Skip to content

Commit

Permalink
Refactoring in oqs_scripts/ (#55)
Browse files Browse the repository at this point in the history
  • Loading branch information
@xvzcf
xvzcf authored Mar 15, 2021
1 parent aa97024 commit 75f9e24
Show file tree
Hide file tree
Showing 10 changed files with 186 additions and 99 deletions.
2 changes: 1 addition & 1 deletion .circleci/config.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ jobs:
working_directory: build
- run:
name: Check that we have the bssl server and client syntax right
command: python3 oqs_scripts/oqs_try_handshake.py
command: python3 oqs_scripts/try_handshake.py

workflows:
version: 2.1
Expand Down
214 changes: 126 additions & 88 deletions oqs_scripts/testrun.py → oqs_scripts/test_with_interop_server.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,14 +2,102 @@
import sys
import subprocess
import os
import pytest
import time
import shutil
import tempfile
import urllib.request

sixs = [
'rsa3072',
'ecdsap256',
kexs = [
'prime256v1',
'x25519',
##### OQS_TEMPLATE_FRAGMENT_LIST_KEMS_START
'p256_oqs_kem_default',
'frodo640aes',
'p256_frodo640aes',
'frodo640shake',
'p256_frodo640shake',
'frodo976aes',
'p384_frodo976aes',
'frodo976shake',
'p384_frodo976shake',
'frodo1344aes',
'p521_frodo1344aes',
'frodo1344shake',
'p521_frodo1344shake',
'bike1l1cpa',
'p256_bike1l1cpa',
'bike1l3cpa',
'p384_bike1l3cpa',
'kyber512',
'p256_kyber512',
'kyber768',
'p384_kyber768',
'kyber1024',
'p521_kyber1024',
'ntru_hps2048509',
'p256_ntru_hps2048509',
'ntru_hps2048677',
'p384_ntru_hps2048677',
'ntru_hps4096821',
'p521_ntru_hps4096821',
'ntru_hrss701',
'p384_ntru_hrss701',
'lightsaber',
'p256_lightsaber',
'saber',
'p384_saber',
'firesaber',
'p521_firesaber',
'sidhp434',
'p256_sidhp434',
'sidhp503',
'p256_sidhp503',
'sidhp610',
'p384_sidhp610',
'sidhp751',
'p521_sidhp751',
'sikep434',
'p256_sikep434',
'sikep503',
'p256_sikep503',
'sikep610',
'p384_sikep610',
'sikep751',
'p521_sikep751',
'bike1l1fo',
'p256_bike1l1fo',
'bike1l3fo',
'p384_bike1l3fo',
'kyber90s512',
'p256_kyber90s512',
'kyber90s768',
'p384_kyber90s768',
'kyber90s1024',
'p521_kyber90s1024',
'hqc128',
'p256_hqc128',
'hqc192',
'p384_hqc192',
'hqc256',
'p521_hqc256',
'ntrulpr653',
'p256_ntrulpr653',
'ntrulpr761',
'p384_ntrulpr761',
'ntrulpr857',
'p384_ntrulpr857',
'sntrup653',
'p256_sntrup653',
'sntrup761',
'p384_sntrup761',
'sntrup857',
'p384_sntrup857',
##### OQS_TEMPLATE_FRAGMENT_LIST_KEMS_END
]

sigs = [
'ecdsap256',
##### OQS_TEMPLATE_FRAGMENT_LIST_ALL_SIGS_START
'oqs_sig_default',
'dilithium2',
Expand Down Expand Up @@ -72,94 +160,44 @@
'sphincsshake256256srobust',
'sphincsshake256256ssimple',
##### OQS_TEMPLATE_FRAGMENT_LIST_ALL_SIGS_END
]
]

