296, 168, 424, 104, 360, 232, 488, 24, 280, - 152, 408, 88, 344, 216, 472, 56, 312, 184, 440, - 120, 376, 248, 504, 4, 260, 132, 388, 68, 324, - 196, 452, 36, 292, 164, 420, 100, 356, 228, 484, - 20, 276, 148, 404, 84, 340, 212, 468, 52, 308, - 180, 436, 116, 372, 244, 500, 12, 268, 140, 396, - - 76, 332, 204, 460, 44, 300, 172, 428, 108, 364, - 236, 492, 28, 284, 156, 412, 92, 348, 220, 476, - 60, 316, 188, 444, 124, 380, 252, 508, 2, 258, - 130, 386, 66, 322, 194, 450, 34, 290, 162, 418, - 98, 354, 226, 482, 18, 274, 146, 402, 82, 338, - 210, 466, 50, 306, 178, 434, 114, 370, 242, 498, - 10, 266, 138, 394, 74, 330, 202, 458, 42, 298, - 170, 426, 106, 362, 234, 490, 26, 282, 154, 410, - 90, 346, 218, 474, 58, 314, 186, 442, 122, 378, - 250, 506, 6, 262, 134, 390, 70, 326, 198, 454, - - 38, 294, 166, 422, 102, 358, 230, 486, 22, 278, - 150, 406, 86, 342, 214, 470, 54, 310, 182, 438, - 118, 374, 246, 502, 14, 270, 142, 398, 78, 334, - 206, 462, 46, 302, 174, 430, 110, 366, 238, 494, - 30, 286, 158, 414, 94, 350, 222, 478, 62, 318, - 190, 446, 126, 382, 254, 510, 1, 257, 129, 385, - 65, 321, 193, 449, 33, 289, 161, 417, 97, 353, - 225, 481, 17, 273, 145, 401, 81, 337, 209, 465, - 49, 305, 177, 433, 113, 369, 241, 497, 9, 265, - 137, 393, 73, 329, 201, 457, 41, 297, 169, 425, - - 105, 361, 233, 489, 25, 281, 153, 409, 89, 345, - 217, 473, 57, 313, 185, 441, 121, 377, 249, 505, - 5, 261, 133, 389, 69, 325, 197, 453, 37, 293, - 165, 421, 101, 357, 229, 485, 21, 277, 149, 405, - 85, 341, 213, 469, 53, 309, 181, 437, 117, 373, - 245, 501, 13, 269, 141, 397, 77, 333, 205, 461, - 45, 301, 173, 429, 109, 365, 237, 493, 29, 285, - 157, 413, 93, 349, 221, 477, 61, 317, 189, 445, - 125, 381, 253, 509, 3, 259, 131, 387, 67, 323, - 195, 451, 35, 291, 163, 419, 99, 355, 227, 483, - - 19, 275, 147, 403, 83, 339, 211, 467, 51, 307, - 179, 435, 115, 371, 243, 499, 11, 267, 139, 395, - 75, 331, 203, 459, 43, 299, 171, 427, 107, 363, - 235, 491, 27, 283, 155, 411, 91, 347, 219, 475, - 59, 315, 187, 443, 123, 379, 251, 507, 7, 263, - 135, 391, 71, 327, 199, 455, 39, 295, 167, 423, - 103, 359, 231, 487, 23, 279, 151, 407, 87, 343, - 215, 471, 55, 311, 183, 439, 119, 375, 247, 503, - 15, 271, 143, 399, 79, 335, 207, 463, 47, 303, - 175, 431, 111, 367, 239, 495, 31, 287, 159, 415, - - 95, 351, 223, 479, 63, 319, 191, 447, 127, 383, - 255, 511 -}; - -const ntt_fft_params_t ntt_fft_12289_512 = { - 12289, 12287, 18, 3186, (1<<18)-1, 512, 12265, 9, - wr_12289_1024, wf_12289_1024, wi_12289_512, 2, rev_512 -}; - -/** - * FFT twiddle factors in Montgomery form for q = 17 and n = 8 - */ -static const uint16_t wr_17_8[] = { 15, 16, 8, 4, 2, 1, 9, 13, 15 }; - -/** - * FFT phase shift in forward transform for q = 17 and n = 8 - */ -static const uint16_t wf_17_8[] = { 4, 12, 2, 6, 1, 3, 9, 10 }; - -/** - * FFT phase shift and scaling inverse transform for q = 17 and n = 8 - */ -static const uint16_t wi_17_8[] = { 15, 5, 13, 10, 9, 3, 1, 6 }; - -/** - * Bit-reversed indices for n = 8 - */ -static const uint16_t rev_8[] = { 0, 4, 2, 6, 1, 5, 3, 7 }; - -const ntt_fft_params_t ntt_fft_17_8 = { - 17, 15, 5, 4, (1<<5)-1, 8, 15, 3, wr_17_8, wf_17_8, wi_17_8, 1, rev_8 -}; diff --git a/src/libstrongswan/math/libnttfft/ntt_fft_params.h b/src/libstrongswan/math/libnttfft/ntt_fft_params.h deleted file mode 100644 index 427cbaa69d..0000000000 --- a/src/libstrongswan/math/libnttfft/ntt_fft_params.h +++ /dev/null @@ -1,116 +0,0 @@ -/* - * Copyright (C) 2014-2016 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup ntt_fft_params ntt_fft_params - * @{ @ingroup ntt_p - */ - -#ifndef NTT_FFT_PARAMS_H_ -#define NTT_FFT_PARAMS_H_ - -#include - -typedef struct ntt_fft_params_t ntt_fft_params_t; - -/** - * Defines the parameters for an NTT computed via the FFT algorithm - */ -struct ntt_fft_params_t { - - /** - * Prime modulus - */ - uint16_t q; - - /** - * Inverse of Prime modulus (-q_inv * q mod r = 1) - */ - uint16_t q_inv; - - /** - * Logarithm of Montgomery radix: log2(r) - */ - uint16_t rlog; - - /** - * Square of Montgomery radix: r^2 mod q - */ - const uint32_t r2; - - /** - * Montgomery radix mask: (1<. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup ntt_fft ntt_fft - * @{ @ingroup ntt_p - */ - -#ifndef NTT_REDUCE_H_ -#define NTT_REDUCE_H_ - -#include "ntt_fft_params.h" - -/** - * Montgomery Reduction - * - * Montgomery, P. L. Modular multiplication without trial division. - * Mathematics of Computation 44, 170 (1985), 519–521. - */ -static inline uint32_t ntt_fft_mreduce(uint32_t x, const ntt_fft_params_t *p) -{ - uint32_t m, t; - - m = (x * p->q_inv) & p->rmask; - t = (x + m * p->q) >> p->rlog; - - return (t < p->q) ? t : t - p->q; -} - -#endif /** NTT_REDUCE_H_ @}*/ diff --git a/src/libstrongswan/math/libnttfft/tests/.gitignore b/src/libstrongswan/math/libnttfft/tests/.gitignore deleted file mode 100644 index da0c7d56d7..0000000000 --- a/src/libstrongswan/math/libnttfft/tests/.gitignore +++ /dev/null @@ -1 +0,0 @@ -ntt_fft_tests diff --git a/src/libstrongswan/math/libnttfft/tests/Makefile.am b/src/libstrongswan/math/libnttfft/tests/Makefile.am deleted file mode 100644 index 55e6fff940..0000000000 --- a/src/libstrongswan/math/libnttfft/tests/Makefile.am +++ /dev/null @@ -1,21 +0,0 @@ -TESTS = ntt_fft_tests - -check_PROGRAMS = $(TESTS) - -ntt_fft_tests_SOURCES = \ - suites/test_ntt_fft.c \ - ntt_fft_tests.h ntt_fft_tests.c - -ntt_fft_tests_CFLAGS = \ - -I$(top_srcdir)/src/libstrongswan \ - -I$(top_srcdir)/src/libstrongswan/tests \ - -I$(top_srcdir)/src/libstrongswan/math/libnttfft \ - -DPLUGINDIR=\""$(abs_top_builddir)/src/libstrongswan/plugins\"" \ - -DPLUGINS=\""${s_plugins}\"" \ - @COVERAGE_CFLAGS@ - -ntt_fft_tests_LDFLAGS = @COVERAGE_LDFLAGS@ -ntt_fft_tests_LDADD = \ - $(top_builddir)/src/libstrongswan/libstrongswan.la \ - $(top_builddir)/src/libstrongswan/tests/libtest.la \ - ../libnttfft.la diff --git a/src/libstrongswan/math/libnttfft/tests/ntt_fft_tests.c b/src/libstrongswan/math/libnttfft/tests/ntt_fft_tests.c deleted file mode 100644 index a4283b71c6..0000000000 --- a/src/libstrongswan/math/libnttfft/tests/ntt_fft_tests.c +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Copyright (C) 2016 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include - -#include - -/* declare test suite constructors */ -#define TEST_SUITE(x) test_suite_t* x(); -#include "ntt_fft_tests.h" -#undef TEST_SUITE - -static test_configuration_t tests[] = { -#define TEST_SUITE(x) \ - { .suite = x, }, -#include "ntt_fft_tests.h" - { .suite = NULL, } -}; - -static bool test_runner_init(bool init) -{ - if (init) - { - char *plugins, *plugindir; - - plugins = lib->settings->get_str(lib->settings, - "tests.load", PLUGINS); - plugindir = lib->settings->get_str(lib->settings, - "tests.plugindir", PLUGINDIR); - plugin_loader_add_plugindirs(plugindir, plugins); - if (!lib->plugins->load(lib->plugins, plugins)) - { - return FALSE; - } - } - else - { - lib->processor->set_threads(lib->processor, 0); - lib->processor->cancel(lib->processor); - lib->plugins->unload(lib->plugins); - } - return TRUE; -} - -int main(int argc, char *argv[]) -{ - return test_runner_run("ntt_fft", tests, test_runner_init); -} diff --git a/src/libstrongswan/math/libnttfft/tests/ntt_fft_tests.h b/src/libstrongswan/math/libnttfft/tests/ntt_fft_tests.h deleted file mode 100644 index 159c180afe..0000000000 --- a/src/libstrongswan/math/libnttfft/tests/ntt_fft_tests.h +++ /dev/null @@ -1,18 +0,0 @@ -/* - * Copyright (C) 2016 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -TEST_SUITE(ntt_fft_suite_create) - diff --git a/src/libstrongswan/math/libnttfft/tests/suites/test_ntt_fft.c b/src/libstrongswan/math/libnttfft/tests/suites/test_ntt_fft.c deleted file mode 100644 index 22a34f91e8..0000000000 --- a/src/libstrongswan/math/libnttfft/tests/suites/test_ntt_fft.c +++ /dev/null @@ -1,165 +0,0 @@ -/* - * Copyright (C) 2014-2016 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "test_suite.h" - -#include -#include - -#include - -static const ntt_fft_params_t *fft_params[] = { - &ntt_fft_17_8, - &ntt_fft_12289_512, - &ntt_fft_12289_1024 -}; - -START_TEST(test_ntt_fft_impulse) -{ - ntt_fft_t *fft; - uint16_t n = fft_params[_i]->n; - uint32_t rq = (1 << fft_params[_i]->rlog) % fft_params[_i]->q; - uint32_t x[n], X[n]; - int i; - - for (i = 0; i < n; i++) - { - x[i] = 0; - } - x[0] = 1; - - fft = ntt_fft_create(fft_params[_i]); - fft->transform(fft, x, X, FALSE); - - for (i = 0; i < n; i++) - { - ck_assert(X[i] == rq); - } - fft->transform(fft, X, x, TRUE); - - for (i = 0; i < n; i++) - { - ck_assert(x[i] == (i == 0)); - } - fft->destroy(fft); -} -END_TEST - -START_TEST(test_ntt_fft_wrap) -{ - ntt_fft_t *fft; - uint16_t n = fft_params[_i]->n; - uint16_t q = fft_params[_i]->q; - uint32_t x[n],y[n], X[n], Y[n]; - int i, j; - - for (i = 0; i < n; i++) - { - x[i] = i; - y[i] = 0; - } - fft = ntt_fft_create(fft_params[_i]); - ck_assert(fft->get_size(fft) == n); - ck_assert(fft->get_modulus(fft) == q); - fft->transform(fft, x, X, FALSE); - - for (j = 0; j < n; j++) - { - y[j] = 1; - fft->transform(fft, y, Y, FALSE); - - for (i = 0; i < n; i++) - { - Y[i] = ntt_fft_mreduce(X[i] * Y[i], fft_params[_i]); - } - fft->transform(fft, Y, Y, TRUE); - - for (i = 0; i < n; i++) - { - ck_assert(Y[i] == ( i < j ? q - n - i + j : i - j)); - } - y[j] = 0; - } - fft->destroy(fft); -} -END_TEST - -START_TEST(test_ntt_fft_speed) -{ - ntt_fft_t *fft; - struct timespec start, stop; - int i, m, count = 10000; - int n = fft_params[_i]->n; - uint32_t x[n], X[n]; - - for (i = 0; i < n; i++) - { - x[i] = i; - } - fft = ntt_fft_create(fft_params[_i]); - - clock_gettime(CLOCK_THREAD_CPUTIME_ID, &start); - for (m = 0; m < count; m++) - { - fft->transform(fft, x, X, FALSE); - fft->transform(fft, X, x, TRUE); - } - clock_gettime(CLOCK_THREAD_CPUTIME_ID, &stop); - - DBG0(DBG_LIB, "%d FFT-%d loops in %d ms\n", count, n, - (stop.tv_nsec - start.tv_nsec) / 1000000 + - (stop.tv_sec - start.tv_sec) * 1000); - - for (i = 0; i < n; i++) - { - ck_assert(x[i] == i); - } - fft->destroy(fft); -} -END_TEST - -START_TEST(test_ntt_fft_init) -{ - libnttfft_init(); -} -END_TEST - -Suite *ntt_fft_suite_create() -{ - Suite *s; - TCase *tc; - - s = suite_create("ntt_fft"); - - tc = tcase_create("init"); - tcase_add_test(tc, test_ntt_fft_init); - suite_add_tcase(s, tc); - - tc = tcase_create("impulse"); - tcase_add_loop_test(tc, test_ntt_fft_impulse, 0, countof(fft_params)); - suite_add_tcase(s, tc); - - tc = tcase_create("negative_wrap"); - tcase_add_loop_test(tc, test_ntt_fft_wrap, 0, countof(fft_params)); - suite_add_tcase(s, tc); - - tc = tcase_create("speed"); - tcase_set_timeout(tc, 10); - tcase_add_loop_test(tc, test_ntt_fft_speed, 1, countof(fft_params)); - suite_add_tcase(s, tc); - - return s; -} diff --git a/src/libstrongswan/plugins/newhope/Makefile.am b/src/libstrongswan/plugins/newhope/Makefile.am deleted file mode 100644 index 8dd6c5fabc..0000000000 --- a/src/libstrongswan/plugins/newhope/Makefile.am +++ /dev/null @@ -1,32 +0,0 @@ -AM_CPPFLAGS = \ - -I$(top_srcdir)/src/libstrongswan \ - -I$(top_srcdir)/src/libstrongswan/math/libnttfft - -AM_CFLAGS = \ - $(PLUGIN_CFLAGS) - -# these files are also used by the tests, we can't directly refer to them -# because of the subdirectory, which would cause distclean to fail -noinst_LTLIBRARIES = libnewhope.la -libnewhope_la_SOURCES = \ - newhope_ke.h newhope_ke.c \ - newhope_noise.h newhope_noise.c \ - newhope_reconciliation.h newhope_reconciliation.c - -libnewhope_la_LIBADD = \ - $(top_builddir)/src/libstrongswan/math/libnttfft/libnttfft.la - -if MONOLITHIC -noinst_LTLIBRARIES += libstrongswan-newhope.la -else -plugin_LTLIBRARIES = libstrongswan-newhope.la -endif - -libstrongswan_newhope_la_SOURCES = \ - newhope_plugin.h newhope_plugin.c - -libstrongswan_newhope_la_LDFLAGS = -module -avoid-version - -libstrongswan_newhope_la_LIBADD = libnewhope.la - - diff --git a/src/libstrongswan/plugins/newhope/newhope_ke.c b/src/libstrongswan/plugins/newhope/newhope_ke.c deleted file mode 100644 index 7e784d42e3..0000000000 --- a/src/libstrongswan/plugins/newhope/newhope_ke.c +++ /dev/null @@ -1,623 +0,0 @@ -/* - * Copyright (C) 2016 Andreas Steffen - * - * Based on public domain code by Erdem Alkim, Léo Ducas, Thomas Pöppelmann, - * and Peter Schwabe. - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "newhope_ke.h" -#include "newhope_noise.h" -#include "newhope_reconciliation.h" - -#include -#include -#include -#include - -static const int seed_len = 32; /* 256 bits */ -static const int poly_len = 1792; /* size of 1024 packed 14-bit coefficients */ -static const int rec_len = 256; /* size of 1024 packed 2-bit coefficients */ - -typedef struct private_newhope_ke_t private_newhope_ke_t; - -/** - * Private data of an newhope_ke_t object. - */ -struct private_newhope_ke_t { - - /** - * Public newhope_ke_t interface. - */ - newhope_ke_t public; - - /** - * FFT parameter set - */ - const ntt_fft_params_t *params; - - /** - * Secret noise polynomial s - */ - uint32_t *s; - - /** - * Output polynomial u = a * NTT(s') + NTT(e') - */ - uint32_t *u; - - /** - * Error reconciliation help bits - */ - uint8_t *r; - - /** - * Shared secret - */ - chunk_t shared_secret; - -}; - -/** - * Derive 