eucrypt_ch16_bytestream

raw
eucrypt_ch16_byte...    1 with Interfaces; use Interfaces;
eucrypt_ch10_oaep...    2 with SMG_OAEP; use SMG_OAEP;
eucrypt_ch6_kecca...    3 with SMG_Keccak; use SMG_Keccak;
eucrypt_ch6_kecca...    4 with Ada.Exceptions; use Ada.Exceptions;
eucrypt_ch6_kecca...    5 with Ada.Text_IO; use Ada.Text_IO;
eucrypt_ch6_kecca...    6 with Ada.Strings.Fixed; use Ada.Strings.Fixed;
eucrypt_ch16_byte...    7 with System;
eucrypt_ch6_kecca...    8 
eucrypt_ch6_kecca...    9 procedure SMG_Keccak.Test is
eucrypt_ch16_byte...   10   package Octet_IO is new Ada.Text_IO.Modular_IO(Interfaces.Unsigned_8); 
eucrypt_ch16_byte...   11 
eucrypt_ch6_kecca...   12   --types
eucrypt_ch6_kecca...   13   type Keccak_Perms is (None, Theta, Rho, Pi, Chi, Iota);
eucrypt_ch6_kecca...   14   type Test_Vector is array(Keccak_Perms) of State;
eucrypt_ch6_kecca...   15   type Test_Round is array(Round_Index) of Test_Vector;
eucrypt_ch6_kecca...   16 
eucrypt_ch6_kecca...   17   --helper methods
eucrypt_ch6_kecca...   18   procedure print_state(S: in State; Title: in String) is
eucrypt_ch6_kecca...   19     Hex: array(0..15) of Character := ("0123456789ABCDEF");
eucrypt_ch6_kecca...   20     Len: constant Natural := Z_Length / 4;
eucrypt_ch6_kecca...   21     HexString: String(1..Len);
eucrypt_ch6_kecca...   22     W: ZWord;
eucrypt_ch6_kecca...   23   begin
eucrypt_ch6_kecca...   24     Put_Line("---------" & Title & "---------");
eucrypt_ch6_kecca...   25     for Y in XYCoord loop
eucrypt_ch6_kecca...   26       for X in XYCoord loop
eucrypt_ch6_kecca...   27         W := S(X,Y);
eucrypt_ch6_kecca...   28         for Z in 0..Len-1 loop
eucrypt_ch6_kecca...   29           HexString(Natural(Len-Z)) := Hex(Natural(W mod 16));
eucrypt_ch6_kecca...   30           W := W / 16;
eucrypt_ch6_kecca...   31         end loop;
eucrypt_ch6_kecca...   32         Put(HexString & " ");
eucrypt_ch6_kecca...   33       end loop;
eucrypt_ch6_kecca...   34       Put_Line("");
eucrypt_ch6_kecca...   35     end loop;
eucrypt_ch6_kecca...   36   end;
eucrypt_ch6_kecca...   37 
eucrypt_ch16_byte...   38   procedure print_bytestream(B: in Bytestream; Title: in String) is
eucrypt_ch16_byte...   39   begin
eucrypt_ch7_kecca...   40     Put_Line("---" & Title & "---");
eucrypt_ch16_byte...   41     for Pos in B'First..B'Last loop
eucrypt_ch16_byte...   42       Octet_IO.Put(Item => B(Pos), Width => 2, Base => 16);
eucrypt_ch16_byte...   43     end loop;
eucrypt_ch16_byte...   44     New_Line;
eucrypt_ch16_byte...   45   end print_bytestream;
eucrypt_ch7_kecca...   46 
eucrypt_ch6_kecca...   47   function read_state(File: in FILE_TYPE; Oct: Positive :=8) return State is
eucrypt_ch6_kecca...   48     S: State;
eucrypt_ch6_kecca...   49     Line1: String := "0000000000000000 " &
eucrypt_ch6_kecca...   50                      "0000000000000000 " &
eucrypt_ch6_kecca...   51                      "0000000000000000 " & 
eucrypt_ch6_kecca...   52                      "0000000000000000 " &
eucrypt_ch6_kecca...   53                      "0000000000000000";
eucrypt_ch6_kecca...   54     StartPos, EndPos: Positive;
eucrypt_ch6_kecca...   55     Len: Positive := Oct*2;
eucrypt_ch6_kecca...   56   begin
eucrypt_ch6_kecca...   57     for Y in XYCoord loop
eucrypt_ch6_kecca...   58       Line1 := Get_Line(File);
eucrypt_ch6_kecca...   59       StartPos := Line1'First;
eucrypt_ch6_kecca...   60       EndPos := StartPos + Len-1;
eucrypt_ch6_kecca...   61 
eucrypt_ch6_kecca...   62       for X in XYCoord loop
eucrypt_ch6_kecca...   63         S(X,Y) := ZWord'value("16#" & Line1(StartPos..EndPos) & "#");
eucrypt_ch6_kecca...   64         StartPos := EndPos + 2;	--one space to skip
eucrypt_ch6_kecca...   65         EndPos := StartPos + Len - 1;
eucrypt_ch6_kecca...   66       end loop;
eucrypt_ch6_kecca...   67     end loop;
eucrypt_ch6_kecca...   68     return S;
eucrypt_ch6_kecca...   69   end read_state;
eucrypt_ch6_kecca...   70 
eucrypt_ch6_kecca...   71   --reads a full test round from specified file (pre-defined format)
eucrypt_ch6_kecca...   72   function read_from_file (filename : in String;
eucrypt_ch6_kecca...   73                            T        : out Test_Round)
eucrypt_ch6_kecca...   74                            return Boolean is 
eucrypt_ch6_kecca...   75     file: FILE_TYPE;
eucrypt_ch6_kecca...   76     InputMarker: String := "lanes as 64-bit words:";
eucrypt_ch6_kecca...   77     octets: Positive := 8;
eucrypt_ch6_kecca...   78     RoundNo: Round_Index;
eucrypt_ch6_kecca...   79   begin
eucrypt_ch6_kecca...   80     -- try to open the input file
eucrypt_ch6_kecca...   81     begin
eucrypt_ch6_kecca...   82       open(file, In_File, filename);
eucrypt_ch6_kecca...   83     exception
eucrypt_ch6_kecca...   84       when others =>
eucrypt_ch6_kecca...   85         Put_Line(Standard_Error, 
