integrity-test: Added bliss_param_sets to read-only segment
authorAndreas Steffen <andreas.steffen@strongswan.org>
Mon, 25 Jul 2016 10:41:43 +0000 (12:41 +0200)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Fri, 29 Jul 2016 10:36:15 +0000 (12:36 +0200)
14 files changed:
src/libstrongswan/plugins/bliss/bliss_huffman.c
src/libstrongswan/plugins/bliss/bliss_param_set.c
src/libstrongswan/plugins/bliss/bliss_param_set.h
src/libstrongswan/plugins/bliss/bliss_private_key.c
src/libstrongswan/plugins/bliss/bliss_public_key.c
src/libstrongswan/plugins/bliss/bliss_public_key.h
src/libstrongswan/plugins/bliss/bliss_sampler.c
src/libstrongswan/plugins/bliss/bliss_sampler.h
src/libstrongswan/plugins/bliss/bliss_signature.c
src/libstrongswan/plugins/bliss/bliss_signature.h
src/libstrongswan/plugins/bliss/bliss_utils.c
src/libstrongswan/plugins/bliss/bliss_utils.h
src/libstrongswan/plugins/bliss/tests/suites/test_bliss_sampler.c
src/libstrongswan/plugins/bliss/tests/suites/test_bliss_signature.c

index 647234f..71e75d6 100644 (file)
@@ -209,7 +209,7 @@ static void remove_node(node_t *list, node_t **last, node_t *node)
  */
 int main(int argc, char *argv[])
 {
-       bliss_param_set_t *set;
+       const bliss_param_set_t *set;
        int dx, bliss_type, depth = 1, groups, groups_left, pairs = 1;
        int i_max = 9, k_max = 8, index_max = (2*k_max - 1) * i_max;
        int i, i_top, k, k_top;
index 80a7c0d..b6649d7 100644 (file)
@@ -33,7 +33,7 @@ ENUM(bliss_param_set_id_names, BLISS_I, BLISS_B_IV,
  *
  * c[i] = exp(-2^i/f), i = 0..20, with f = k_sigma^2 / ln 2 = 93'076.9
  */
-static uint8_t c_bliss_i[] = {
+static const uint8_t c_bliss_i[] = {
        255, 255,  75, 191, 247,  94,  30,  51, 147, 246,  89,  59,  99, 248,  26, 128,
        255, 254, 151, 128, 109, 166,  88, 143,  30, 175, 149,  20, 240,  81, 138, 111,
        255, 253,  47,   2, 214, 243, 188,  76, 236, 235,  40,  62,  54,  35,  33, 205,
@@ -62,7 +62,7 @@ static uint8_t c_bliss_i[] = {
  *
  * c[i] = exp(-2^i/f), i = 0..20, with f = k_sigma^2 / ln 2 = 125'550.5
  */
-static uint8_t c_bliss_iii[] = {
+static const uint8_t c_bliss_iii[] = {
        255, 255, 122,  95,  16, 128,  14, 195,  60,  90, 166, 191, 205,  26, 144, 204,
        255, 254, 244, 190, 102, 192, 187, 141, 169,  92,  33,  30, 170, 141, 184,  56,
        255, 253, 233, 125, 228, 131,  93, 148, 121,  92,  52, 122, 149,  96,  29,  66,
@@ -91,7 +91,7 @@ static uint8_t c_bliss_iii[] = {
  *
  * c[i] = exp(-2^i/f), i = 0..21, with f = k_sigma^2 / ln 2 = 147'732.0
  */
-static uint8_t c_bliss_iv[] = {
+static const uint8_t c_bliss_iv[] = {
        255, 255, 142, 111, 102,   2, 141,  87, 150,  42,  18,  70,   6, 224,  18,  70,
        255, 255,  28, 222, 254, 102,  20,  78, 133,  78, 189, 107,  29,   7,  23, 193,
        255, 254,  57, 190, 198,  79, 181, 181, 108,  75, 142, 145,  45, 238, 193,  29,
@@ -119,7 +119,7 @@ static uint8_t c_bliss_iv[] = {
 /**
  * BLISS signature parameter set definitions
  */
-static bliss_param_set_t bliss_param_sets[] = {
+static const bliss_param_set_t bliss_param_sets[] = {
 