14-bit coefficients of polynomial a from 256 bit random seed - * using the SHAKE128 extended output function - */ -static uint32_t* derive_a_poly(private_newhope_ke_t *this, chunk_t seed) -{ - uint32_t *a; - uint8_t x[2]; - int i = 0; - xof_t *xof; - - xof = lib->crypto->create_xof(lib->crypto, XOF_SHAKE_128); - if (!xof) - { - DBG1(DBG_LIB, "could not instantiate SHAKE128 XOF"); - return NULL; - } - - if (!xof->set_seed(xof, seed)) - { - DBG1(DBG_LIB, "could not set seed of SHAKE128 XOF"); - xof->destroy(xof); - return NULL; - } - - /* allocate dynamic memory for polynomial a */ - a = (uint32_t*)malloc(this->params->n * sizeof(uint32_t)); - - while (i < this->params->n) - { - if (!xof->get_bytes(xof, sizeof(x), x)) - { - DBG1(DBG_LIB, "could not get bytes from SHAKE128 XOF"); - xof->destroy(xof); - free(a); - return NULL; - } - - /* - * Treat x as a 16 bit unsigned little endian integer - * and truncate to 14 bits - */ - a[i] = uletoh16(x) & 0x3fff; - - if (a[i] < this->params->q) - { - i++; - } - } - xof->destroy(xof); - - return a; -} - -/** - * Pack four 14-bit coefficients into seven consecutive bytes - * - * 1 2 3 - * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - * |L 0 0 0 0 0 0 0|L 1 H 0 0 0 0 0|M 1 1 1 1 1 1 1|L 2 2 2 H 1 1 1| - * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - * |M 2 2 2 2 2 2 2|L 3 3 3 3 3 H 2|H 3 3 3 3 3 3 3|L 0 0 0 0 0 0 0| - * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - */ -static void pack_poly(private_newhope_ke_t *this, uint8_t *x, uint32_t *p) -{ - int i; - - for (i = 0; i < this->params->n; i += 4) - { - *x++ = (p[i] & 0xff ); - *x++ = (p[i] >> 8) | (p[i+1] << 6); - *x++ = (p[i+1] >> 2); - *x++ = (p[i+1] >> 10) | (p[i+2] << 4); - *x++ = (p[i+2] >> 4); - *x++ = (p[i+2] >> 12) | (p[i+3] << 2); - *x++ = (p[i+3] >> 6); - } -} - -/** - * Unpack seven consecutive bytes into four 14-bit coefficients - */ -static uint32_t* unpack_poly(private_newhope_ke_t * this, uint8_t *x) -{ - uint32_t *p; - int i; - - p = (uint32_t*)malloc(this->params->n * sizeof(uint32_t)); - - for (i = 0; i < this->params->n; i += 4) - { - p[i] = x[0] | (((uint32_t)x[1] & 0x3f) << 8); - p[i+1] = (x[1] >> 6) | (((uint32_t)x[2]) << 2) - | (((uint32_t)x[3] & 0x0f) << 10); - p[i+2] = (x[3] >> 4) | (((uint32_t)x[4]) << 4) - | (((uint32_t)x[5] & 0x03) << 12); - p[i+3] = (x[5] >> 2) | (((uint32_t)x[6]) << 6); - x += 7; - } - for (i = 0; i < this->params->n; i++) - { - if (p[i] >= this->params->q) - { - DBG1(DBG_LIB, "polynomial coefficient must be smaller than %u", - this->params->q); - free(p); - return NULL; - } - } - return p; -} - -/** - * Multiply and add polynomials in the frequency domain - */ -static uint32_t* multiply_add_poly(private_newhope_ke_t *this, - uint32_t *a, uint32_t *e) -{ - ntt_fft_t *fft; - uint32_t *b, t; - int i; - - /* transform s and h to frequency domain */ - fft = ntt_fft_create(this->params); - fft->transform(fft, this->s, this->s, FALSE); - fft->transform(fft, e, e, FALSE); - fft->destroy(fft); - - b = (uint32_t*)malloc(this->params->n * sizeof(uint32_t)); - - /* compute b = a * s + e in the frequency domain */ - for (i = 0; i < this->params->n; i++) - { - /* convert a[i] to Montgomery domain */ - t = ntt_fft_mreduce(a[i] * this->params->r2, this->params); - - /* compute b[i] = a[i] * s[i] + e[i] in Montgomery domain */ - t = ntt_fft_mreduce(t * this->s[i], this->params) + e[i]; - - /* exit Montgomery domain before transmitting polynomial b */ - b[i] = ntt_fft_mreduce(t, this->params); - } - memwipe(e, this->params->n * sizeof(uint32_t)); - - return b; -} - -/** - * Multiply polynomials in the frequency domain and return to time domain - */ -static uint32_t* multiply_ntt_inv_poly(private_newhope_ke_t *this, uint32_t *b) -{ - ntt_fft_t *fft; - uint32_t *v, t; - int i; - - v = (uint32_t*)malloc(this->params->n * sizeof(uint32_t)); - - for (i = 0; i < this->params->n; i++) - { - /* convert b[i] to Montgomery domain */ - t = ntt_fft_mreduce(b[i] * this->params->r2, this->params); - - /* compute v[i] = b[i] * s[i] in Montgomery domain */ - v[i] = ntt_fft_mreduce(t * this->s[i], this->params); - } - - /* transform v back to time domain */ - fft = ntt_fft_create(this->params); - fft->transform(fft, v, v, TRUE); - fft->destroy(fft); - - return v; -} - -/** - * Pack four 2-bit coefficients into one byte - */ -static void pack_rec(private_newhope_ke_t *this, uint8_t *x, uint8_t *r) -{ - int i; - - for (i = 0; i < this->params->n; i += 4) - { - *x++ = r[i] | r[i+1] << 2 | r[i+2] << 4 | r[i+3] << 6; - } -} - -static uint8_t* unpack_rec(private_newhope_ke_t *this, uint8_t *x) -{ - uint8_t *r; - int i; - - r = (uint8_t*)malloc(this->params->n); - - for (i = 0; i < this->params->n; i += 4) - { - r[i] = (*x) & 0x03; - r[i+1] = (*x >> 2) & 0x03; - r[i+2] = (*x >> 4) & 0x03; - r[i+3] = (*x >> 6) & 0x03; - x++; - } - - return r; -} - -METHOD(key_exchange_t, get_public_key, bool, - private_newhope_ke_t *this, chunk_t *value) -{ - uint16_t n, q; - int i; - - /* Define some often-used constants */ - n = this->params->n; - q = this->params->q; - - /* are we the initiator? */ - if (this->u == NULL) - { - rng_t *rng; - uint32_t *a = NULL, *b = NULL, *e = NULL; - uint8_t noise_seed_buf[seed_len]; - chunk_t noise_seed = { noise_seed_buf, seed_len}; - chunk_t a_seed; - newhope_noise_t *noise = NULL; - bool success = FALSE; - - /* allocate space for public output value */ - *value = chunk_alloc(poly_len + seed_len); - a_seed = chunk_create(value->ptr + poly_len, seed_len); - - /* create polynomial a from 256 bit random seed */ - rng = lib->crypto->create_rng(lib->crypto, RNG_STRONG); - if (!rng) - { - DBG1(DBG_LIB, "could not instantiate random source"); - return FALSE; - } - if (!rng->get_bytes(rng, seed_len, a_seed.ptr)) - { - DBG1(DBG_LIB, "could not generate seed for polynomial a"); - goto end; - } - - a = derive_a_poly(this, a_seed); - if (a == NULL) - { - goto end; - } - - /* generate random seed for the derivation of noise polynomials */ - if (!rng->get_bytes(rng, seed_len, noise_seed.ptr)) - { - DBG1(DBG_LIB, "could not generate seed for noise polynomials"); - goto end; - } - - /* create noise polynomial generator */ - noise = newhope_noise_create(noise_seed); - if (!noise) - { - goto end; - } - - /* create noise polynomial s from seed with nonce = 0x00 */ - this->s = noise->get_binomial_words(noise, 0x00, n, q); - if (this->s == NULL) - { - goto end; - } - - /* create noise polynomial e from seed with nonce = 0x01 */ - e = noise->get_binomial_words(noise, 0x01, n, q); - if (e == NULL) - { - goto end; - } - - /* compute b = a * NTT(s) + NTT(e) */ - b = multiply_add_poly(this, a, e); - - DBG3(DBG_LIB, " i a[i] b[i]"); - for (i = 0; i < n; i++) - { - DBG3(DBG_LIB, "%4d %5u %5u", i, a[i], b[i]); - } - - /* pack coefficients of polynomial b */ - pack_poly(this, value->ptr, b); - success = TRUE; - - end: - rng->destroy(rng); - DESTROY_IF(noise); - free(a); - free(b); - free(e); - - if (!success) - { - chunk_free(value); - } - return success; - } - else - { - DBG3(DBG_LIB, " i u[i] r[i]"); - for (i = 0; i < n; i++) - { - DBG3(DBG_LIB, "%4d %5u %5u", i, this->u[i], this->r[i]); - } - - /* allocate space for public output value */ - *value = chunk_alloc(poly_len + rec_len); - - /* pack coefficients of polynomial u */ - pack_poly(this, value->ptr, this->u); - - /* pack coefficients of polynomial r */ - pack_rec(this, value->ptr + poly_len, this->r); - - return TRUE; - } -} - -METHOD(key_exchange_t, get_shared_secret, bool, - private_newhope_ke_t *this, chunk_t *secret) -{ - if (this->shared_secret.len == 0) - { - *secret = chunk_empty; - return FALSE; - } - *secret = chunk_clone(this->shared_secret); - - return TRUE; -} - -METHOD(key_exchange_t, set_public_key, bool, - private_newhope_ke_t *this, chunk_t value) -{ - newhope_reconciliation_t * rec; - uint16_t n, q; - int i; - - /* Define some often-used constants */ - n = this->params->n; - q = this->params->q; - - /* are we the responder? */ - if (this->s == NULL) - { - uint32_t *a = NULL, *b = NULL, *e1 = NULL, *e2 = NULL, *v = NULL, t; - uint8_t *rbits = NULL; - uint8_t noise_seed_buf[seed_len]; - chunk_t noise_seed = { noise_seed_buf, seed_len }; - chunk_t a_seed; - newhope_noise_t *noise = NULL; - rng_t *rng = NULL; - bool success = FALSE; - - if (value.len != poly_len + seed_len) - { - DBG1(DBG_LIB, "received %N KE payload of incorrect size", - key_exchange_method_names, NH_128_BIT); - return FALSE; - } - a_seed = chunk_create(value.ptr + poly_len, seed_len); - - a = derive_a_poly(this, a_seed); - if (a == NULL) - { - return FALSE; - } - - b = unpack_poly(this, value.ptr); - if (b == NULL) - { - goto end; - } - - /* debug output of polynomials a and b */ - DBG3(DBG_LIB, " i a[i] b[i]"); - for (i = 0; i < n; i++) - { - DBG3(DBG_LIB, "%4d %5u %5u", i, a[i], b[i]); - } - - /* generate random seed for the derivation of noise polynomials */ - rng = lib->crypto->create_rng(lib->crypto, RNG_STRONG); - if (!rng) - { - DBG1(DBG_LIB, "could not instantiate random source"); - goto end; - } - if (!rng->get_bytes(rng, seed_len, noise_seed.ptr)) - { - DBG1(DBG_LIB, "could not generate seed for noise polynomials"); - goto end; - } - - /* create noise polynomial generator */ - noise = newhope_noise_create(noise_seed); - if (!noise) - { - goto end; - } - - /* create noise polynomial s' from seed with nonce = 0x00 */ - this->s = noise->get_binomial_words(noise, 0x00, n, q); - if (this->s == NULL) - { - goto end; - } - - /* create noise polynomial e' from seed with nonce = 0x01 */ - e1 = noise->get_binomial_words(noise, 0x01, n, q); - if (e1 == NULL) - { - goto end; - } - - /* create noise polynomial e'' from seed with nonce = 0x02 */ - e2 = noise->get_binomial_words(noise, 0x02, n, q); - if (e2 == NULL) - { - goto end; - } - - /* compute u = a * NTT(s') + NTT(e') */ - this->u = multiply_add_poly(this, a, e1); - - /* compute v = NTT_inv( b * NTT(s') ) */ - v = multiply_ntt_inv_poly(this, b); - - /* compute v = v + e'' */ - for (i = 0; i < n; i++) - { - t = v[i] + e2[i]; - v[i] = (t < q) ? t : t - q; - } - memwipe(e2, n * sizeof(uint32_t)); - - /* create uniform noise bytes from seed with nonce = 0x02 */ - rbits = noise->get_uniform_bytes(noise, 0x03, n/(4*8)); - - rec = newhope_reconciliation_create(n, q); - this->r = rec->help_reconcile(rec, v, rbits); - free(rbits); - this->shared_secret = rec->reconcile(rec, v, this->r); - rec->destroy(rec); - - DBG4(DBG_LIB, "key: %B", &this->shared_secret); - success = TRUE; - - end: - DESTROY_IF(rng); - DESTROY_IF(noise); - free(a); - free(b); - free(e1); - free(e2); - free(v); - - return success; - } - else - { - uint32_t *v; - - if (value.len != poly_len + rec_len) - { - DBG1(DBG_LIB, "received %N KE payload of incorrect size", - key_exchange_method_names, NH_128_BIT); - return FALSE; - } - - this->u = unpack_poly(this, value.ptr); - if (this->u == NULL) - { - return FALSE; - } - - this->r = unpack_rec(this, value.ptr + poly_len); - if (this->r == NULL) - { - return FALSE; - } - - DBG3(DBG_LIB, " i u[i] r[i]"); - for (i = 0; i < n; i++) - { - DBG3(DBG_LIB, "%4d %5u %5u", i, this->u[i], this->r[i]); - } - - /* compute v' = NTT_inv( u * NTT(s) ) */ - v = multiply_ntt_inv_poly(this, this->u); - - rec = newhope_reconciliation_create(n, q); - this->shared_secret = rec->reconcile(rec, v, this->r); - free(v); - rec->destroy(rec); - - DBG4(DBG_LIB, "key: %B", &this->shared_secret); - - return TRUE; - } -} - -METHOD(key_exchange_t, get_method, key_exchange_method_t, - private_newhope_ke_t *this) -{ - return NH_128_BIT; -} - -METHOD(key_exchange_t, destroy, void, - private_newhope_ke_t *this) -{ - chunk_clear(&this->shared_secret); - memwipe(this->s, this->params->n * sizeof(uint32_t)); - free(this->s); - free(this->u); - free(this->r); - free(this); -} - -/* - * Described in header. - */ -newhope_ke_t *newhope_ke_create(key_exchange_method_t ke, chunk_t g, chunk_t p) -{ - private_newhope_ke_t *this; - - INIT(this, - .public = { - .ke = { - .get_shared_secret = _get_shared_secret, - .set_public_key = _set_public_key, - .get_public_key = _get_public_key, - .get_method = _get_method, - .destroy = _destroy, - }, - }, - .params = &ntt_fft_12289_1024, - - ); - - return &this->public; -} diff --git a/src/libstrongswan/plugins/newhope/newhope_ke.h b/src/libstrongswan/plugins/newhope/newhope_ke.h deleted file mode 100644 index d0188b2414..0000000000 --- a/src/libstrongswan/plugins/newhope/newhope_ke.h +++ /dev/null @@ -1,51 +0,0 @@ -/* - * Copyright (C) 2016 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup newhope_ke newhope_ke - * @{ @ingroup newhope_p - */ - -#ifndef NEWHOPE_KE_H_ -#define NEWHOPE_KE_H_ - -typedef struct newhope_ke_t newhope_ke_t; - -#include - -/** - * Implementation of a key exchange algorithm using the New Hope algorithm - */ -struct newhope_ke_t { - - /** - * Implements key_exchange_t interface. - */ - key_exchange_t ke; -}; - -/** - * Creates a new newhope_ke_t object. - * - * @param ke New Hope key exchange number - * @param g not used - * @param p not used - * @return newhope_ke_t object, NULL if not supported - */ -newhope_ke_t *newhope_ke_create(key_exchange_method_t ke, chunk_t g, chunk_t p); - -#endif /** NEWHOPE_KE_H_ @}*/ - diff --git