Add ASCON

include/acvp/acvp.h

@@ -1,3 +1,4 @@
+
 /**
  * @file
  * @brief This is the public header file to be included by applications
@@ -17,6 +18,7 @@
 #define acvp_h
 
 #include <stddef.h>
+#include <stdbool.h>
 
 #ifdef __cplusplus
 extern "C"
@@ -273,7 +275,11 @@ typedef enum acvp_cipher {
     ACVP_SLH_DSA_KEYGEN,
     ACVP_SLH_DSA_SIGGEN,
     ACVP_SLH_DSA_SIGVER,
-    ACVP_CIPHER_END
+    ACVP_ASCON_AEAD128, // 120
+    ACVP_ASCON_CXOF128,
+    ACVP_ASCON_HASH256,
+    ACVP_ASCON_XOF128,
+       ACVP_CIPHER_END
 } ACVP_CIPHER;
 
 
@@ -387,6 +393,14 @@ typedef enum acvp_alg_type_dsa {
     ACVP_SUB_DSA_SIGVER,
 } ACVP_SUB_DSA;
 
+/** @enum ACVP_SUB_ASCON */
+typedef enum acvp_alg_type_ascon {
+    ACVP_SUB_ASCON_AEAD128 = ACVP_ASCON_AEAD128,
+    ACVP_SUB_ASCON_CXOF128,
+    ACVP_SUB_ASCON_HASH256,
+    ACVP_SUB_ASCON_XOF128,
+} ACVP_SUB_ASCON;
+
 /** @enum ACVP_SUB_RSA */
 typedef enum acvp_alg_type_rsa {
     ACVP_SUB_RSA_KEYGEN = ACVP_RSA_KEYGEN,
@@ -1959,6 +1973,61 @@ typedef struct acvp_dsa_tc_t {
     unsigned char *msg;
 } ACVP_DSA_TC;
 
+/** @enum ACVP_ASCON_PARM */
+typedef enum acvp_ascon_parm {
+    ACVP_ASCON_PARM_MODE = 1,
+    ACVP_ASCON_PARM_REV,
+    ACVP_ASCON_PARM_DIR,
+    ACVP_ASCON_PARM_PAYLEN,
+    ACVP_ASCON_PARM_ADLEN,
+    ACVP_ASCON_PARM_TAGLEN,
+    ACVP_ASCON_PARM_NONCEMASK,
+    ACVP_ASCON_PARM_MSGLEN,
+    ACVP_ASCON_PARM_OUTLEN,
+    ACVP_ASCON_PARM_CUSSTRLEN,
+} ACVP_ASCON_PARM;
+
+typedef enum acvp_ascon_direction {
+    ACVP_ASCON_DIR_ENCRYPT = 1,
+    ACVP_ASCON_DIR_DECRYPT,
+    ACVP_ASCON_DIR_BOTH,
+} ACVP_ASCON_DIRECTION;
+
+typedef enum acvp_ascon_testtype {
+    ACVP_ASCON_AFT = 1,
+} ACVP_ASCON_TESTTYPE;
+
+/**
+ * @struct ACVP_ASCON_TC
+ * @brief This struct holds data that represents a single test case for ASCON
+ * testing. This data is passed between libacvp and the crypto module.
+ */
+typedef struct acvp_ascon_tc_t {
+    int tg_id;
+    int tc_id;
+    ACVP_CIPHER cipher;
+    ACVP_ASCON_TESTTYPE testtype;
+    ACVP_ASCON_DIRECTION direction; // AEAD128
+    bool supports_nonce_mask;       // AEAD128
+    unsigned char *key;             // AEAD128
+    unsigned char *second_key;      // AEAD128
+    unsigned char *nonce;           // AEAD128
+    unsigned char *ad;              // AEAD128
+    int ad_len;                     // AEAD128
+    unsigned char *tag;             // AEAD128
+    int tag_len;                    // AEAD128
+    bool tag_match;                 // AEAD128
+    unsigned char *pt;              // AEAD128
+    unsigned char *ct;              // AEAD128
+    int payload_len;                // AEAD128
+    unsigned char *msg;             // CXOF128, Hash256, XOF128
+    int msg_len;                    // CXOF128, Hash256, XOF128
+    unsigned char *md;              // CXOF128, XOF128
+    int out_len;                    // CXOF128, XOF128
+    unsigned char *cs;              // CXOF128
+    int cs_len;                     // CXOF128
+} ACVP_ASCON_TC;
+
 /** @enum ACVP_KAS_ECC_MODE */
 typedef enum acvp_kas_ecc_mode {
     ACVP_KAS_ECC_MODE_COMPONENT = 1,
@@ -2997,11 +3066,14 @@ typedef struct acvp_test_case_t {
         ACVP_ML_DSA_TC *ml_dsa;
         ACVP_ML_KEM_TC *ml_kem;
         ACVP_SLH_DSA_TC *slh_dsa;
-    } tc; //!< the union abstracting the test case for passing to the user application
+        ACVP_ASCON_TC *ascon;
+    } tc; //!< the union abstracting the test case for passing to the user
+          //!< application
 } ACVP_TEST_CASE;
 