eucrypt_ch6_kecca...   86                  "Can not open the file '" & filename & "'. Does it exist?");
eucrypt_ch6_kecca...   87         return False;
eucrypt_ch6_kecca...   88     end;
eucrypt_ch6_kecca...   89 
eucrypt_ch6_kecca...   90   -- find & read input state first
eucrypt_ch6_kecca...   91     RoundNo := -1;
eucrypt_ch6_kecca...   92     loop
eucrypt_ch6_kecca...   93       declare
eucrypt_ch6_kecca...   94         Line: String := Get_Line(file);
eucrypt_ch6_kecca...   95       begin
eucrypt_ch6_kecca...   96         --check if this is test data of any known kind
eucrypt_ch6_kecca...   97         if index(Line, InputMarker, 1) > 0 then
eucrypt_ch6_kecca...   98           T(0)(None) := read_state(file, octets);
eucrypt_ch6_kecca...   99           print_state(T(0)(None), "Read Input State");
eucrypt_ch6_kecca...  100         elsif index(Line, "Round ", 1) > 0 then
eucrypt_ch6_kecca...  101           RoundNo := RoundNo +1;
eucrypt_ch6_kecca...  102         elsif index(Line, "theta", 1) > 0 then
eucrypt_ch6_kecca...  103           T(RoundNo)(Theta) := read_state(file, octets);
eucrypt_ch6_kecca...  104           if (RoundNo > 0) then
eucrypt_ch6_kecca...  105             T(RoundNo)(None) := T(RoundNo-1)(Iota);  -- previous state as input
eucrypt_ch6_kecca...  106           end if;
eucrypt_ch6_kecca...  107         elsif index(Line, "rho", 1) > 0 then
eucrypt_ch6_kecca...  108           T(RoundNo)(Rho) := read_state(file, octets);
eucrypt_ch6_kecca...  109         elsif index(Line, "pi", 1) > 0 then
eucrypt_ch6_kecca...  110           T(RoundNo)(Pi) := read_state(file, octets);
eucrypt_ch6_kecca...  111         elsif index(Line, "chi", 1) > 0 then
eucrypt_ch6_kecca...  112           T(RoundNo)(Chi) := read_state(file, octets);
eucrypt_ch6_kecca...  113         elsif index(Line, "iota", 1) > 0 then
eucrypt_ch6_kecca...  114           T(RoundNo)(Iota) := read_state(file, octets);
eucrypt_ch6_kecca...  115         end if;	
eucrypt_ch6_kecca...  116         exit when End_Of_File(file);
eucrypt_ch6_kecca...  117       end;
eucrypt_ch6_kecca...  118     end loop;
eucrypt_ch6_kecca...  119     Close(file);
eucrypt_ch6_kecca...  120     return True;
eucrypt_ch6_kecca...  121   end read_from_file;
eucrypt_ch6_kecca...  122 
eucrypt_ch6_kecca...  123   -- performs one single round of Keccak, step by step
eucrypt_ch6_kecca...  124   -- each permutation is tested separately
eucrypt_ch6_kecca...  125   -- test fails with exception raised at first output not matching expected
eucrypt_ch6_kecca...  126   procedure test_one_round(T: Test_Vector; Round: Round_Index) is
eucrypt_ch6_kecca...  127     Input: State;
eucrypt_ch6_kecca...  128     Expected: State;
eucrypt_ch6_kecca...  129     Output: State;
eucrypt_ch6_kecca...  130     Test_One_Round_Fail: Exception;
eucrypt_ch6_kecca...  131   begin
eucrypt_ch6_kecca...  132     Input := T(None);
eucrypt_ch6_kecca...  133     for I in Keccak_Perms range Theta..Iota loop
eucrypt_ch6_kecca...  134       Expected := T(I);
eucrypt_ch6_kecca...  135       case I is
eucrypt_ch6_kecca...  136         when Theta => Output := SMG_Keccak.Theta(Input);
eucrypt_ch6_kecca...  137         when Rho   => Output := SMG_Keccak.Rho(Input);
eucrypt_ch6_kecca...  138         when Pi    => Output := SMG_Keccak.Pi(Input);
eucrypt_ch6_kecca...  139         when Chi => Output := SMG_Keccak.Chi(Input);
eucrypt_ch6_kecca...  140         when Iota => Output := SMG_Keccak.Iota(RC(Round), Input);
eucrypt_ch6_kecca...  141         when others => null;
eucrypt_ch6_kecca...  142       end case;
eucrypt_ch6_kecca...  143 
eucrypt_ch6_kecca...  144       if (Output /= Expected) then
eucrypt_ch6_kecca...  145         print_state(Output, "----------real output-------");
eucrypt_ch6_kecca...  146         print_state(Expected, "----------expected output--------");
eucrypt_ch6_kecca...  147         raise Test_One_Round_Fail;
eucrypt_ch6_kecca...  148       else
eucrypt_ch6_kecca...  149         Put_Line("PASSED: " & Keccak_Perms'Image(I));
eucrypt_ch6_kecca...  150       end if;
eucrypt_ch6_kecca...  151       -- get ready for next permutation
eucrypt_ch6_kecca...  152       Input := Expected;
eucrypt_ch6_kecca...  153     end loop;
eucrypt_ch6_kecca...  154   end test_one_round;
eucrypt_ch7_kecca...  155 
eucrypt_ch16_byte...  156   procedure test_bytes_to_word_conversion is
eucrypt_ch16_byte...  157     bytes: Byteword := (others => 0);
eucrypt_ch16_byte...  158     obtained_bytes: Byteword := (others => 0);
eucrypt_ch7_kecca...  159     expected: ZWord;
eucrypt_ch16_byte...  160     msbexpected: ZWord;
eucrypt_ch7_kecca...  161     obtained: ZWord;
eucrypt_ch7_kecca...  162   begin
eucrypt_ch9_kecca...  163     expected := 16#8FA4F19E0287BBE7#;
eucrypt_ch16_byte...  164     msbexpected := 16#F1258F7940E1DDE7#;
eucrypt_ch16_byte...  165     bytes := (231, 187, 135, 2, 158, 241, 164, 143); --LSByte order!