kexs = [
'prime256v1',
'x25519',
##### OQS_TEMPLATE_FRAGMENT_LIST_ALL_KEMS_START
'oqs_kem_default',
'frodo640aes',
'frodo640shake',
'frodo976aes',
'frodo976shake',
'frodo1344aes',
'frodo1344shake',
'bike1l1cpa',
'bike1l3cpa',
'kyber512',
'kyber768',
'kyber1024',
'ntru_hps2048509',
'ntru_hps2048677',
'ntru_hps4096821',
'ntru_hrss701',
'lightsaber',
'saber',
'firesaber',
'sidhp434',
'sidhp503',
'sidhp610',
'sidhp751',
'sikep434',
'sikep503',
'sikep610',
'sikep751',
'bike1l1fo',
'bike1l3fo',
'kyber90s512',
'kyber90s768',
'kyber90s1024',
'hqc128',
'hqc192',
'hqc256',
'ntrulpr653',
'ntrulpr761',
'ntrulpr857',
'sntrup653',
'sntrup761',
'sntrup857',
##### OQS_TEMPLATE_FRAGMENT_LIST_ALL_KEMS_END
]
@pytest.fixture(scope="session")
def server_CA_cert(request):
with urllib.request.urlopen('https://test.openquantumsafe.org/CA.crt') as response:
with tempfile.NamedTemporaryFile(delete=False) as ca_file:
shutil.copyfileobj(response, ca_file)
return ca_file

with urllib.request.urlopen('https://test.openquantumsafe.org/CA.crt') as response:
with tempfile.NamedTemporaryFile(delete=False) as ca_file:
shutil.copyfileobj(response, ca_file)
@pytest.fixture(scope="session")
def server_port_assignments(request):
with urllib.request.urlopen('https://test.openquantumsafe.org/assignments.json') as response:
return json.loads(response.read())

with urllib.request.urlopen('https://test.openquantumsafe.org/assignments.json') as response:
jsoncontents = response.read()
@pytest.fixture
def bssl(request):
return os.path.join('build', 'tool', 'bssl')

onlysigoutput = False
if len(sys.argv)>1:
onlysigoutput=True
@pytest.mark.parametrize('kex', kexs)
@pytest.mark.parametrize('sig', sigs)
def test_sig_kex_pair(sig, kex, bssl, server_CA_cert, server_port_assignments):
if kex == 'prime256v1':
server_port = server_port_assignments[sig]["*"]
elif kex == 'x25519':
server_port = server_port_assignments[sig]['X25519']
else:
server_port = server_port_assignments[sig][kex]

assignments = json.loads(jsoncontents)
for sig in assignments:
if sig in sixs:
print("Testing %s:" % (sig))
for kem in assignments[sig]:
if kem in kexs:
# assemble testing command
cmd = "(echo \'GET /\'; sleep 0.2) | build/tool/bssl client -connect test.openquantumsafe.org:"+str(assignments[sig][kem]) + " -root-certs "+ca_file.name+" 2>&1"
if kem!="*": # don't prescribe KEM
cmd=cmd+" -curves "+kem
output = os.popen(cmd).read()
# proc = subprocess.Popen([os.path.join("build", "tool", "bssl"), "client",
# "-connect", "test.openquantumsafe.org:"+str(assignments[sig][kem]),
# "-curves", kem,
# "-root-certs", ca_file.name])
# time.sleep(1)
# output, stderr = proc.communicate(input="GET /\n\n")
if not ("Successfully" in output):
print("Error with command '%s': \n%s\n" % (cmd, output))
if (not onlysigoutput):
exit(-1)
else:
if (not onlysigoutput):
print(" Tested KEM %s successfully." % (kem))
else:
sys.stdout.buffer.write(b".")
sys.stdout.flush()
print("\n Successfully concluded testing "+sig)
print("All available tests successfully passed.")
client = subprocess.Popen([bssl, "client",
"-connect",
"test.openquantumsafe.org:"+str(server_port),
"-curves", kex,
"-root-certs", server_CA_cert.name],
stdin=subprocess.PIPE,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
time.sleep(1.5)
stdout, stderr = client.communicate(input="GET /\n".encode())
assert client.returncode == 0, stderr.decode("utf-8")
assert "Successfully connected using".format(sig, kex) in stdout.decode("utf-8"), stdout.decode("utf-8")