 
 
+
 /** @defgroup APIs Public APIs for libacvp
  *  @brief this section describes APIs for libacvp.
  */
@@ -3332,6 +3404,38 @@ ACVP_RESULT acvp_cap_dsa_set_parm(ACVP_CTX *ctx,
                                   ACVP_DSA_PARM param,
                                   int value);
 
+/**
+ * @brief acvp_enable_ascon_cap()
+ *        This function should be used to enable ASCON capabilities. Specific
+ * modes and parameters can use acvp_cap_ascon_set_parm.
+ *
+ *        When the application enables a crypto capability, such as ASCON, it
+ * also needs to specify a callback function that will be used by libacvp when
+ * that crypto capability is needed during a test session.
+ *
+ * @param ctx Pointer to ACVP_CTX that was previously created by calling
+ * acvp_create_test_session.
+ * @param cipher ACVP_CIPHER enum value identifying the crypto capability.
+ * @param crypto_handler Address of function implemented by application that is
+ * invoked by libacvp when the crypto capability is needed during a test
+ * session. This crypto_handler function is expected to return 0 on success and
+ * 1 for failure.
+ *
+ * @return ACVP_RESULT
+ */
+ACVP_RESULT
+acvp_cap_ascon_enable(ACVP_CTX *ctx, ACVP_CIPHER cipher,
+                      int (*crypto_handler)(ACVP_TEST_CASE *test_case));
+
+ACVP_RESULT
+acvp_cap_ascon_set_parm(ACVP_CTX *ctx, ACVP_CIPHER cipher,
+                        ACVP_ASCON_PARM param, int value);
+
+ACVP_RESULT
+acvp_cap_ascon_set_domain(ACVP_CTX *ctx, ACVP_CIPHER cipher,
+                          ACVP_ASCON_PARM param, int min,
+                          int max, int increment);
+
 /**
  * @brief acvp_enable_kas_ecc_cap()
  *        This function should be used to enable KAS-ECC capabilities. Specific modes and

include/acvp/acvp_lcl.h

@@ -164,6 +164,9 @@
 // DSA
 #define ACVP_REV_DSA                 ACVP_REV_STR_1_0
 
+// ASCON
+#define ACVP_REV_ASCON               "SP800-232"
+
 // RSA
 #define ACVP_REV_RSA                 ACVP_REV_STR_FIPS186_5
 #define ACVP_REV_RSA_DECPRIM         ACVP_REV_STR_SP800_56BR2
@@ -307,6 +310,12 @@
 #define ACVP_ALG_CSHAKE_128          "cSHAKE-128"
 #define ACVP_ALG_CSHAKE_256          "cSHAKE-256"
 