eucrypt_ch16_byte...  166 
eucrypt_ch16_byte...  167     obtained := BytesToWordLE(bytes);
eucrypt_ch16_byte...  168     obtained_bytes := WordToBytesBE(msbexpected);
eucrypt_ch7_kecca...  169 
eucrypt_ch7_kecca...  170     if obtained /= expected then
eucrypt_ch16_byte...  171       Put_Line("FAIL: bytes to word");
eucrypt_ch7_kecca...  172       Put_Line("Expected: " & ZWord'Image(expected));
eucrypt_ch7_kecca...  173       Put_Line("Obtained: " & ZWord'Image(obtained));
eucrypt_ch7_kecca...  174     else
eucrypt_ch16_byte...  175       Put_Line("PASSED: bytes to word");
eucrypt_ch7_kecca...  176     end if;
eucrypt_ch7_kecca...  177 
eucrypt_ch16_byte...  178     if obtained_bytes /= bytes then
eucrypt_ch16_byte...  179       Put_Line("FAIL: word to bytes");
eucrypt_ch7_kecca...  180       Put("Expected: ");
eucrypt_ch16_byte...  181       for I in Byteword'Range loop
eucrypt_ch16_byte...  182         Put(Interfaces.Unsigned_8'Image(bytes(I)));
eucrypt_ch7_kecca...  183       end loop;
eucrypt_ch7_kecca...  184       Put_Line("");
eucrypt_ch7_kecca...  185       Put_Line("Obtained: ");
eucrypt_ch16_byte...  186       for I in Byteword'Range loop
eucrypt_ch16_byte...  187         Put(Interfaces.Unsigned_8'Image(obtained_bytes(I)));
eucrypt_ch7_kecca...  188       end loop;
eucrypt_ch7_kecca...  189       Put_Line("");
eucrypt_ch7_kecca...  190     else
eucrypt_ch16_byte...  191       Put_Line("PASSED: word to bytes");
eucrypt_ch7_kecca...  192     end if;
eucrypt_ch16_byte...  193   end test_bytes_to_word_conversion;
eucrypt_ch7_kecca...  194 
eucrypt_ch9_kecca...  195   procedure test_flip is
eucrypt_ch16_byte...  196     B      : Byteword := (231, 187, 135, 2, 158, 241, 164, 143);
eucrypt_ch16_byte...  197     Expected: Byteword := (143, 164, 241, 158, 2, 135, 187, 231);
eucrypt_ch16_byte...  198     Output : Byteword;
eucrypt_ch9_kecca...  199   begin
eucrypt_ch9_kecca...  200     Output := FlipOctets( B );
eucrypt_ch9_kecca...  201     if Output /= Expected then
eucrypt_ch9_kecca...  202       Put_Line( "FAILED: flip octets" );
eucrypt_ch9_kecca...  203       Put_Line( "Expected: " );
eucrypt_ch9_kecca...  204       for I of Expected loop
eucrypt_ch16_byte...  205         Put(Interfaces.Unsigned_8'Image(I));
eucrypt_ch9_kecca...  206       end loop;
eucrypt_ch9_kecca...  207       new_line(1);
eucrypt_ch9_kecca...  208       Put_Line( "Output: " );
eucrypt_ch9_kecca...  209       for I of Output loop
eucrypt_ch16_byte...  210         Put(Interfaces.Unsigned_8'Image(I));
eucrypt_ch9_kecca...  211       end loop;
eucrypt_ch9_kecca...  212       new_line(1);
eucrypt_ch9_kecca...  213     else
eucrypt_ch9_kecca...  214       Put_Line( "PASSED: flip octets" );
eucrypt_ch9_kecca...  215     end if;
eucrypt_ch9_kecca...  216   end test_flip;
eucrypt_ch9_kecca...  217 
eucrypt_ch7_kecca...  218   procedure test_sponge is
eucrypt_ch16_byte...  219     Bitrate   : constant Keccak_Rate := 1344 / 8;
eucrypt_ch16_byte...  220     Input     : Bytestream(1..1);
eucrypt_ch7_kecca...  221     Hex       : array(0..15) of Character := ("0123456789ABCDEF");
eucrypt_ch16_byte...  222     ExpHex    : constant String :=
eucrypt_ch16_byte...  223 --for 129 aka 1000 0001
eucrypt_ch16_byte...  224 --              "4BAB86C1E1C067A913F62EFD0D65AF58A9268A80A1D8A606F8"&
eucrypt_ch16_byte...  225 --              "72F535CDE3F1D66704093C78E6F1A8AFA7D9C6D1C016BA88ED"&
eucrypt_ch16_byte...  226 --              "3577450B2B339745ACF467E6DE357A14EC1B1E005E75156FF2"&
eucrypt_ch16_byte...  227 --              "B131F224CB2851F9D70D88ACEE2A7C05B9EF0724C1C8653E01"&
eucrypt_ch16_byte...  228 --              "A55B0A51145C73F23D6C31E0087D2C414B08939F1E67480867"&
eucrypt_ch16_byte...  229 --              "923B3FC7706675678A50260A62DBBFC38A144D75179DFBCA7B"&
eucrypt_ch16_byte...  230 --              "DA3CD87C7B8FFD0F8F12149EE6EAF0322BD48A079B3039A62C"&
eucrypt_ch16_byte...  231 --              "E1A8A5E9BCB03CE38C61ACF3AA9B9FBB159D7EB212054F7DBA"&
eucrypt_ch16_byte...  232 --              "D7ACE8EF0F70B0863E9E6E018F6AE23D74B01707ED59452B73"&