a/src/libstrongswan/plugins/newhope/newhope_noise.c b/src/libstrongswan/plugins/newhope/newhope_noise.c deleted file mode 100644 index dbbe46610e..0000000000 --- a/src/libstrongswan/plugins/newhope/newhope_noise.c +++ /dev/null @@ -1,161 +0,0 @@ -/* - * Copyright (C) 2016 Andreas Steffen - * - * Based on public domain code by Erdem Alkim, Léo Ducas, Thomas Pöppelmann, - * and Peter Schwabe. - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "newhope_noise.h" - -typedef struct private_newhope_noise_t private_newhope_noise_t; - -static const int seed_len = 32; /* 256 bits */ -static const int nonce_len = 12; /* 96 bits */ - -/** - * Private data of an newhope_noise_t object. - */ -struct private_newhope_noise_t { - - /** - * Public newhope_noise_t interface. - */ - newhope_noise_t public; - - /** - * 256 bit seed and 96 bit nonce (44 bytes) - */ - chunk_t seed; - - /** - * ChaCha20 stream - */ - xof_t *xof; - -}; - -METHOD(newhope_noise_t, get_uniform_bytes, uint8_t*, - private_newhope_noise_t *this, uint8_t nonce, uint16_t n) -{ - uint8_t *bytes; - - this->seed.ptr[seed_len] = nonce; - if (!this->xof->set_seed(this->xof, this->seed)) - { - DBG1(DBG_LIB, "could not set seed of CHACHA20 XOF"); - return NULL; - } - - /* allocate dynamic memory for the noise polynomial */ - bytes = (uint8_t*)malloc(n); - - if (!this->xof->get_bytes(this->xof, n, bytes)) - { - DBG1(DBG_LIB, "could not get bytes from SHAKE128 XOF"); - free(bytes); - return NULL; - } - - return bytes; -} - -METHOD(newhope_noise_t, get_binomial_words, uint32_t*, - private_newhope_noise_t *this, uint8_t nonce, uint16_t n, uint16_t q) -{ - uint32_t *np, a, b, d, t; - uint8_t x[4]; - int i = 0, j; - - this->seed.ptr[seed_len] = nonce; - if (!this->xof->set_seed(this->xof, this->seed)) - { - DBG1(DBG_LIB, "could not set seed of CHACHA20 XOF"); - return NULL; - } - - /* allocate dynamic memory for the noise polynomial */ - np = (uint32_t*)malloc(n * sizeof(uint32_t)); - - for (i = 0; i < n; i++) - { - if (!this->xof->get_bytes(this->xof, sizeof(x), x)) - { - DBG1(DBG_LIB, "could not get bytes from SHAKE128 XOF"); - free(np); - return NULL; - } - - /* Treat x as a 32 bit unsigned little endian integer */ - t = uletoh32(x); - - /* Compute Psi_16 distribution */ - d = 0; - for (j = 0; j < 8; j++) - { - d += (t >> j) & 0x01010101; - } - a = ((d >> 8) & 0xff) + (d & 0xff); - b = ((d >> 16) & 0xff) + (d >> 24); - np[i] = (a >= b) ? a - b : a + q - b; - } - - return np; -} - -METHOD(newhope_noise_t, destroy, void, - private_newhope_noise_t *this) -{ - this->xof->destroy(this->xof); - chunk_free(&this->seed); - free(this); -} - -/* - * Described in header. - */ -newhope_noise_t *newhope_noise_create(chunk_t seed) -{ - private_newhope_noise_t *this; - xof_t *xof; - - if (seed.len != seed_len) - { - DBG1(DBG_LIB, "seed for ChaCha20 stream must be 256 bits"); - return NULL; - } - - xof = lib->crypto->create_xof(lib->crypto, XOF_CHACHA20); - if (!xof) - { - DBG1(DBG_LIB, "could not instantiate ChaCha20 stream"); - return NULL; - } - - INIT(this, - .public = { - .get_uniform_bytes = _get_uniform_bytes, - .get_binomial_words = _get_binomial_words, - .destroy = _destroy, - }, - .xof = xof, - .seed = chunk_alloc(seed_len + nonce_len), - ); - - /* initialize seed for ChaCha 20 stream */ - memcpy(this->seed.ptr, seed.ptr, seed_len); - memset(this->seed.ptr + seed_len, 0x00, nonce_len); - - return &this->public; -} diff --git a/src/libstrongswan/plugins/newhope/newhope_noise.h b/src/libstrongswan/plugins/newhope/newhope_noise.h deleted file mode 100644 index b365294f61..0000000000 --- a/src/libstrongswan/plugins/newhope/newhope_noise.h +++ /dev/null @@ -1,71 +0,0 @@ -/* - * Copyright (C) 2016 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup newhope_noise newhope_noise - * @{ @ingroup newhope_p - */ - -#ifndef NEWHOPE_NOISE_H_ -#define NEWHOPE_NOISE_H_ - -typedef struct newhope_noise_t newhope_noise_t; - -#include - -/** - * Generate pseudo random noise using a ChaCha20 stream - * initialized with a 256 bit seed and an 8 bit nonce - */ -struct newhope_noise_t { - - /** - * Return n pseudo random bytes with a uniform distribution - * - * @param nonce Nonce determining the pseudo random stream - * @param n Number of pseudo random bytes to be returned - * @return Return array with n pseudo random bytes - */ - uint8_t* (*get_uniform_bytes)(newhope_noise_t *this, uint8_t nonce, - uint16_t n); - - /** - * Return n pseudo random 32-bit words with a Psi16 binomial distribution - * - * @param nonce Nonce determining the pseudo random stream - * @param n Number of pseudo random Psi16 words to be returned - * @param q Prime number q determining the ring - * @return Return array with n pseudo random 32 bit words - */ - uint32_t* (*get_binomial_words)(newhope_noise_t *this, uint8_t nonce, - uint16_t n, uint16_t q); - - /** - * Destroy a newhope_noise_t object - */ - void (*destroy)(newhope_noise_t *this); -}; - -/** - * Creates a new newhope_noise_t object. - * - * @param seed 256 bit seed (32 byte chunk) - * @return newhope_noise_t object, NULL if not supported - */ -newhope_noise_t *newhope_noise_create(chunk_t seed); - -#endif /** NEWHOPE_NOISE_H_ @}*/ - diff --git a/src/libstrongswan/plugins/newhope/newhope_plugin.c b/src/libstrongswan/plugins/newhope/newhope_plugin.c deleted file mode 100644 index de930226ee..0000000000 --- a/src/libstrongswan/plugins/newhope/newhope_plugin.c +++ /dev/null @@ -1,79 +0,0 @@ -/* - * Copyright (C) 2016 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "newhope_plugin.h" -#include "newhope_ke.h" - -#include - -typedef struct private_newhope_plugin_t private_newhope_plugin_t; - -/** - * private data of newhope_plugin - */ -struct private_newhope_plugin_t { - - /** - * public functions - */ - newhope_plugin_t public; -}; - -METHOD(plugin_t, get_name, char*, - private_newhope_plugin_t *this) -{ - return "newhope"; -} - -METHOD(plugin_t, get_features, int, - private_newhope_plugin_t *this, plugin_feature_t *features[]) -{ - static plugin_feature_t f[] = { - PLUGIN_REGISTER(KE, newhope_ke_create), - PLUGIN_PROVIDE(KE, NH_128_BIT), - PLUGIN_DEPENDS(XOF, XOF_SHAKE_128), - PLUGIN_DEPENDS(XOF, XOF_CHACHA20), - }; - *features = f; - - return countof(f); -} - -METHOD(plugin_t, destroy, void, - private_newhope_plugin_t *this) -{ - free(this); -} - -/* - * see header file - */ -plugin_t *newhope_plugin_create() -{ - private_newhope_plugin_t *this; - - INIT(this, - .public = { - .plugin = { - .get_name = _get_name, - .get_features = _get_features, - .destroy = _destroy, - }, - }, - ); - - return &this->public.plugin; -} diff --git a/src/libstrongswan/plugins/newhope/newhope_plugin.h b/src/libstrongswan/plugins/newhope/newhope_plugin.h deleted file mode 100644 index 87e39ba354..0000000000 --- a/src/libstrongswan/plugins/newhope/newhope_plugin.h +++ /dev/null @@ -1,43 +0,0 @@ -/* - * Copyright (C) 2016 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup newhope_p newhope - * @ingroup plugins - * - * @defgroup newhope_plugin newhope_plugin - * @{ @ingroup newhope_p - */ - -#ifndef NEWHOPE_PLUGIN_H_ -#define NEWHOPE_PLUGIN_H_ - -#include - -typedef struct newhope_plugin_t newhope_plugin_t; - -/** - * Plugin implementing New Hope-based key exchange - */ -struct newhope_plugin_t { - - /** - * implements plugin interface - */ - plugin_t plugin; -}; - -#endif /** NEWHOPE_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/newhope/newhope_reconciliation.c b/src/libstrongswan/plugins/newhope/newhope_reconciliation.c deleted file mode 100644 index c91d154a32..0000000000 --- a/src/libstrongswan/plugins/newhope/newhope_reconciliation.c +++ /dev/null @@ -1,218 +0,0 @@ -/* - * Copyright (C) 2016 Andreas Steffen - * - * Based on public domain code by Erdem Alkim, Léo Ducas, Thomas Pöppelmann, - * and Peter Schwabe. - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - * - */ - -#include "newhope_reconciliation.h" - -typedef struct private_newhope_reconciliation_t private_newhope_reconciliation_t; - -/** - * Private data of an newhope_reconciliation_t object. - */ -struct private_newhope_reconciliation_t { - - /** - * Public newhope_reconciliation_t interface. - */ - newhope_reconciliation_t public; - - /** - * Array sizes - */ - int n, n4; - - /** - * Multiples of modulus q - */ - int32_t q, q2, q4, q8, q16; -}; - - -static inline int32_t rec_abs(int32_t v) -{ - int32_t mask = v >> 31; - - return (v ^ mask) - mask; -} - -/** - * Auxiliary function used by help_reconcile() method - */ -static int32_t rec_f(private_newhope_reconciliation_t *this, - int32_t v, uint8_t r, int32_t *v0, int32_t *v1) -{ - int32_t x, xit, t, b; - - x = 8 * v + 2 * r; - - /* compute t = x/q */ - b = x * 2730; - t = b >> 25; - b = x - t * this->q; - b = this->q - 1 - b; - b >>= 31; - t -= b; - - r = t & 0x01; - xit = (t >> 1); - *v0 = xit + r ; /* v0 = round(x/(2q)) */ - - t -= 1; - r = t & 0x01; - *v1 = ( t>> 1) + r; - - return rec_abs(x - (*v0) * this->q2); -} - -/** - * Auxiliary function used by reconcile() method - */ -static int32_t rec_g(private_newhope_reconciliation_t *this, int32_t x) -{ - int32_t t, r, b; - - /* t = x/(4*q) */ - b = x * 2730; - t = b >> 27; - b = x - t * this->q4; - b = this->q4 - 1 - b; - b >>= 31; - t -= b; - - r = t & 0x01; - t = (t >> 1) + r; /* t = round(x/(8q)) */ - t *= this->q8; - - return abs(t - x); -} - -METHOD(newhope_reconciliation_t, help_reconcile, uint8_t*, - private_newhope_reconciliation_t *this, uint32_t *v, uint8_t *rbits) -{ - int32_t v0[4], v1[4], v_tmp[4], k; - int i, i0, i1, i2, i3, j; - uint8_t *r, rbit; - - /* allocate output vector */ - r = (uint8_t*)malloc(this->n); - - for (i = 0; i < this->n4/8; i++) - { - for (j = 0; j < 8; j++) - { - i0 = 8*i + j; - i1 = i0 + this->n4; - i2 = i1 + this->n4; - i3 = i2 + this->n4; - - /* iterate through all 256 random bits */ - rbit = (rbits[i] >> j) & 0x01; - - k = rec_f(this, v[i0], rbit, &v0[0], &v1[0]); - k += rec_f(this, v[i1], rbit, &v0[1], &v1[1]); - k += rec_f(this, v[i2], rbit, &v0[2], &v1[2]); - k += rec_f(this, v[i3], rbit, &v0[3], &v1[3]); - - k = (this->q2 - 1 - k) >> 31; - - v_tmp[0] = ((~k) & v0[0]) ^ (k & v1[0]); - v_tmp[1] = ((~k) & v0[1]) ^ (k & v1[1]); - v_tmp[2] = ((~k) & v0[2]) ^ (k & v1[2]); - v_tmp[3] = ((~k) & v0[3]) ^ (k & v1[3]); - - r[i0] = (v_tmp[0] - v_tmp[3]) & 0x03; - r[i1] = (v_tmp[1] - v_tmp[3]) & 0x03; - r[i2] = (v_tmp[2] - v_tmp[3]) & 0x03; - r[i3] = (v_tmp[3] - k + v_tmp[3]) & 0x03; - } - } - - return r; -} - -METHOD(newhope_reconciliation_t, reconcile, chunk_t, - private_newhope_reconciliation_t *this, uint32_t *v, uint8_t *r) -{ - size_t key_len; - uint8_t *key; - int32_t tmp[4], t; - int i, i0, i1, i2, i3, j; - - key_len = this->n4 / 8; - key = (uint8_t*)malloc(key_len); - memset(key, 0x00, key_len); - - for (i = 0; i < key_len; i++) - { - for (j = 0; j < 8; j++) - { - i0 = 8*i + j; - i1 = i0 + this->n4; - i2 = i1 + this->n4; - i3 = i2 + this->n4; - - tmp[0] = this->q16 + 8 * (int32_t)v[i0] - - this->q * (2*r[i0] + r[i3]); - tmp[1] = this->q16 + 8 * (int32_t)v[i1] - - this->q * (2*r[i1] + r[i3]); - tmp[2] = this->q16 + 8 * (int32_t)v[i2] - - this->q * (2*r[i2] + r[i3]); - tmp[3] = this->q16 + 8 * (int32_t)v[i3] - - this->q * ( r[i3]); - - t = rec_g(this, tmp[0]) + rec_g(this, tmp[1]) + - rec_g(this, tmp[2]) + rec_g(this, tmp[3]) - this->q8; - - key[i] |= ((t >> 31) & 0x01) << j; - } - } - - return chunk_create(key, key_len); -} - -METHOD(newhope_reconciliation_t, destroy, void, - private_newhope_reconciliation_t *this) -{ - free(this); -} - -/* - * Described in header. - */ -newhope_reconciliation_t *newhope_reconciliation_create(int n, int32_t q) -{ - private_newhope_reconciliation_t *this; - - INIT(this, - .public = { - .help_reconcile = _help_reconcile, - .reconcile = _reconcile, - .destroy = _destroy, - }, - .n = n, - .n4 = n / 4, - .q = q, - .q2 = 2 * q, - .q4 = 4 * q, - .q8 = 8 * q, - .q16 = 16 * q, - ); - - return &this->public; -} diff --git a/src/libstrongswan/plugins/newhope/newhope_reconciliation.h b/src/libstrongswan/plugins/newhope/newhope_reconciliation.h deleted file mode 100644 index 8cc13218a4..0000000000 --- a/src/libstrongswan/plugins/newhope/newhope_reconciliation.h +++ /dev/null @@ -1,71 +0,0 @@ -/* - * Copyright (C) 2016 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup newhope_reconciliation newhope_reconciliation - * @{ @ingroup newhope_p - */ - -#ifndef NEWHOPE_RECONCILIATION_H_ -#define NEWHOPE_RECONCILIATION_H_ - -typedef struct newhope_reconciliation_t newhope_reconciliation_t; - -#include - -/** - * Class assisting the error reconciliation - * resulting in a key exchange error rate < 2^(-60) - */ -struct newhope_reconciliation_t { - - /** - * Generate reconciliation polynomial - * - * @param v polynomial v - * @param rbits pseudo random bit array - * @return return array with reconciliation polynomial - */ - uint8_t* (*help_reconcile)(newhope_reconciliation_t *this, - uint32_t *v, uint8_t *rbits); - - /** - * Use reconciliation polynomial r to derive shared secret - * - * @param v polynomial v or v' - * @param r reconciliation polynomial r - * @return Return shared secret - */ - chunk_t (*reconcile)(newhope_reconciliation_t *this, - uint32_t *v, uint8_t *r); - - /** - * Destroy a newhope_reconciliation_t