amend! Add SHAKE vectors

Add SHAKE vectors Add a separate module for SHAKE vectors, including a protobuf descriptor and classes, a parsing script, and the source files. The protobuf uses the new format with some differences from the one included in the SHA module: we combine the tests from ShortMsg, LongMsg, and VariableOut files into the `tests` field, and add the `mc_test` field containing the Monte-Carlo test. This way, all tests for a given algorithm and orientation fit in one single instance of ShakeVectors. Note that users of these vectors (us) are expected to check whether this is a valid test before using it, as sources other than NIST CAVP are not expected to provide this one.
quarkslab · Feb 13, 2025 · cf084c0 · cf084c0
1 parent 82faf14
commit cf084c0
Show file tree

Hide file tree

Showing 20 changed files with 418 additions and 436 deletions.
diff --git a/crypto_condor/cli/run.py b/crypto_condor/cli/run.py
@@ -19,7 +19,6 @@
     RSAES,
     RSASSA,
     SHA,
-    SHAKE,
     ChaCha20,
 )
 from crypto_condor.primitives.common import Console
@@ -386,39 +385,37 @@ def sha(
 @app.command(name="SHAKE", no_args_is_help=True, help=_shake_help)
 @app.command(name="shake", no_args_is_help=True, help=_shake_help, hidden=True)
 def shake(
-    language: Annotated[SHAKE.Wrapper, _language],
-    algorithm: Annotated[
-        SHAKE.Algorithm,
-        typer.Argument(help="The XOF algorithm to test.", case_sensitive=False),
-    ],
-    orientation: Annotated[
-        SHAKE.Orientation,
-        typer.Argument(
-            help="The orientation of the implementation, either bit- or byte-oriented.",
-            case_sensitive=False,
-        ),
-    ],
+    wrapper: Annotated[Path, typer.Argument(metavar="FILE")],
     filename: Annotated[str, _filename] = "",
     no_save: Annotated[bool, _no_save] = False,
     debug: Annotated[Optional[bool], _debug] = None,
+    compliance: Annotated[bool, _compliance] = True,
+    resilience: Annotated[bool, _resilience] = False,
 ):
     """Runs a SHAKE wrapper.
 
     Args:
-        language: The language of the wrapper to run.
-        algorithm: The SHAKE algorithm to test.
-        orientation: The orientation of the implementation, either bit- or
-            byte-oriented.
+        wrapper: The wrapper to test.
+
+    Keyword Args:
         filename: Name of the file to save results.
         no_save: Do not save results or prompt the user.
         debug: When saving the results to a file, whether to add the debug data.
+        compliance: Whether to use compliance test vectors.
+        resilience: Whether to use resilience test vectors.
     """
-    try:
-        results = SHAKE.run_wrapper(language, algorithm, orientation)
-    except ValueError as error:
-        logger.error(error)
-        raise typer.Exit(1) from error
-    if console.process_results(results, filename, no_save, debug):
+    if not wrapper.is_file():
+        raise FileNotFoundError(f"Could not find wrapper {str(wrapper)}")
+
+    from crypto_condor.primitives import SHAKE
+
+    match wrapper.stem:
+        case ".py":
+            rd = SHAKE.run_python_wrapper(wrapper, compliance, resilience)
+        case _:
+            console.print(f"There are no runners for {wrapper.stem} wrappers")
+            raise typer.Exit(1)
+    if console.process_results(rd, filename, no_save, debug):
         raise typer.Exit(0)
     else:
         raise typer.Exit(1)

diff --git a/crypto_condor/cli/verify.py b/crypto_condor/cli/verify.py
@@ -2,11 +2,11 @@
 
 import logging
 from pathlib import Path
-from typing import Annotated
+from typing import Annotated, Optional
 
 import typer
 
-from crypto_condor.primitives import AES, ECDSA, SHA, ChaCha20
+from crypto_condor.primitives import AES, ECDSA, SHA, SHAKE, ChaCha20
 from crypto_condor.primitives.common import Console
 
 # --------------------------- Module --------------------------------------------------
@@ -48,6 +48,9 @@
     metavar="FILE",
 )
 _no_save = typer.Option("--no-save", help="Do not prompt to save results.")
+_debug = typer.Option(
+    "--debug/--no-debug", help="When saving results, whether to include debug data"
+)
 
 # --------------------------- Commands ------------------------------------------------
 
@@ -311,3 +314,64 @@ def chacha20(
         raise typer.Exit(0)
     else:
         raise typer.Exit(1)
+
+
+_shake_help = """Test the output of a SHAKE implementation.
+
+The format of the output file is as follows:
+
+- One line per operation, separated by newlines ``\n``.
+- Lines starting with ``#`` are considered comments and ignored.
+- Values are written in hexadecimal.
+- Values are separated by forward slashes ``/``.
+- The order of the values is:
+
+    ``msg/out``
+
+Where:
+    - ``msg`` is the input message to hash.
+    - ``out`` is the result.
+"""
+
+
+@app.command(
+    name="SHAKE",
+    help=_shake_help,
+    no_args_is_help=True,
+    rich_help_panel="Subcommands",
+    context_settings={"max_content_width": console.width},
+)
+@app.command(
+    name="shake",
+    help=_shake_help,
+    no_args_is_help=True,
+    rich_help_panel="Subcommands",
+    context_settings={"max_content_width": console.width},
+    hidden=True,
+)
+def shake(
+    input_file: Annotated[Path, typer.Argument(metavar="FILE")],
+    algorithm: Annotated[
+        SHAKE.Algorithm,
+        typer.Argument(help="The SHAKE algorithm used to generate the file."),
+    ],
+    filename: Annotated[str, _filename] = "",
+    no_save: Annotated[bool, _no_save] = False,
+    debug: Annotated[Optional[bool], _debug] = None,
+):
+    """Tests the output of a SHAKE implementation.
+
+    Args:
+        input_file: The file to test.
+        algorithm: The SHAKE variant used to generate the outputs.
+
+    Keyword Args:
+        filename: The name of the file to save the results.
+        no_save: If True, results are not saved and the user is not prompted.
+        debug: If the results are saved, include debug data.
+    """
+    rd = SHAKE.test_output_digest(input_file, algorithm)
+    if console.process_results(rd, filename, no_save, debug):
+        raise typer.Exit(0)
+    else:
+        raise typer.Exit(1)
diff --git a/crypto_condor/primitives/MLKEM.py b/crypto_condor/primitives/MLKEM.py
@@ -552,7 +552,7 @@ def test_output_encaps(output: Path, paramset: Paramset) -> ResultsDict:
         A dictionary of results.
 
     Format:
-        - One line per hashing operation, separated by newlines ``\n``.
+        - One line per operation, separated by newlines ``\n``.
         - Lines starting with ``#`` are considered comments and ignored.
         - Values are written in hexadecimal.
         - Values are separated by forward slashes ``/``.