        /* BLISS-I scheme */
        {
@@ -306,7 +306,7 @@ static bliss_param_set_t bliss_param_sets[] = {
 /**
  * See header.
  */
-bliss_param_set_t* bliss_param_set_get_by_id(bliss_param_set_id_t id)
+const bliss_param_set_t* bliss_param_set_get_by_id(bliss_param_set_id_t id)
 {
        int i;
 
@@ -324,7 +324,7 @@ bliss_param_set_t* bliss_param_set_get_by_id(bliss_param_set_id_t id)
 /**
  * See header.
  */
-bliss_param_set_t* bliss_param_set_get_by_oid(int oid)
+const bliss_param_set_t* bliss_param_set_get_by_oid(int oid)
 {
        int i;
 
index 4ea81f6..8c043b9 100644 (file)
@@ -53,42 +53,42 @@ struct bliss_param_set_t {
        /**
         * BLISS parameter set ID
         */
-       bliss_param_set_id_t id;
+       const bliss_param_set_id_t id;
 
        /**
         * BLISS parameter set OID
         */
-       int oid;
+       const int oid;
 
        /**
         * Security strength in bits
         */
-       uint16_t strength;
+       const uint16_t strength;
 
        /**
         * Prime modulus
         */
-       uint16_t q;
+       const uint16_t q;
 
        /**
         * Number of bits in q
         */
-       uint16_t q_bits;
+       const uint16_t q_bits;
 
        /**
         * Inverse of (q + 2) mod 2q
         */
-       uint16_t q2_inv;
+       const uint16_t q2_inv;
 
        /**
         * Ring dimension equal to the number of polynomial coefficients
         */
-       uint16_t n;
+       const uint16_t n;
 
        /**
         * Number of bits in n
         */
-       uint16_t n_bits;
+       const uint16_t n_bits;
 
        /**
         * FFT parameters
@@ -98,87 +98,87 @@ struct bliss_param_set_t {
        /**
         * Number of [-1, +1] secret key coefficients
         */
-       uint16_t non_zero1;
+       const uint16_t non_zero1;
 
        /**
         * Number of [-2, +2] secret key coefficients
         */
-       uint16_t non_zero2;
+       const uint16_t non_zero2;
 
        /**
         * Number of secret key terms that go into Nk(S) norm
         */
-       uint16_t kappa;
+       const uint16_t kappa;
 
        /**
         * Maximum Nk(S) tolerable NK(S) norm (BLISS only)
         */
-       uint32_t nks_max;
+       const uint32_t nks_max;
 
        /**
         * Maximum value Pmax for ||Sc'||^2 norm (BLISS-B only)
         */
-       uint32_t p_max;
+       const uint32_t p_max;
 
        /**
         * Standard deviation sigma
         */
-       uint16_t sigma;
+       const uint16_t sigma;
 
        /**
         *  k_sigma = ceiling[ sqrt(2*ln 2) * sigma ]
         */
-       uint16_t k_sigma;
+       const uint16_t k_sigma;
 
        /**
         *  Number of bits in k_sigma
         */
-       uint16_t k_sigma_bits;
+       const uint16_t k_sigma_bits;
 
        /**
         * Coefficients for Bernoulli sampling with exponential biases
         */
-       uint8_t *c;
+       const uint8_t *c;
 
        /**
         * Number of columns in Bernoulli coefficient table
         */
-       size_t c_cols;
+       const size_t c_cols;
 
        /**
         * Number of rows in Bernoulli coefficient table
         */
-       size_t c_rows;
+       const size_t c_rows;
 
        /**
         * Number of bits in z1
         */
-       uint16_t z1_bits;
+       const uint16_t z1_bits;
 
        /**
         * Number of z2 bits to be dropped after rounding
         */
-       uint16_t d;
+       const uint16_t d;
 
        /**
         * Modulus p = floor(2q / 2^d) applied after bit dropping
         */
-       uint16_t p;
+       const uint16_t p;
 
        /**
         * M = sigma^2 / alpha_rejection^2
         */
-       uint32_t M;
+       const uint32_t M;
 
        /**
         * B_infinity bound
         */
-       uint16_t B_inf;
+       const uint16_t B_inf;
 
        /**
         * B_verify bound
         */
-       uint32_t B_l2;
+       const uint32_t B_l2;
 
 };
 
@@ -188,7 +188,7 @@ struct bliss_param_set_t {
  * @param id   BLISS parameter set ID
  * @return             BLISS parameter set
 */
-bliss_param_set_t* bliss_param_set_get_by_id(bliss_param_set_id_t id);
+const bliss_param_set_t* bliss_param_set_get_by_id(bliss_param_set_id_t id);
 
