From 28080adf00a62f7ee7ab11af52b2df449175e776 Mon Sep 17 00:00:00 2001 From: Duc Nguyen <106774416+ducnguyen-sb@users.noreply.github.com> Date: Sat, 9 Sep 2023 17:24:32 -0400 Subject: [PATCH] Add XMSS Serialize/Deserialize (#1542) * Add serialize and deserialize to XMSS --------- Co-authored-by: Norman Ashley --- src/sig_stfl/lms/sig_stfl_lms.c | 9 +- src/sig_stfl/lms/sig_stfl_lms.h | 10 +- src/sig_stfl/lms/sig_stfl_lms_functions.c | 157 +++++++++--------- src/sig_stfl/sig_stfl.h | 14 +- src/sig_stfl/xmss/CMakeLists.txt | 3 + src/sig_stfl/xmss/external/sign_params.h | 142 ---------------- src/sig_stfl/xmss/sig_stfl_xmss.h | 9 + .../xmss/sig_stfl_xmss_secret_key_functions.c | 48 ++++++ src/sig_stfl/xmss/sig_stfl_xmss_sha256_h10.c | 10 ++ src/sig_stfl/xmss/sig_stfl_xmss_sha256_h16.c | 9 + src/sig_stfl/xmss/sig_stfl_xmss_sha256_h20.c | 9 + src/sig_stfl/xmss/sig_stfl_xmss_sha512_h10.c | 9 + src/sig_stfl/xmss/sig_stfl_xmss_sha512_h16.c | 9 + src/sig_stfl/xmss/sig_stfl_xmss_sha512_h20.c | 9 + .../xmss/sig_stfl_xmss_shake128_h10.c | 9 + .../xmss/sig_stfl_xmss_shake128_h16.c | 9 + .../xmss/sig_stfl_xmss_shake128_h20.c | 9 + .../xmss/sig_stfl_xmss_shake256_h10.c | 9 + .../xmss/sig_stfl_xmss_shake256_h16.c | 9 + .../xmss/sig_stfl_xmss_shake256_h20.c | 9 + .../xmss/sig_stfl_xmssmt_sha256_h20_2.c | 9 + .../xmss/sig_stfl_xmssmt_sha256_h20_4.c | 9 + .../xmss/sig_stfl_xmssmt_sha256_h40_2.c | 9 + .../xmss/sig_stfl_xmssmt_sha256_h40_4.c | 9 + .../xmss/sig_stfl_xmssmt_sha256_h40_8.c | 9 + .../xmss/sig_stfl_xmssmt_sha256_h60_12.c | 9 + .../xmss/sig_stfl_xmssmt_sha256_h60_3.c | 9 + .../xmss/sig_stfl_xmssmt_sha256_h60_6.c | 9 + .../xmss/sig_stfl_xmssmt_shake128_h20_2.c | 9 + .../xmss/sig_stfl_xmssmt_shake128_h20_4.c | 9 + .../xmss/sig_stfl_xmssmt_shake128_h40_2.c | 9 + .../xmss/sig_stfl_xmssmt_shake128_h40_4.c | 9 + .../xmss/sig_stfl_xmssmt_shake128_h40_8.c | 9 + .../xmss/sig_stfl_xmssmt_shake128_h60_12.c | 9 + .../xmss/sig_stfl_xmssmt_shake128_h60_3.c | 9 + .../xmss/sig_stfl_xmssmt_shake128_h60_6.c | 9 + 36 files changed, 412 insertions(+), 233 deletions(-) delete mode 100644 src/sig_stfl/xmss/external/sign_params.h create mode 100644 src/sig_stfl/xmss/sig_stfl_xmss_secret_key_functions.c diff --git a/src/sig_stfl/lms/sig_stfl_lms.c b/src/sig_stfl/lms/sig_stfl_lms.c index 1a0831f39d..6ae6d1dde6 100644 --- a/src/sig_stfl/lms/sig_stfl_lms.c +++ b/src/sig_stfl/lms/sig_stfl_lms.c @@ -7,7 +7,6 @@ #include "sig_stfl_lms_wrap.h" #include "sig_stfl_lms.h" - // ======================== LMS-SHA256 H5/W1 ======================== // OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h5_w1_keypair(uint8_t *public_key, OQS_SIG_STFL_SECRET_KEY *secret_key) { @@ -104,11 +103,11 @@ void OQS_SECRET_KEY_LMS_free(OQS_SIG_STFL_SECRET_KEY *sk) { } /* Convert LMS secret key object to byte string */ -size_t OQS_SECRET_KEY_LMS_serialize_key(const OQS_SIG_STFL_SECRET_KEY *sk, uint8_t **sk_buf) { - return oqs_serialize_lms_key(sk, sk_buf); +OQS_STATUS OQS_SECRET_KEY_LMS_serialize_key(const OQS_SIG_STFL_SECRET_KEY *sk, size_t *sk_len, uint8_t **sk_buf_ptr) { + return oqs_serialize_lms_key(sk, sk_len, sk_buf_ptr); } /* Insert lms byte string in an LMS secret key object */ -OQS_STATUS OQS_SECRET_KEY_LMS_deserialize_key(OQS_SIG_STFL_SECRET_KEY *sk, size_t key_len, const uint8_t *sk_buf) { - return oqs_deserialize_lms_key(sk, key_len, sk_buf); +OQS_STATUS OQS_SECRET_KEY_LMS_deserialize_key(OQS_SIG_STFL_SECRET_KEY *sk, const size_t sk_len, const uint8_t *sk_buf) { + return oqs_deserialize_lms_key(sk, sk_len, sk_buf); } diff --git a/src/sig_stfl/lms/sig_stfl_lms.h b/src/sig_stfl/lms/sig_stfl_lms.h index ab32848ac8..76de39a6e3 100644 --- a/src/sig_stfl/lms/sig_stfl_lms.h +++ b/src/sig_stfl/lms/sig_stfl_lms.h @@ -15,15 +15,15 @@ OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h5_w1_keypair(uint8_t *public_key OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H5_W1_new(void); /* Convert LMS secret key object to byte string */ -size_t OQS_SECRET_KEY_LMS_serialize_key(const OQS_SIG_STFL_SECRET_KEY *sk, uint8_t **sk_buf); +OQS_STATUS OQS_SECRET_KEY_LMS_serialize_key(const OQS_SIG_STFL_SECRET_KEY *sk, size_t *sk_len, uint8_t **sk_buf_ptr); /* Insert lms byte string in an LMS secret key object */ -OQS_STATUS OQS_SECRET_KEY_LMS_deserialize_key(OQS_SIG_STFL_SECRET_KEY *sk, size_t key_len, const uint8_t *sk_buf); +OQS_STATUS OQS_SECRET_KEY_LMS_deserialize_key(OQS_SIG_STFL_SECRET_KEY *sk, const size_t key_len, const uint8_t *sk_buf); OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h5_w1_new(void); OQS_API OQS_STATUS OQS_SIG_STFL_lms_sigs_left(unsigned long long *remain, const OQS_SIG_STFL_SECRET_KEY *secret_key); -OQS_API OQS_STATUS OQS_SIG_STFL_lms_sigs_total(uint64_t *totaln, const OQS_SIG_STFL_SECRET_KEY *secret_key); +OQS_API OQS_STATUS OQS_SIG_STFL_lms_sigs_total(unsigned long long *totaln, const OQS_SIG_STFL_SECRET_KEY *secret_key); void OQS_SECRET_KEY_LMS_free(OQS_SIG_STFL_SECRET_KEY *sk); @@ -38,8 +38,8 @@ int oqs_sig_stfl_lms_verify(const uint8_t *m, size_t mlen, const uint8_t *sm, si void oqs_secret_lms_key_free(OQS_SIG_STFL_SECRET_KEY *sk); -size_t oqs_serialize_lms_key(const OQS_SIG_STFL_SECRET_KEY *sk, uint8_t **sk_key); -int oqs_deserialize_lms_key(OQS_SIG_STFL_SECRET_KEY *sk, size_t key_len, const uint8_t *sk_buf); +OQS_STATUS oqs_serialize_lms_key(const OQS_SIG_STFL_SECRET_KEY *sk, size_t *sk_len, uint8_t **sk_key); +OQS_STATUS oqs_deserialize_lms_key(OQS_SIG_STFL_SECRET_KEY *sk, const size_t sk_len, const uint8_t *sk_buf); // ---------------------------- FUNCTIONS INDEPENDENT OF VARIANT ----------------------------------------- diff --git a/src/sig_stfl/lms/sig_stfl_lms_functions.c b/src/sig_stfl/lms/sig_stfl_lms_functions.c index da7f865c07..ea4f42d8af 100644 --- a/src/sig_stfl/lms/sig_stfl_lms_functions.c +++ b/src/sig_stfl/lms/sig_stfl_lms_functions.c @@ -1,6 +1,7 @@ // SPDX-License-Identifier: MIT #include +#include #include "sig_stfl_lms.h" #include "external/config.h" #include "external/hss_verify_inc.h" @@ -87,7 +88,7 @@ OQS_API OQS_STATUS OQS_SIG_STFL_lms_sigs_left(unsigned long long *remain, const return OQS_SUCCESS; } -OQS_API OQS_STATUS OQS_SIG_STFL_lms_sigs_total(uint64_t *total, const OQS_SIG_STFL_SECRET_KEY *secret_key) { +OQS_API OQS_STATUS OQS_SIG_STFL_lms_sigs_total(unsigned long long *total, const OQS_SIG_STFL_SECRET_KEY *secret_key) { if (total == NULL || secret_key == NULL) { return OQS_ERROR; @@ -378,42 +379,46 @@ void oqs_secret_lms_key_free(OQS_SIG_STFL_SECRET_KEY *sk) { * Convert LMS secret key object to byte string * Writes secret key + aux data if present */ -size_t oqs_serialize_lms_key(const OQS_SIG_STFL_SECRET_KEY *sk, uint8_t **sk_key) { +OQS_STATUS oqs_serialize_lms_key(const OQS_SIG_STFL_SECRET_KEY *sk, size_t *sk_len, uint8_t **sk_key) { - oqs_lms_key_data *lms_key_data = NULL; - size_t key_len = 0; - if (sk) { - uint8_t *sk_key_buf = NULL; - lms_key_data = sk->secret_key_data; - if (lms_key_data && lms_key_data->sec_key) { - size_t buf_size_needed = lms_key_data->len_aux_data + lms_key_data->len_sec_key; - key_len = buf_size_needed; - /* pass back serialized data */ - if (sk_key) { - if (buf_size_needed) { - sk_key_buf = malloc(buf_size_needed * sizeof(uint8_t)); - if (sk_key_buf) { - - /* - * Serialized data is sec_key followed by aux data - * So aux data begins after buffer top + sec_key length - */ - if (lms_key_data->len_sec_key) { - memcpy(sk_key_buf, lms_key_data->sec_key, lms_key_data->len_sec_key); - } - - if (lms_key_data->len_aux_data) { - memcpy(sk_key_buf + lms_key_data->len_sec_key, lms_key_data->aux_data, lms_key_data->len_aux_data); - } - - *sk_key = sk_key_buf; - key_len = sk->length_secret_key + lms_key_data->len_aux_data; - } - } - } //sk_key - } - } //sk - return key_len; + if (sk == NULL || sk_len == NULL || sk_key == NULL) { + return OQS_ERROR; + } + + oqs_lms_key_data *lms_key_data = sk->secret_key_data; + + if (lms_key_data == NULL || lms_key_data->sec_key == NULL) { + return OQS_ERROR; + } + + size_t key_len = lms_key_data->len_aux_data + lms_key_data->len_sec_key; + + if (key_len == 0) { + return OQS_ERROR; + } + + uint8_t *sk_key_buf = malloc(key_len * sizeof(uint8_t)); + + if (sk_key_buf == NULL) { + return OQS_ERROR; + } + /* pass back serialized data */ + /* + * Serialized data is sec_key followed by aux data + * So aux data begins after buffer top + sec_key length + */ + if (lms_key_data->len_sec_key != 0) { + memcpy(sk_key_buf, lms_key_data->sec_key, lms_key_data->len_sec_key); + } + + if (lms_key_data->len_aux_data != 0) { + memcpy(sk_key_buf + lms_key_data->len_sec_key, lms_key_data->aux_data, lms_key_data->len_aux_data); + } + + *sk_key = sk_key_buf; + *sk_len = sk->length_secret_key + lms_key_data->len_aux_data; + + return OQS_SUCCESS; } /* @@ -421,28 +426,27 @@ size_t oqs_serialize_lms_key(const OQS_SIG_STFL_SECRET_KEY *sk, uint8_t **sk_ke * Writes secret key + aux data if present * key_len is priv key length + aux length */ -int oqs_deserialize_lms_key(OQS_SIG_STFL_SECRET_KEY *sk, size_t key_len, const uint8_t *sk_buf) { - int oqs_status = -1; +OQS_STATUS oqs_deserialize_lms_key(OQS_SIG_STFL_SECRET_KEY *sk, const size_t sk_len, const uint8_t *sk_buf) { + oqs_lms_key_data *lms_key_data = NULL; - uint8_t priv_ky_len = hss_get_private_key_len((unsigned )(1), NULL, NULL); + uint8_t *lms_sk = NULL; + uint8_t *lms_aux = NULL; + int aux_buf_len = 0; + uint8_t lms_sk_len = hss_get_private_key_len((unsigned )(1), NULL, NULL); - if ((!sk) || (key_len == 0) || (key_len < priv_ky_len) || (!sk_buf)) { - return oqs_status; + if (sk == NULL || sk_buf == NULL || (sk_len == 0) || (sk_len < lms_sk_len )) { + return OQS_ERROR; } + aux_buf_len = sk_len - lms_sk_len; if (sk->secret_key_data) { - //Key data already present - //We dont want to trample over data - return oqs_status; + // Key data already present + // We dont want to trample over data + return OQS_ERROR; } - uint8_t *lms_sk = NULL; - uint8_t *lms_aux = NULL; - unsigned levels = 0; - int key_buf_left = key_len - priv_ky_len; - param_set_t lm_type[ MAX_HSS_LEVELS ]; param_set_t lm_ots_type[ MAX_HSS_LEVELS ]; @@ -452,36 +456,41 @@ int oqs_deserialize_lms_key(OQS_SIG_STFL_SECRET_KEY *sk, size_t key_len, const u lm_ots_type, NULL, (void *)sk_buf)) { - return oqs_status; + return OQS_ERROR; } lms_key_data = malloc(sizeof(oqs_lms_key_data)); - if (lms_key_data) { - lms_sk = malloc(priv_ky_len * sizeof(uint8_t)); - if (lms_sk) { - memcpy(lms_sk, sk_buf, priv_ky_len); - lms_key_data->sec_key = lms_sk; - lms_key_data->len_sec_key = priv_ky_len; - } else { - OQS_MEM_insecure_free(lms_key_data); - return oqs_status; - } + lms_sk = malloc(lms_sk_len * sizeof(uint8_t)); - if (key_buf_left) { - lms_aux = malloc(key_buf_left * sizeof(uint8_t)); - if (lms_aux) { - memcpy(lms_aux, (sk_buf + priv_ky_len), key_buf_left); - lms_key_data->aux_data = lms_aux; - lms_key_data->len_aux_data = key_buf_left; - } else { - OQS_MEM_insecure_free(lms_key_data); - OQS_MEM_insecure_free(lms_sk); - return oqs_status; - } + if (lms_key_data == NULL || lms_sk == NULL) { + goto err; + } + + memcpy(lms_sk, sk_buf, lms_sk_len); + lms_key_data->sec_key = lms_sk; + lms_key_data->len_sec_key = lms_sk_len; + + if (aux_buf_len) { + lms_aux = malloc(aux_buf_len * sizeof(uint8_t)); + + if (lms_aux == NULL) { + goto err; } - sk->secret_key_data = lms_key_data; - oqs_status = 0; + memcpy(lms_aux, sk_buf + lms_sk_len, aux_buf_len); + lms_key_data->aux_data = lms_aux; + lms_key_data->len_aux_data = aux_buf_len; } - return oqs_status; + + sk->secret_key_data = lms_key_data; + goto success; + +err: + OQS_MEM_secure_free(lms_key_data, sizeof(oqs_lms_key_data)); + OQS_MEM_secure_free(lms_sk, lms_sk_len); + OQS_MEM_secure_free(lms_aux, aux_buf_len); + return OQS_ERROR; + +success: + return OQS_SUCCESS; } diff --git a/src/sig_stfl/sig_stfl.h b/src/sig_stfl/sig_stfl.h index a3423a667b..eb1b4088d5 100644 --- a/src/sig_stfl/sig_stfl.h +++ b/src/sig_stfl/sig_stfl.h @@ -206,23 +206,23 @@ typedef struct OQS_SIG_STFL_SECRET_KEY { * Secret Key retrieval Function * * @param[in] sk The secret key represented as OQS_SIG_STFL_SECRET_KEY object - * @param[out] sk_buf private key data as a byte stream + * @param[out] sk_len length of private key as a byte stream + * @param[out] sk_buf_ptr pointer to private key data as a byte stream * @returns length of key material data available * Caller deletes the buffer if memory was allocated. */ - size_t (*serialize_key)(const OQS_SIG_STFL_SECRET_KEY *sk, uint8_t **sk_buf); + OQS_STATUS (*serialize_key)(const OQS_SIG_STFL_SECRET_KEY *sk, size_t *sk_len, uint8_t **sk_buf_ptr); /** * set Secret Key to internal structure Function * - * @param[in] sk OQS_SIG_STFL_SECRET_KEY object - * @param[in] key_len length of the returned byte string - * @param[in] sk_key The secret key represented as OQS_SIG_STFL_SECRET_KEY object - * @param[in] key_len length of the returned byte string + * @param[out] sk OQS_SIG_STFL_SECRET_KEY object + * @param[in] sk_len length of the returned byte string + * @param[in] sk_buf The secret key represented as OQS_SIG_STFL_SECRET_KEY object * @returns status of the operation populated with key material none-zero length. Caller * deletes the buffer. if sk_buf is NULL the function returns the length */ - OQS_STATUS (*deserialize_key)(OQS_SIG_STFL_SECRET_KEY *sk, size_t key_len, const uint8_t *sk_buf); + OQS_STATUS (*deserialize_key)(OQS_SIG_STFL_SECRET_KEY *sk, const size_t sk_len, const uint8_t *sk_buf); /** * Secret Key Locking Function diff --git a/src/sig_stfl/xmss/CMakeLists.txt b/src/sig_stfl/xmss/CMakeLists.txt index b4b3038c69..1b55b20866 100644 --- a/src/sig_stfl/xmss/CMakeLists.txt +++ b/src/sig_stfl/xmss/CMakeLists.txt @@ -13,6 +13,9 @@ set(SRCS external/core_hash.c external/xmss_core_fast.c ) +add_library(sig_stfl_xmss_secret_key_functions OBJECT sig_stfl_xmss_secret_key_functions.c) +set(_XMSS_OBJS ${_XMSS_OBJS} $) + if (OQS_ENABLE_SIG_STFL_xmss_sha256_h10) add_library(xmss_sha256_h10 OBJECT sig_stfl_xmss_sha256_h10.c ${SRCS}) target_compile_options(xmss_sha256_h10 PRIVATE -DXMSS_PARAMS_NAMESPACE=xmss_sha256_h10 -DHASH=3) diff --git a/src/sig_stfl/xmss/external/sign_params.h b/src/sig_stfl/xmss/external/sign_params.h deleted file mode 100644 index d9dce53e42..0000000000 --- a/src/sig_stfl/xmss/external/sign_params.h +++ /dev/null @@ -1,142 +0,0 @@ -#ifndef NIST_PARAM_H -#define NIST_PARAM_H - -#include "params.h" -#include "xmss.h" - -#ifndef TREE_LEVEL -#define TREE_LEVEL 0 -#endif - -#ifndef XMSSMT -#define XMSSMT 0 -#endif - -#if XMSSMT == 0 - /* - * Maximum signatures: 2^h - 1 = 2^10 - 1 - */ - #if TREE_LEVEL == 0 - - #define XMSS_OID "XMSS-SHA2_10_256" - - #define XMSS_PUBLICKEYBYTES 64 - #define XMSS_SECRETKEYBYTES_SMALL 132 - #define XMSS_SECRETKEYBYTES 1373 - - #define XMSS_SIGNBYTES 2500 - - /* - * Maximum signatures: 2^h - 1 = 2^16 - 1 - */ - #elif TREE_LEVEL == 1 - - #define XMSS_OID "XMSS-SHA2_16_256" - - #define XMSS_PUBLICKEYBYTES 64 - #define XMSS_SECRETKEYBYTES_SMALL 132 - #define XMSS_SECRETKEYBYTES 2093 - - #define XMSS_SIGNBYTES 2692 - - /* - * Maximum signatures: 2^h - 1 = 2^20 - 1 - */ - #elif TREE_LEVEL == 2 - - #define XMSS_OID "XMSS-SHA2_20_256" - - #define XMSS_PUBLICKEYBYTES 64 - #define XMSS_SECRETKEYBYTES_SMALL 132 - #define XMSS_SECRETKEYBYTES 2573 - - #define XMSS_SIGNBYTES 2820 - - - #else - - #error "Unspecified TREE_LEVEL {0,1,2}" - - #endif -#else - /* - * Maximum signatures: 2^h - 1 = 2^20 - 1 - * XMSS^MT has bigger signature and secret key (secret is not transfer), but better speed - */ - #if TREE_LEVEL == 0 - - #define XMSS_OID "XMSSMT-SHA2_20/2_256" - - #define XMSS_PUBLICKEYBYTES 64 - #define XMSS_SECRETKEYBYTES_SMALL 131 - #define XMSS_SECRETKEYBYTES 5998 - - #define XMSS_SIGNBYTES 4963 - - /* - * Maximum signatures: 2^h - 1 = 2^40 - 1 - * XMSS^MT has bigger signature and secret key (secret is not transfer), but better speed - */ - #elif TREE_LEVEL == 1 - - #define XMSS_OID "XMSSMT-SHA2_40/2_256" - - #define XMSS_PUBLICKEYBYTES 64 - #define XMSS_SECRETKEYBYTES_SMALL 133 - #define XMSS_SECRETKEYBYTES 9600 - - #define XMSS_SIGNBYTES 5605 - - /* - * Maximum signatures: 2^h - 1 = 2^60 - 1 - * XMSS^MT has bigger signature and secret key (secret is not transfer), but better speed - */ - #elif TREE_LEVEL == 2 - - #define XMSS_OID "XMSSMT-SHA2_60/3_256" - - #define XMSS_PUBLICKEYBYTES 64 - #define XMSS_SECRETKEYBYTES_SMALL 136 - #define XMSS_SECRETKEYBYTES 16629 - - #define XMSS_SIGNBYTES 8392 - - - #else - - #error "Unspecified TREE_LEVEL {0,1,2}" - - #endif - -#endif - -#if XMSSMT == 1 - #define XMSS_PARSE_OID xmssmt_parse_oid - #define XMSS_STR_TO_OID xmssmt_str_to_oid - #define XMSS_KEYPAIR xmssmt_keypair - #define XMSS_SIGN xmssmt_sign - #define XMSS_SIGN_OPEN xmssmt_sign_open - #define XMSS_REMAINING_SIG xmssmt_remaining_signatures - #define XMSS_TOTAL_SIG