eucrypt_ch16_byte...  233 --              "862579B07C3B20DB9E5AA2479E98C0DBE6FD290FCE7F55BDA7"&
eucrypt_ch16_byte...  234 --              "8C1ED4A6C6A61E373F0A9D154AFF2DC86673658AF2494AAD09"&
eucrypt_ch16_byte...  235 --              "B8409C9B48D217FF354797BFED51807272B3C3AFE52F80FE4A"&
eucrypt_ch16_byte...  236 --              "4180ABE14296FF09A5024AED31F310F870288E91CB58569EE1"&
eucrypt_ch16_byte...  237 --              "FAA2D558E404D2ADFDD96480AE51CBF7FE6D19E8F0FEBC21DA"&
eucrypt_ch16_byte...  238 --              "88D597CA0C2998B95DDA72EF4C749F965688A1E133698E9E71"&
eucrypt_ch16_byte...  239 --              "15F3AEC61ADB7CCB279504FA716E7A059564A8DC5E20535A33"&
eucrypt_ch16_byte...  240 --              "E781C116B5B72B803E204BB25D91192756A575C1D9513282E1"&
eucrypt_ch16_byte...  241 --              "D8204AABE5DAA0A7774A296F2E4B9A87A87F72CD16A00639E7"&
eucrypt_ch16_byte...  242 --              "9EF280227975E05CED112346D3AE1DCE1E12EBA9A5673B29C7"&
eucrypt_ch16_byte...  243 --              "12AE3546D9CD3E09BCA2F2AAD46FFFCC2418E08604BFE30650"&
eucrypt_ch16_byte...  244 --             "549CF10FE6339D769D628828";
eucrypt_ch16_byte...  245 
eucrypt_ch16_byte...  246 --for 19 aka 00010011
eucrypt_ch16_byte...  247               "18F5F5E68207EA4A2F5A992AA4415DDC5DA7EBE12D74CF9E"&
eucrypt_ch16_byte...  248               "0F33205D4E998E09883471A929959B146733C0D1FAD57919"&
eucrypt_ch16_byte...  249               "C6F5B5AA64130266AB5D36666AA896FC69D14E821873138E"&
eucrypt_ch16_byte...  250               "1C53B92FF6106428E5E407AC9E7084DEC1E8819CFB09DD54"&
eucrypt_ch16_byte...  251               "0DE980C631F67BF0CE55F1D6274E5E4274C1D966551B4A6F"&
eucrypt_ch16_byte...  252               "DFD780710872F4A8D4DF380F530EFF443355AAC86CA3AC50"&
eucrypt_ch16_byte...  253               "F65C0339B107B479411B8EFB8860066A2016513E8B3B9E23"&
eucrypt_ch16_byte...  254               "9A5EEF664EA5B50143F9152E45890078D174A75C837633A8"&
eucrypt_ch16_byte...  255               "76E9842316CBDACAFACB87D48E57C6A6948CE71F4A934AB0"&
eucrypt_ch16_byte...  256               "E73E8107F28B3E4CE2CA9A5828F3097126D7141FCF8E6DA4"&
eucrypt_ch16_byte...  257               "FDA017805782BD761663B43AB607914E6FC853443A240E93"&
eucrypt_ch16_byte...  258               "F13C228394C036D0E51CD926D033825951279D4A658F6F81"&
eucrypt_ch16_byte...  259               "5406A8695685C255237CDC6CDD16EC743A42D32BBDDF50A3"&
eucrypt_ch16_byte...  260               "6033E3121B19049AA127138C58411C7B9E7DF4A130C5A3A1"&
eucrypt_ch16_byte...  261               "D7253EC804379A75BF443F54575E96DF71757FEFB8EF4634"&
eucrypt_ch16_byte...  262               "861B2816BAC62B54A88D520D373E7AAAB6F564DEDECC7140"&
eucrypt_ch16_byte...  263               "0B7113BFF9B88AA62EFEC914401FD54B394C54E4B14E7423"&
eucrypt_ch16_byte...  264               "99847A7D1E3EEAC173202B275F7A79E4E6721AA29A9EB974"&
eucrypt_ch16_byte...  265               "D30F72D666A9F7BD7C3FD0EA39239289EB8BA56E3EB4DF94"&
eucrypt_ch16_byte...  266               "D516ADBEE177CE1462379F8A22C82A315D7A4C7BDAE1D0A5"&
eucrypt_ch16_byte...  267               "4A4878C81F56011CDD53D49D2366CCF2D9BBCA0494BD72B4"&
eucrypt_ch16_byte...  268               "17E0C6987118B8F6";
eucrypt_ch16_byte...  269     Output    : Bytestream( 1 .. ExpHex'Length / 2 );
eucrypt_ch16_byte...  270   begin
eucrypt_ch16_byte...  271 --    Input(Input'First) := 129; --1000 0001--
eucrypt_ch16_byte...  272     Input(Input'First) := 19; --00010011 MSB--
eucrypt_ch16_byte...  273 --    Input(Input'First) := 200; --11001000 MSB--
eucrypt_ch7_kecca...  274     Put_Line("---sponge test---");
eucrypt_ch10_oaep...  275     Sponge(Input, Output, Bitrate);
eucrypt_ch7_kecca...  276     Put_Line("Input is:");
eucrypt_ch7_kecca...  277     for I of Input loop
eucrypt_ch16_byte...  278       Put(Interfaces.Unsigned_8'Image(I));
eucrypt_ch7_kecca...  279     end loop;
eucrypt_ch7_kecca...  280     new_line(1);
eucrypt_ch7_kecca...  281 
eucrypt_ch7_kecca...  282     Put_Line("Output is:");