 /**
  * Get BLISS signature parameter set by BLISS parameter set OID
@@ -196,6 +196,6 @@ bliss_param_set_t* bliss_param_set_get_by_id(bliss_param_set_id_t id);
  * @param oid  BLISS parameter set OID
  * @return             BLISS parameter set
 */
-bliss_param_set_t* bliss_param_set_get_by_oid(int oid);
+const bliss_param_set_t* bliss_param_set_get_by_oid(int oid);
 
 #endif /** BLISS_PARAM_SET_H_ @}*/
index d4cc000..5ec4937 100644 (file)
@@ -47,7 +47,7 @@ struct private_bliss_private_key_t {
        /**
         * BLISS signature parameter set
         */
-       bliss_param_set_t *set;
+       const bliss_param_set_t *set;
 
        /**
         * BLISS secret key S1 (coefficients of polynomial f)
@@ -1007,7 +1007,7 @@ bliss_private_key_t *bliss_private_key_gen(key_type_t type, va_list args)
        uint32_t *S1, *S2, *a;
        uint16_t q;
        bool success = FALSE;
-       bliss_param_set_t *set;
+       const bliss_param_set_t *set;
        ntt_fft_t *fft;
        rng_t *rng;
 
index 1016aec..0ef87e2 100644 (file)
@@ -38,7 +38,7 @@ struct private_bliss_public_key_t {
        /**
         * BLISS signature parameter set
         */
-       bliss_param_set_t *set;
+       const bliss_param_set_t *set;
 
        /**
         * NTT of BLISS public key a (coefficients of polynomial (2g + 1)/f)
@@ -415,7 +415,7 @@ end:
 /**
  * See header.
  */
-bool bliss_public_key_from_asn1(chunk_t object, bliss_param_set_t *set,
+bool bliss_public_key_from_asn1(chunk_t object, const bliss_param_set_t *set,
                                                                uint32_t **pubkey)
 {
        bliss_bitpacker_t *packer;
@@ -454,7 +454,7 @@ bool bliss_public_key_from_asn1(chunk_t object, bliss_param_set_t *set,
 /**
  * See header.
  */
-chunk_t bliss_public_key_encode(uint32_t *pubkey, bliss_param_set_t *set)
+chunk_t bliss_public_key_encode(uint32_t *pubkey, const bliss_param_set_t *set)
 {
        bliss_bitpacker_t *packer;
        chunk_t encoding;
@@ -476,7 +476,7 @@ chunk_t bliss_public_key_encode(uint32_t *pubkey, bliss_param_set_t *set)
  * See header.
  */
 chunk_t bliss_public_key_info_encode(int oid, uint32_t *pubkey,
-                                                                        bliss_param_set_t *set)
+                                                                        const bliss_param_set_t *set)
 {
        chunk_t encoding, pubkey_encoding;
 
@@ -495,7 +495,7 @@ chunk_t bliss_public_key_info_encode(int oid, uint32_t *pubkey,
  * See header.
  */
 bool bliss_public_key_fingerprint(int oid, uint32_t *pubkey,
-                                                                 bliss_param_set_t *set,
+                                                                 const bliss_param_set_t *set,
                                                                  cred_encoding_type_t type, chunk_t *fp)
 {
        hasher_t *hasher;
index cd8f231..d8dd2df 100644 (file)
@@ -61,7 +61,7 @@ bliss_public_key_t *bliss_public_key_load(key_type_t type, va_list args);
  * @param pubkey       coefficients of public key vector
  * @return                     TRUE if parsing successful
  */
-bool bliss_public_key_from_asn1(chunk_t object, bliss_param_set_t *set,
+bool bliss_public_key_from_asn1(chunk_t object, const bliss_param_set_t *set,
                                                                uint32_t **pubkey);
 
 /**
@@ -71,7 +71,7 @@ bool bliss_public_key_from_asn1(chunk_t object, bliss_param_set_t *set,
  * @param set          BLISS parameter set for the public key vector
  * @result                     ASN.1 encoded subjectPublicKey
  */
-chunk_t bliss_public_key_encode(uint32_t *pubkey, bliss_param_set_t *set);
+chunk_t bliss_public_key_encode(uint32_t *pubkey, const bliss_param_set_t *set);
 