xmssmt_total_signatures -#else - #define XMSS_PARSE_OID xmss_parse_oid - #define XMSS_STR_TO_OID xmss_str_to_oid - #define XMSS_KEYPAIR xmss_keypair - #define XMSS_SIGN xmss_sign - #define XMSS_SIGN_OPEN xmss_sign_open - #define XMSS_REMAINING_SIG xmss_remaining_signatures - #define XMSS_TOTAL_SIG xmss_total_signatures -#endif - -#if XMSS_SECRETKEYBYTES_SMALL_ENABLE -#define CRYPTO_SECRETKEYBYTES (XMSS_SECRETKEYBYTES_SMALL + XMSS_OID_LEN) -#define CRYPTO_ALGNAME XMSS_OID -#else -#define CRYPTO_SECRETKEYBYTES (XMSS_SECRETKEYBYTES + XMSS_OID_LEN) -#define CRYPTO_ALGNAME (XMSS_OID "_fast") -#endif - -#define CRYPTO_PUBLICKEYBYTES (XMSS_PUBLICKEYBYTES + XMSS_OID_LEN) -#define CRYPTO_BYTES XMSS_SIGNBYTES - -#endif diff --git a/src/sig_stfl/xmss/sig_stfl_xmss.h b/src/sig_stfl/xmss/sig_stfl_xmss.h index 1cf29900f3..d0f6ae6300 100644 --- a/src/sig_stfl/xmss/sig_stfl_xmss.h +++ b/src/sig_stfl/xmss/sig_stfl_xmss.h @@ -494,4 +494,13 @@ OQS_API OQS_STATUS OQS_SIG_STFL_alg_xmssmt_shake128_h60_12_sigs_total(unsigned l #endif +/* + * Secret key functions + */ +/* Serialize XMSS secret key data into a byte string */ +OQS_STATUS OQS_SECRET_KEY_XMSS_serialize_key(const OQS_SIG_STFL_SECRET_KEY *sk, size_t *sk_len, uint8_t **sk_buf_ptr); + +/* Deserialize XMSS byte string into an XMSS secret key data */ +OQS_STATUS OQS_SECRET_KEY_XMSS_deserialize_key(OQS_SIG_STFL_SECRET_KEY *sk, const size_t sk_len, const uint8_t *sk_buf); + #endif /* OQS_SIG_STFL_XMSS_H */ diff --git a/src/sig_stfl/xmss/sig_stfl_xmss_secret_key_functions.c b/src/sig_stfl/xmss/sig_stfl_xmss_secret_key_functions.c new file mode 100644 index 0000000000..9f50754ed2 --- /dev/null +++ b/src/sig_stfl/xmss/sig_stfl_xmss_secret_key_functions.c @@ -0,0 +1,48 @@ +// SPDX-License-Identifier: MIT + +#include +#include +#include "sig_stfl_xmss.h" + +/* Serialize XMSS secret key data into a byte string */ +OQS_STATUS OQS_SECRET_KEY_XMSS_serialize_key(const OQS_SIG_STFL_SECRET_KEY *sk, size_t *sk_len, uint8_t **sk_buf_ptr) { + if (sk == NULL || sk_len == NULL || sk_buf_ptr == NULL) { + return OQS_ERROR; + } + + uint8_t *sk_buf = malloc(sk->length_secret_key * sizeof(uint8_t)); + if (sk_buf == NULL) { + return OQS_ERROR; + } + + // Simply copy byte string of secret_key_data + memcpy(sk_buf, sk->secret_key_data, sk->length_secret_key); + + *sk_buf_ptr = sk_buf; + *sk_len = sk->length_secret_key; + + return OQS_SUCCESS; +} + +/* Deserialize XMSS byte string into an XMSS secret key data */ +OQS_STATUS OQS_SECRET_KEY_XMSS_deserialize_key(OQS_SIG_STFL_SECRET_KEY *sk, const size_t sk_len, const uint8_t *sk_buf) { + if (sk == NULL || sk_buf == NULL || (sk_len != sk->length_secret_key)) { + return OQS_ERROR; + } + + if (sk->secret_key_data != NULL) { + // Key data already present + // We dont want to trample over data + return OQS_ERROR; + } + + // Assume key data is not present + sk->secret_key_data = malloc(sk_len); + if (sk->secret_key_data == NULL) { + return OQS_ERROR; + } + + memcpy(sk->secret_key_data, sk_buf, sk_len); + + return OQS_SUCCESS; +} diff --git a/src/sig_stfl/xmss/sig_stfl_xmss_sha256_h10.c b/src/sig_stfl/xmss/sig_stfl_xmss_sha256_h10.c index 4ff8f24e7d..83d3c4b275 100644 --- a/src/sig_stfl/xmss/sig_stfl_xmss_sha256_h10.c +++ b/src/sig_stfl/xmss/sig_stfl_xmss_sha256_h10.c @@ -56,8 +56,18 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_XMSS_SHA256_H10_new(void) { sk->sigs_left = NULL; sk->sigs_total = NULL; + // Secret serialize/deserialize function + sk->serialize_key = OQS_SECRET_KEY_XMSS_serialize_key; + sk->deserialize_key = OQS_SECRET_KEY_XMSS_deserialize_key; + // Initialize the key with length_secret_key amount of bytes. sk->secret_key_data = (uint8_t *)malloc(sk->length_secret_key * sizeof(uint8_t)); + + if (sk->secret_key_data == NULL) { + OQS_MEM_insecure_free(sk); + return NULL; + } + memset(sk->secret_key_data, 0, sk->length_secret_key); sk->free_key = OQS_SECRET_KEY_XMSS_free; diff --git a/src/sig_stfl/xmss/sig_stfl_xmss_sha256_h16.c b/src/sig_stfl/xmss/sig_stfl_xmss_sha256_h16.c index f467b67595..b3f72ef038 100644 --- a/src/sig_stfl/xmss/sig_stfl_xmss_sha256_h16.c +++ b/src/sig_stfl/xmss/sig_stfl_xmss_sha256_h16.c @@ -56,8 +56,17 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_XMSS_SHA256_H16_new(void) { sk->sigs_left = NULL; sk->sigs_total = NULL; + // Secret serialize/deserialize function + sk->serialize_key = OQS_SECRET_KEY_XMSS_serialize_key; + sk->deserialize_key = OQS_SECRET_KEY_XMSS_deserialize_key; + // Initialize the key with length_secret_key amount of bytes. sk->secret_key_data = (uint8_t *)malloc(sk->length_secret_key * sizeof(uint8_t)); + + if (sk->secret_key_data == NULL) { + OQS_MEM_insecure_free(sk); + return NULL; + } memset(sk->secret_key_data, 0, sk->length_secret_key); sk->free_key = OQS_SECRET_KEY_XMSS_free; diff --git a/src/sig_stfl/xmss/sig_stfl_xmss_sha256_h20.c b/src/sig_stfl/xmss/sig_stfl_xmss_sha256_h20.c index ab7a74410f..660f8c797c 100644 --- a/src/sig_stfl/xmss/sig_stfl_xmss_sha256_h20.c +++ b/src/sig_stfl/xmss/sig_stfl_xmss_sha256_h20.c @@ -56,8 +56,17 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_XMSS_SHA256_H20_new(void) { sk->sigs_left = NULL; sk->sigs_total = NULL; + // Secret serialize/deserialize function + sk->serialize_key = OQS_SECRET_KEY_XMSS_serialize_key; + sk->deserialize_key = OQS_SECRET_KEY_XMSS_deserialize_key; + // Initialize the key with length_secret_key amount of bytes. sk->secret_key_data = (uint8_t *)malloc(sk->length_secret_key * sizeof(uint8_t)); + + if (sk->secret_key_data == NULL) { + OQS_MEM_insecure_free(sk); + return NULL; + } memset(sk->secret_key_data, 0, sk->length_secret_key); sk->free_key = OQS_SECRET_KEY_XMSS_free; diff --git a/src/sig_stfl/xmss/sig_stfl_xmss_sha512_h10.c b/src/sig_stfl/xmss/sig_stfl_xmss_sha512_h10.c index b38207c86b..735cd012f2 100644 --- a/src/sig_stfl/xmss/sig_stfl_xmss_sha512_h10.c +++ b/src/sig_stfl/xmss/sig_stfl_xmss_sha512_h10.c @@ -56,8 +56,17 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_XMSS_SHA512_H10_new(void) { sk->sigs_left = NULL; sk->sigs_total = NULL; + // Secret serialize/deserialize function + sk->serialize_key = OQS_SECRET_KEY_XMSS_serialize_key; + sk->deserialize_key = OQS_SECRET_KEY_XMSS_deserialize_key; + // Initialize the key with length_secret_key amount of bytes. sk->secret_key_data = (uint8_t *)malloc(sk->length_secret_key * sizeof(uint8_t)); + + if (sk->secret_key_data == NULL) { + OQS_MEM_insecure_free(sk); + return NULL; + } memset(sk->secret_key_data, 0, sk->length_secret_key); sk->free_key = OQS_SECRET_KEY_XMSS_free; diff --git a/src/sig_stfl/xmss/sig_stfl_xmss_sha512_h16.c b/src/sig_stfl/xmss/sig_stfl_xmss_sha512_h16.c index 050026311a..de64237cb1 100644 --- a/src/sig_stfl/xmss/sig_stfl_xmss_sha512_h16.c +++ b/src/sig_stfl/xmss/sig_stfl_xmss_sha512_h16.c @@ -56,8 +56,17 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_XMSS_SHA512_H16_new(void) { sk->sigs_left = NULL; sk->sigs_total = NULL; + // Secret serialize/deserialize function + sk->serialize_key = OQS_SECRET_KEY_XMSS_serialize_key; + sk->deserialize_key = OQS_SECRET_KEY_XMSS_deserialize_key; + // Initialize the key with length_secret_key amount of bytes. sk->secret_key_data = (uint8_t *)malloc(sk->length_secret_key * sizeof(uint8_t)); + + if (sk->secret_key_data == NULL) { + OQS_MEM_insecure_free(sk); + return NULL; + } memset(sk->secret_key_data, 0, sk->length_secret_key); sk->free_key = OQS_SECRET_KEY_XMSS_free; diff --git a/src/sig_stfl/xmss/sig_stfl_xmss_sha512_h20.c b/src/sig_stfl/xmss/sig_stfl_xmss_sha512_h20.c index b5084201fd..0917020588 100644 --- a/src/sig_stfl/xmss/sig_stfl_xmss_sha512_h20.c +++ b/src/sig_stfl/xmss/sig_stfl_xmss_sha512_h20.c @@ -56,8 +56,17 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_XMSS_SHA512_H20_new(void) { sk->sigs_left = NULL; sk->sigs_total = NULL; + // Secret serialize/deserialize function + sk->serialize_key = OQS_SECRET_KEY_XMSS_serialize_key; + sk->deserialize_key = OQS_SECRET_KEY_XMSS_deserialize_key; + // Initialize the key with length_secret_key amount of bytes. sk->secret_key_data = (uint8_t *)malloc(sk->length_secret_key * sizeof(uint8_t)); + + if (sk->secret_key_data == NULL) { + OQS_MEM_insecure_free(sk); + return NULL; + } memset(sk->secret_key_data, 0, sk->length_secret_key); sk->free_key = OQS_SECRET_KEY_XMSS_free; diff --git a/src/sig_stfl/xmss/sig_stfl_xmss_shake128_h10.c b/src/sig_stfl/xmss/sig_stfl_xmss_shake128_h10.c index ac43b57b3c..708981b3ac 100644 --- a/src/sig_stfl/xmss/sig_stfl_xmss_shake128_h10.c +++ b/src/sig_stfl/xmss/sig_stfl_xmss_shake128_h10.c @@ -56,8 +56,17 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_XMSS_SHAKE128_H10_new(void) { sk->sigs_left = NULL; sk->sigs_total = NULL; + // Secret serialize/deserialize function + sk->serialize_key = OQS_SECRET_KEY_XMSS_serialize_key; + sk->deserialize_key = OQS_SECRET_KEY_XMSS_deserialize_key; + // Initialize the key with length_secret_key amount of bytes. sk->secret_key_data = (uint8_t *)malloc(sk->length_secret_key * sizeof(uint8_t)); + + if (sk->secret_key_data == NULL) { + OQS_MEM_insecure_free(sk); + return NULL; + } memset(sk->secret_key_data, 0, sk->length_secret_key); sk->free_key = OQS_SECRET_KEY_XMSS_free; diff --git a/src/sig_stfl/xmss/sig_stfl_xmss_shake128_h16.c b/src/sig_stfl/xmss/sig_stfl_xmss_shake128_h16.c index 596939f155..e6381f0209 100644 --- a/src/sig_stfl/xmss/sig_stfl_xmss_shake128_h16.c +++ b/src/sig_stfl/xmss/sig_stfl_xmss_shake128_h16.c @@ -56,8 +56,17 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_XMSS_SHAKE128_H16_new(void) { sk->sigs_left = NULL; sk->sigs_total = NULL; + // Secret serialize/deserialize function + sk->serialize_key = OQS_SECRET_KEY_XMSS_serialize_key; + sk->deserialize_key = OQS_SECRET_KEY_XMSS_deserialize_key; + // Initialize the key with length_secret_key amount of bytes. sk->secret_key_data = (uint8_t *)malloc(sk->length_secret_key * sizeof(uint8_t)); + + if (sk->secret_key_data == NULL) { + OQS_MEM_insecure_free(sk); + return NULL; + } memset(sk->secret_key_data, 0, sk->length_secret_key); sk->free_key = OQS_SECRET_KEY_XMSS_free; diff --git a/src/sig_stfl/xmss/sig_stfl_xmss_shake128_h20.c b/src/sig_stfl/xmss/sig_stfl_xmss_shake128_h20.c index 37da02a13b..4b80a0c938 100644 --- a/src/sig_stfl/xmss/sig_stfl_xmss_shake128_h20.c +++ b/src/sig_stfl/xmss/sig_stfl_xmss_shake128_h20.c @@ -56,8 +56,17 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_XMSS_SHAKE128_H20_new(void) { sk->sigs_left = NULL; sk->sigs_total = NULL; + // Secret serialize/deserialize function + sk->serialize_key = OQS_SECRET_KEY_XMSS_serialize_key; + sk->deserialize_key = OQS_SECRET_KEY_XMSS_deserialize_key; + // Initialize the key with length_secret_key amount of bytes. sk->secret_key_data = (uint8_t *)malloc(sk->length_secret_key * sizeof(uint8_t)); + + if (sk->secret_key_data == NULL) { + OQS_MEM_insecure_free(sk); + return NULL; + } memset(sk->secret_key_data, 0, sk->length_secret_key); sk->free_key = OQS_SECRET_KEY_XMSS_free; diff --git a/src/sig_stfl/xmss/sig_stfl_xmss_shake256_h10.c b/src/sig_stfl/xmss/sig_stfl_xmss_shake256_h10.c index f0d27e2033..bdb3243bfc 100644 --- a/src/sig_stfl/xmss/sig_stfl_xmss_shake256_h10.c +++ b/src/sig_stfl/xmss/sig_stfl_xmss_shake256_h10.c @@ -56,8 +56,17 