object - */ - void (*destroy)(newhope_reconciliation_t *this); -}; - -/** - * Creates a new newhope_reconciliation_t object. - * - * @param n array size - * @param q prime modulus - * @return newhope_reconciliation_t object - */ -newhope_reconciliation_t *newhope_reconciliation_create(int n, int32_t q); - -#endif /** NEWHOPE_RECONCILIATION_H_ @}*/ - diff --git a/src/libstrongswan/plugins/newhope/tests/.gitignore b/src/libstrongswan/plugins/newhope/tests/.gitignore deleted file mode 100644 index c06702c492..0000000000 --- a/src/libstrongswan/plugins/newhope/tests/.gitignore +++ /dev/null @@ -1 +0,0 @@ -newhope_tests diff --git a/src/libstrongswan/plugins/newhope/tests/Makefile.am b/src/libstrongswan/plugins/newhope/tests/Makefile.am deleted file mode 100644 index 3992e26d1c..0000000000 --- a/src/libstrongswan/plugins/newhope/tests/Makefile.am +++ /dev/null @@ -1,25 +0,0 @@ -TESTS = newhope_tests - -check_PROGRAMS = $(TESTS) - -newhope_tests_SOURCES = \ - suites/test_newhope_ke.c \ - suites/test_newhope_noise.c \ - suites/test_newhope_reconciliation.c \ - newhope_tests.h newhope_tests.c - -newhope_tests_CFLAGS = \ - -I$(top_srcdir)/src/libstrongswan \ - -I$(top_srcdir)/src/libstrongswan/tests \ - -I$(top_srcdir)/src/libstrongswan/math/libnttfft \ - -I$(top_srcdir)/src/libstrongswan/plugins/newhope \ - -DPLUGINDIR=\""$(abs_top_builddir)/src/libstrongswan/plugins\"" \ - -DPLUGINS=\""${s_plugins}\"" \ - @COVERAGE_CFLAGS@ - -newhope_tests_LDFLAGS = @COVERAGE_LDFLAGS@ -newhope_tests_LDADD = \ - $(top_builddir)/src/libstrongswan/libstrongswan.la \ - $(top_builddir)/src/libstrongswan/tests/libtest.la \ - $(top_builddir)/src/libstrongswan/math/libnttfft/libnttfft.la \ - ../libnewhope.la diff --git a/src/libstrongswan/plugins/newhope/tests/newhope_tests.c b/src/libstrongswan/plugins/newhope/tests/newhope_tests.c deleted file mode 100644 index 615cfb9684..0000000000 --- a/src/libstrongswan/plugins/newhope/tests/newhope_tests.c +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Copyright (C) 2014 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include - -#include - -/* declare test suite constructors */ -#define TEST_SUITE(x) test_suite_t* x(); -#include "newhope_tests.h" -#undef TEST_SUITE - -static test_configuration_t tests[] = { -#define TEST_SUITE(x) \ - { .suite = x, }, -#include "newhope_tests.h" - { .suite = NULL, } -}; - -static bool test_runner_init(bool init) -{ - if (init) - { - char *plugins, *plugindir; - - plugins = lib->settings->get_str(lib->settings, - "tests.load", PLUGINS); - plugindir = lib->settings->get_str(lib->settings, - "tests.plugindir", PLUGINDIR); - plugin_loader_add_plugindirs(plugindir, plugins); - if (!lib->plugins->load(lib->plugins, plugins)) - { - return FALSE; - } - } - else - { - lib->processor->set_threads(lib->processor, 0); - lib->processor->cancel(lib->processor); - lib->plugins->unload(lib->plugins); - } - return TRUE; -} - -int main(int argc, char *argv[]) -{ - return test_runner_run("newhope", tests, test_runner_init); -} diff --git a/src/libstrongswan/plugins/newhope/tests/newhope_tests.h b/src/libstrongswan/plugins/newhope/tests/newhope_tests.h deleted file mode 100644 index 865f73f087..0000000000 --- a/src/libstrongswan/plugins/newhope/tests/newhope_tests.h +++ /dev/null @@ -1,19 +0,0 @@ -/* - * Copyright (C) 2016 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -TEST_SUITE(newhope_ke_suite_create) -TEST_SUITE(newhope_noise_suite_create) -TEST_SUITE(newhope_reconciliation_suite_create) diff --git a/src/libstrongswan/plugins/newhope/tests/suites/test_newhope_ke.c b/src/libstrongswan/plugins/newhope/tests/suites/test_newhope_ke.c deleted file mode 100644 index c5911cfa9c..0000000000 --- a/src/libstrongswan/plugins/newhope/tests/suites/test_newhope_ke.c +++ /dev/null @@ -1,194 +0,0 @@ -/* - * Copyright (C) 2016 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "test_suite.h" - -#include - -#include - -#include - -const int count = 1000; - -START_TEST(test_newhope_ke_good) -{ - chunk_t i_msg, r_msg, i_shared_secret, r_shared_secret; - key_exchange_t *i_nh, *r_nh; - struct timespec start, stop; - int i; - - clock_gettime(CLOCK_THREAD_CPUTIME_ID, &start); - - for (i = 0; i < count; i++) - { - i_nh = lib->crypto->create_ke(lib->crypto, NH_128_BIT); - ck_assert(i_nh != NULL); - ck_assert(i_nh->get_method(i_nh) == NH_128_BIT); - - ck_assert(i_nh->get_public_key(i_nh, &i_msg)); - ck_assert(i_msg.len = 1824); - - r_nh = lib->crypto->create_ke(lib->crypto, NH_128_BIT); - ck_assert(r_nh != NULL); - - ck_assert(r_nh->set_public_key(r_nh, i_msg)); - ck_assert(r_nh->get_public_key(r_nh, &r_msg)); - ck_assert(r_msg.len == 2048); - - ck_assert(r_nh->get_shared_secret(r_nh, &r_shared_secret)); - ck_assert(r_shared_secret.len == 32); - - ck_assert(i_nh->set_public_key(i_nh, r_msg)); - ck_assert(i_nh->get_shared_secret(i_nh, &i_shared_secret)); - ck_assert(i_shared_secret.len == 32); - ck_assert(chunk_equals(i_shared_secret, r_shared_secret)); - - /* cleanup */ - chunk_clear(&i_shared_secret); - chunk_clear(&r_shared_secret); - chunk_free(&i_msg); - chunk_free(&r_msg); - i_nh->destroy(i_nh); - r_nh->destroy(r_nh); - } - - clock_gettime(CLOCK_THREAD_CPUTIME_ID, &stop); - - DBG0(DBG_LIB, "%d Newhope DH loops in %d ms\n", count, - (stop.tv_nsec - start.tv_nsec) / 1000000 + - (stop.tv_sec - start.tv_sec) * 1000); -} -END_TEST - -START_TEST(test_newhope_ke_wrong) -{ - chunk_t i_msg, r_msg, i_shared_secret, r_shared_secret; - key_exchange_t *i_nh, *r_nh; - - i_nh = lib->crypto->create_ke(lib->crypto, NH_128_BIT); - ck_assert(i_nh != NULL); - ck_assert(i_nh->get_public_key(i_nh, &i_msg)); - - r_nh = lib->crypto->create_ke(lib->crypto, NH_128_BIT); - ck_assert(r_nh != NULL); - ck_assert(r_nh->set_public_key(r_nh, i_msg)); - ck_assert(r_nh->get_public_key(r_nh, &r_msg)); - - /* destroy 1st instance of i_nh */ - i_nh->destroy(i_nh); - chunk_free(&i_msg); - - /* create 2nd instance of i_nh */ - i_nh = lib->crypto->create_ke(lib->crypto, NH_128_BIT); - ck_assert(i_nh != NULL); - ck_assert(i_nh->get_public_key(i_nh, &i_msg)); - ck_assert(i_nh->set_public_key(i_nh, r_msg)); - - ck_assert(r_nh->get_shared_secret(r_nh, &r_shared_secret)); - ck_assert(i_nh->get_shared_secret(i_nh, &i_shared_secret)); - ck_assert(!chunk_equals(i_shared_secret, r_shared_secret)); - - /* cleanup */ - chunk_clear(&i_shared_secret); - chunk_clear(&r_shared_secret); - chunk_free(&i_msg); - chunk_free(&r_msg); - i_nh->destroy(i_nh); - r_nh->destroy(r_nh); -} -END_TEST - -START_TEST(test_newhope_ke_fail_i) -{ - key_exchange_t *i_nh; - char buf_ff[2048]; - int i; - - chunk_t i_msg; - - chunk_t r_msg[] = { - chunk_empty, - chunk_from_chars(0x00), - chunk_create(buf_ff, 2047), - chunk_create(buf_ff, 2048), - }; - - memset(buf_ff, 0xff, sizeof(buf_ff)); - - for (i = 0; i < countof(r_msg); i++) - { - i_nh = lib->crypto->create_ke(lib->crypto, NH_128_BIT); - ck_assert(i_nh != NULL); - ck_assert(i_nh->get_public_key(i_nh, &i_msg)); - ck_assert(!i_nh->set_public_key(i_nh, r_msg[i])); - chunk_free(&i_msg); - i_nh->destroy(i_nh); - } -} -END_TEST - -START_TEST(test_newhope_ke_fail_r) -{ - key_exchange_t *r_nh; - char buf_ff[1824]; - int i; - - chunk_t i_msg[] = { - chunk_empty, - chunk_from_chars(0x00), - chunk_create(buf_ff, 1823), - chunk_create(buf_ff, 1824), - }; - - memset(buf_ff, 0xff, sizeof(buf_ff)); - - for (i = 0; i < countof(i_msg); i++) - { - r_nh = lib->crypto->create_ke(lib->crypto, NH_128_BIT); - ck_assert(r_nh != NULL); - ck_assert(!r_nh->set_public_key(r_nh, i_msg[i])); - r_nh->destroy(r_nh); - } -} -END_TEST - -Suite *newhope_ke_suite_create() -{ - Suite *s; - TCase *tc; - - s = suite_create("newhope_ke"); - - tc = tcase_create("ke_good"); - test_case_set_timeout(tc, 30); - tcase_add_test(tc, test_newhope_ke_good); - suite_add_tcase(s, tc); - - tc = tcase_create("ke_wrong"); - tcase_add_test(tc, test_newhope_ke_wrong); - suite_add_tcase(s, tc); - - tc = tcase_create("ke_fail_i"); - tcase_add_test(tc, test_newhope_ke_fail_i); - suite_add_tcase(s, tc); - - tc = tcase_create("ke_fail_r"); - tcase_add_test(tc, test_newhope_ke_fail_r); - suite_add_tcase(s, tc); - - return s; -} diff --git a/src/libstrongswan/plugins/newhope/tests/suites/test_newhope_noise.c b/src/libstrongswan/plugins/newhope/tests/suites/test_newhope_noise.c deleted file mode 100644 index a5f3a42cbe..0000000000 --- a/src/libstrongswan/plugins/newhope/tests/suites/test_newhope_noise.c +++ /dev/null @@ -1,677 +0,0 @@ -/* - * Copyright (C) 2016 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "test_suite.h" - -#include - -#include - -static const uint16_t n = 1024; -static const uint16_t q = 12289; - -static const size_t seed_len = 32; - -typedef struct { - uint8_t key; - uint8_t nonce; - uint8_t uniform[64]; - uint32_t poly[1024]; -} noise_t; - -static noise_t noises[] = { - { 0x00, 0x00, /* polynomial s */ - { 0x9f, 0x07, 0xe7, 0xbe, 0x55, 0x51, 0x38, 0x7a, 0x98, 0xba, - 0x97, 0x7c, 0x73, 0x2d, 0x08, 0x0d, 0xcb, 0x0f, 0x29, 0xa0, - 0x48, 0xe3, 0x65, 0x69, 0x12, 0xc6, 0x53, 0x3e, 0x32, 0xee, - 0x7a, 0xed, 0x29, 0xb7, 0x21, 0x76, 0x9c, 0xe6, 0x4e, 0x43, - 0xd5, 0x71, 0x33, 0xb0, 0x74, 0xd8, 0x39, 0xd5, 0x31, 0xed, - 0x1f, 0x28, 0x51, 0x0a, 0xfb, 0x45, 0xac, 0xe1, 0x0a, 0x1f, - 0x4b, 0x79, 0x4d, 0x6f }, - { 12286, 12288, 12287, 5, 4, 12288, 12286, 12287, 2, 2, - 2, 12288, 2, 12284, 1, 12288, 12288, 12288, 6, 12288, - 0, 4, 1, 12285, 12286, 2, 12284, 12287, 1, 5, - 5, 12286, 12288, 2, 12286, 0, 3, 1, 0, 2, - 0, 0, 4, 12283, 12284, 4, 0, 12288, 3, 12288, - 0, 4, 1, 12288, 12286, 0, 3, 1, 12286, 12287, - 12285, 3, 2, 3, 12286, 0, 6, 6, 12288, 12284, - 0, 12282, 1, 0, 4, 1, 0, 3, 2, 2, - 3, 3, 2, 12288, 3, 1, 12287, 12285, 0, 12288, - 0, 0, 12288, 12287, 12284, 12286, 0, 12288, 4, 4, - 12288, 5, 12286, 2, 12288, 5, 1, 12283, 1, 12288, - 1, 12288, 12287, 12285, 2, 2, 12285, 12284, 0, 12285, - 12287, 0, 1, 0, 2, 12288, 12288, 12287, 0, 4, - 12288, 12285, 12288, 0, 2, 1, 12287, 3, 1, 3, - 5, 12286, 1, 0, 12286, 0, 4, 0, 12288, 1, - 12288, 4, 5, 12283, 12288, 1, 3, 12283, 12286, 5, - 1, 12286, 12287, 12286, 0, 12287, 12285, 1, 0, 0, - 1, 3, 0, 0, 0, 12284, 12286, 2, 4, 12288, - 6, 1, 2, 12288, 1, 12287, 12286, 12284, 12287, 1, - 3, 12284, 0, 0, 6, 12286, 7, 5, 2, 3, - 12285, 12287, 12285, 2, 3, 12283, 2, 12284, 12288, 3, - 12288, 1, 4, 12287, 2, 12288, 12288, 1, 12286, 12284, - 2, 1, 5, 12286, 0, 12288, 0, 0, 0, 12287, - 1, 0, 3, 0, 0, 6, 2, 12283, 1, 3, - 3, 12284, 3, 1, 12286, 2, 12288, 0, 6, 1, - 1, 12285, 12287, 12288, 4, 2, 12288, 3, 12286, 12288, - 12287, 3, 3, 2, 7, 4, 12287, 12286, 12287, 2, - 2, 12287, 1, 12288, 1, 12287, 12283, 12287, 12288, 1, - 12283, 0, 12286, 12288, 4, 12287, 12286, 12286, 2, 2, - 12287, 5, 12288, 4, 0, 12287, 1, 3, 12286, 2, - 1, 1, 12288, 12287, 5, 12288, 0, 0, 1, 0, - 12286, 6, 2, 1, 2, 5, 12286, 6, 12286, 12288, - 0, 12286, 3, 12283, 12288, 12284, 0, 7, 2, 6, - 1, 12288, 12285, 12284, 1, 0, 0, 2, 12288, 12288, - 12288, 3, 3, 1, 3, 12286, 4, 3, 12284, 4, - 1, 12287, 12287, 12285, 0, 12287, 12287, 12287, 12286, 12288, - 1, 12287, 1, 0, 12288, 2, 0, 4, 0, 12287, - 12285, 12285, 5, 3, 12282, 0, 12287, 5, 12287, 1, - 12283, 12288, 12288, 3, 1, 1, 3, 12288, 12283, 5, - 12288, 12288, 5, 5, 1, 12286, 12286, 12288, 1, 2, - 1, 3, 12287, 12288, 12284, 12287, 1, 12287, 0, 12286, - 12285, 1, 12287, 12282, 12286, 12287, 0, 12285, 4, 2, - 1, 12282, 0, 1, 12288, 12285, 12284, 12286, 12286, 12287, - 12288, 1, 12288, 4, 12287, 4, 12287, 12287, 0, 1, - 12287, 3, 1, 12286, 12286, 4, 6, 12288, 1, 12285, - 12286, 12287, 0, 12287, 12287, 1, 12286, 5, 0, 2, - 12283, 12284, 1, 12286, 0, 12287, 12286, 12288, 1, 4, - 4, 12283, 2, 6, 1, 12288, 12286, 2, 7, 2, - 1, 12288, 5, 12284, 12288, 12288, 1, 7, 3, 12283, - 1, 12286, 2, 12288, 12287, 1, 12286, 1, 12286, 12288, - 12287, 3, 2, 2, 0, 12284, 12287, 1, 1, 12284, - 12286, 1, 2, 1, 0, 12285, 1, 0, 1, 2, - 2, 4, 12288, 1, 12288, 5, 0, 12287, 12288, 2, - 0, 12288, 12287, 0, 12288, 12288, 0, 0, 12285, 4, - 2, 12288, 0, 2, 0, 12288, 1, 3, 12287, 12288, - 12288, 12288, 12286, 0, 12285, 12286, 12287, 3, 0, 12286, - 2, 1, 12285, 2, 12288, 0, 5, 0, 1, 12288, - 12288, 4, 3, 3, 12286, 2, 12288, 4, 12288, 6, - 2, 12286, 4, 12287, 2, 12287, 0, 12284, 12288, 0, - 12286, 12288, 3, 4, 12286, 12288, 1, 3, 12286, 3, - 4, 1, 1, 6, 3, 1, 1, 0, 12288, 4, - 0, 12288, 0, 0, 0, 12288, 2, 4, 2, 12287, - 0, 0, 3, 2, 3, 4, 0, 3, 2, 12288, - 2, 4, 6, 12286, 12284, 12287, 1, 0, 0, 4, - 1, 3, 12282, 1, 2, 2, 0, 3, 12282, 2, - 12287, 2, 12288, 4, 12288, 3, 3, 12283, 12288, 12288, - 12286, 12287, 5, 4, 3, 3, 12288, 12284, 2, 2, - 0, 12288, 1, 3, 3, 4, 12284, 12288, 0, 1, - 12284, 0, 12286, 12287, 0, 0, 12287, 0, 1, 6, - 12288, 1, 12284, 12287, 12282, 12288, 4, 12287, 1, 12286, - 1, 12286, 12286, 1, 4, 0, 12288, 1, 12288, 1, - 12285, 3, 1, 0, 1, 0, 12288, 12287, 2, 2, - 0, 12288, 3, 12284, 2, 12288, 12288, 12288, 12287, 3, - 3, 0, 12286, 12286, 1, 2, 12286, 12287, 0, 1, - 12288, 12287, 12287, 12288, 12288, 1, 9, 1, 12288, 12287, - 2, 1, 1, 0, 12287, 12287, 2, 2, 12288, 12285, - 1, 12287, 4, 0, 2, 1, 1, 3, 12284, 12286, - 1, 2, 12288, 12287, 4, 1, 12285, 0, 1, 2, - 12288, 1, 3, 0, 12286, 0, 12288, 12286, 12287, 12286, - 1, 12284, 1, 2, 2, 12288, 0, 12288, 1, 12284, - 2, 3, 12287, 1, 12285, 12288, 0, 1, 12284, 2, - 12288, 12286, 12286, 3, 12288, 12282, 3, 12287, 12288, 12287, - 4, 12287, 1, 2, 9, 12283, 12286, 12286, 0, 4, - 12288, 12288, 4, 0, 1, 1, 2, 12284, 1, 1, - 0, 12288, 1, 0, 12287, 1, 1, 5, 2, 1, - 12288, 3, 12287, 5, 4, 1, 4, 12287, 12285, 3, - 12286, 1, 3, 0, 12287, 0, 12286, 12287, 12287, 12287, - 3, 2, 12286, 12284, 2, 12288, 1, 1, 12288, 3, - 1, 3, 12284, 3, 12282, 12288, 3, 0, 2, 12288, - 0, 5, 0, 2, 0, 12281, 12285, 4, 3, 4, - 2, 12284, 0, 0, 2, 2, 12287, 12284, 2, 12286, - 1, 12288, 1, 12286, 12286, 12287, 4, 0, 6, 3, - 0, 3, 12288, 12288, 12288, 12287, 3, 1, 1, 1, - 2, 12287, 12284, 3, 12286, 12280, 3, 12284, 12287, 12288, - 5, 12288, 12284, 2, 12285, 4, 3, 12286, 6, 2, - 1, 12287, 0, 1, 2, 12286, 1, 0, 12287, 0, - 1, 1, 12286, 2, 12285, 0, 1, 12288, 0, 1, - 12288, 1, 12288, 12287, 12287, 12285, 12282, 12288, 2, 12288, - 2, 12284, 1, 12284, 12287, 12286, 12288, 0, 12288, 1, - 12283, 12286, 5, 3, 0, 12286, 12286, 3, 1, 0, - 1, 12288, 12288, 4, 1, 12286, 12287, 12285, 2, 0, - 2, 12287, 1, 12285, 12288, 12286, 12288, 2, 2, 12285, - 3, 12286, 12285, 12287 } - }, - { 0x00, 0x01, /* polynomial e */ - { 0x46, 0xf0, 0xf6, 0xef, 0xee, 0x15, 0xc8, 0xf1, 0xb1, 0x98, - 0xcb, 0x49, 0xd9, 0x2b, 0x99, 0x08, 0x67, 0x90, 0x51, 0x59, - 0x44, 0x0c, 0xc7, 0x23, 0x91, 0x6d, 0xc0, 0x01, 0x28, 0x26, - 0x98, 0x10, 0x39, 0xce, 0x17, 0x66, 0xaa, 0x25, 0x42, 0xb0, - 0x5d, 0xb3, 0xbd, 0x80, 0x9a, 0xb1, 0x42, 0x48, 0x9d, 0x5d, - 0xbf, 0xe1, 0x27, 0x3e, 0x73, 0x99, 0x63, 0x7b, 0x4b, 0x32, - 0x13, 0x76, 0x8a, 0xaa }, - { 12283, 1, 12288, 4, 0, 12285, 5, 1, 1, 2, - 3, 4, 12288, 0, 3, 1, 1, 0, 12286, 6, - 1, 0, 1, 0, 4, 2, 12288, 3, 0, 5, - 1, 5, 2, 12285, 4, 12288, 3, 2, 12288, 2, - 12288, 12285, 12287, 6, 12282, 1, 12286, 7, 12287, 4, - 2, 2, 12288, 12285, 0, 2, 0, 12288, 1, 12287, - 12287, 2, 1, 2, 1, 12285, 12288, 12286, 1, 2, - 12287, 12288, 12288, 1, 0, 12287, 0, 4, 2, 6, - 12287, 12285, 12283, 12285, 5, 12283, 12286, 1, 12283, 2, - 3, 12286, 12285, 2, 5, 12286, 3, 0, 3, 12286, - 5, 12285, 12287, 12288, 1, 5, 3, 5, 1, 1, - 1, 12288, 5, 0, 12288, 3, 2, 12288, 12285, 12288, - 5, 6, 0, 2, 1, 12287, 12288, 12287, 3, 12284, - 2, 0, 3, 0, 0, 12288, 0, 2, 2, 2, - 0, 1, 2, 2, 0, 0, 12287, 12285, 0, 4, - 1, 12283, 3, 5, 12288, 12286, 12287, 6, 2, 0, - 0, 12287, 2, 2, 12288, 0, 2, 12288, 12287, 12288, - 12288, 1, 12288, 1, 12288, 2, 4, 2, 1, 1, - 0, 12287, 3, 2, 6, 2, 1, 12288, 12285, 6, - 0, 1, 12284, 12287, 12287, 12286, 5, 4, 0, 5, - 12287, 12286, 12288, 12286, 0, 3, 1, 12287, 12287, 12288, - 12288, 12286, 1, 0, 3, 12287, 3, 1, 12283, 1, - 12288, 5, 1, 4, 12286, 12287, 2, 0, 0, 0, - 12281, 12286, 0, 8, 5, 0, 4, 0, 12287, 5, - 1, 3, 2, 12286, 12286, 12288, 12285, 12285, 12287, 0, - 12284, 12287, 1, 0, 2, 1, 12286, 12288, 2, 12285, - 0, 0, 0, 1, 0, 6, 1, 12288, 12287, 12287, - 0, 3, 12288, 12288, 12287, 0, 12287, 1, 3, 0, - 0, 12286, 12286, 4, 4, 12287, 1, 3, 4, 12287, - 12284, 2, 12288, 12286, 12283, 12285, 1, 3, 1, 12288, - 0, 3, 3, 12284, 12285, 5, 3, 12288, 3, 4, - 3, 1, 12288, 0, 12288, 1, 0, 0, 3, 0, - 3, 2, 12287, 12288, 0, 12288, 0, 2, 12285, 4, - 0, 12287, 12287, 1, 1, 1, 12287, 12285, 4, 12282, - 3, 1, 1, 12288, 2, 4, 12285, 12286, 3, 1, - 0, 12287, 12283, 12285, 2, 5, 1, 1, 12288, 12288, - 0, 8, 3, 12287, 12285, 12287, 12286, 12284, 1, 12286, - 1, 12288, 2, 3, 12288, 12288, 2, 12288, 12284, 12285, - 0, 3, 12288, 12288, 2, 3, 7, 12287, 3, 3, - 3, 12284, 0, 0, 1, 12283, 5, 0, 1, 12288, - 3, 12286, 12287, 12286, 0, 0, 12287, 12283, 4, 12283, - 0, 0, 3, 12285, 5, 12286, 12282, 12288, 1, 12287, - 12288, 1, 5, 2, 12287, 2, 12288, 7, 12288, 3, - 5, 1, 0, 12287, 1, 12287, 3, 2, 4, 2, - 12287, 12286, 12288, 2, 5, 1, 12286, 4, 0, 2, - 6, 12286, 2, 12286, 3, 12288, 5, 12285, 0, 2, - 12287, 5, 12286, 12284, 7, 12285, 12286, 12284, 12287, 1, - 12288, 12284, 12286, 2, 4, 2, 2, 12283, 12286, 2, - 2, 12283, 1, 12286, 1, 0, 12284, 3, 0, 4, - 1, 0, 4, 12288, 0, 12287, 12287, 12287, 12286, 12284, - 12288, 3, 1, 12285, 0, 3, 8, 4, 2, 12288, - 3, 12287, 12287, 2, 3, 12288, 12286, 2, 12286, 12288, - 0, 1, 12287, 12285, 0, 12285, 12288, 12287, 1, 12287, - 0, 12284, 0, 1, 1, 12285, 0, 0, 0, 12287, - 12287, 3, 0, 4, 12288, 1, 12288, 12285, 12283, 0, - 12286, 12286, 12285, 12285, 12287, 1, 0, 2, 3, 1, - 2, 12286, 12288, 3, 12286, 12288, 12288, 6, 2, 2, - 0, 12288, 2, 5, 12288, 0, 12284, 12282, 12286, 1, - 12288, 12288, 12286, 12288, 3, 12286, 2, 0, 12283, 0, - 4, 2, 12288, 0, 12286, 0, 4, 3, 12286, 12287, - 4, 12288, 3, 2, 12283, 1, 1, 1, 3, 12286, - 4, 0, 12288, 12285, 12287, 0, 0, 12286, 4, 0, - 12286, 2, 12288, 12288, 12285, 12283, 5, 3, 12286, 12288, - 4, 1, 12283, 0, 12288, 0, 12287, 12287, 0, 3, - 12287, 12287, 2, 2, 3, 0, 1, 4, 12288, 3, - 3, 0, 12284, 12285, 4, 12288, 1, 12287, 0, 1, - 12283, 1, 12284, 12287, 12286, 12285, 0, 0, 3, 12285, - 3, 1, 12288, 12287, 12284, 12282, 5, 3, 3, 2, - 12285, 4, 12288, 0, 3, 12288, 4, 0, 12283, 12288, - 2, 12285, 12288, 12282, 0, 2, 12285, 3, 1, 12284, - 1, 5, 7, 12286, 5, 12285, 1, 2, 0, 4, - 12283, 12287, 12286, 2, 12280, 12287, 12288, 2, 12285, 12286, - 2, 1, 2, 1, 2, 2, 3, 3, 0, 0, - 4, 2, 12288, 12286, 4, 0, 1, 12288, 2, 12287, - 12288, 12288, 1, 3, 12283, 12288, 1, 12287, 1, 1, - 3, 12288, 12288, 1, 2, 1, 1, 12283, 7, 12286, - 12288, 1, 12288, 12287, 12284, 7, 2, 12285, 12286, 0, - 0, 0, 2, 4, 12288, 0, 12284, 12285, 12286, 2, - 12284, 2, 4, 6, 3, 12287, 12288, 12285, 1, 2, - 12286, 0, 0, 12287, 12288, 0, 12286, 2, 1, 1, - 1, 3, 1, 12285, 4, 0, 12287, 12288, 12287, 0, - 12288, 12287, 12288, 12287, 12288, 12288, 0, 12287, 12284, 0, - 12288, 12285, 3, 2, 4, 2, 12284, 3, 1, 3, - 4, 12288, 12285, 12284, 12287, 1, 4, 0, 2, 12288, - 4, 12288, 12287, 3, 1, 0, 0, 12284, 12287, 2, - 4, 12287, 2, 12288, 0, 2, 2, 3, 12287, 12286, - 8, 12286, 12285, 0, 12285, 2, 3, 5, 12287, 12288, - 6, 12288, 12284, 0, 0, 3, 1, 2, 12284, 2, - 1, 3, 2, 0, 0, 12288, 12287, 12288, 1, 12288, - 4, 3, 12284, 1, 3, 12288, 12283, 12288, 1, 1, - 2, 1, 1, 3, 1, 12288, 0, 12288, 2, 0, - 0, 12284, 12283, 3, 12288, 0, 2, 12287, 0, 0, - 12286, 12286, 0, 0, 2, 4, 12288, 1, 2, 3, - 2, 12286, 12286, 1, 2, 4, 12288, 12288, 12284, 12287, - 6, 2, 12288, 12286, 0, 0, 3, 12286, 12288, 12287, - 12286, 12287, 3, 1, 12286, 0, 4, 3, 12286, 5, - 2, 1, 12287, 12286, 4, 12287, 0, 5, 12288, 0, - 12288, 2, 2, 1, 1, 0, 0, 12288, 12288, 12288, - 0, 0, 12288, 12287, 5, 1, 12288, 1, 10, 1, - 0, 0, 2, 2, 2, 0, 12288, 4, 2, 12283, - 3, 1, 1, 12285, 2, 12285, 5, 7, 5, 12288, - 0, 12287, 5, 1, 12288, 12286, 12287, 0, 0, 0, - 12287, 1, 3, 12288 } - }, - { 0x01, 0x00, /* polynomial s' */ - { 0x3a, 0xeb, 0x52, 0x24, 0xec, 0xf8, 0x49, 0x92, 0x9b, 0x9d, - 0x82, 0x8d, 0xb1, 0xce, 0xd4, 0xdd, 0x83, 0x20, 0x25, 0xe8, - 0x01, 0x8b, 0x81, 0x60, 0xb8, 0x22, 0x84, 0xf3, 0xc9, 0x49, - 0xaa, 0x5a, 0x8e, 0xca, 0x00, 0xbb, 0xb4, 0xa7, 0x3b, 0xda, - 0xd1, 0x92, 0xb5, 0xc4, 0x2f, 0x73, 0xf2, 0xfd, 0x4e, 0x27, - 0x36, 0x44, 0xc8, 0xb3, 0x61, 0x25, 0xa6, 0x4a, 0xdd, 0xeb, - 0x00, 0x6c, 0x13, 0xa0 }, - { 5, 4, 4, 12288, 12286, 1, 12287, 12288, 2, 12288, - 12288, 12287, 2, 2, 12284, 12288, 12288, 3, 2, 3, - 12287, 2, 2, 0, 0, 2, 5, 12285, 5, 12287, - 2, 12282, 12286, 2, 1, 2, 1, 1, 12288, 12285, - 12287, 12286, 2, 0, 0, 12285, 0, 0, 12287, 12286, - 12285, 12286, 2, 12288, 12288, 0, 1, 2, 12286, 2, - 1, 0, 0, 2, 1, 12288, 1, 12287, 1, 0, - 0, 2, 12285, 2, 2, 12288, 12286, 3, 12287, 0, - 1, 1, 0, 2, 12287, 2, 1, 2, 3, 0, - 0, 1, 12288, 12288, 2, 12287, 12286, 12286, 6, 12288, - 0, 0, 4, 0, 12286, 0, 4, 12288, 12288, 5, - 12287, 12288, 12285, 2, 12285, 12288, 1, 0, 2, 12288, - 12286, 1, 3, 12285, 2, 2, 1, 1, 12288, 12288, - 12287, 1, 12288, 3, 0, 12285, 4, 12285, 12287, 2, - 2, 12287, 12287, 12286, 12288, 12284, 2, 12286, 4, 1, - 0, 12286, 12284, 3, 12286, 3, 12286, 3, 4, 1, - 12288, 12282, 2, 2, 12284, 0, 12286, 12283, 3, 0, - 4, 2, 4, 2, 12285, 10, 12288, 8, 3, 2, - 2, 0, 1, 0, 0, 12286, 2, 12284, 4, 1, - 12287, 12287, 1, 1, 12286, 1, 0, 12285, 12288, 12286, - 12287, 2, 1, 12284, 12288, 12285, 12285, 3, 0, 1, - 4, 4, 1, 0, 2, 1, 12288, 1, 12287, 0, - 12286, 4, 2, 3, 3, 12285, 12288, 12288, 5, 2, - 0, 4, 3, 12287, 12287, 5, 2, 3, 12284, 0, - 8, 1, 1, 0, 5, 12288, 12288, 12288, 12286, 6, - 3, 12288, 12286, 12287, 4, 12288, 2, 12288, 12284, 12287, - 4, 12288, 0, 0, 3, 0, 4, 4, 12287, 0, - 3, 0, 12285, 12287, 12288, 12288, 0, 0, 12287, 12288, - 12286, 0, 0, 12285, 12288, 4, 12287, 1, 2, 12288, - 12285, 5, 4, 12283, 2, 0, 12288, 2, 0, 0, - 12286, 12284, 3, 3, 3, 12287, 1, 1, 0, 1, - 3, 12288, 4, 4, 0, 2, 0, 1, 12286, 12284, - 2, 2, 12287, 3, 2, 12288, 3, 12286, 2, 12286, - 12288, 4, 3, 12288, 2, 12288, 2, 1, 12288, 12288, - 7, 12288, 12288, 0, 12288, 1, 12284, 12288, 12288, 12287, - 12287, 1, 12285, 12287, 12287, 1, 0, 2, 12286, 3, - 12288, 12288, 12287, 3, 5, 0, 0, 12287, 2, 12287, - 12288, 8, 12287, 1, 2, 12288, 12284, 3, 0, 12287, - 12284, 3, 0, 2, 1, 3, 4, 12287, 12286, 12288, - 12286, 0, 0, 12287, 12285, 0, 12286, 2, 1, 12287, - 12288, 5, 12287, 12287, 12286, 2, 12283, 0, 0, 12286, - 2, 12284, 5, 0, 1, 12287, 0, 3, 1, 12285, - 12288, 0, 3, 12287, 2, 12286, 0, 1, 12288, 1, - 12284, 12281, 12284, 12288, 12285, 2, 5, 4, 12286, 0, - 12287, 12288, 12286, 12285, 3, 12282, 1, 12287, 2, 0, - 6, 12288, 4, 12286, 3, 12288, 12286, 12284, 3, 1, - 6, 3, 2, 1, 2, 1, 1, 12288, 12287, 1, - 3, 3, 1, 0, 0, 12288, 3, 12284, 12285, 12284, - 1, 3, 12286, 0, 1, 12285, 12287, 1, 12285, 2, - 0, 1, 12287, 1, 4, 3, 1, 12287, 0, 5, - 1, 12288, 2, 1, 1, 4, 3, 12286, 3, 3, - 2, 12287, 3, 12286, 0, 12288, 12285, 2, 3, 12286, - 0, 12287, 5, 4, 1, 1, 12287, 12288, 2, 0, - 0, 0, 2, 0, 12286, 4, 12288, 12288, 12285, 12286, - 2, 12288, 12288, 0, 12288, 12286, 12284, 12287, 1, 5, - 0, 12285, 12287, 2, 4, 3, 12285, 12287, 12288, 0, - 12288, 12287, 12286, 2, 12288, 12286, 12284, 1, 2, 12287, - 4, 1, 4, 4, 12284, 2, 0, 12288, 3, 1, - 0, 4, 1, 6, 0, 12286, 12288, 12287, 12287, 0, - 12284, 12285, 2, 12286, 1, 0, 3, 12288, 1, 2, - 12284, 12286, 12285, 12283, 12285, 0, 12285, 2, 0, 2, - 1, 3, 1, 12286, 12288, 1, 4, 0, 0, 12287, - 12287, 12286, 0, 1, 12286, 0, 2, 12288, 2, 12287, - 0, 0, 12286, 12287, 4, 6, 12286, 0, 12288, 0, - 0, 12287, 2, 3, 4, 1, 3, 12286, 4, 0, - 12288, 12286, 12287, 12287, 12288, 4, 12285, 1, 12286, 12286, - 2, 12288, 0, 0, 1, 5, 12285, 1, 12281, 3, - 12281, 2, 3, 0, 12284, 12288, 5, 0, 0, 12288, - 0, 0, 12288, 12286, 3, 12287, 0, 2, 12288, 0, - 3, 12288, 12286, 0, 12286, 12287, 12284, 0, 12286, 1, - 12287, 12282, 12287, 12288, 0, 5, 12288, 2, 1, 12288, - 1, 12285, 5, 2, 12286, 12285, 12287, 0, 2, 12288, - 1, 12288, 1, 12286, 0, 2, 12287, 12287, 6, 12286, - 12288, 0, 12286, 4, 6, 12287, 12287, 2, 2, 12285, - 1, 12288, 12285, 12286, 5, 12288, 1, 2, 1, 7, - 12286, 5, 12288, 12287, 12286, 12284, 1, 2, 12287, 4, - 1, 1, 0, 1, 2, 12285, 2, 12288, 12284, 1, - 1, 12287, 12286, 12285, 12287, 1, 12287, 3, 1, 12286, - 0, 12286, 3, 3, 12288, 2, 12288, 5, 12288, 1, - 2, 0, 12287, 1, 12287, 7, 2, 3, 0, 12287, - 2, 12284, 12284, 12281, 12286, 12285, 12287, 12287, 0, 12288, - 3, 4, 3, 2, 3, 1, 12288, 12286, 0, 12288, - 12286, 1, 12286, 6, 12287, 1, 6, 5, 3, 1, - 12286, 2, 1, 3, 1, 12286, 12285, 3, 2, 0, - 0, 12284, 1, 1, 3, 3, 1, 1, 12288, 0, - 12284, 1, 12288, 0, 0, 12287, 0, 4, 12285, 0, - 4, 12283, 1, 1, 0, 12285, 0, 12286, 0, 0, - 1, 0, 12286, 0, 12288, 3, 4, 0, 2, 1, - 12287, 2, 12288, 1, 0, 12288, 0, 12288, 6, 12288, - 12287, 12286, 3, 12284, 0, 12288, 12284, 12286, 12287, 12288, - 12288, 12288, 4, 0, 2, 6, 12286, 1, 4, 12288, - 2, 1, 0, 5, 2, 1, 12285, 0, 0, 12285, - 4, 12286, 5, 1, 3, 2, 12287, 2, 0, 2, - 7, 12283, 12288, 12288, 3, 0, 3, 12288, 3, 12286, - 12288, 12287, 12288, 3, 0, 2, 4, 1, 12284, 2, - 12288, 12286, 12287, 1, 1, 12288, 0, 12288, 12283, 6, - 2, 1, 12288, 3, 12287, 12288, 1, 1, 12285, 0, - 12286, 12287, 12288, 1, 2, 12287, 0, 4, 0, 12286, - 2, 1, 12288, 12285, 12287, 0, 2, 12287, 6, 2, - 0, 12287, 12288, 2, 12288, 12284, 12288, 12285, 4, 1, - 12288, 12284, 12287, 4, 12284, 1, 3, 12284, 12282, 0, - 12286, 12287, 2, 12286, 3, 4, 2, 12288, 3, 3, - 1, 3, 12287, 12283 } - }, - { 0x01, 0x01, /* polynomial e' */ - { 0x58, 0xd8, 0x6a, 0xcd, 0xe2, 0x79, 0x61, 0x98, 0xfd, 0xea, - 0xcf, 0x2a, 0xc0, 0xfd, 0xf0, 0x72, 0x86, 0x32, 0xdc, 0xe9, - 0xc6, 0x45, 0x81, 0x80, 0x67, 0x06, 0x72, 0x28, 0xa6, 0xfe, - 0x41, 0x2b, 0x78, 0x88, 0x58, 0x6d, 0x58, 0x47, 0x3e, 0xb7, - 0x46, 0x60, 0xd8, 0x2f, 0xa0, 0x83, 0xe4, 0xbc, 0x81, 0xdd, - 0xc6, 0x29, 0x8b, 0xee, 0xf9, 0xec, 0x90, 0x39, 0x9d, 0x46, - 0xbf, 0x2d, 0x7c, 0xdf }, - { 12287, 3, 3, 1, 12285, 4, 1, 5, 12287, 12285, - 12285, 12285, 1, 12288, 12287, 12288, 2, 3, 12283, 12288, - 12285, 0, 0, 12286, 12287, 12288, 12288, 12288, 12288, 1, - 12288, 2, 2, 5, 5, 0, 12287, 12286, 3, 3, - 2, 2, 1, 0, 2, 12287, 12285, 3, 1, 3, - 5, 2, 12287, 12287, 2, 0, 4, 2, 0, 0, - 1, 5, 12288, 6, 4, 12287, 1, 0, 12283, 0, - 1, 12286, 2, 0, 2, 1, 12284, 12282, 0, 6, - 1, 2, 5, 12288, 6, 12288, 12284, 2, 1, 2, - 12288, 12283, 12288, 3, 12288, 12288, 2, 12286, 12283, 1, - 12285, 0, 0, 12286, 12288, 12286, 12288, 12286, 4, 0, - 1, 12285, 3, 1, 2, 12285, 12287, 12284, 12287, 12285, - 12286, 1, 12288, 3, 5, 5, 3, 12285, 12286, 12288, - 0, 1, 12287, 12284, 2, 4, 12288, 12287, 0, 12288, - 12288, 12285, 12288, 12284, 3, 0, 2, 0, 2, 0, - 1, 1, 1, 