 /**
  * Encode a BLISS subjectPublicKeyInfo record in ASN.1 DER format
@@ -82,7 +82,7 @@ chunk_t bliss_public_key_encode(uint32_t *pubkey, bliss_param_set_t *set);
  * @result                     ASN.1 encoded subjectPublicKeyInfo record
  */
 chunk_t bliss_public_key_info_encode(int oid, uint32_t *pubkey,
-                                                                        bliss_param_set_t *set);
+                                                                        const bliss_param_set_t *set);
 
 /**
  * Generate a BLISS public key fingerprint
@@ -95,7 +95,7 @@ chunk_t bliss_public_key_info_encode(int oid, uint32_t *pubkey,
  * @result                     TRUE if generation was successful
  */
 bool bliss_public_key_fingerprint(int oid, uint32_t *pubkey,
-                                                                 bliss_param_set_t *set,
+                                                                 const bliss_param_set_t *set,
                                                                  cred_encoding_type_t type, chunk_t *fp);
 
 #endif /** BLISS_PUBLIC_KEY_H_ @}*/
index fa45a2f..717c15f 100644 (file)
@@ -32,7 +32,7 @@ struct private_bliss_sampler_t {
        /**
         * BLISS parameter the rejection sampling is to be based on
         */
-       bliss_param_set_t *set;
+       const bliss_param_set_t *set;
 
        /**
         * Bitspender used for random rejection sampling
@@ -45,7 +45,8 @@ METHOD(bliss_sampler_t, bernoulli_exp, bool,
        private_bliss_sampler_t *this, uint32_t x, bool *accepted)
 {
        uint32_t x_mask;
-       uint8_t *c, u;
+       uint8_t u;
+       const uint8_t *c;
        int i;
 
        x_mask = 1 << (this->set->c_rows - 1);
@@ -222,7 +223,7 @@ METHOD(bliss_sampler_t, destroy, void,
  * See header.
  */
 bliss_sampler_t *bliss_sampler_create(hash_algorithm_t alg, chunk_t seed,
-                                                                         bliss_param_set_t *set)
+                                                                         const bliss_param_set_t *set)
 {
        private_bliss_sampler_t *this;
        mgf1_bitspender_t *bitspender;
index 2c75d44..22562b2 100644 (file)
@@ -89,6 +89,6 @@ struct bliss_sampler_t {
  * @param set          BLISS parameter set to be used
  */
 bliss_sampler_t *bliss_sampler_create(hash_algorithm_t alg, chunk_t seed,
-                                                                         bliss_param_set_t *set);
+                                                                         const bliss_param_set_t *set);
 
 #endif /** BLISS_SAMPLER_H_ @}*/
index e603da3..f4e1bff 100644 (file)
@@ -32,7 +32,7 @@ struct private_bliss_signature_t {
        /**
         * BLISS signature parameter set
         */
-       bliss_param_set_t *set;
+       const bliss_param_set_t *set;
 
        /**
         * BLISS signature vector z1 of size n
@@ -134,7 +134,7 @@ METHOD(bliss_signature_t, destroy, void,
 /**
  * See header.
  */
-bliss_signature_t *bliss_signature_create(bliss_param_set_t *set)
+bliss_signature_t *bliss_signature_create(const bliss_param_set_t *set)
 {
        private_bliss_signature_t *this;
 
@@ -156,7 +156,7 @@ bliss_signature_t *bliss_signature_create(bliss_param_set_t *set)
 /**
  * See header.
  */
-bliss_signature_t *bliss_signature_create_from_data(bliss_param_set_t *set,
+bliss_signature_t *bliss_signature_create_from_data(const bliss_param_set_t *set,
                                                                                                        chunk_t encoding)
 {
        private_bliss_signature_t *this;
index d37f539..20ed6c0 100644 (file)
@@ -61,7 +61,7 @@ struct bliss_signature_t {
  *
  * @param set                  BLISS parameter set
  */
-bliss_signature_t *bliss_signature_create(bliss_param_set_t *set);
+bliss_signature_t *bliss_signature_create(const bliss_param_set_t *set);
 
 /**
  * Create a BLISS signature object from encoding.
@@ -69,7 +69,7 @@ bliss_signature_t *bliss_signature_create(bliss_param_set_t *set);
  * @param set                  BLISS parameter set
  * @param encoding             binary signature encoding
  */
-bliss_signature_t *bliss_signature_create_from_data(bliss_param_set_t *set,
+bliss_signature_t *bliss_signature_create_from_data(const bliss_param_set_t *set,
                                                                                                        chunk_t encoding);
 