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_XMSS_SHAKE256_H10_new(void) { sk->sigs_left = NULL; sk->sigs_total = NULL; + // Secret serialize/deserialize function + sk->serialize_key = OQS_SECRET_KEY_XMSS_serialize_key; + sk->deserialize_key = OQS_SECRET_KEY_XMSS_deserialize_key; + // Initialize the key with length_secret_key amount of bytes. sk->secret_key_data = (uint8_t *)malloc(sk->length_secret_key * sizeof(uint8_t)); + + if (sk->secret_key_data == NULL) { + OQS_MEM_insecure_free(sk); + return NULL; + } memset(sk->secret_key_data, 0, sk->length_secret_key); sk->free_key = OQS_SECRET_KEY_XMSS_free; diff --git a/src/sig_stfl/xmss/sig_stfl_xmss_shake256_h16.c b/src/sig_stfl/xmss/sig_stfl_xmss_shake256_h16.c index 38cd5603a9..7b6b352720 100644 --- a/src/sig_stfl/xmss/sig_stfl_xmss_shake256_h16.c +++ b/src/sig_stfl/xmss/sig_stfl_xmss_shake256_h16.c @@ -56,8 +56,17 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_XMSS_SHAKE256_H16_new(void) { sk->sigs_left = NULL; sk->sigs_total = NULL; + // Secret serialize/deserialize function + sk->serialize_key = OQS_SECRET_KEY_XMSS_serialize_key; + sk->deserialize_key = OQS_SECRET_KEY_XMSS_deserialize_key; + // Initialize the key with length_secret_key amount of bytes. sk->secret_key_data = (uint8_t *)malloc(sk->length_secret_key * sizeof(uint8_t)); + + if (sk->secret_key_data == NULL) { + OQS_MEM_insecure_free(sk); + return NULL; + } memset(sk->secret_key_data, 0, sk->length_secret_key); sk->free_key = OQS_SECRET_KEY_XMSS_free; diff --git a/src/sig_stfl/xmss/sig_stfl_xmss_shake256_h20.c b/src/sig_stfl/xmss/sig_stfl_xmss_shake256_h20.c index ed1989876e..fa6c7cc060 100644 --- a/src/sig_stfl/xmss/sig_stfl_xmss_shake256_h20.c +++ b/src/sig_stfl/xmss/sig_stfl_xmss_shake256_h20.c @@ -56,8 +56,17 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_XMSS_SHAKE256_H20_new(void) { sk->sigs_left = NULL; sk->sigs_total = NULL; + // Secret serialize/deserialize function + sk->serialize_key = OQS_SECRET_KEY_XMSS_serialize_key; + sk->deserialize_key = OQS_SECRET_KEY_XMSS_deserialize_key; + // Initialize the key with length_secret_key amount of bytes. sk->secret_key_data = (uint8_t *)malloc(sk->length_secret_key * sizeof(uint8_t)); + + if (sk->secret_key_data == NULL) { + OQS_MEM_insecure_free(sk); + return NULL; + } memset(sk->secret_key_data, 0, sk->length_secret_key); sk->free_key = OQS_SECRET_KEY_XMSS_free; diff --git a/src/sig_stfl/xmss/sig_stfl_xmssmt_sha256_h20_2.c b/src/sig_stfl/xmss/sig_stfl_xmssmt_sha256_h20_2.c index 792d7a3559..60cb3dd8ad 100644 --- a/src/sig_stfl/xmss/sig_stfl_xmssmt_sha256_h20_2.c +++ b/src/sig_stfl/xmss/sig_stfl_xmssmt_sha256_h20_2.c @@ -56,8 +56,17 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_XMSSMT_SHA256_H20_2_new(void) { sk->sigs_left = NULL; sk->sigs_total = NULL; + // Secret serialize/deserialize function + sk->serialize_key = OQS_SECRET_KEY_XMSS_serialize_key; + sk->deserialize_key = OQS_SECRET_KEY_XMSS_deserialize_key; + // Initialize the key with length_secret_key amount of bytes. sk->secret_key_data = (uint8_t *)malloc(sk->length_secret_key * sizeof(uint8_t)); + + if (sk->secret_key_data == NULL) { + OQS_MEM_insecure_free(sk); + return NULL; + } memset(sk->secret_key_data, 0, sk->length_secret_key); sk->free_key = OQS_SECRET_KEY_XMSS_free; diff --git a/src/sig_stfl/xmss/sig_stfl_xmssmt_sha256_h20_4.c b/src/sig_stfl/xmss/sig_stfl_xmssmt_sha256_h20_4.c index 4a1d1cad52..cd698b3d44 100644 --- a/src/sig_stfl/xmss/sig_stfl_xmssmt_sha256_h20_4.c +++ b/src/sig_stfl/xmss/sig_stfl_xmssmt_sha256_h20_4.c @@ -56,8 +56,17 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_XMSSMT_SHA256_H20_4_new(void) { sk->sigs_left = NULL; sk->sigs_total = NULL; + // Secret serialize/deserialize function + sk->serialize_key = OQS_SECRET_KEY_XMSS_serialize_key; + sk->deserialize_key = OQS_SECRET_KEY_XMSS_deserialize_key; + // Initialize the key with length_secret_key amount of bytes. sk->secret_key_data = (uint8_t *)malloc(sk->length_secret_key * sizeof(uint8_t)); + + if (sk->secret_key_data == NULL) { + OQS_MEM_insecure_free(sk); + return NULL; + } memset(sk->secret_key_data, 0, sk->length_secret_key); sk->free_key = OQS_SECRET_KEY_XMSS_free; diff --git a/src/sig_stfl/xmss/sig_stfl_xmssmt_sha256_h40_2.c b/src/sig_stfl/xmss/sig_stfl_xmssmt_sha256_h40_2.c index 9bb9c61445..4b6d0a9021 100644 --- a/src/sig_stfl/xmss/sig_stfl_xmssmt_sha256_h40_2.c +++ b/src/sig_stfl/xmss/sig_stfl_xmssmt_sha256_h40_2.c @@ -56,8 +56,17 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_XMSSMT_SHA256_H40_2_new(void) { sk->sigs_left = NULL; sk->sigs_total = NULL; + // Secret serialize/deserialize function + sk->serialize_key = OQS_SECRET_KEY_XMSS_serialize_key; + sk->deserialize_key = OQS_SECRET_KEY_XMSS_deserialize_key; + // Initialize the key with length_secret_key amount of bytes. sk->secret_key_data = (uint8_t *)malloc(sk->length_secret_key * sizeof(uint8_t)); + + if (sk->secret_key_data == NULL) { + OQS_MEM_insecure_free(sk); + return NULL; + } memset(sk->secret_key_data, 0, sk->length_secret_key); sk->free_key = OQS_SECRET_KEY_XMSS_free; diff --git a/src/sig_stfl/xmss/sig_stfl_xmssmt_sha256_h40_4.c b/src/sig_stfl/xmss/sig_stfl_xmssmt_sha256_h40_4.c index 64a2da1331..c42a6db25f 100644 --- a/src/sig_stfl/xmss/sig_stfl_xmssmt_sha256_h40_4.c +++ b/src/sig_stfl/xmss/sig_stfl_xmssmt_sha256_h40_4.c @@ -56,8 +56,17 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_XMSSMT_SHA256_H40_4_new(void) { sk->sigs_left = NULL; sk->sigs_total = NULL; + // Secret serialize/deserialize function + sk->serialize_key = OQS_SECRET_KEY_XMSS_serialize_key; + sk->deserialize_key = OQS_SECRET_KEY_XMSS_deserialize_key; + // Initialize the key with length_secret_key amount of bytes. sk->secret_key_data = (uint8_t *)malloc(sk->length_secret_key * sizeof(uint8_t)); + + if (sk->secret_key_data == NULL) { + OQS_MEM_insecure_free(sk); + return NULL; + } memset(sk->secret_key_data, 0, sk->length_secret_key); sk->free_key = OQS_SECRET_KEY_XMSS_free; diff --git a/src/sig_stfl/xmss/sig_stfl_xmssmt_sha256_h40_8.c b/src/sig_stfl/xmss/sig_stfl_xmssmt_sha256_h40_8.c index 13843351ee..c29b43d2d1 100644 --- a/src/sig_stfl/xmss/sig_stfl_xmssmt_sha256_h40_8.c +++ b/src/sig_stfl/xmss/sig_stfl_xmssmt_sha256_h40_8.c @@ -56,8 +56,17 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_XMSSMT_SHA256_H40_8_new(void) { sk->sigs_left = NULL; sk->sigs_total = NULL; + // Secret serialize/deserialize function + sk->serialize_key = OQS_SECRET_KEY_XMSS_serialize_key; + sk->deserialize_key = OQS_SECRET_KEY_XMSS_deserialize_key; + // Initialize the key with length_secret_key amount of bytes. sk->secret_key_data = (uint8_t *)malloc(sk->length_secret_key * sizeof(uint8_t)); + + if (sk->secret_key_data == NULL) { + OQS_MEM_insecure_free(sk); + return NULL; + } memset(sk->secret_key_data, 0, sk->length_secret_key); sk->free_key = OQS_SECRET_KEY_XMSS_free; diff --git a/src/sig_stfl/xmss/sig_stfl_xmssmt_sha256_h60_12.c b/src/sig_stfl/xmss/sig_stfl_xmssmt_sha256_h60_12.c index 06873a58db..7e53563c2d 100644 --- a/src/sig_stfl/xmss/sig_stfl_xmssmt_sha256_h60_12.c +++ b/src/sig_stfl/xmss/sig_stfl_xmssmt_sha256_h60_12.c @@ -56,8 +56,17 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_XMSSMT_SHA256_H60_12_new(void) { sk->sigs_left = NULL; sk->sigs_total = NULL; + // Secret serialize/deserialize function + sk->serialize_key = OQS_SECRET_KEY_XMSS_serialize_key; + sk->deserialize_key = OQS_SECRET_KEY_XMSS_deserialize_key; + // Initialize the key with length_secret_key amount of bytes. sk->secret_key_data = (uint8_t *)malloc(sk->length_secret_key * sizeof(uint8_t)); + + if (sk->secret_key_data == NULL) { + OQS_MEM_insecure_free(sk); + return NULL; + } memset(sk->secret_key_data, 0, sk->length_secret_key); sk->free_key = OQS_SECRET_KEY_XMSS_free; diff --git a/src/sig_stfl/xmss/sig_stfl_xmssmt_sha256_h60_3.c b/src/sig_stfl/xmss/sig_stfl_xmssmt_sha256_h60_3.c index 67183fee79..c1ed78f606 100644 --- a/src/sig_stfl/xmss/sig_stfl_xmssmt_sha256_h60_3.c +++ b/src/sig_stfl/xmss/sig_stfl_xmssmt_sha256_h60_3.c @@ -56,8 +56,17 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_XMSSMT_SHA256_H60_3_new(void) { sk->sigs_left = NULL; sk->sigs_total = NULL; + // Secret serialize/deserialize function + sk->serialize_key = OQS_SECRET_KEY_XMSS_serialize_key; + sk->deserialize_key = OQS_SECRET_KEY_XMSS_deserialize_key; + // Initialize the key with length_secret_key amount of bytes. sk->secret_key_data = (uint8_t *)malloc(sk->length_secret_key * sizeof(uint8_t)); + + if (sk->secret_key_data == NULL) { + OQS_MEM_insecure_free(sk); + return NULL; + } memset(sk->secret_key_data, 0, sk->length_secret_key); sk->free_key = OQS_SECRET_KEY_XMSS_free; diff --git a/src/sig_stfl/xmss/sig_stfl_xmssmt_sha256_h60_6.c b/src/sig_stfl/xmss/sig_stfl_xmssmt_sha256_h60_6.c index 8ab9134684..bc644a4223 100644 --- a/src/sig_stfl/xmss/sig_stfl_xmssmt_sha256_h60_6.c +++ b/src/sig_stfl/xmss/sig_stfl_xmssmt_sha256_h60_6.c @@ -56,8 +56,17 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_XMSSMT_SHA256_H60_6_new(void) { sk->sigs_left = NULL; sk->sigs_total = NULL; + // Secret serialize/deserialize function + sk->serialize_key = OQS_SECRET_KEY_XMSS_serialize_key; + sk->deserialize_key = OQS_SECRET_KEY_XMSS_deserialize_key; + // Initialize the key with length_secret_key amount of bytes. sk->secret_key_data = (uint8_t *)malloc(sk->length_secret_key * sizeof(uint8_t)); + + if (sk->secret_key_data == NULL) { + OQS_MEM_insecure_free(sk); + return NULL; + } memset(sk->secret_key_data, 0, sk->length_secret_key); sk->free_key = OQS_SECRET_KEY_XMSS_free; diff --git a/src/sig_stfl/xmss/sig_stfl_xmssmt_shake128_h20_2.c b/src/sig_stfl/xmss/sig_stfl_xmssmt_shake128_h20_2.c index 279146a010..807eae702d 100644 --- a/src/sig_stfl/xmss/sig_stfl_xmssmt_shake128_h20_2.c +++ b/src/sig_stfl/xmss/sig_stfl_xmssmt_shake128_h20_2.c @@ -56,8 +56,17 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_XMSSMT_SHAKE128_H20_2_new(void) { sk->sigs_left = NULL; sk->sigs_total = NULL; + // Secret serialize/deserialize function + sk->serialize_key = OQS_SECRET_KEY_XMSS_serialize_key; + sk->deserialize_key = OQS_SECRET_KEY_XMSS_deserialize_key; + // Initialize the key with length_secret_key amount of bytes. sk->secret_key_data = (uint8_t *)malloc(sk->length_secret_key * sizeof(uint8_t)); + + if (sk->secret_key_data == NULL) { + OQS_MEM_insecure_free(sk); + return NULL; + } memset(sk->secret_key_data, 0, sk->length_secret_key); sk->free_key = OQS_SECRET_KEY_XMSS_free; diff --git a/src/sig_stfl/xmss/sig_stfl_xmssmt_shake128_h20_4.c b/src/sig_stfl/xmss/sig_stfl_xmssmt_shake128_h20_4.c index 961fd8c0a7..1082dcd999 100644 --- a/src/sig_stfl/xmss/sig_stfl_xmssmt_shake128_h20_4.c +++ b/src/sig_stfl/xmss/sig_stfl_xmssmt_shake128_h20_4.c @@ -56,8 +56,17 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_XMSSMT_SHAKE128_H20_4_new(void) { sk->sigs_left = NULL; sk->sigs_total = NULL; + // Secret serialize/deserialize function + sk->serialize_key = OQS_SECRET_KEY_XMSS_serialize_key; + sk->deserialize_key = OQS_SECRET_KEY_XMSS_deserialize_key; + // Initialize the key with length_secret_key amount of bytes. sk->secret_key_data = (uint8_t *)malloc(sk->length_secret_key * sizeof(uint8_t)); + + if (sk->secret_key_data == NULL) { + OQS_MEM_insecure_free(sk); + return NULL; + } memset(sk->secret_key_data, 0, sk->length_secret_key); sk->free_key = OQS_SECRET_KEY_XMSS_free; diff --git a/src/sig_stfl/xmss/sig_stfl_xmssmt_shake128_h40_2.c b/src/sig_stfl/xmss/sig_stfl_xmssmt_shake128_h40_2.c index a72d9b7e67..01d70f3a37 100644 --- a/src/sig_stfl/xmss/sig_stfl_xmssmt_shake128_h40_2.c +++ b/src/sig_stfl/xmss/sig_stfl_xmssmt_shake128_h40_2.c @@ -56,8 +56,17 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_XMSSMT_SHAKE128_H40_2_new(void) { sk->sigs_left = NULL; sk->sigs_total = NULL; + // Secret serialize/deserialize function + sk->serialize_key = OQS_SECRET_KEY_XMSS_serialize_key; + sk->deserialize_key = OQS_SECRET_KEY_XMSS_deserialize_key; + // Initialize the key with length_secret_key amount of bytes. sk->secret_key_data = (uint8_t *)malloc(sk->length_secret_key * sizeof(uint8_t)); + + if (sk->secret_key_data == NULL) { + OQS_MEM_insecure_free(sk); + return NULL; + } memset(sk->secret_key_data, 0, sk->length_secret_key); sk->free_key = OQS_SECRET_KEY_XMSS_free; diff --git a/src/sig_stfl/xmss/sig_stfl_xmssmt_shake128_h40_4.c b/src/sig_stfl/xmss/sig_stfl_xmssmt_shake128_h40_4.c index 64c2f8cea3..d5935a5752 100644 --- a/src/sig_stfl/xmss/sig_stfl_xmssmt_shake128_h40_4.c +++ b/src/sig_stfl/xmss/sig_stfl_xmssmt_shake128_h40_4.c @@ -56,8 +56,17 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_XMSSMT_SHAKE128_H40_4_new(void) { sk->sigs_left = NULL; sk->sigs_total = NULL; + // Secret serialize/deserialize function + sk->serialize_key = OQS_SECRET_KEY_XMSS_serialize_key; + sk->deserialize_key = OQS_SECRET_KEY_XMSS_deserialize_key; + // Initialize the key with length_secret_key amount of bytes. sk->secret_key_data = (uint8_t *)malloc(sk->length_secret_key * sizeof(uint8_t)); + + if (sk->secret_key_data == NULL) { + OQS_MEM_insecure_free(sk); + return NULL; + } memset(sk->secret_key_data, 0, sk->length_secret_key); sk->free_key = OQS_SECRET_KEY_XMSS_free; diff --git a/src/sig_stfl/xmss/sig_stfl_xmssmt_shake128_h40_8.c b/src/sig_stfl/xmss/sig_stfl_xmssmt_shake128_h40_8.c index 7b1c137e8a..743ff4cb96 100644 --- a/src/sig_stfl/xmss/sig_stfl_xmssmt_shake128_h40_8.c +++ b/src/sig_stfl/xmss/sig_stfl_xmssmt_shake128_h40_8.c @@ -56,8 +56,17 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_XMSSMT_SHAKE128_H40_8_new(void) { sk->sigs_left = NULL; sk->sigs_total = NULL; + // Secret serialize/deserialize function + sk->serialize_key = OQS_SECRET_KEY_XMSS_serialize_key; + sk->deserialize_key = OQS_SECRET_KEY_XMSS_deserialize_key; + // Initialize the key with length_secret_key amount of bytes. sk->secret_key_data = (uint8_t *)malloc(sk->length_secret_key * sizeof(uint8_t)); + + if (sk->secret_key_data == NULL) { + OQS_MEM_insecure_free(sk); + return NULL; + } memset(sk->secret_key_data, 0, sk->length_secret_key); sk->free_key = OQS_SECRET_KEY_XMSS_free; diff --git a/src/sig_stfl/xmss/sig_stfl_xmssmt_shake128_h60_12.c b/src/sig_stfl/xmss/sig_stfl_xmssmt_shake128_h60_12.c index 41c4317ad9..c571bbe7ea 100644 --- a/src/sig_stfl/xmss/sig_stfl_xmssmt_shake128_h60_12.c +++ b/src/sig_stfl/xmss/sig_stfl_xmssmt_shake128_h60_12.c @@ -56,8 +56,17 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_XMSSMT_SHAKE128_H60_12_new(void) { sk->sigs_left = NULL; sk->sigs_total = NULL; + // Secret serialize/deserialize function + sk->serialize_key = OQS_SECRET_KEY_XMSS_serialize_key; + sk->deserialize_key = OQS_SECRET_KEY_XMSS_deserialize_key; + // Initialize the key with length_secret_key amount of bytes. sk->secret_key_data = (uint8_t *)malloc(sk->length_secret_key * sizeof(uint8_t)); + + if (sk->secret_key_data == NULL) { + OQS_MEM_insecure_free(sk); + return NULL; + } memset(sk->secret_key_data, 0, sk->length_secret_key); sk->free_key = OQS_SECRET_KEY_XMSS_free; diff --git a/src/sig_stfl/xmss/sig_stfl_xmssmt_shake128_h60_3.c b/src/sig_stfl/xmss/sig_stfl_xmssmt_shake128_h60_3.c index 5a38219f83..83ed6b0b63 100644 --- a/src/sig_stfl/xmss/sig_stfl_xmssmt_shake128_h60_3.c +++ b/src/sig_stfl/xmss/sig_stfl_xmssmt_shake128_h60_3.c @@ -56,8 +56,17 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_XMSSMT_SHAKE128_H60_3_new(void) { sk->sigs_left = NULL; sk->sigs_total = NULL; + // Secret serialize/deserialize function + sk->serialize_key = OQS_SECRET_KEY_XMSS_serialize_key; + sk->deserialize_key = OQS_SECRET_KEY_XMSS_deserialize_key; + // Initialize the key with length_secret_key amount of bytes. sk->secret_key_data = (uint8_t *)malloc(sk->length_secret_key * sizeof(uint8_t)); + + if (sk->secret_key_data == NULL) { + OQS_MEM_insecure_free(sk); + return NULL; + } memset(sk->secret_key_data, 0, sk->length_secret_key); sk->free_key = OQS_SECRET_KEY_XMSS_free; diff --git a/src/sig_stfl/xmss/sig_stfl_xmssmt_shake128_h60_6.c b/src/sig_stfl/xmss/sig_stfl_xmssmt_shake128_h60_6.c index 9c860051d7..a8c3ed07af 100644 --- a/src/sig_stfl/xmss/sig_stfl_xmssmt_shake128_h60_6.c +++ b/src/sig_stfl/xmss/sig_stfl_xmssmt_shake128_h60_6.c @@ -56,8 +56,17 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_XMSSMT_SHAKE128_H60_6_new(void) { sk->sigs_left = NULL; sk->sigs_total = NULL; + // Secret serialize/deserialize function + sk->serialize_key = OQS_SECRET_KEY_XMSS_serialize_key; + sk->deserialize_key = OQS_SECRET_KEY_XMSS_deserialize_key; + // Initialize the key with length_secret_key amount of bytes. sk->secret_key_data = (uint8_t *)malloc(sk->length_secret_key * sizeof(uint8_t)); + + if (sk->secret_key_data == NULL) { + OQS_MEM_insecure_free(sk); + return NULL; + } memset(sk->secret_key_data, 0, sk->length_secret_key); sk->free_key = OQS_SECRET_KEY_XMSS_free;