eucrypt_ch7_kecca...  283     for I of Output loop
eucrypt_ch16_byte...  284       Put(Interfaces.Unsigned_8'Image(I));
eucrypt_ch7_kecca...  285     end loop;
eucrypt_ch7_kecca...  286     new_line(1);
eucrypt_ch7_kecca...  287 
eucrypt_ch16_byte...  288     -- check output
eucrypt_ch16_byte...  289     declare
eucrypt_ch16_byte...  290       PO, PE: Natural;
eucrypt_ch16_byte...  291       Pass: Boolean := True;
eucrypt_ch16_byte...  292     begin
eucrypt_ch16_byte...  293       
eucrypt_ch16_byte...  294       for I in 0..Output'Length-1 loop
eucrypt_ch16_byte...  295         PO := Output'First + I;
eucrypt_ch16_byte...  296         PE := ExpHex'First + I*2;
eucrypt_ch16_byte...  297         if Hex(Natural(Output(PO) mod 16)) /= ExpHex(PE+1) or
eucrypt_ch16_byte...  298            Hex(Natural(Output(PO) / 16)) /= ExpHex(PE) then
eucrypt_ch16_byte...  299           Put_Line("FAIL: test_sponge");
eucrypt_ch16_byte...  300           Octet_IO.Put(Output(Output'First+I), Width=>2, Base=>16);
eucrypt_ch16_byte...  301           Put_Line(" vs exp: " &  ExpHex(ExpHex'First+I*2..ExpHex'First+I*2+1));
eucrypt_ch16_byte...  302           Pass := False;
eucrypt_ch16_byte...  303           exit;
eucrypt_ch16_byte...  304         end if;
eucrypt_ch16_byte...  305       end loop;
eucrypt_ch16_byte...  306       if Pass then
eucrypt_ch16_byte...  307         Put_Line("PASS: test_sponge");
eucrypt_ch7_kecca...  308       end if;
eucrypt_ch16_byte...  309     end;
eucrypt_ch7_kecca...  310   end test_sponge;
eucrypt_ch7_kecca...  311 
eucrypt_ch7_kecca...  312   procedure test_keccak_function(T: in Test_Round) is
eucrypt_ch7_kecca...  313     S: State;
eucrypt_ch7_kecca...  314   begin
eucrypt_ch7_kecca...  315     Put_Line("---Full Keccak Function test---");
eucrypt_ch7_kecca...  316     S := Keccak_Function(T(Round_Index'First)(None));
eucrypt_ch7_kecca...  317     if S /= T(Round_Index'Last)(Iota) then
eucrypt_ch7_kecca...  318       Put_Line("FAILED: full keccak function test");
eucrypt_ch7_kecca...  319     else
eucrypt_ch7_kecca...  320       Put_Line("PASSED: full keccak function test");
eucrypt_ch7_kecca...  321     end if;
eucrypt_ch7_kecca...  322   end test_keccak_function;
eucrypt_ch7_kecca...  323 
eucrypt_ch16_byte...  324   procedure test_bytestream_conversion is
eucrypt_ch10_oaep...  325     S: String := "Aa*/";
eucrypt_ch16_byte...  326     E: Bytestream( 0..3 ) := (65, 97, 42, 47);
eucrypt_ch16_byte...  327     B: Bytestream( 0..3 );
eucrypt_ch10_oaep...  328     SS: String := "  t ";
eucrypt_ch10_oaep...  329   begin
eucrypt_ch16_byte...  330     Put_Line("---Testing string to bytestream conversion---");
eucrypt_ch16_byte...  331     ToBytestream( S, B );
eucrypt_ch10_oaep...  332     if E /= B then
eucrypt_ch16_byte...  333       Put_Line("FAILED: string to bytestream conversion.");
eucrypt_ch16_byte...  334       for I in 0..3 loop
eucrypt_ch16_byte...  335         Put_Line("Got " & Interfaces.Unsigned_8'Image(B(I)) & " vs " &
eucrypt_ch16_byte...  336                  Interfaces.Unsigned_8'Image(E(I)));
eucrypt_ch16_byte...  337       end loop;
eucrypt_ch10_oaep...  338     else
eucrypt_ch16_byte...  339       Put_Line("PASSED: string to bytestream conversion.");
eucrypt_ch10_oaep...  340     end if;
eucrypt_ch10_oaep...  341 
eucrypt_ch16_byte...  342     Put_Line("---Testing bytestream to string conversion---");
eucrypt_ch10_oaep...  343     ToString( B, SS );
eucrypt_ch10_oaep...  344     if SS /= S then
eucrypt_ch16_byte...  345       Put_Line("FAILED: bytestream to string conversion");
eucrypt_ch10_oaep...  346       Put_Line("EXPECTED: " & S);
eucrypt_ch10_oaep...  347       Put_Line("OUTPUT: " & SS);
eucrypt_ch10_oaep...  348     else
eucrypt_ch16_byte...  349       Put_Line("PASSED: bytestream to string conversion");
eucrypt_ch10_oaep...  350     end if;
eucrypt_ch16_byte...  351   end test_bytestream_conversion;
eucrypt_ch10_oaep...  352 
eucrypt_ch10_oaep...  353   procedure test_hash_keccak is
eucrypt_ch10_oaep...  354     S: String := "X";
eucrypt_ch10_oaep...  355     O: String := "abc";
eucrypt_ch16_byte...  356     B: Bytestream( 0 .. 2 );
eucrypt_ch16_byte...  357     BB: Bytestream( 1.. 3);
eucrypt_ch16_byte...  358     Exp: Bytestream( 1 .. 3 ) := (225, 98, 227);
eucrypt_ch10_oaep...  359   begin
eucrypt_ch16_byte...  360     BB(BB'First) := 26;
eucrypt_ch10_oaep...  361     Put_Line("----Testing hash keccak on string " & S & "----");
eucrypt_ch10_oaep...  362     HashKeccak(S, O);
eucrypt_ch16_byte...  363     ToBytestream( O, B );
eucrypt_ch10_oaep...  364     if B /= Exp then
eucrypt_ch10_oaep...  365       Put_Line("FAILED: testing hash keccak on string");
eucrypt_ch10_oaep...  366       Put_Line("Output:");
eucrypt_ch10_oaep...  367       for I of B loop
eucrypt_ch16_byte...  368         Put( Interfaces.Unsigned_8'Image( I ) );
eucrypt_ch10_oaep...  369       end loop;
eucrypt_ch10_oaep...  370       new_line(1);
eucrypt_ch10_oaep...  371       Put_Line("Expected:");
eucrypt_ch10_oaep...  372       for I of Exp loop
eucrypt_ch16_byte...  373         Put( Interfaces.Unsigned_8'Image( I ) );
eucrypt_ch10_oaep...  374       end loop;
eucrypt_ch10_oaep...  375     else
eucrypt_ch10_oaep...  376       Put_Line("PASSED: testing hash keccak on string");
eucrypt_ch10_oaep...  377     end if;
eucrypt_ch10_oaep...  378     new_line(1);
eucrypt_ch10_oaep...  379   end test_hash_keccak;
eucrypt_ch10_oaep...  380 
eucrypt_ch10_oaep...  381   procedure test_xor_strings is
eucrypt_ch10_oaep...  382     S1     : String := "ABC";
eucrypt_ch10_oaep...  383     S2     : String := "CBA";
eucrypt_ch10_oaep...  384     Exp    : String := "...";
eucrypt_ch10_oaep...  385     Result : String := "...";
eucrypt_ch10_oaep...  386   begin
eucrypt_ch10_oaep...  387     Exp( Exp'First     ) := Character'Val( 2 );
eucrypt_ch10_oaep...  388     Exp( Exp'First + 1 ) := Character'Val( 0 );
eucrypt_ch10_oaep...  389     Exp( Exp'First + 2 ) := Character'Val( 2 );
eucrypt_ch10_oaep...  390 
eucrypt_ch10_oaep...  391     Put_Line("----Testing xor on strings---");
eucrypt_ch10_oaep...  392     XOR_Strings( S1, S2, Result);
eucrypt_ch10_oaep...  393     Put_Line("S1 is " & S1);
eucrypt_ch10_oaep...  394     Put_Line("S2 is " & S2);
eucrypt_ch10_oaep...  395     Put_Line("Result is: ");
eucrypt_ch10_oaep...  396     for C of Result loop
eucrypt_ch10_oaep...  397       Put( Natural'Image( Character'Pos( C ) ) );
eucrypt_ch10_oaep...  398     end loop;
eucrypt_ch10_oaep...  399     new_line(1);
eucrypt_ch10_oaep...  400 
eucrypt_ch10_oaep...  401     if Result /= Exp then
eucrypt_ch10_oaep...  402       Put_Line("FAILED: xor on strings");
eucrypt_ch10_oaep...  403     else
eucrypt_ch10_oaep...  404       Put_Line("PASSED: xor on strings");
eucrypt_ch10_oaep...  405     end if;
eucrypt_ch10_oaep...  406   end test_xor_strings;
eucrypt_ch10_oaep...  407 
eucrypt_ch10_oaep...  408   procedure test_oaep is
eucrypt_ch10_oaep...  409     Msg     : String := "abcdefghij jihgfedcba123456789";
eucrypt_oaep_fix_...  410     LongMsg : String( 1..1000 ) := ( others => 'T' );
eucrypt_ch10_oaep...  411     Encr    : OAEP_Block := ( others => ' ' );
eucrypt_ch10_oaep...  412     Decr    : OAEP_HALF  := ( others => ' ' );
eucrypt_ch10_oaep...  413     Entropy : OAEP_Block := ( others => 'e' );
eucrypt_ch10_oaep...  414     Len     : Natural;
eucrypt_ch10_oaep...  415     Flag    : Boolean;
eucrypt_oaep_fix_...  416     C       : Character;
eucrypt_oaep_fix_...  417     MaxLen  : constant := 245;
eucrypt_ch10_oaep...  418   begin
eucrypt_ch10_oaep...  419     Put_Line("----Testing OAEP Encrypt----");
eucrypt_ch10_oaep...  420     OAEP_Encrypt( Msg, Entropy, Encr );
eucrypt_ch10_oaep...  421 
eucrypt_ch10_oaep...  422     Put_Line("----Testing OAEP Decrypt----");
eucrypt_ch10_oaep...  423     OAEP_Decrypt( Encr, Len, Decr, Flag );
eucrypt_ch10_oaep...  424 
eucrypt_ch10_oaep...  425     if Flag = False or 
eucrypt_ch10_oaep...  426        Len /= Msg'Length * 8 or 
eucrypt_ch10_oaep...  427        Decr( Decr'First .. Decr'First + Msg'Length - 1 ) /= Msg
eucrypt_ch10_oaep...  428        then
eucrypt_ch10_oaep...  429       Put_Line("FAILED: oaep test");
eucrypt_oaep_fix_...  430       Put_Line("Msg is: "  & Msg);
eucrypt_oaep_fix_...  431       Put_Line("Decr is: " & Decr);
eucrypt_oaep_fix_...  432       Put_Line("Flag is: " & Boolean'Image( Flag ) );
eucrypt_oaep_fix_...  433       Put_Line("Len is: "  & Natural'Image( Len ) );
eucrypt_ch10_oaep...  434     else
eucrypt_ch10_oaep...  435       Put_Line("PASSED: oaep test");
eucrypt_ch10_oaep...  436     end if;
eucrypt_ch10_oaep...  437 
eucrypt_oaep_fix_...  438     -- test decrypt on invalid (non-OAEP) string
eucrypt_oaep_fix_...  439     Flag := True;
eucrypt_oaep_fix_...  440     C := Encr( Encr'First );
eucrypt_oaep_fix_...  441     Encr( Encr'First ) := Character'Val( Character'Pos( C ) / 2 );
eucrypt_oaep_fix_...  442     Decr := ( others => ' ' );
eucrypt_oaep_fix_...  443     OAEP_Decrypt( Encr, Len, Decr, Flag );
eucrypt_oaep_fix_...  444 
eucrypt_oaep_fix_...  445     if Flag = True then
eucrypt_oaep_fix_...  446       Put_Line("FAILED: oaep test with invalid package");
eucrypt_oaep_fix_...  447     else
eucrypt_oaep_fix_...  448       Put_Line("PASSED: oaep test with invalid package");
eucrypt_oaep_fix_...  449     end if; 
eucrypt_oaep_fix_...  450 
eucrypt_oaep_fix_...  451     -- test encrypt on message longer than maximum payload (1096 bits)
eucrypt_oaep_fix_...  452     Flag := False;
eucrypt_oaep_fix_...  453     Len := 0;
eucrypt_oaep_fix_...  454     LongMsg( 1..Msg'Length ) := Msg;
eucrypt_oaep_fix_...  455     Encr := ( others => '.' );
eucrypt_oaep_fix_...  456     OAEP_Encrypt( LongMsg, Entropy, Encr);
eucrypt_oaep_fix_...  457     OAEP_Decrypt( Encr, Len, Decr, Flag);
eucrypt_oaep_fix_...  458 
eucrypt_oaep_fix_...  459     if Flag = False or 
eucrypt_oaep_fix_...  460        Len /= MaxLen * 8 or
eucrypt_oaep_fix_...  461        Decr( Decr'First .. Decr'First + Len / 8 - 1 ) /= 
eucrypt_oaep_fix_...  462              LongMsg( LongMsg'First..LongMsg'First + MaxLen - 1 ) 
eucrypt_oaep_fix_...  463        then
eucrypt_oaep_fix_...  464       Put_Line("FAILED: oaep test with too long message");
eucrypt_oaep_fix_...  465       Put_Line("Msg is: "  & LongMsg);
eucrypt_oaep_fix_...  466       Put_Line("Decr is: " & Decr);
eucrypt_oaep_fix_...  467       Put_Line("Flag is: " & Boolean'Image( Flag ) );
eucrypt_oaep_fix_...  468       Put_Line("Len is: "  & Natural'Image( Len ) );
eucrypt_oaep_fix_...  469     else
eucrypt_oaep_fix_...  470       Put_Line("PASSED: oaep test with too long message");
eucrypt_oaep_fix_...  471     end if;
eucrypt_oaep_fix_...  472 
eucrypt_ch10_oaep...  473   end test_oaep;
eucrypt_ch10_oaep...  474 
eucrypt_ch16_byte...  475   procedure test_all_byterates is
eucrypt_keccak_bi...  476     Input : constant String := "hello, world";
eucrypt_ch16_byte...  477     Bin   : Bytestream( 0 .. Input'Length - 1 ) := ( others => 0 );
eucrypt_ch16_byte...  478     Bout  : Bytestream( 0 .. 100 ) := ( others => 0 );
eucrypt_keccak_bi...  479   begin
eucrypt_ch16_byte...  480     ToBytestream( Input, Bin );
eucrypt_keccak_bi...  481     Put_Line("Testing all bitrates:");
eucrypt_ch16_byte...  482       for Byterate in Keccak_Rate'Range loop
eucrypt_ch16_byte...  483         Sponge(Bin, Bout, Byterate);
eucrypt_ch16_byte...  484         Put_Line("PASSED: keccak with byterate " & Integer'Image(Byterate));
eucrypt_ch16_byte...  485       end loop;
eucrypt_ch16_byte...  486   end test_all_byterates;
eucrypt_ch16_byte...  487 
eucrypt_ch16_byte...  488   procedure test_bitreverse is
eucrypt_ch16_byte...  489     A: Interfaces.Unsigned_8;
eucrypt_ch16_byte...  490     B: Interfaces.Unsigned_8;
eucrypt_ch16_byte...  491     Pass: Boolean := True;
eucrypt_ch16_byte...  492   begin
eucrypt_ch16_byte...  493     for I in 0..255 loop
eucrypt_ch16_byte...  494       -- reverse the bits
eucrypt_ch16_byte...  495       A := Interfaces.Unsigned_8(I);
eucrypt_ch16_byte...  496       B := 0;
eucrypt_ch16_byte...  497       for J in 0..7 loop