+#define ACVP_ALG_ASCON               "ASCON"
+#define ACVP_ALG_ASCON_AEAD128       "AEAD128"
+#define ACVP_ALG_ASCON_CXOF128       "CXOF128"
+#define ACVP_ALG_ASCON_HASH256       "Hash256"
+#define ACVP_ALG_ASCON_XOF128        "XOF128"
+
 #define ACVP_ALG_DSA                 "DSA"
 #define ACVP_ALG_DSA_PQGGEN          "pqgGen"
 #define ACVP_ALG_DSA_PQGVER          "pqgVer"
@@ -858,6 +867,23 @@
 #define ACVP_DSA_SEED_MAX_BYTES (ACVP_DSA_SEED_MAX / 2)
 #define ACVP_DSA_MAX_STRING     3072     //!< 3072 bytes
 
+#define ACVP_ASCON_MSG_BIT_MAX     65536
+#define ACVP_ASCON_MSG_BYTE_MAX    (ACVP_ASCON_MSG_BIT_MAX >> 3)
+#define ACVP_ASCON_MSG_STRING_MAX  (ACVP_ASCON_MSG_BIT_MAX >> 2)
+#define ACVP_ASCON_TAG_BIT_MAX     128
+#define ACVP_ASCON_TAG_BYTE_MAX    (ACVP_ASCON_TAG_BIT_MAX >> 3)
+#define ACVP_ASCON_TAG_STRING_MAX  (ACVP_ASCON_TAG_BIT_MAX >> 2)
+#define ACVP_ASCON_KEY_BIT_MAX     128
+#define ACVP_ASCON_KEY_BYTE_MAX    (ACVP_ASCON_TAG_BIT_MAX >> 3)
+#define ACVP_ASCON_NONCE_BIT_MAX   128
+#define ACVP_ASCON_NONCE_BYTE_MAX  (ACVP_ASCON_TAG_BIT_MAX >> 3)
+#define ACVP_ASCON_HASH_BIT_MAX    256
+#define ACVP_ASCON_HASH_BYTE_MAX   (ACVP_ASCON_HASH_BIT_MAX >> 3)
+#define ACVP_ASCON_HASH_STRING_MAX (ACVP_ASCON_HASH_BIT_MAX >> 2)
+#define ACVP_ASCON_CS_BIT_MAX      2048
+#define ACVP_ASCON_CS_BYTE_MAX     (ACVP_ASCON_CS_BIT_MAX >> 3)
+#define ACVP_ASCON_CS_STRING_MAX   (ACVP_ASCON_CS_BIT_MAX >> 2)
+
 #define ACVP_ECDSA_EXP_LEN_MAX       512
 #define ACVP_ECDSA_MSGLEN_MAX 8192
 
@@ -1078,6 +1104,7 @@ struct acvp_alg_handler_t {
         ACVP_SUB_ML_DSA   ml_dsa;
         ACVP_SUB_ML_KEM   ml_kem;
         ACVP_SUB_SLH_DSA  slh_dsa;
+        ACVP_SUB_ASCON ascon;
     } alg;
 };
 
@@ -1179,7 +1206,12 @@ typedef enum acvp_capability_type {
     ACVP_ML_KEM_XCAP_TYPE,
     ACVP_SLH_DSA_KEYGEN_TYPE,
     ACVP_SLH_DSA_SIGGEN_TYPE,
-    ACVP_SLH_DSA_SIGVER_TYPE
+    ACVP_SLH_DSA_SIGVER_TYPE,
+    ACVP_ASCON_TYPE,
+    ACVP_ASCON_AEAD128_TYPE,
+    ACVP_ASCON_CXOF128_TYPE,
+    ACVP_ASCON_HASH256_TYPE,
+    ACVP_ASCON_XOF128_TYPE,
 } ACVP_CAP_TYPE;
 
 /*
@@ -1548,6 +1580,19 @@ typedef struct acvp_dsa_capability {
     ACVP_DSA_CAP_MODE *dsa_cap_mode;
 } ACVP_DSA_CAP;
 