12287, 1, 12284, 12285, 0, 12284, 1, - 12284, 2, 12288, 5, 4, 1, 1, 12284, 1, 3, - 2, 6, 3, 2, 3, 12284, 0, 0, 4, 2, - 6, 2, 2, 2, 6, 12288, 0, 1, 12286, 1, - 5, 1, 12283, 2, 0, 12284, 1, 12286, 4, 1, - 2, 4, 6, 12288, 12288, 12284, 1, 0, 3, 12286, - 1, 0, 3, 12288, 12287, 2, 2, 0, 12285, 12286, - 0, 12288, 4, 2, 12282, 12287, 1, 12288, 12287, 12286, - 12284, 1, 4, 2, 7, 12288, 12283, 12288, 5, 12288, - 12288, 12287, 3, 2, 12287, 5, 12287, 12286, 12288, 12287, - 0, 12282, 12288, 12288, 0, 3, 12287, 2, 12287, 12284, - 6, 12285, 2, 3, 3, 12284, 2, 4, 12286, 5, - 0, 2, 12287, 3, 0, 12284, 12286, 0, 2, 12286, - 12287, 3, 1, 4, 1, 12286, 12288, 1, 2, 0, - 12285, 12287, 2, 0, 0, 0, 3, 12286, 12287, 2, - 0, 0, 0, 12286, 4, 1, 12287, 0, 0, 2, - 5, 0, 12284, 1, 1, 12288, 2, 12286, 12288, 2, - 2, 12282, 1, 12286, 4, 12286, 3, 12287, 12287, 12286, - 5, 5, 0, 12288, 3, 12285, 1, 12287, 7, 12286, - 2, 12287, 1, 12285, 2, 12287, 12288, 0, 4, 12281, - 0, 12286, 3, 1, 12285, 2, 2, 12285, 5, 0, - 12285, 2, 12288, 1, 3, 12287, 1, 12288, 1, 5, - 12287, 1, 0, 3, 2, 12286, 12286, 12288, 3, 0, - 12287, 12288, 0, 12286, 12285, 0, 12286, 12288, 3, 12287, - 12288, 2, 6, 0, 2, 12285, 1, 1, 7, 7, - 12284, 12284, 5, 0, 12288, 12288, 4, 3, 1, 2, - 12287, 0, 12288, 12284, 2, 5, 1, 2, 0, 12288, - 1, 12284, 2, 3, 0, 12287, 12285, 2, 12288, 12288, - 7, 1, 12287, 1, 12286, 2, 3, 4, 12288, 12288, - 12286, 12286, 3, 12288, 1, 12286, 12286, 0, 12283, 12288, - 2, 0, 7, 2, 12287, 0, 0, 12286, 4, 1, - 12288, 12288, 1, 2, 12287, 12282, 3, 5, 0, 12288, - 12288, 12286, 12286, 12286, 4, 2, 0, 1, 12284, 3, - 12283, 5, 12287, 2, 2, 12288, 1, 12284, 1, 0, - 1, 3, 12288, 2, 12287, 1, 12286, 12288, 0, 12287, - 12288, 2, 2, 12286, 0, 12287, 12288, 12284, 0, 2, - 2, 2, 1, 3, 12285, 12285, 1, 12285, 2, 6, - 2, 0, 12288, 0, 0, 3, 2, 12287, 1, 12286, - 0, 12287, 0, 1, 12285, 12287, 6, 12288, 2, 0, - 12286, 2, 4, 12288, 2, 5, 12285, 12286, 0, 12284, - 12288, 3, 3, 3, 12287, 4, 2, 0, 12283, 2, - 12287, 0, 1, 12287, 2, 12288, 12287, 3, 2, 7, - 7, 1, 12287, 12288, 2, 6, 1, 3, 2, 0, - 2, 2, 3, 12288, 3, 4, 2, 0, 5, 12285, - 3, 12285, 3, 12285, 1, 1, 12287, 12285, 2, 12285, - 5, 0, 7, 2, 12284, 0, 12285, 7, 1, 12288, - 12288, 0, 12288, 12287, 5, 0, 2, 0, 2, 12286, - 1, 12286, 0, 12286, 12285, 4, 12286, 2, 12288, 12287, - 12287, 1, 12286, 12287, 12287, 12286, 12287, 12288, 6, 5, - 2, 5, 12283, 12286, 12286, 12288, 1, 0, 3, 12286, - 5, 0, 12287, 12288, 12288, 12287, 12286, 2, 1, 0, - 1, 2, 3, 1, 12286, 2, 1, 6, 12288, 1, - 12286, 1, 12288, 0, 1, 0, 12283, 0, 2, 12288, - 3, 1, 12287, 12288, 4, 0, 3, 12286, 0, 1, - 12283, 4, 1, 4, 12287, 5, 0, 12287, 12288, 3, - 3, 12282, 1, 4, 2, 3, 0, 2, 6, 12282, - 12285, 12288, 12287, 12288, 2, 12285, 1, 0, 12287, 12288, - 12286, 0, 0, 4, 12288, 12287, 1, 0, 2, 5, - 2, 12287, 1, 7, 12284, 0, 12287, 12286, 2, 1, - 12287, 0, 1, 12284, 12287, 12287, 12285, 12285, 3, 12282, - 12286, 1, 1, 12288, 12282, 12287, 1, 1, 2, 2, - 3, 1, 12287, 5, 12282, 0, 0, 12287, 1, 3, - 12288, 3, 12285, 12286, 2, 0, 12288, 12288, 5, 12285, - 4, 12288, 12287, 0, 1, 4, 1, 2, 12288, 0, - 2, 1, 12288, 4, 6, 12288, 1, 12287, 4, 1, - 12285, 12288, 3, 0, 12288, 12285, 2, 0, 12286, 2, - 1, 12288, 1, 12288, 12284, 3, 0, 2, 2, 12288, - 12287, 12286, 4, 12288, 2, 0, 0, 3, 4, 0, - 12288, 12282, 6, 2, 12283, 12287, 2, 6, 1, 2, - 12288, 2, 12283, 3, 12287, 3, 4, 0, 0, 12285, - 0, 12288, 12287, 12284, 12286, 3, 1, 12286, 2, 0, - 12287, 12286, 12286, 12288, 5, 2, 12288, 12286, 0, 12287, - 0, 3, 2, 12287, 12286, 0, 1, 12287, 2, 0, - 12286, 5, 12285, 12288, 12288, 12288, 12286, 4, 1, 12285, - 12284, 12288, 12286, 1, 1, 12287, 2, 12286, 3, 2, - 12283, 12283, 4, 2, 12283, 5, 0, 1, 0, 5, - 12287, 1, 1, 0, 3, 10, 12287, 3, 12288, 12288, - 12287, 2, 2, 0, 4, 12288, 12283, 12288, 1, 12287, - 3, 0, 0, 1, 12288, 12284, 0, 12286, 12287, 0, - 12287, 2, 1, 7, 12288, 12287, 0, 4, 12287, 12286, - 3, 4, 12287, 12288, 12285, 12287, 12288, 12285, 12286, 7, - 1, 1, 12288, 3, 12287, 3, 1, 4, 2, 5, - 12282, 3, 0, 12286, 12288, 0, 12285, 0, 2, 3, - 0, 12286, 3, 2, 12285, 0, 0, 12287, 1, 0, - 0, 6, 2, 12287, 12284, 7, 5, 0, 1, 6, - 2, 4, 1, 12286, 12288, 2, 12287, 3, 4, 12283, - 0, 12288, 2, 2, 12286, 0, 2, 2, 12288, 12285, - 12287, 12285, 12288, 0 } - }, - { 0x01, 0x02, /* polynomial e'' */ - { 0x20, 0x37, 0x77, 0x8a, 0x9c, 0x19, 0xde, 0xf0, 0x65, 0x9e, - 0x0f, 0xa5, 0xfc, 0x0e, 0x78, 0xfe, 0x55, 0x89, 0xc9, 0x88, - 0x41, 0xa2, 0x5a, 0x1e, 0xa4, 0x66, 0xcd, 0x3a, 0x29, 0x42, - 0xd1, 0x25, 0xf2, 0x84, 0xd7, 0xee, 0xd5, 0x53, 0x86, 0x5b, - 0xa3, 0x93, 0x4e, 0xee, 0xc7, 0x5b, 0xe5, 0x52, 0x68, 0x19, - 0xdf, 0x63, 0xfb, 0x91, 0x3d, 0xe9, 0x5d, 0xd6, 0xeb, 0x81, - 0x3d, 0xac, 0xf1, 0xad }, - { 12286, 12286, 1, 12287, 1, 12286, 12287, 12287, 12284, 1, - 12287, 2, 12284, 0, 2, 12288, 0, 1, 0, 12285, - 12288, 4, 2, 12287, 12282, 12288, 12285, 12288, 2, 12288, - 6, 7, 12286, 12286, 1, 4, 12287, 12287, 3, 1, - 3, 3, 2, 12285, 0, 1, 12288, 1, 1, 12287, - 0, 0, 1, 0, 12287, 12283, 12283, 12288, 12287, 0, - 0, 2, 12286, 3, 3, 0, 12286, 12282, 3, 6, - 3, 3, 12285, 1, 1, 12288, 1, 0, 12288, 0, - 12287, 4, 1, 0, 12285, 12288, 1, 1, 1, 3, - 12286, 0, 12288, 0, 12287, 12287, 3, 5, 1, 12287, - 12287, 0, 0, 0, 12283, 0, 0, 12288, 0, 12287, - 12286, 12284, 12286, 0, 12286, 3, 5, 12287, 0, 12287, - 1, 3, 2, 6, 1, 12287, 1, 1, 12285, 4, - 12282, 12288, 12288, 3, 2, 12287, 3, 3, 12288, 12286, - 2, 5, 12288, 12287, 12288, 3, 0, 12283, 3, 3, - 1, 0, 12288, 2, 2, 12287, 12286, 4, 12287, 12288, - 0, 0, 12286, 1, 4, 4, 12286, 12287, 4, 12288, - 2, 1, 1, 12288, 12287, 3, 12287, 12286, 12285, 12288, - 4, 1, 0, 12287, 3, 12286, 12287, 4, 0, 12287, - 12286, 12287, 3, 1, 1, 12285, 12287, 0, 12285, 2, - 5, 2, 12285, 3, 2, 12285, 12287, 2, 0, 12288, - 2, 5, 2, 12283, 1, 1, 0, 12286, 12288, 3, - 1, 12286, 12283, 0, 1, 2, 2, 1, 12287, 12287, - 4, 4, 1, 0, 0, 12288, 12287, 12284, 12284, 7, - 0, 12288, 5, 4, 12288, 12288, 1, 0, 1, 1, - 2, 12288, 12288, 5, 1, 0, 12287, 3, 3, 0, - 1, 12288, 12288, 3, 12285, 12288, 3, 5, 4, 1, - 12285, 12285, 12288, 12285, 12288, 12285, 4, 1, 3, 12285, - 4, 0, 12288, 12286, 5, 12287, 12285, 12288, 4, 12288, - 0, 12287, 12286, 0, 12286, 12283, 0, 12287, 12284, 1, - 12288, 12288, 3, 12286, 1, 2, 12286, 3, 1, 12285, - 12286, 12285, 0, 12285, 12288, 0, 2, 12283, 0, 1, - 2, 1, 2, 3, 3, 12285, 0, 0, 0, 12288, - 12283, 4, 12286, 2, 1, 3, 3, 12284, 2, 4, - 3, 12286, 12282, 12286, 0, 12286, 12287, 3, 12288, 12288, - 2, 12287, 12286, 3, 0, 12286, 1, 1, 0, 12287, - 2, 0, 0, 1, 12286, 1, 0, 12283, 0, 12288, - 2, 5, 12288, 12287, 2, 1, 12288, 2, 2, 5, - 2, 12286, 12286, 2, 12284, 12287, 0, 12284, 0, 12284, - 12286, 12286, 12288, 12287, 12287, 2, 1, 12287, 12287, 1, - 5, 0, 0, 12288, 2, 12285, 6, 2, 12288, 12288, - 12286, 2, 12285, 0, 0, 0, 12288, 3, 12286, 1, - 1, 0, 3, 0, 12286, 12288, 12287, 3, 2, 12287, - 12288, 1, 12288, 12282, 2, 0, 12288, 12286, 12285, 12281, - 4, 1, 7, 12283, 12287, 12288, 1, 6, 0, 12288, - 5, 1, 1, 12286, 12286, 0, 12287, 12285, 12287, 1, - 12288, 12286, 12286, 12288, 2, 12287, 12287, 12288, 12286, 12288, - 12282, 12284, 12286, 0, 12285, 12285, 3, 12288, 12287, 12288, - 2, 0, 2, 0, 12288, 12286, 3, 12288, 12286, 12287, - 1, 1, 1, 0, 5, 5, 12285, 12288, 3, 12286, - 1, 2, 12285, 1, 4, 12288, 1, 4, 1, 3, - 4, 12286, 0, 7, 2, 12288, 2, 12287, 0, 2, - 12283, 12286, 0, 12288, 12286, 4, 1, 12284, 7, 12285, - 0, 12284, 12287, 0, 0, 3, 4, 12284, 0, 1, - 0, 1, 12285, 1, 12286, 12284, 12287, 0, 7, 1, - 4, 12282, 12288, 0, 2, 12285, 12288, 12287, 12287, 12283, - 0, 1, 3, 12285, 12286, 3, 12288, 12288, 12284, 12286, - 12288, 1, 0, 2, 12287, 0, 12286, 4, 12288, 0, - 12284, 0, 0, 2, 12286, 0, 0, 12286, 12287, 1, - 12288, 0, 12284, 1, 12288, 12288, 1, 1, 12282, 12284, - 12288, 12285, 12285, 12288, 1, 12286, 2, 0, 0, 12284, - 2, 12288, 0, 0, 12285, 0, 3, 0, 0, 12285, - 12286, 5, 3, 12287, 5, 2, 12287, 0, 1, 12286, - 12287, 1, 12286, 1, 12288, 0, 0, 12282, 5, 12282, - 12287, 12288, 12287, 1, 0, 3, 4, 6, 1, 1, - 12287, 12284, 12286, 12287, 12286, 2, 1, 12288, 3, 0, - 3, 0, 12286, 1, 0, 12288, 1, 12284, 4, 0, - 4, 12288, 1, 4, 1, 12286, 4, 0, 2, 1, - 1, 4, 12287, 2, 1, 12288, 4, 3, 2, 12287, - 0, 1, 12287, 1, 12285, 12286, 2, 2, 0, 12286, - 12287, 0, 12288, 12285, 5, 12288, 0, 0, 12288, 3, - 12288, 0, 4, 0, 12288, 12286, 12287, 0, 0, 2, - 12283, 0, 12281, 1, 1, 3, 4, 2, 12284, 5, - 12288, 2, 3, 4, 12287, 3, 12288, 12287, 12288, 2, - 12286, 2, 0, 12286, 12286, 5, 12288, 2, 12288, 7, - 12286, 12286, 4, 12288, 12288, 12288, 5, 12287, 7, 12286, - 12282, 2, 12284, 0, 12288, 0, 2, 12283, 2, 5, - 4, 1, 12288, 12283, 5, 12288, 12288, 0, 0, 0, - 6, 1, 12286, 6, 4, 12287, 2, 12288, 12287, 12286, - 4, 5, 0, 1, 2, 1, 4, 12286, 1, 2, - 1, 1, 0, 12288, 12282, 1, 1, 3, 12284, 12288, - 0, 12287, 1, 12286, 12288, 6, 1, 5, 12287, 12285, - 2, 12288, 12288, 12284, 0, 12287, 2, 3, 5, 1, - 12286, 1, 12287, 0, 12284, 1, 5, 12283, 1, 1, - 12287, 12283, 12288, 0, 12287, 3, 0, 12288, 12286, 12287, - 8, 0, 0, 12288, 1, 3, 2, 3, 12287, 9, - 2, 3, 4, 12288, 3, 0, 12288, 12283, 0, 0, - 2, 4, 12287, 2, 12287, 12286, 12287, 2, 12287, 2, - 3, 1, 3, 1, 0, 1, 1, 5, 3, 12285, - 1, 12281, 12287, 12286, 1, 4, 12287, 12286, 12285, 4, - 2, 0, 12288, 12288, 12286, 12287, 12288, 1, 3, 4, - 0, 1, 12285, 4, 3, 12284, 1, 12288, 12285, 12288, - 0, 12281, 12288, 12285, 12285, 1, 12284, 12286, 12287, 0, - 0, 12287, 1, 12282, 4, 4, 12288, 1, 4, 12286, - 5, 4, 1, 5, 3, 1, 0, 6, 12288, 0, - 12288, 2, 12286, 12287, 6, 0, 12288, 0, 12287, 1, - 4, 0, 12282, 4, 1, 12286, 1, 12282, 3, 12285, - 12283, 12286, 12288, 4, 12284, 12286, 12286, 0, 12286, 0, - 0, 1, 12286, 1, 1, 4, 12284, 0, 3, 2, - 12288, 1, 2, 12287, 2, 1, 12288, 0, 1, 2, - 12286, 0, 6, 12285, 0, 1, 4, 0, 0, 3, - 2, 12287, 12285, 7, 1, 3, 1, 0, 12286, 12288, - 0, 12287, 1, 12286 } - } -}; - -START_TEST(test_newhope_noise_uniform) -{ - newhope_noise_t *noise; - uint8_t seed_buf[seed_len], *uniform; - chunk_t seed = { seed_buf, seed_len }; - - memset(seed_buf, 0x00, seed_len - 1); - seed_buf[seed_len - 1] = noises[_i].key; - - noise = newhope_noise_create(seed); - ck_assert(noise != NULL); - uniform = noise->get_uniform_bytes(noise, noises[_i].nonce, 64); - ck_assert(uniform != NULL); - ck_assert(memeq(uniform, noises[_i].uniform, 64)); - free(uniform); - noise->destroy(noise); -} -END_TEST - -START_TEST(test_newhope_noise_poly) -{ - newhope_noise_t *noise; - uint8_t seed_buf[seed_len]; - uint32_t *poly; - int i; - chunk_t seed = { seed_buf, seed_len }; - - memset(seed_buf, 0x00, seed_len - 1); - seed_buf[seed_len - 1] = noises[_i].key; - - noise = newhope_noise_create(seed); - ck_assert(noise != NULL); - poly = noise->get_binomial_words(noise, noises[_i].nonce, n, q); - ck_assert(poly != NULL); - for (i = 0; i < n; i++) - { - ck_assert(poly[i] == noises[_i].poly[i]); - } - free(poly); - noise->destroy(noise); -} -END_TEST - -static size_t seed_lengths[] = { 0, 1, 31, 33 }; - -START_TEST(test_newhope_noise_fail) -{ - newhope_noise_t *noise; - chunk_t seed; - - seed = chunk_alloc(seed_lengths[_i]); - memset(seed.ptr, 0x00, seed.len); - - noise = newhope_noise_create(seed); - ck_assert(noise == NULL); - chunk_free(&seed); -} -END_TEST - -Suite *newhope_noise_suite_create() -{ - Suite *s; - TCase *tc; - - s = suite_create("newhope_noise"); - - tc = tcase_create("noise_uniform"); - tcase_add_loop_test(tc, test_newhope_noise_uniform, 0, countof(noises)); - suite_add_tcase(s, tc); - - tc = tcase_create("noise_poly"); - tcase_add_loop_test(tc, test_newhope_noise_poly, 0, countof(noises)); - suite_add_tcase(s, tc); - - tc = tcase_create("noise_fail"); - tcase_add_loop_test(tc, test_newhope_noise_fail, 0, countof(seed_lengths)); - suite_add_tcase(s, tc); - - return s; -} diff --git a/src/libstrongswan/plugins/newhope/tests/suites/test_newhope_reconciliation.c b/src/libstrongswan/plugins/newhope/tests/suites/test_newhope_reconciliation.c deleted file mode 100644 index 2a794d156e..0000000000 --- a/src/libstrongswan/plugins/newhope/tests/suites/test_newhope_reconciliation.c +++ /dev/null @@ -1,345 +0,0 @@ -/* - * Copyright (C) 2016 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "test_suite.h" - -#include - -#include - -static const uint16_t n = 1024; -static const uint16_t q = 12289; - -static uint32_t r_v[] = { - 7832, 2714, 1942, 12135, 6869, 11272, 11601, 1783, 9639, 1465, - 4603, 8158, 1418, 6162, 3907, 6653, 1091, 3026, 4540, 4797, - 2751, 29, 768, 5580, 1304, 5262, 1644, 11294, 12257, 10466, - 170, 8458, 7185, 6850, 8790, 11277, 10980, 5507, 10693, 9766, - 7230, 3980, 796, 11125, 8042, 9022, 10207, 7577, 5041, 192, - 10308, 7905, 8520, 3814, 3372, 11772, 11290, 418, 2744, 4782, - 3072, 10921, 10721, 6100, 1021, 7943, 7426, 2142, 6618, 757, - 5033, 9336, 9332, 3410, 6613, 11776, 1525, 9567, 5371, 1290, - 3685, 11054, 11228, 10703, 70, 11215, 8992, 2855, 2962, 10104, - 10083, 8146, 7599, 3428, 4316, 10056, 1245, 9776, 7867, 1381, - 6540, 11273, 6626, 3708, 5348, 4521, 3760, 1771, 12037, 2681, - 3044, 10226, 5133, 5013, 7851, 7187, 1965, 6776, 223, 3003, - 4800, 10128, 9592, 8917, 10664, 7076, 2081, 5621, 2694, 8245, - 10979, 929, 10593, 10429, 6890, 6222, 5891, 6633, 12124, 1508, - 508, 9650, 2480, 10302, 3958, 4519, 5309, 8675, 6963, 5281, - 8265, 4851, 7173, 2537, 1176, 