eucrypt_ch16_byte...  498         B := B*2 + A mod 2;
eucrypt_ch16_byte...  499         A := A / 2;
eucrypt_keccak_bi...  500       end loop;
eucrypt_ch16_byte...  501       -- compare with tabled value
eucrypt_ch16_byte...  502       if B /= Reverse_Table(I) then
eucrypt_ch16_byte...  503         Pass := False;
eucrypt_ch16_byte...  504         Put_Line("FAIL: reverse table value is wrong Table(" &
eucrypt_ch16_byte...  505                  Integer'Image(I) & ")= " & 
eucrypt_ch16_byte...  506                  Interfaces.Unsigned_8'Image(Reverse_Table(I)) &
eucrypt_ch16_byte...  507                  " but should be " &
eucrypt_ch16_byte...  508                  Interfaces.Unsigned_8'Image(B));
eucrypt_ch16_byte...  509       end if;
eucrypt_ch16_byte...  510     end loop;
eucrypt_ch16_byte...  511     if Pass then 
eucrypt_ch16_byte...  512       Put_Line("PASS: bitreverse table is correct.");
eucrypt_ch16_byte...  513     end if;
eucrypt_ch16_byte...  514   end test_bitreverse;
eucrypt_keccak_bi...  515 
eucrypt_ch6_kecca...  516   -- end of helper methods 
eucrypt_ch6_kecca...  517 
eucrypt_ch6_kecca...  518 	--variables
eucrypt_ch6_kecca...  519   T: Test_Round;
eucrypt_ch6_kecca...  520 begin
eucrypt_ch6_kecca...  521   Put_Line("-----Testing with zero state as input------");
eucrypt_ch6_kecca...  522   if (not read_from_file("testvectorszero.txt", T)) then
eucrypt_ch6_kecca...  523     return;
eucrypt_ch6_kecca...  524   end if;
eucrypt_ch6_kecca...  525 
eucrypt_ch6_kecca...  526   for I in Round_Index loop
eucrypt_ch6_kecca...  527     Put_Line("---round " & Round_Index'Image(I) & "---");
eucrypt_ch6_kecca...  528     test_one_round(T(I), I);		
eucrypt_ch6_kecca...  529   end loop;
eucrypt_ch6_kecca...  530 
eucrypt_ch7_kecca...  531   -- test also Keccak_Function as a whole --
eucrypt_ch7_kecca...  532   test_keccak_function(T);
eucrypt_ch7_kecca...  533 
eucrypt_ch6_kecca...  534   Put_Line("-----Testing with non-zero state as input------");
eucrypt_ch6_kecca...  535   if (not read_from_file("testvectorsnonzero.txt", T)) then 
eucrypt_ch6_kecca...  536     return;
eucrypt_ch6_kecca...  537   end if;
eucrypt_ch6_kecca...  538 
eucrypt_ch6_kecca...  539   for I in Round_Index loop
eucrypt_ch6_kecca...  540     Put_Line("---round " & Round_Index'Image(I) & "---");
eucrypt_ch6_kecca...  541     test_one_round(T(I), I);		
eucrypt_ch6_kecca...  542   end loop;
eucrypt_ch6_kecca...  543 
eucrypt_ch7_kecca...  544   -- test also Keccak_Function as a whole --
eucrypt_ch7_kecca...  545   test_keccak_function(T);
eucrypt_ch7_kecca...  546 
eucrypt_ch16_byte...  547   -- test BytesToWord and WordToBytes
eucrypt_ch16_byte...  548   test_bytes_to_word_conversion;
eucrypt_ch7_kecca...  549 
eucrypt_ch7_kecca...  550   -- test Sponge construction
eucrypt_ch7_kecca...  551   test_sponge;
eucrypt_ch7_kecca...  552 
eucrypt_ch9_kecca...  553   -- test flipping octets
eucrypt_ch9_kecca...  554   test_flip;
eucrypt_ch9_kecca...  555 
eucrypt_ch10_oaep...  556   -- test bitstream conversion
eucrypt_ch16_byte...  557   test_bytestream_conversion;
eucrypt_ch10_oaep...  558 
eucrypt_ch10_oaep...  559   -- test hash keccak (strings version)
eucrypt_ch16_byte...  560   Put_Line("Sytem's BIT order is " & 
eucrypt_ch16_byte...  561            System.Bit_Order'Image(System.Default_Bit_Order));
eucrypt_ch10_oaep...  562   test_hash_keccak;
eucrypt_ch10_oaep...  563 
eucrypt_ch10_oaep...  564   -- test oaep encrypt + decrypt
eucrypt_ch10_oaep...  565   test_oaep;
eucrypt_ch10_oaep...  566 
eucrypt_ch10_oaep...  567   -- test xor on strings
eucrypt_ch10_oaep...  568   test_xor_strings;
eucrypt_ch10_oaep...  569 
eucrypt_ch16_byte...  570   -- test ALL byterates of the Keccak sponge
eucrypt_ch16_byte...  571   test_all_byterates;
eucrypt_ch16_byte...  572 
eucrypt_ch16_byte...  573   -- test the values in the lookup table for bit reversing
eucrypt_ch16_byte...  574   test_bitreverse;
eucrypt_keccak_bi...  575 
eucrypt_ch6_kecca...  576 end SMG_Keccak.Test;