41 changes: 41 additions & 0 deletions oqs_scripts/oqs_try_handshake.py → oqs_scripts/try_handshake.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,46 +13,87 @@
'x25519',
##### OQS_TEMPLATE_FRAGMENT_LIST_ALL_KEMS_START
'oqs_kem_default',
'p256_oqs_kem_default',
'frodo640aes',
'p256_frodo640aes',
'frodo640shake',
'p256_frodo640shake',
'frodo976aes',
'p384_frodo976aes',
'frodo976shake',
'p384_frodo976shake',
'frodo1344aes',
'p521_frodo1344aes',
'frodo1344shake',
'p521_frodo1344shake',
'bike1l1cpa',
'p256_bike1l1cpa',
'bike1l3cpa',
'p384_bike1l3cpa',
'kyber512',
'p256_kyber512',
'kyber768',
'p384_kyber768',
'kyber1024',
'p521_kyber1024',
'ntru_hps2048509',
'p256_ntru_hps2048509',
'ntru_hps2048677',
'p384_ntru_hps2048677',
'ntru_hps4096821',
'p521_ntru_hps4096821',
'ntru_hrss701',
'p384_ntru_hrss701',
'lightsaber',
'p256_lightsaber',
'saber',
'p384_saber',
'firesaber',
'p521_firesaber',
'sidhp434',
'p256_sidhp434',
'sidhp503',
'p256_sidhp503',
'sidhp610',
'p384_sidhp610',
'sidhp751',
'p521_sidhp751',
'sikep434',
'p256_sikep434',
'sikep503',
'p256_sikep503',
'sikep610',
'p384_sikep610',
'sikep751',
'p521_sikep751',
'bike1l1fo',
'p256_bike1l1fo',
'bike1l3fo',
'p384_bike1l3fo',
'kyber90s512',
'p256_kyber90s512',
'kyber90s768',
'p384_kyber90s768',
'kyber90s1024',
'p521_kyber90s1024',
'hqc128',
'p256_hqc128',
'hqc192',
'p384_hqc192',
'hqc256',
'p521_hqc256',
'ntrulpr653',
'p256_ntrulpr653',
'ntrulpr761',
'p384_ntrulpr761',
'ntrulpr857',
'p384_ntrulpr857',
'sntrup653',
'p256_sntrup653',
'sntrup761',
'p384_sntrup761',
'sntrup857',
'p384_sntrup857',
##### OQS_TEMPLATE_FRAGMENT_LIST_ALL_KEMS_END
]

Expand Down
4 changes: 2 additions & 2 deletions oqs_template/generate.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,7 @@ def load_config():
populate('ssl/ssl_test.cc', config, '/////')
populate('ssl/t1_lib.cc', config, '/////')
populate('include/openssl/ssl.h', config, '/////')
populate('oqs_scripts/oqs_try_handshake.py', config, '#####')
populate('oqs_scripts/testrun.py', config, '#####')
populate('oqs_scripts/try_handshake.py', config, '#####')
populate('oqs_scripts/test_with_interop_server.py', config, '#####')

populate('README.md', config, '<!---')
4 changes: 0 additions & 4 deletions oqs_template/oqs_scripts/oqs_try_handshake.py/list_all_kems.fragment
View file

This file was deleted.

0 ...s_try_handshake.py/list_all_sigs.fragment → ..._interop_server.py/list_all_sigs.fragment
View file
File renamed without changes.
9 changes: 9 additions & 0 deletions oqs_template/oqs_scripts/test_with_interop_server.py/list_kems.fragment
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@

'p256_oqs_kem_default',
{%- for kem in config['kems'][1:] %}
'{{ kem['name'] }}',
{%- for classical_alg in kem['mix_with'] %}
'{{ classical_alg['name'] }}_{{ kem['name'] }}',
{%- endfor %}
{%- endfor %}

4 changes: 0 additions & 4 deletions oqs_template/oqs_scripts/testrun.py/list_all_kems.fragment
View file

This file was deleted.

7 changes: 7 additions & 0 deletions oqs_template/oqs_scripts/try_handshake.py/list_all_kems.fragment
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
{% for kem in config['kems'] %}
'{{ kem['name'] }}',
{%- for classical_alg in kem['mix_with'] %}
'{{ classical_alg['name'] }}_{{ kem['name'] }}',
{%- endfor %}
{%- endfor %}

0 ...scripts/testrun.py/list_all_sigs.fragment → ...s/try_handshake.py/list_all_sigs.fragment
View file
File renamed without changes.

0 comments on commit 75f9e24

Please sign in to comment.