259, 6422, 6782, 1429, 7231, - 4948, 8137, 11341, 12090, 5395, 8087, 3098, 6724, 7462, 9973, - 149, 7331, 562, 9753, 1227, 768, 7520, 12107, 6199, 6503, - 9876, 306, 3876, 1903, 6306, 10288, 10184, 9401, 68, 5246, - 630, 10136, 133, 12082, 648, 8537, 3896, 4482, 12011, 5407, - 5305, 4301, 6551, 714, 5902, 11915, 3121, 5428, 5441, 5140, - 10139, 2091, 875, 9478, 11576, 8663, 10514, 1018, 8780, 6445, - 2501, 4204, 1276, 7474, 10594, 3808, 4367, 11469, 4875, 1899, - 9136, 1507, 6235, 6367, 3851, 7341, 9925, 4629, 9588, 3150, - 4739, 6109, 4850, 9944, 11565, 4995, 8383, 9623, 6248, 3020, - 1730, 3368, 3431, 8617, 6478, 7182, 8720, 1927, 6493, 9285, - 9779, 2800, 3730, 1754, 3772, 3124, 7569, 10008, 9240, 2493, - 4402, 5851, 2050, 8630, 5054, 8421, 1536, 7671, 5467, 9075, - 5881, 4355, 4554, 11354, 4048, 10335, 11033, 4252, 2558, 4363, - 10448, 327, 1675, 4755, 8227, 7705, 398, 10398, 9913, 4129, - 6571, 10743, 280, 6634, 796, 7264, 3916, 11349, 1415, 1187, - 692, 9980, 1647, 4267, 1001, 12229, 6040, 268, 1308, 531, - 3141, 7209, 1941, 4684, 10261, 1415, 8381, 4919, 11450, 1494, - 8237, 11023, 3380, 4448, 10101, 9232, 11040, 7799, 4958, 741, - 2234, 10436, 11442, 5073, 2908, 2355, 31, 7222, 5457, 3746, - 8920, 122, 8960, 5708, 1750, 11161, 4847, 3199, 7954, 2151, - 9419, 11678, 8997, 12016, 9690, 9605, 10718, 3735, 1617, 9574, - 10384, 11604, 9311, 687, 7145, 11891, 6529, 5052, 1342, 8735, - 7644, 6062, 6338, 8563, 2502, 5284, 220, 5224, 3771, 11067, - 11609, 2972, 3799, 2566, 7488, 6369, 7704, 6095, 3598, 12112, - 8545, 2026, 746, 3206, 2814, 8740, 1491, 5950, 8413, 4043, - 12036, 6082, 4131, 1941, 6942, 9396, 11267, 8912, 7344, 10371, - 9205, 9520, 12038, 4345, 8024, 10999, 8408, 4673, 6682, 8893, - 8668, 10099, 7658, 11896, 4276, 2042, 10707, 9793, 3152, 11961, - 3269, 5512, 5736, 5938, 9457, 10439, 10777, 6656, 3174, 9043, - 6046, 2519, 11912, 5244, 6214, 2071, 11317, 5285, 891, 6184, - 3819, 1563, 1474, 654, 5147, 2380, 10760, 4816, 3378, 1414, - 7784, 10067, 1809, 6320, 4789, 9359, 2747, 9424, 9074, 9473, - 3300, 6244, 104, 7612, 1105, 4276, 573, 1988, 923, 12047, - 7948, 4860, 3949, 4971, 6956, 2831, 2034, 289, 10946, 6970, - 3191, 5122, 2175, 1300, 6198, 256, 6433, 11646, 9119, 9723, - 1046, 5967, 1124, 6449, 2817, 692, 4649, 3089, 5050, 11261, - 2220, 3052, 12012, 10110, 1394, 2877, 10089, 11696, 4462, 5504, - 66, 2500, 5384, 7461, 5712, 8649, 9536, 7670, 2385, 3469, - 782, 2876, 7772, 6118, 142, 5396, 10951, 10556, 3450, 10602, - 1604, 7909, 3323, 39, 10258, 2262, 7113, 11313, 10203, 10846, - 9275, 4316, 965, 6006, 4458, 7926, 3171, 1797, 4659, 5336, - 5543, 250, 9230, 10720, 11970, 4511, 4311, 11763, 1283, 4044, - 2643, 3744, 4490, 5984, 8868, 8760, 11738, 6037, 9164, 7601, - 7544, 11117, 7322, 2081, 4034, 10791, 11491, 7027, 1615, 5338, - 8528, 3424, 2126, 927, 1650, 6068, 3812, 10958, 7574, 11032, - 6954, 6132, 2598, 9458, 11346, 1974, 3273, 1040, 10331, 8587, - 11017, 6864, 8246, 5328, 11330, 6779, 8761, 4342, 4595, 8610, - 161, 4622, 6411, 10708, 7896, 11431, 12097, 9500, 3376, 9561, - 10730, 2248, 3069, 1434, 8838, 566, 6397, 5881, 4956, 4203, - 8362, 6047, 3484, 4784, 9901, 8989, 862, 8817, 12186, 9876, - 9748, 1905, 5696, 9028, 5721, 2940, 10235, 2326, 2134, 6167, - 1019, 10851, 1253, 5588, 9149, 6532, 3959, 11598, 4068, 3299, - 8264, 9787, 7089, 2829, 6755, 6156, 455, 5900, 2839, 5921, - 2140, 7428, 2688, 11175, 9247, 6727, 11711, 1762, 6244, 3336, - 2308, 9922, 7883, 7007, 10890, 7013, 8452, 2743, 1482, 6927, - 7846, 6128, 5114, 4868, 7487, 4584, 6785, 460, 6747, 8894, - 9855, 12242, 3365, 1450, 6614, 3974, 5200, 3247, 2779, 8695, - 828, 10940, 2304, 376, 3027, 3898, 10351, 1879, 10262, 2512, - 5487, 4280, 10297, 8480, 9481, 7905, 197, 8361, 4927, 705, - 9671, 6722, 2589, 8772, 1078, 333, 8696, 6267, 7420, 4471, - 8994, 5038, 5318, 1846, 2574, 8779, 10724, 825, 7399, 7073, - 4422, 8385, 5171, 8849, 11344, 10735, 8483, 2241, 11738, 6581, - 10699, 2777, 6531, 4678, 7608, 10871, 3501, 9239, 7252, 11828, - 7873, 9606, 4526, 5958, 8505, 11233, 9638, 2421, 5652, 3095, - 9049, 11347, 6274, 1405, 11114, 11208, 5703, 10774, 3011, 11633, - 5741, 9601, 5507, 4527, 3501, 5707, 8698, 178, 12091, 325, - 6056, 635, 3772, 12169, 10509, 6528, 3573, 3675, 3389, 3161, - 1148, 2687, 3509, 6639, 10452, 11804, 5355, 1085, 9580, 7106, - 1396, 8279, 4881, 3402, 7803, 8801, 6142, 7623, 4386, 9291, - 1502, 500, 11809, 6655, 2674, 10061, 1650, 5422, 8936, 10011, - 1193, 9619, 1435, 8285, 4038, 9984, 9732, 4477, 1251, 7106, - 7817, 10062, 3378, 5608, 2395, 2563, 1957, 3768, 4160, 7267, - 11631, 2171, 4771, 6927, 4330, 10482, 6204, 11022, 7895, 1924, - 3648, 1991, 6628, 10136, 2916, 5416, 7827, 1479, 2312, 9991, - 7915, 5431, 10911, 10979, 4527, 436, 10521, 5725, 2201, 10198, - 662, 1691, 8867, 10008, 9359, 5291, 567, 5725, 10329, 4772, - 2813, 7323, 5646, 1861, 9922, 1831, 9356, 1219, 4107, 9999, - 4569, 9092, 833, 1602, 4258, 1443, 1484, 4036, 5415, 3767, - 9992, 412, 9343, 2251, 10513, 9067, 1494, 11893, 744, 1978, - 11259, 3614, 7459, 5254, 4232, 5148, 4119, 11550, 6425, 4933, - 4292, 10521, 9657, 9632, 4613, 7738, 5561, 8806, 3501, 3731, - 11329, 2693, 11581, 6393, 10176, 10773, 1790, 1809, 9186, 12085, - 5418, 7223, 1077, 1527, 10917, 4236, 7668, 11754, 6655, 7696, - 1809, 11512, 3618, 5857, 7512, 1044, 7970, 6825, 4897, 2870, - 126, 8619, 10445, 3883, 4238, 4051, 399, 1580, 9893, 11046, - 2955, 6520, 5435, 1891, 1254, 12135, 4122, 10512, 11960, 6196, - 3443, 10118, 1689, 10877 -}; - -static uint32_t i_v[] = { - 8355, 2010, 1416, 12110, 6361, 11296, 11668, 1446, 9822, 947, - 5422, 8211, 1824, 6158, 3458, 6435, 685, 2707, 4804, 4929, - 3204, 12158, 674, 5703, 1125, 5085, 1358, 10956, 12216, 11164, - 12112, 8359, 7018, 7038, 9099, 11789, 10574, 5991, 10736, 9335, - 7898, 4429, 587, 11156, 7912, 9063, 9673, 6792, 5530, 648, - 10203, 7284, 7935, 4177, 3514, 11488, 10998, 12254, 2913, 4827, - 2446, 10965, 10718, 5569, 1023, 8150, 7440, 1928, 6384, 802, - 4726, 9738, 10374, 3842, 6761, 11788, 1133, 9413, 5818, 1099, - 3710, 11315, 11667, 10285, 12431, 11195, 9193, 2842, 2267, 9902, - 10076, 7409, 6751, 3748, 4487, 9961, 1547, 10060, 7443, 1276, - 6827, 10798, 6323, 4038, 5508, 4006, 3300, 1774, 255, 2688, - 3238, 10275, 4911, 5648, 7842, 7506, 1769, 6425, 195, 3176, - 4455, 10337, 9451, 8912, 10445, 7646, 2837, 5109, 3033, 8668, - 10295, 744, 10869, 10204, 6825, 6326, 6299, 7208, 11886, 1246, - 704, 9626, 2538, 10932, 3903, 4545, 5111, 9006, 6698, 5008, - 8464, 4679, 7230, 2223, 707, 705, 6592, 6207, 1114, 7645, - 5374, 7595, 11064, 746, 5585, 8248, 2921, 7004, 6595, 9985, - 506, 7147, 793, 9605, 596, 962, 8223, 11771, 6438, 6663, - 9519, 12013, 4302, 2216, 6633, 10351, 10096, 9645, 347, 4601, - 596, 10448, 12051, 12376, 1544, 8939, 5114, 4052, 11408, 5947, - 5368, 4270, 6747, 423, 6283, 11211, 2574, 5974, 5533, 5143, - 9757, 2155, 729, 9776, 11989, 8808, 11057, 1519, 9187, 5996, - 2966, 3865, 1409, 8023, 10648, 4397, 5082, 10832, 4769, 2068, - 9226, 1790, 5911, 6534, 3780, 7312, 9388, 5014, 9054, 3445, - 4659, 6203, 5234, 9490, 11060, 4214, 8978, 9789, 6201, 3088, - 1988, 3057, 3762, 8725, 7322, 7583, 8233, 1394, 6534, 9221, - 9736, 2738, 3837, 2595, 4012, 3674, 7505, 10231, 8080, 2402, - 3977, 5928, 1942, 8421, 5507, 8422, 1238, 6909, 5800, 9613, - 6083, 4382, 4669, 11670, 4032, 10762, 11623, 4387, 3728, 4656, - 9701, 722, 1255, 4495, 8158, 7762, 792, 10307, 9813, 3904, - 6081, 11003, 12045, 6718, 1089, 7327, 4381, 11188, 943, 1740, - 563, 10251, 756, 5027, 848, 325, 6547, 12288, 1222, 12189, - 3641, 7314, 2049, 5254, 10043, 1068, 7906, 4741, 11639, 1981, - 7660, 10911, 2746, 4536, 10068, 9700, 11057, 8114, 5556, 253, - 2292, 10686, 11848, 5306, 3092, 2570, 12167, 7101, 5245, 3463, - 8627, 12513, 9010, 5356, 1633, 10462, 4545, 3614, 7245, 1887, - 9738, 11902, 8716, 12035, 9958, 9421, 11063, 3759, 883, 9754, - 10730, 11706, 9132, 540, 6726, 11382, 7038, 4407, 1225, 8606, - 7689, 5894, 6553, 7908, 2454, 4939, 613, 5811, 3580, 11792, - 11364, 3153, 3698, 2604, 7470, 6053, 7699, 6018, 4289, 11497, - 8580, 2249, 718, 2444, 2972, 8812, 1710, 6317, 8718, 4194, - 12288, 5837, 3698, 2216, 7402, 9045, 11194, 8500, 7238, 10686, - 9409, 9867, 12264, 3859, 7673, 11659, 8496, 4618, 6465, 8811, - 9114, 10740, 7738, 11850, 4142, 2493, 11136, 9623, 3071, 11701, - 2925, 5043, 6151, 6221, 9642, 10846, 11145, 6315, 3741, 9123, - 5131, 2585, 11337, 4786, 5844, 1485, 11505, 5205, 797, 5955, - 3717, 1756, 1551, 1122, 5057, 2585, 10857, 5129, 3557, 1254, - 7750, 9688, 2462, 6415, 4345, 9460, 2957, 8793, 9210, 9242, - 3487, 6506, 11888, 7563, 1078, 4486, 406, 2261, 867, 11965, - 7979, 4533, 3654, 4747, 6636, 3166, 2114, 380, 9715, 7132, - 2982, 5024, 1817, 1231, 6210, 12377, 6280, 10882, 9937, 9587, - 633, 5668, 899, 6176, 2431, 956, 5022, 3094, 4658, 11168, - 2989, 2654, 11990, 10494, 1691, 3017, 10044, 11882, 4020, 5342, - 11911, 2426, 5748, 7592, 6340, 9214, 9357, 7169, 2109, 3210, - 415, 3024, 7791, 5684, 246, 5134, 11335, 10092, 3133, 10427, - 1502, 7739, 3272, 169, 9521, 2550, 7327, 11309, 10815, 10146, - 9157, 4579, 1022, 6447, 4233, 8488, 2958, 1715, 4215, 4965, - 5728, 551, 8942, 10845, 11881, 4472, 4331, 304, 1183, 3798, - 1968, 3993, 4889, 6145, 8841, 8816, 11283, 6578, 9212, 8161, - 7003, 11574, 7764, 1678, 4138, 10444, 11880, 7101, 1390, 4743, - 8320, 3026, 2338, 1203, 1562, 6502, 3103, 10770, 7608, 11097, - 6745, 6037, 2926, 9489, 10782, 1853, 3482, 524, 11063, 8299, - 11092, 6838, 7779, 4598, 11245, 7274, 8908, 3886, 4440, 8651, - 11949, 5344, 6954, 11015, 8333, 11347, 12677, 8716, 3514, 9892, - 10366, 2029, 2875, 1540, 9013, 250, 6393, 5618, 4565, 3687, - 8340, 6420, 3632, 5032, 9408, 9738, 961, 8653, 12315, 10459, - 9883, 2074, 5357, 9341, 4850, 2514, 9746, 2605, 2394, 5928, - 808, 10443, 1589, 5673, 9176, 6593, 3404, 12254, 4230, 3630, - 7958, 10065, 7471, 2432, 6626, 6517, 382, 6131, 2888, 5440, - 1571, 7341, 2841, 11202, 9462, 7180, 11206, 1433, 6183, 3882, - 2105, 9906, 8076, 7074, 10572, 7262, 8456, 2979, 1095, 6891, - 8025, 5914, 5380, 4300, 7363, 4989, 6788, 1043, 6836, 8710, - 10099, 12310, 3997, 2102, 7002, 4041, 4948, 2601, 2958, 8665, - 984, 10820, 1940, 541, 3377, 3533, 9357, 2049, 10721, 2732, - 5355, 4280, 10281, 8056, 9557, 7749, 611, 8255, 4854, 708, - 9199, 7033, 2582, 8343, 820, 944, 8651, 5547, 7052, 4723, - 8972, 5594, 5314, 1938, 2539, 8789, 10341, 12368, 7475, 6903, - 4436, 8346, 5391, 8336, 10864, 10397, 8517, 2078, 12127, 6612, - 10511, 2970, 6576, 5166, 7744, 10934, 3186, 9515, 6831, 12085, - 7284, 9791, 4755, 6341, 8713, 11526, 9392, 2122, 5743, 2776, - 9581, 11396, 7006, 1465, 11235, 10997, 5776, 10401, 2929, 11732, - 5847, 9512, 6068, 3934, 3730, 5813, 9195, 410, 11698, 896, - 6321, 1310, 3478, 11649, 10201, 6850, 3612, 3451, 3569, 3266, - 747, 3151, 3352, 6497, 10445, 11501, 5306, 1026, 9712, 7294, - 813, 8005, 5090, 2905, 7903, 8358, 6290, 7756, 3955, 9471, - 1858, 699, 11847, 7292, 2165, 10556, 1038, 5289, 8693, 9698, - 1702, 10228, 1412, 8681, 3330, 10042, 8888, 4257, 1201, 7422, - 7956, 10019, 3011, 5956, 2188, 2407, 1986, 3847, 4345, 7427, - 12091, 1763, 3885, 6731, 4172, 10828, 6129, 10972, 7878, 2189, - 3988, 2125, 6536, 10663, 3100, 5129, 7656, 1053, 2303, 10149, - 8087, 5666, 11151, 10962, 4905, 779, 10113, 5451, 1509, 9590, - 735, 1626, 8419, 10607, 9293, 5778, 907, 5527, 10408, 5454, - 2266, 7131, 6332, 2055, 10105, 1188, 9842, 2059, 4417, 10026, - 4339, 9779, 680, 1731, 4958, 1589, 1866, 3797, 5058, 3735, - 9899, 543, 9330, 2436, 10757, 9010, 1270, 12232, 1122, 2222, - 10945, 3733, 7454, 5251, 4185, 5118, 4331, 12022, 5900, 4767, - 4393, 10252, 9957, 9653, 4674, 7705, 5694, 9123, 3882, 3137, - 11627, 2712, 11985, 6346, 9990, 10760, 1869, 1778, 8899, 12168, - 5207, 7250, 1088, 1131, 11567, 4337, 8286, 11660, 7152, 8010, - 2286, 11335, 2984, 5740, 7114, 806, 7579, 7119, 5122, 2917, - 541, 7913, 10555, 3684, 4720, 3954, 517, 1526, 9712, 10854, - 1921, 6897, 4704, 2141, 1602, 11880, 4548, 10569, 11521, 6408, - 3609, 9752, 1960, 10934 -}; - -static uint8_t rbits[] = { - 0x3f, 0xff, 0xaf, 0x0f, 0x6b, 0xb2, 0xb8, 0x46, 0x53, 0x44, - 0x95, 0x98, 0x0a, 0x85, 0x0c, 0xfc, 0xc4, 0x86, 0xcc, 0x69, - 0xc6, 0xd9, 0xfa, 0xee, 0x19, 0xa6, 0x34, 0x0f, 0x35, 0xc4, - 0xdc, 0x08 -}; - -static uint8_t r_ref[] = { - 0, 3, 3, 1, 1, 1, 0, 1, 0, 3, 2, 0, 1, 1, 3, 0, 2, 1, 0, 3, - 2, 1, 2, 3, 3, 0, 2, 0, 1, 3, 3, 2, 3, 3, 0, 3, 0, 2, 2, 0, - 1, 1, 2, 0, 1, 1, 2, 1, 3, 0, 0, 3, 1, 1, 0, 0, 0, 2, 0, 1, - 0, 2, 3, 1, 3, 0, 3, 1, 0, 0, 2, 1, 3, 3, 1, 3, 2, 1, 0, 2, - 0, 0, 3, 3, 0, 1, 2, 2, 0, 1, 0, 3, 2, 2, 1, 1, 3, 0, 3, 3, - 2, 2, 0, 2, 1, 0, 0, 0, 3, 0, 3, 1, 2, 1, 1, 0, 3, 3, 2, 1, - 3, 3, 2, 2, 1, 3, 0, 0, 2, 2, 3, 1, 1, 2, 2, 2, 0, 2, 0, 2, - 0, 0, 1, 2, 2, 2, 3, 1, 2, 0, 3, 0, 1, 3, 2, 3, 3, 1, 1, 2, - 0, 0, 2, 1, 2, 2, 0, 2, 2, 2, 2, 1, 1, 3, 1, 3, 3, 1, 2, 2, - 3, 0, 1, 0, 0, 2, 2, 1, 3, 2, 2, 2, 3, 1, 1, 0, 0, 3, 2, 3, - 0, 0, 3, 3, 2, 2, 2, 2, 1, 1, 0, 1, 2, 1, 3, 2, 0, 3, 0, 2, - 3, 3, 3, 3, 2, 3, 3, 3, 3, 2, 1, 0, 2, 3, 2, 1, 2, 0, 3, 0, - 2, 2, 1, 1, 2, 1, 2, 0, 1, 2, 1, 3, 0, 0, 2, 3, 0, 3, 1, 0, - 2, 2, 2, 1, 2, 0, 3, 1, 0, 0, 3, 0, 2, 3, 1, 0, 2, 3, 3, 0, - 0, 0, 3, 0, 2, 3, 2, 0, 2, 2, 1, 0, 1, 2, 1, 3, 3, 3, 1, 2, - 1, 2, 3, 1, 1, 2, 2, 0, 3, 0, 3, 3, 1, 3, 