 #endif /** BLISS_SIGNATURE_H_ @}*/
index 5e313ff..01b8af3 100644 (file)
@@ -39,7 +39,8 @@ int32_t bliss_utils_scalar_product(int32_t *x, int32_t *y, int n)
 /**
  * See header.
  */
-void bliss_utils_round_and_drop(bliss_param_set_t *set, int32_t *x, int16_t *xd)
+void bliss_utils_round_and_drop(const bliss_param_set_t *set,
+                                                               int32_t *x, int16_t *xd)
 {
        int32_t factor;
        int i;
@@ -56,7 +57,7 @@ void bliss_utils_round_and_drop(bliss_param_set_t *set, int32_t *x, int16_t *xd)
  * See header.
  */
 bool bliss_utils_generate_c(hash_algorithm_t alg, chunk_t data_hash,
-                                                       uint16_t *ud, bliss_param_set_t *set,
+                                                       uint16_t *ud, const bliss_param_set_t *set,
                                                        uint16_t *c_indices)
 {
        int i, index_trials = 0, index_found = 0;
@@ -117,7 +118,8 @@ bool bliss_utils_generate_c(hash_algorithm_t alg, chunk_t data_hash,
 /**
  * See header.
  */
-bool bliss_utils_check_norms(bliss_param_set_t *set, int32_t *z1, int16_t *z2d)
+bool bliss_utils_check_norms(const bliss_param_set_t *set,
+                                                        int32_t *z1, int16_t *z2d)
 {
        int32_t z2ds[set->n];
        int32_t z1_min, z1_max, norm;
index 156968d..15c5671 100644 (file)
@@ -42,7 +42,8 @@ int32_t bliss_utils_scalar_product(int32_t *x, int32_t *y, int n);
  * @param x                    input vector x of size n
  * @param xd           rounded vector x with d bits dropped
  */
-void bliss_utils_round_and_drop(bliss_param_set_t *set,        int32_t *x, int16_t *xd);
+void bliss_utils_round_and_drop(const bliss_param_set_t *set,
+                                                               int32_t *x, int16_t *xd);
 
 /**
  * Generate the binary challenge vector c as an array of kappa indices
@@ -54,7 +55,7 @@ void bliss_utils_round_and_drop(bliss_param_set_t *set,       int32_t *x, int16_t *xd)
  * @param c_indices    indexes of non-zero challenge coefficients
  */
 bool bliss_utils_generate_c(hash_algorithm_t alg, chunk_t data_hash,
-                                                       uint16_t *ud, bliss_param_set_t *set,
+                                                       uint16_t *ud, const bliss_param_set_t *set,
                                                        uint16_t *c_indices);
 
 /**
@@ -65,6 +66,7 @@ bool bliss_utils_generate_c(hash_algorithm_t alg, chunk_t data_hash,
  * @param z2d  input vector
  * @result             TRUE if infinite and l2 norms do not exceed boundaries
  */
-bool bliss_utils_check_norms(bliss_param_set_t *set, int32_t *z1, int16_t *z2d);
+bool bliss_utils_check_norms(const bliss_param_set_t *set,
+                                                        int32_t *z1, int16_t *z2d);
 
 #endif /** BLISS_UTILS_H_ @}*/
index 1bd1266..29f0b94 100644 (file)
@@ -22,7 +22,7 @@ static u_int key_size[] = { 1, 3, 4};
 START_TEST(test_bliss_sampler_gaussian)
 {
        bliss_sampler_t *sampler;
-       bliss_param_set_t *set;
+       const bliss_param_set_t *set;
        int i, k, count;
        uint32_t hist[8], sign[3];
        int32_t z;
index 2a2f48c..6f56650 100644 (file)
@@ -95,8 +95,8 @@ static chunk_t data = chunk_from_chars(
 
 START_TEST(test_bliss_signature_fail)
 {
-       bliss_param_set_t set2 = { .id = BLISS_B_II };
-       bliss_param_set_t *set;
+       const bliss_param_set_t set2 = { .id = BLISS_B_II };
+       const bliss_param_set_t *set;
        bliss_signature_t *signature;
        chunk_t encoding;
        int k;