+#define ACVP_ASCON_MAX_MODES 4
+typedef struct acvp_ascon_capability {
+    ACVP_CIPHER cipher;
+    ACVP_ASCON_DIRECTION direction;
+    ACVP_JSON_DOMAIN_OBJ payload_len;
+    ACVP_JSON_DOMAIN_OBJ ad_len;
+    ACVP_JSON_DOMAIN_OBJ tag_len;
+    bool nonce_masking;
+    ACVP_JSON_DOMAIN_OBJ msg_len;
+    ACVP_JSON_DOMAIN_OBJ out_len;
+    ACVP_JSON_DOMAIN_OBJ custom_len;
+} ACVP_ASCON_CAP;
+
 typedef struct acvp_kas_ecc_mac {
     int alg;
     int curve;
@@ -1786,6 +1831,7 @@ typedef struct acvp_caps_list_t {
         ACVP_HASH_CAP *hash_cap;
         ACVP_DRBG_CAP *drbg_cap;
         ACVP_DSA_CAP *dsa_cap;
+        ACVP_ASCON_CAP *ascon_cap;
         ACVP_HMAC_CAP *hmac_cap;
         ACVP_CMAC_CAP *cmac_cap;
         ACVP_KMAC_CAP *kmac_cap;
@@ -2149,6 +2195,8 @@ ACVP_RESULT acvp_kdf_tls13_kat_handler(ACVP_CTX *ctx, JSON_Object *obj);
 
 ACVP_RESULT acvp_dsa_kat_handler(ACVP_CTX *ctx, JSON_Object *obj);
 
+ACVP_RESULT acvp_ascon_kat_handler(ACVP_CTX *ctx, JSON_Object *obj);
+
 ACVP_RESULT acvp_kas_ecc_kat_handler(ACVP_CTX *ctx, JSON_Object *obj);
 
 ACVP_RESULT acvp_kas_ecc_ssc_kat_handler(ACVP_CTX *ctx, JSON_Object *obj);

src/Makefile.am

@@ -11,6 +11,7 @@ libacvp_la_SOURCES =  acvp.c \
                     acvp_operating_env.c \
                     acvp_parse.c \
                     acvp_aes.c \
+                    acvp_ascon.c \
                     acvp_des.c \
                     acvp_hash.c \
                     acvp_drbg.c \

src/Makefile.in

@@ -138,7 +138,7 @@ libacvp_la_DEPENDENCIES = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \
 	$(am__DEPENDENCIES_1)
 am_libacvp_la_OBJECTS = acvp.lo acvp_build_register.lo \
 	acvp_capabilities.lo acvp_operating_env.lo acvp_parse.lo \
-	acvp_aes.lo acvp_des.lo acvp_hash.lo acvp_drbg.lo \
+	acvp_aes.lo acvp_ascon.lo acvp_des.lo acvp_hash.lo acvp_drbg.lo \
 	acvp_transport.lo acvp_util.lo parson.lo acvp_hmac.lo \
 	acvp_cmac.lo acvp_kmac.lo acvp_cshake.lo acvp_rsa_keygen.lo \
 	acvp_rsa_sig.lo acvp_rsa_prim.lo acvp_dsa.lo \
@@ -382,6 +382,7 @@ libacvp_la_SOURCES = acvp.c \
                     acvp_operating_env.c \
                     acvp_parse.c \
                     acvp_aes.c \
+										acvp_ascon.c \
                     acvp_des.c \
                     acvp_hash.c \
                     acvp_drbg.c \
@@ -823,6 +824,7 @@ installcheck-am:
 maintainer-clean: maintainer-clean-am
 		-rm -f ./$(DEPDIR)/acvp.Plo
 	-rm -f ./$(DEPDIR)/acvp_aes.Plo
+	-rm -f ./$(DEPDIR)/acvp_ascon.Plo
 	-rm -f ./$(DEPDIR)/acvp_build_register.Plo
 	-rm -f ./$(DEPDIR)/acvp_capabilities.Plo
 	-rm -f ./$(DEPDIR)/acvp_cmac.Plo