3, 3, 1, 3, 0, 3, - 0, 0, 1, 2, 1, 0, 3, 0, 0, 2, 1, 3, 3, 3, 1, 1, 2, 3, 1, 0, - 1, 1, 3, 3, 0, 3, 1, 3, 1, 2, 2, 2, 1, 3, 1, 2, 1, 3, 0, 1, - 2, 2, 2, 3, 3, 2, 2, 3, 1, 2, 2, 1, 2, 1, 0, 0, 0, 1, 3, 2, - 0, 3, 1, 1, 2, 1, 3, 2, 3, 2, 0, 1, 0, 1, 3, 0, 2, 3, 1, 3, - 0, 1, 1, 3, 1, 1, 1, 0, 2, 3, 2, 1, 2, 0, 3, 3, 2, 0, 1, 0, - 3, 3, 3, 1, 2, 2, 1, 0, 3, 3, 0, 2, 3, 1, 1, 1, 3, 3, 1, 3, - 3, 0, 1, 0, 2, 0, 1, 1, 0, 0, 3, 2, 2, 3, 0, 2, 2, 0, 1, 1, - 1, 3, 1, 1, 1, 0, 1, 2, 3, 2, 2, 3, 1, 1, 3, 3, 3, 1, 2, 0, - 0, 0, 2, 2, 2, 3, 2, 0, 0, 1, 3, 0, 0, 0, 2, 0, 1, 0, 3, 0, - 3, 1, 0, 1, 1, 1, 2, 2, 2, 0, 0, 2, 2, 0, 3, 1, 0, 2, 2, 0, - 2, 0, 0, 1, 1, 0, 1, 2, 3, 2, 3, 2, 3, 3, 3, 0, 2, 1, 2, 2, - 1, 0, 1, 1, 1, 2, 1, 3, 2, 0, 3, 3, 0, 0, 1, 1, 1, 2, 2, 2, - 0, 1, 1, 2, 0, 2, 0, 1, 2, 0, 1, 3, 2, 2, 3, 0, 0, 1, 1, 2, - 3, 1, 2, 0, 3, 0, 2, 1, 0, 0, 0, 1, 1, 1, 1, 3, 0, 0, 0, 3, - 2, 3, 2, 1, 0, 3, 1, 1, 1, 1, 3, 0, 0, 1, 1, 1, 0, 3, 2, 2, - 3, 1, 1, 3, 0, 1, 1, 3, 0, 3, 2, 2, 0, 3, 1, 3, 1, 0, 0, 1, - 1, 0, 0, 1, 0, 3, 2, 2, 0, 1, 3, 0, 1, 3, 3, 2, 1, 3, 1, 1, - 3, 3, 2, 1, 1, 3, 1, 0, 2, 1, 1, 3, 3, 3, 1, 3, 1, 3, 0, 1, - 2, 2, 0, 3, 3, 2, 1, 1, 1, 3, 0, 2, 0, 3, 3, 1, 2, 3, 1, 3, - 0, 0, 0, 1, 3, 3, 0, 2, 3, 0, 1, 3, 0, 0, 3, 0, 2, 2, 3, 3, - 3, 3, 2, 1, 0, 3, 1, 1, 1, 2, 2, 0, 3, 2, 0, 2, 2, 3, 1, 0, - 3, 3, 1, 2, 3, 0, 1, 1, 0, 3, 3, 1, 1, 3, 0, 2, 1, 2, 2, 2, - 2, 3, 2, 3, 0, 0, 3, 1, 1, 0, 3, 2, 3, 2, 3, 3, 2, 2, 3, 1, - 3, 2, 1, 0, 1, 0, 2, 2, 1, 3, 1, 2, 3, 3, 1, 3, 2, 1, 3, 2, - 2, 3, 1, 1, 3, 3, 3, 3, 2, 0, 0, 3, 3, 3, 2, 3, 2, 0, 3, 0, - 3, 1, 2, 0, 3, 0, 2, 2, 2, 3, 1, 2, 2, 1, 3, 3, 0, 1, 3, 0, - 0, 1, 3, 2, 1, 1, 0, 1, 3, 3, 1, 1, 0, 1, 2, 2, 2, 0, 2, 3, - 1, 2, 1, 1, 3, 2, 3, 3, 1, 0, 1, 3, 2, 3, 2, 2, 1, 2, 3, 1, - 3, 2, 3, 1, 3, 3, 0, 3, 1, 1, 3, 2, 1, 2, 2, 0, 1, 1, 2, 3, - 1, 3, 0, 0, 3, 0, 3, 0, 1, 2, 0, 2, 2, 3, 2, 0, 0, 0, 3, 0, - 2, 0, 0, 2, 2, 2, 3, 1, 3, 2, 3, 2, 0, 1, 2, 1, 1, 3, 0, 3, - 2, 0, 2, 2, 3, 2, 1, 0, 1, 1, 0, 2, 0, 3, 2, 0, 2, 3, 1, 3, - 2, 2, 2, 2, 3, 1, 0, 2, 3, 3, 3, 2, 0, 0, 3, 3, 1, 2, 2, 3, - 0, 1, 1, 1, 3, 2, 1, 0, 0, 1, 2, 3, 3, 0, 1, 1, 1, 1, 0, 1, - 0, 2, 3, 3, 3, 3, 0, 2, 3, 0, 1, 0, 0, 1, 1, 3, 2, 2, 0, 0, - 2, 2, 1, 3 -}; - -static chunk_t shared_secret = chunk_from_chars( - 0x14, 0x22, 0x06, 0xe3, 0x48, 0xf3, 0xfa, 0xfc, 0x21, 0x0d, - 0x5d, 0x51, 0x19, 0x7f, 0x16, 0x4e, 0xe6, 0xd3, 0x10, 0xa9, - 0xf5, 0xab, 0xfc, 0x96, 0x11, 0x1b, 0xc3, 0x4a, 0x89, 0xf9, - 0x66, 0x55 -); - -START_TEST(test_newhope_rec_good) -{ - newhope_reconciliation_t *rec; - chunk_t i_shared_secret, r_shared_secret; - uint8_t *r; - - rec = newhope_reconciliation_create(n, q); - ck_assert(rec != NULL); - - r = rec->help_reconcile(rec, r_v, rbits); - ck_assert(memeq(r, r_ref, n)); - - r_shared_secret = rec->reconcile(rec, r_v, r); - ck_assert(chunk_equals(r_shared_secret, shared_secret)); - - i_shared_secret = rec->reconcile(rec, i_v, r); - ck_assert(chunk_equals(i_shared_secret, shared_secret)); - - /* cleanup */ - rec->destroy(rec); - chunk_free(&i_shared_secret); - chunk_free(&r_shared_secret); - free(r); -} -END_TEST - -Suite *newhope_reconciliation_suite_create() -{ - Suite *s; - TCase *tc; - - s = suite_create("newhope_reconciliation"); - - tc = tcase_create("rec_good"); - tcase_add_test(tc, test_newhope_rec_good); - suite_add_tcase(s, tc); - - return s; -} diff --git a/testing/scripts/recipes/013_strongswan.mk b/testing/scripts/recipes/013_strongswan.mk index 9a7d782ce5..329e765f58 100644 --- a/testing/scripts/recipes/013_strongswan.mk +++ b/testing/scripts/recipes/013_strongswan.mk @@ -102,7 +102,6 @@ CONFIG_OPTS = \ --enable-ntru \ --enable-lookip \ --enable-sha3 \ - --enable-newhope \ --enable-frodo \ --enable-systemd \ --enable-counters \ diff --git a/testing/tests/ikev1-stroke/rw-cert/hosts/carol/etc/strongswan.conf b/testing/tests/ikev1-stroke/rw-cert/hosts/carol/etc/strongswan.conf index f8be444c44..eff24b33b3 100644 --- a/testing/tests/ikev1-stroke/rw-cert/hosts/carol/etc/strongswan.conf +++ b/testing/tests/ikev1-stroke/rw-cert/hosts/carol/etc/strongswan.conf @@ -1,5 +1,5 @@ # /etc/strongswan.conf - strongSwan configuration file charon { - load = random drbg nonce aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp newhope mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm stroke kernel-netlink socket-default updown + load = random drbg nonce aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm stroke kernel-netlink socket-default updown } diff --git a/testing/tests/ikev1-stroke/rw-cert/hosts/dave/etc/strongswan.conf b/testing/tests/ikev1-stroke/rw-cert/hosts/dave/etc/strongswan.conf index f8be444c44..eff24b33b3 100644 --- a/testing/tests/ikev1-stroke/rw-cert/hosts/dave/etc/strongswan.conf +++ b/testing/tests/ikev1-stroke/rw-cert/hosts/dave/etc/strongswan.conf @@ -1,5 +1,5 @@ # /etc/strongswan.conf - strongSwan configuration file charon { - load = random drbg nonce aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp newhope mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm stroke kernel-netlink socket-default updown + load = random drbg nonce aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm stroke kernel-netlink socket-default updown } diff --git a/testing/tests/ikev1-stroke/rw-cert/hosts/moon/etc/strongswan.conf b/testing/tests/ikev1-stroke/rw-cert/hosts/moon/etc/strongswan.conf index c2bea5f716..e7b98cc51b 100644 --- a/testing/tests/ikev1-stroke/rw-cert/hosts/moon/etc/strongswan.conf +++ b/testing/tests/ikev1-stroke/rw-cert/hosts/moon/etc/strongswan.conf @@ -1,7 +1,7 @@ # /etc/strongswan.conf - strongSwan configuration file charon { - load = random drbg nonce test-vectors aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp newhope mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm stroke kernel-netlink socket-default updown + load = random drbg nonce test-vectors aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm stroke kernel-netlink socket-default updown integrity_test = yes diff --git a/testing/tests/ikev1/rw-cert/hosts/carol/etc/strongswan.conf b/testing/tests/ikev1/rw-cert/hosts/carol/etc/strongswan.conf index 06db33b1e0..24c0d50dfb 100755 --- a/testing/tests/ikev1/rw-cert/hosts/carol/etc/strongswan.conf +++ b/testing/tests/ikev1/rw-cert/hosts/carol/etc/strongswan.conf @@ -5,5 +5,5 @@ swanctl { } charon-systemd { - load = random drbg nonce aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp newhope mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm vici kernel-netlink socket-default updown + load = random drbg nonce aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm vici kernel-netlink socket-default updown } diff --git a/testing/tests/ikev1/rw-cert/hosts/dave/etc/strongswan.conf b/testing/tests/ikev1/rw-cert/hosts/dave/etc/strongswan.conf index 06db33b1e0..24c0d50dfb 100755 --- a/testing/tests/ikev1/rw-cert/hosts/dave/etc/strongswan.conf +++ b/testing/tests/ikev1/rw-cert/hosts/dave/etc/strongswan.conf @@ -5,5 +5,5 @@ swanctl { } charon-systemd { - load = random drbg nonce aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp newhope mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm vici kernel-netlink socket-default updown + load = random drbg nonce aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm vici kernel-netlink socket-default updown } diff --git a/testing/tests/ikev1/rw-cert/hosts/moon/etc/strongswan.conf b/testing/tests/ikev1/rw-cert/hosts/moon/etc/strongswan.conf index 97e98eab40..7a6debc522 100755 --- a/testing/tests/ikev1/rw-cert/hosts/moon/etc/strongswan.conf +++ b/testing/tests/ikev1/rw-cert/hosts/moon/etc/strongswan.conf @@ -5,7 +5,7 @@ swanctl { } charon-systemd { - load = random drbg nonce test-vectors aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp newhope mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm vici kernel-netlink socket-default updown + load = random drbg nonce test-vectors aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm vici kernel-netlink socket-default updown integrity_test = yes diff --git a/testing/tests/ikev2-stroke/rw-cert/hosts/carol/etc/strongswan.conf b/testing/tests/ikev2-stroke/rw-cert/hosts/carol/etc/strongswan.conf index b4e2611bbd..b61aaaa6e0 100644 --- a/testing/tests/ikev2-stroke/rw-cert/hosts/carol/etc/strongswan.conf +++ b/testing/tests/ikev2-stroke/rw-cert/hosts/carol/etc/strongswan.conf @@ -1,5 +1,5 @@ # /etc/strongswan.conf - strongSwan configuration file charon { - load = random drbg nonce aes des sha1 sha2 sha3 md5 chapoly mgf1 curve25519 ntru newhope pem pkcs1 pkcs8 gmp x509 curl revocation hmac kdf xcbc cmac ctr ccm gcm stroke kernel-netlink socket-default updown + load = random drbg nonce aes des sha1 sha2 sha3 md5 chapoly mgf1 curve25519 ntru pem pkcs1 pkcs8 gmp x509 curl revocation hmac kdf xcbc cmac ctr ccm gcm stroke kernel-netlink socket-default updown } diff --git a/testing/tests/ikev2-stroke/rw-cert/hosts/dave/etc/strongswan.conf b/testing/tests/ikev2-stroke/rw-cert/hosts/dave/etc/strongswan.conf index b4e2611bbd..b61aaaa6e0 100644 --- a/testing/tests/ikev2-stroke/rw-cert/hosts/dave/etc/strongswan.conf +++ b/testing/tests/ikev2-stroke/rw-cert/hosts/dave/etc/strongswan.conf @@ -1,5 +1,5 @@ # /etc/strongswan.conf - strongSwan configuration file charon { - load = random drbg nonce aes des sha1 sha2 sha3 md5 chapoly mgf1 curve25519 ntru newhope pem pkcs1 pkcs8 gmp x509 curl revocation hmac kdf xcbc cmac ctr ccm gcm stroke kernel-netlink socket-default updown + load = random drbg nonce aes des sha1 sha2 sha3 md5 chapoly mgf1 curve25519 ntru pem pkcs1 pkcs8 gmp x509 curl revocation hmac kdf xcbc cmac ctr ccm gcm stroke kernel-netlink socket-default updown } diff --git a/testing/tests/ikev2-stroke/rw-cert/hosts/moon/etc/strongswan.conf b/testing/tests/ikev2-stroke/rw-cert/hosts/moon/etc/strongswan.conf index f48fa4cc98..18769b0378 100644 --- a/testing/tests/ikev2-stroke/rw-cert/hosts/moon/etc/strongswan.conf +++ b/testing/tests/ikev2-stroke/rw-cert/hosts/moon/etc/strongswan.conf @@ -1,7 +1,7 @@ # /etc/strongswan.conf - strongSwan configuration file charon { - load = random drbg nonce test-vectors aes des sha1 sha2 sha3 md5 chapoly mgf1 curve25519 ntru newhope pem pkcs1 pkcs8 gmp x509 curl revocation hmac kdf xcbc cmac ctr ccm gcm stroke kernel-netlink socket-default updown + load = random drbg nonce test-vectors aes des sha1 sha2 sha3 md5 chapoly mgf1 curve25519 ntru pem pkcs1 pkcs8 gmp x509 curl revocation hmac kdf xcbc cmac ctr ccm gcm stroke kernel-netlink socket-default updown integrity_test = yes crypto_test { diff --git a/testing/tests/ikev2/rw-cert/hosts/carol/etc/strongswan.conf b/testing/tests/ikev2/rw-cert/hosts/carol/etc/strongswan.conf index 06db33b1e0..24c0d50dfb 100755 --- a/testing/tests/ikev2/rw-cert/hosts/carol/etc/strongswan.conf +++ b/testing/tests/ikev2/rw-cert/hosts/carol/etc/strongswan.conf @@ -5,5 +5,5 @@ swanctl { } charon-systemd { - load = random drbg nonce aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp newhope mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm vici kernel-netlink socket-default updown + load = random drbg nonce aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm vici kernel-netlink socket-default updown } diff --git a/testing/tests/ikev2/rw-cert/hosts/dave/etc/strongswan.conf b/testing/tests/ikev2/rw-cert/hosts/dave/etc/strongswan.conf index 06db33b1e0..24c0d50dfb 100755 --- a/testing/tests/ikev2/rw-cert/hosts/dave/etc/strongswan.conf +++ b/testing/tests/ikev2/rw-cert/hosts/dave/etc/strongswan.conf @@ -5,5 +5,5 @@ swanctl { } charon-systemd { - load = random drbg nonce aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp newhope mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm vici kernel-netlink socket-default updown + load = random drbg nonce aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm vici kernel-netlink socket-default updown } diff --git a/testing/tests/ikev2/rw-cert/hosts/moon/etc/strongswan.conf b/testing/tests/ikev2/rw-cert/hosts/moon/etc/strongswan.conf index 97e98eab40..7a6debc522 100755 --- a/testing/tests/ikev2/rw-cert/hosts/moon/etc/strongswan.conf +++ b/testing/tests/ikev2/rw-cert/hosts/moon/etc/strongswan.conf @@ -5,7 +5,7 @@ swanctl { } charon-systemd { - load = random drbg nonce test-vectors aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp newhope mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm vici kernel-netlink socket-default updown + load = random drbg nonce test-vectors aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm vici kernel-netlink socket-default updown integrity_test = yes diff --git a/testing/tests/ikev2/strong-keys-certs/hosts/dave/etc/strongswan.conf b/testing/tests/ikev2/strong-keys-certs/hosts/dave/etc/strongswan.conf index 06db33b1e0..24c0d50dfb 100755 --- a/testing/tests/ikev2/strong-keys-certs/hosts/dave/etc/strongswan.conf +++ b/testing/tests/ikev2/strong-keys-certs/hosts/dave/etc/strongswan.conf @@ -5,5 +5,5 @@ swanctl { } charon-systemd { - load = random drbg nonce aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp newhope mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm vici kernel-netlink socket-default updown + load = random drbg nonce aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm vici kernel-netlink socket-default updown }