src/acvp.c

@@ -181,8 +181,11 @@ ACVP_ALG_HANDLER alg_tbl[ACVP_ALG_MAX] = {
     { ACVP_ML_KEM_XCAP,       &acvp_ml_kem_kat_handler,           ACVP_ALG_ML_KEM,            ACVP_ALG_ML_KEM_XCAP, ACVP_REV_ML_KEM, {.ml_kem = ACVP_SUB_ML_KEM_XCAP}},
     { ACVP_SLH_DSA_KEYGEN,    &acvp_slh_dsa_kat_handler,          ACVP_ALG_SLH_DSA,           ACVP_ALG_SLH_DSA_KEYGEN, ACVP_REV_SLH_DSA, {.slh_dsa = ACVP_SUB_SLH_DSA_KEYGEN}},
     { ACVP_SLH_DSA_SIGGEN,    &acvp_slh_dsa_kat_handler,          ACVP_ALG_SLH_DSA,           ACVP_ALG_SLH_DSA_SIGGEN, ACVP_REV_SLH_DSA, {.slh_dsa = ACVP_SUB_SLH_DSA_SIGGEN}},
-    { ACVP_SLH_DSA_SIGVER,    &acvp_slh_dsa_kat_handler,          ACVP_ALG_SLH_DSA,           ACVP_ALG_SLH_DSA_SIGVER, ACVP_REV_SLH_DSA, {.slh_dsa = ACVP_SUB_SLH_DSA_SIGVER}}
-};
+    { ACVP_SLH_DSA_SIGVER,    &acvp_slh_dsa_kat_handler,          ACVP_ALG_SLH_DSA,           ACVP_ALG_SLH_DSA_SIGVER, ACVP_REV_SLH_DSA, {.slh_dsa = ACVP_SUB_SLH_DSA_SIGVER}},
+    { ACVP_ASCON_AEAD128,     &acvp_ascon_kat_handler,            ACVP_ALG_ASCON,             ACVP_ALG_ASCON_AEAD128, ACVP_REV_ASCON, {.ascon = ACVP_SUB_ASCON_AEAD128}},
+    { ACVP_ASCON_CXOF128,     &acvp_ascon_kat_handler,            ACVP_ALG_ASCON,             ACVP_ALG_ASCON_CXOF128, ACVP_REV_ASCON, {.ascon = ACVP_SUB_ASCON_CXOF128}},
+    { ACVP_ASCON_HASH256,     &acvp_ascon_kat_handler,            ACVP_ALG_ASCON,             ACVP_ALG_ASCON_HASH256, ACVP_REV_ASCON, {.ascon = ACVP_SUB_ASCON_HASH256}},
+    { ACVP_ASCON_XOF128,      &acvp_ascon_kat_handler,            ACVP_ALG_ASCON,             ACVP_ALG_ASCON_XOF128,  ACVP_REV_ASCON, {.ascon = ACVP_SUB_ASCON_XOF128}}};
 
 /*
  * This is the first function the user should invoke to allocate
@@ -735,6 +738,15 @@ ACVP_RESULT acvp_free_test_session(ACVP_CTX *ctx) {
                 acvp_cap_free_dsa_attrs(cap_entry);
                 free(cap_entry->cap.dsa_cap);
                 break;
+            case ACVP_ASCON_TYPE:
+                acvp_cap_free_domain(&cap_entry->cap.ascon_cap->payload_len);
+                acvp_cap_free_domain(&cap_entry->cap.ascon_cap->ad_len);
+                acvp_cap_free_domain(&cap_entry->cap.ascon_cap->tag_len);
+                acvp_cap_free_domain(&cap_entry->cap.ascon_cap->msg_len);
+                acvp_cap_free_domain(&cap_entry->cap.ascon_cap->out_len);
+                acvp_cap_free_domain(&cap_entry->cap.ascon_cap->custom_len);
+                free(cap_entry->cap.ascon_cap);
+                break;
             case ACVP_KAS_ECC_CDH_TYPE:
             case ACVP_KAS_ECC_COMP_TYPE:
             case ACVP_KAS_ECC_NOCOMP_TYPE: