diff --git a/.CMake/alg_support.cmake b/.CMake/alg_support.cmake index da79308dfd..27ce29c1da 100644 --- a/.CMake/alg_support.cmake +++ b/.CMake/alg_support.cmake @@ -529,6 +529,8 @@ cmake_dependent_option(OQS_ENABLE_SIG_STFL_xmssmt_shake128_h60_12 "" ON "OQS_ENA option(OQS_ENABLE_SIG_STFL_LMS "Enable LMS algorithm family" ON) +cmake_dependent_option(OQS_ENABLE_SIG_STFL_lms_sha256_h5_w8_h5_w8 "" ON "OQS_ENABLE_SIG_STFL_LMS" OFF) +cmake_dependent_option(OQS_ENABLE_SIG_STFL_lms_sha256_h10_w4_h5_w8 "" ON "OQS_ENABLE_SIG_STFL_LMS" OFF) if((OQS_MINIMAL_BUILD STREQUAL "ON")) message(FATAL_ERROR "OQS_MINIMAL_BUILD option ${OQS_MINIMAL_BUILD} no longer supported") diff --git a/README.md b/README.md index 53ef332e24..f91e39dea0 100644 --- a/README.md +++ b/README.md @@ -68,6 +68,8 @@ All names other than `ML-KEM` and `ML-DSA` are subject to change. `liboqs` makes - **ML-DSA**: ML-DSA-44-ipd (alias: ML-DSA-44), ML-DSA-65-ipd (alias: ML-DSA-65), ML-DSA-87-ipd (alias: ML-DSA-87) - **SPHINCS+-SHA2**: SPHINCS+-SHA2-128f-simple, SPHINCS+-SHA2-128s-simple, SPHINCS+-SHA2-192f-simple, SPHINCS+-SHA2-192s-simple, SPHINCS+-SHA2-256f-simple, SPHINCS+-SHA2-256s-simple - **SPHINCS+-SHAKE**: SPHINCS+-SHAKE-128f-simple, SPHINCS+-SHAKE-128s-simple, SPHINCS+-SHAKE-192f-simple, SPHINCS+-SHAKE-192s-simple, SPHINCS+-SHAKE-256f-simple, SPHINCS+-SHAKE-256s-simple +- **XMSS**: XMSS-SHA2_10_256, XMSS-SHA2_16_256, XMSS-SHA2_20_256, XMSS-SHAKE_10_256, XMSS-SHAKE_16_256, XMSS-SHAKE_20_256, XMSS-SHA2_10_512, XMSS-SHA2_16_512, XMSS-SHA2_20_512, XMSS-SHAKE_10_512, XMSS-SHAKE_16_512, XMSS-SHAKE_20_512, XMSSMT-SHA2_20/2_256, XMSSMT-SHA2_20/4_256, XMSSMT-SHA2_40/2_256, XMSSMT-SHA2_40/4_256, XMSSMT-SHA2_40/8_256, XMSSMT-SHA2_60/3_256, XMSSMT-SHA2_60/6_256, XMSSMT-SHA2_60/12_256, XMSSMT-SHAKE_20/2_256, XMSSMT-SHAKE_20/4_256, XMSSMT-SHAKE_40/2_256, XMSSMT-SHAKE_40/4_256, XMSSMT-SHAKE_40/8_256, XMSSMT-SHAKE_60/3_256, XMSSMT-SHAKE_60/6_256, XMSSMT-SHAKE_60/12_256 +- **LMS**: LMS_SHA256_H5_W1, LMS_SHA256_H5_W2, LMS_SHA256_H5_W4, LMS_SHA256_H5_W8, LMS_SHA256_H10_W1, LMS_SHA256_H10_W2, LMS_SHA256_H10_W4, LMS_SHA256_H10_W8, LMS_SHA256_H15_W1, LMS_SHA256_H15_W2, LMS_SHA256_H15_W4, LMS_SHA256_H15_W8, LMS_SHA256_H20_W1, LMS_SHA256_H20_W2, LMS_SHA256_H20_W4, LMS_SHA256_H20_W8, LMS_SHA256_H25_W1, LMS_SHA256_H25_W2, LMS_SHA256_H25_W4, LMS_SHA256_H25_W8, LMS_SHA256_H5_W8_H5_W8, LMS_SHA256_H10_W4_H5_W8, LMS_SHA256_H10_W8_H5_W8, LMS_SHA256_H10_W2_H10_W2, LMS_SHA256_H10_W4_H10_W4, LMS_SHA256_H10_W8_H10_W8, LMS_SHA256_H15_W8_H5_W8, LMS_SHA256_H15_W8_H10_W8, LMS_SHA256_H15_W8_H15_W8, LMS_SHA256_H20_W8_H5_W8, LMS_SHA256_H20_W8_H10_W8, LMS_SHA256_H20_W8_H15_W8, LMS_SHA256_H20_W8_H20_W8 Note that for algorithms marked with a dagger (†), liboqs contains at least one implementation that uses a large amount of stack space; this may cause failures when run in threads or in constrained environments. For more information, consult the algorithm information sheets in the [docs/algorithms](https://github.com/open-quantum-safe/liboqs/tree/main/docs/algorithms) folder. @@ -124,10 +126,12 @@ The following instructions assume we are in `build`. - `test_kem`: Simple test harness for key encapsulation mechanisms - `test_sig`: Simple test harness for key signature schemes + - `test_sig_stfl`: Simple test harness for stateful key signature schemes - `test_kem_mem`: Simple test harness for checking memory consumption of key encapsulation mechanisms - `test_sig_mem`: Simple test harness for checking memory consumption of key signature schemes - `kat_kem`: Program that generates known answer test (KAT) values for key encapsulation mechanisms using the same procedure as the NIST submission requirements, for checking against submitted KAT values using `tests/test_kat.py` - `kat_sig`: Program that generates known answer test (KAT) values for signature schemes using the same procedure as the NIST submission requirements, for checking against submitted KAT values using `tests/test_kat.py` + - `kat_stfl_sig`: Program for checking results against submitted KAT values using `tests/test_kat.py` - `speed_kem`: Benchmarking program for key encapsulation mechanisms; see `./speed_kem --help` for usage instructions - `speed_sig`: Benchmarking program for signature mechanisms; see `./speed_sig --help` for usage instructions - `example_kem`: Minimal runnable example showing the usage of the KEM API diff --git a/src/common/sha2/sha2_armv8.c b/src/common/sha2/sha2_armv8.c index f3bbf573a1..71d2cebb59 100644 --- a/src/common/sha2/sha2_armv8.c +++ b/src/common/sha2/sha2_armv8.c @@ -187,8 +187,11 @@ void oqs_sha2_sha256_inc_finalize_armv8(uint8_t *out, sha256ctx *state, const ui } memcpy(tmp_in, state->data, state->data_len); - memcpy(tmp_in + state->data_len, in, inlen); + if (in && inlen) { + memcpy(tmp_in + state->data_len, in, inlen); + } new_in = tmp_in; + state->data_len = 0; } uint64_t bytes = load_bigendian_64(state->ctx + 32) + new_inlen; @@ -280,33 +283,34 @@ void oqs_sha2_sha256_inc_blocks_armv8(sha256ctx *state, const uint8_t *in, size_ void oqs_sha2_sha256_inc_armv8(sha256ctx *state, const uint8_t *in, size_t len) { uint64_t bytes = 0; + size_t in_index = 0; while (len) { size_t incr = 64 - state->data_len; if (incr > len) { incr = len; } - for (size_t i = 0; i < incr; ++i, state->data_len++) { - state->data[state->data_len] = in[i]; + for (size_t i = 0; i < incr; ++i, state->data_len++, in_index++)) { + state->data[state->data_len] = in[in_index++)]; } if (state->data_len < 64) { - break; - } + break; + } - /* - * Process a complete block now - */ - bytes = load_bigendian_64(state->ctx + 32) + 64; - crypto_hashblocks_sha256_armv8(state->ctx, state->data, 64); - store_bigendian_64(state->ctx + 32, bytes); + /* + * Process a complete block now + */ + bytes = load_bigendian_64(state->ctx + 32) + 64; + crypto_hashblocks_sha256_armv8(state->ctx, state->data, 64); + store_bigendian_64(state->ctx + 32, bytes); - /* - * update the remaining input - */ - len -= incr; - state->data_len = 0; - } + /* + * update the remaining input + */ + len -= incr; + state->data_len = 0; +} } void oqs_sha2_sha224_inc_blocks_armv8(sha224ctx *state, const uint8_t *in, size_t inblocks) { diff --git a/src/common/sha2/sha2_c.c b/src/common/sha2/sha2_c.c index 33863f8040..b0f628136a 100644 --- a/src/common/sha2/sha2_c.c +++ b/src/common/sha2/sha2_c.c @@ -654,14 +654,15 @@ void oqs_sha2_sha256_inc_blocks_c(sha256ctx *state, const uint8_t *in, size_t in void oqs_sha2_sha256_inc_c(sha256ctx *state, const uint8_t *in, size_t len) { uint64_t bytes = 0; + size_t in_index = 0; while (len) { size_t incr = 64 - state->data_len; if (incr > len) { incr = len; } - for (size_t i = 0; i < incr; ++i, state->data_len++) { - state->data[state->data_len] = in[i]; + for (size_t i = 0; i < incr; ++i, state->data_len++, in_index++) { + state->data[state->data_len] = in[in_index]; } if (state->data_len < 64) { @@ -718,8 +719,11 @@ void oqs_sha2_sha256_inc_finalize_c(uint8_t *out, sha256ctx *state, const uint8_ } memcpy(tmp_in, state->data, state->data_len); - memcpy(tmp_in + state->data_len, in, inlen); + if (in && inlen) { + memcpy(tmp_in + state->data_len, in, inlen); + } new_in = tmp_in; + state->data_len = 0; } uint64_t bytes = load_bigendian_64(state->ctx + 32) + new_inlen; diff --git a/src/oqsconfig.h.cmake b/src/oqsconfig.h.cmake index 9626119e71..c2de65c545 100644 --- a/src/oqsconfig.h.cmake +++ b/src/oqsconfig.h.cmake @@ -222,3 +222,5 @@ #cmakedefine OQS_ENABLE_SIG_STFL_xmssmt_shake128_h60_12 1 #cmakedefine OQS_ENABLE_SIG_STFL_LMS 1 +#cmakedefine OQS_ENABLE_SIG_STFL_lms_sha256_h5_w8_h5_w8 1 +#cmakedefine OQS_ENABLE_SIG_STFL_lms_sha256_h10_w4_h5_w8 1 diff --git a/src/sig_stfl/lms/sig_stfl_lms.c b/src/sig_stfl/lms/sig_stfl_lms.c index b6d57902ee..9e65a5e442 100644 --- a/src/sig_stfl/lms/sig_stfl_lms.c +++ b/src/sig_stfl/lms/sig_stfl_lms.c @@ -22,7 +22,7 @@ OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h5_w1_keypair(uint8_t *public_key return OQS_ERROR; } - if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_n32_h5_w1) != 0) { + if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_h5_w1) != 0) { return OQS_ERROR; } return OQS_SUCCESS; @@ -36,8 +36,8 @@ OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h5_w1_new(void) { } memset(sig, 0, sizeof(OQS_SIG_STFL)); - sig->oid = OQS_LMS_ID_sha256_n32_h5_w1; - sig->method_name = OQS_SIG_STFL_alg_lms_sha256_n32_h5_w1; + sig->oid = OQS_LMS_ID_sha256_h5_w1; + sig->method_name = OQS_SIG_STFL_alg_lms_sha256_h5_w1; sig->alg_version = "https://datatracker.ietf.org/doc/html/rfc8554"; sig->euf_cma = true; @@ -109,7 +109,7 @@ OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h5_w2_keypair(uint8_t *public_key return OQS_ERROR; } - if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_n32_h5_w2) != 0) { + if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_h5_w2) != 0) { return OQS_ERROR; } return OQS_SUCCESS; @@ -123,8 +123,8 @@ OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h5_w2_new(void) { } memset(sig, 0, sizeof(OQS_SIG_STFL)); - sig->oid = OQS_LMS_ID_sha256_n32_h5_w2; - sig->method_name = OQS_SIG_STFL_alg_lms_sha256_n32_h5_w2; + sig->oid = OQS_LMS_ID_sha256_h5_w2; + sig->method_name = OQS_SIG_STFL_alg_lms_sha256_h5_w2; sig->alg_version = "https://datatracker.ietf.org/doc/html/rfc8554"; sig->euf_cma = true; @@ -196,7 +196,7 @@ OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h5_w4_keypair(uint8_t *public_key return OQS_ERROR; } - if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_n32_h5_w4) != 0) { + if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_h5_w4) != 0) { return OQS_ERROR; } return OQS_SUCCESS; @@ -210,8 +210,8 @@ OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h5_w4_new(void) { } memset(sig, 0, sizeof(OQS_SIG_STFL)); - sig->oid = OQS_LMS_ID_sha256_n32_h5_w4; - sig->method_name = OQS_SIG_STFL_alg_lms_sha256_n32_h5_w4; + sig->oid = OQS_LMS_ID_sha256_h5_w4; + sig->method_name = OQS_SIG_STFL_alg_lms_sha256_h5_w4; sig->alg_version = "https://datatracker.ietf.org/doc/html/rfc8554"; sig->euf_cma = true; @@ -283,7 +283,7 @@ OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h5_w8_keypair(uint8_t *public_key return OQS_ERROR; } - if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_n32_h5_w8) != 0) { + if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_h5_w8) != 0) { return OQS_ERROR; } return OQS_SUCCESS; @@ -297,8 +297,8 @@ OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h5_w8_new(void) { } memset(sig, 0, sizeof(OQS_SIG_STFL)); - sig->oid = OQS_LMS_ID_sha256_n32_h5_w8; - sig->method_name = OQS_SIG_STFL_alg_lms_sha256_n32_h5_w8; + sig->oid = OQS_LMS_ID_sha256_h5_w8; + sig->method_name = OQS_SIG_STFL_alg_lms_sha256_h5_w8; sig->alg_version = "https://datatracker.ietf.org/doc/html/rfc8554"; sig->euf_cma = true; @@ -370,7 +370,7 @@ OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h10_w1_keypair(uint8_t *public_ke return OQS_ERROR; } - if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_n32_h10_w1) != 0) { + if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_h10_w1) != 0) { return OQS_ERROR; } return OQS_SUCCESS; @@ -384,8 +384,8 @@ OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h10_w1_new(void) { } memset(sig, 0, sizeof(OQS_SIG_STFL)); - sig->oid = OQS_LMS_ID_sha256_n32_h10_w1; - sig->method_name = OQS_SIG_STFL_alg_lms_sha256_n32_h10_w1; + sig->oid = OQS_LMS_ID_sha256_h10_w1; + sig->method_name = OQS_SIG_STFL_alg_lms_sha256_h10_w1; sig->alg_version = "https://datatracker.ietf.org/doc/html/rfc8554"; sig->euf_cma = true; @@ -457,7 +457,7 @@ OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h10_w2_keypair(uint8_t *public_ke return OQS_ERROR; } - if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_n32_h10_w2) != 0) { + if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_h10_w2) != 0) { return OQS_ERROR; } return OQS_SUCCESS; @@ -471,8 +471,8 @@ OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h10_w2_new(void) { } memset(sig, 0, sizeof(OQS_SIG_STFL)); - sig->oid = OQS_LMS_ID_sha256_n32_h10_w2; - sig->method_name = OQS_SIG_STFL_alg_lms_sha256_n32_h10_w2; + sig->oid = OQS_LMS_ID_sha256_h10_w2; + sig->method_name = OQS_SIG_STFL_alg_lms_sha256_h10_w2; sig->alg_version = "https://datatracker.ietf.org/doc/html/rfc8554"; sig->euf_cma = true; @@ -544,7 +544,7 @@ OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h10_w4_keypair(uint8_t *public_ke return OQS_ERROR; } - if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_n32_h10_w4) != 0) { + if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_h10_w4) != 0) { return OQS_ERROR; } return OQS_SUCCESS; @@ -558,8 +558,8 @@ OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h10_w4_new(void) { } memset(sig, 0, sizeof(OQS_SIG_STFL)); - sig->oid = OQS_LMS_ID_sha256_n32_h10_w4; - sig->method_name = OQS_SIG_STFL_alg_lms_sha256_n32_h10_w4; + sig->oid = OQS_LMS_ID_sha256_h10_w4; + sig->method_name = OQS_SIG_STFL_alg_lms_sha256_h10_w4; sig->alg_version = "https://datatracker.ietf.org/doc/html/rfc8554"; sig->euf_cma = true; @@ -631,7 +631,7 @@ OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h10_w8_keypair(uint8_t *public_ke return OQS_ERROR; } - if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_n32_h10_w8) != 0) { + if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_h10_w8) != 0) { return OQS_ERROR; } return OQS_SUCCESS; @@ -645,8 +645,8 @@ OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h10_w8_new(void) { } memset(sig, 0, sizeof(OQS_SIG_STFL)); - sig->oid = OQS_LMS_ID_sha256_n32_h10_w8; - sig->method_name = OQS_SIG_STFL_alg_lms_sha256_n32_h10_w8; + sig->oid = OQS_LMS_ID_sha256_h10_w8; + sig->method_name = OQS_SIG_STFL_alg_lms_sha256_h10_w8; sig->alg_version = "https://datatracker.ietf.org/doc/html/rfc8554"; sig->euf_cma = true; @@ -718,7 +718,7 @@ OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h15_w1_keypair(uint8_t *public_ke return OQS_ERROR; } - if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_n32_h15_w1) != 0) { + if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_h15_w1) != 0) { return OQS_ERROR; } return OQS_SUCCESS; @@ -732,8 +732,8 @@ OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h15_w1_new(void) { } memset(sig, 0, sizeof(OQS_SIG_STFL)); - sig->oid = OQS_LMS_ID_sha256_n32_h15_w1; - sig->method_name = OQS_SIG_STFL_alg_lms_sha256_n32_h15_w1; + sig->oid = OQS_LMS_ID_sha256_h15_w1; + sig->method_name = OQS_SIG_STFL_alg_lms_sha256_h15_w1; sig->alg_version = "https://datatracker.ietf.org/doc/html/rfc8554"; sig->euf_cma = true; @@ -805,7 +805,7 @@ OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h15_w2_keypair(uint8_t *public_ke return OQS_ERROR; } - if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_n32_h15_w2) != 0) { + if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_h15_w2) != 0) { return OQS_ERROR; } return OQS_SUCCESS; @@ -819,8 +819,8 @@ OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h15_w2_new(void) { } memset(sig, 0, sizeof(OQS_SIG_STFL)); - sig->oid = OQS_LMS_ID_sha256_n32_h15_w2; - sig->method_name = OQS_SIG_STFL_alg_lms_sha256_n32_h15_w2; + sig->oid = OQS_LMS_ID_sha256_h15_w2; + sig->method_name = OQS_SIG_STFL_alg_lms_sha256_h15_w2; sig->alg_version = "https://datatracker.ietf.org/doc/html/rfc8554"; sig->euf_cma = true; @@ -892,7 +892,7 @@ OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h15_w4_keypair(uint8_t *public_ke return OQS_ERROR; } - if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_n32_h15_w4) != 0) { + if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_h15_w4) != 0) { return OQS_ERROR; } return OQS_SUCCESS; @@ -906,8 +906,8 @@ OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h15_w4_new(void) { } memset(sig, 0, sizeof(OQS_SIG_STFL)); - sig->oid = OQS_LMS_ID_sha256_n32_h15_w4; - sig->method_name = OQS_SIG_STFL_alg_lms_sha256_n32_h15_w4; + sig->oid = OQS_LMS_ID_sha256_h15_w4; + sig->method_name = OQS_SIG_STFL_alg_lms_sha256_h15_w4; sig->alg_version = "https://datatracker.ietf.org/doc/html/rfc8554"; sig->euf_cma = true; @@ -979,7 +979,7 @@ OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h15_w8_keypair(uint8_t *public_ke return OQS_ERROR; } - if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_n32_h15_w8) != 0) { + if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_h15_w8) != 0) { return OQS_ERROR; } return OQS_SUCCESS; @@ -993,8 +993,8 @@ OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h15_w8_new(void) { } memset(sig, 0, sizeof(OQS_SIG_STFL)); - sig->oid = OQS_LMS_ID_sha256_n32_h15_w8; - sig->method_name = OQS_SIG_STFL_alg_lms_sha256_n32_h15_w8; + sig->oid = OQS_LMS_ID_sha256_h15_w8; + sig->method_name = OQS_SIG_STFL_alg_lms_sha256_h15_w8; sig->alg_version = "https://datatracker.ietf.org/doc/html/rfc8554"; sig->euf_cma = true; @@ -1066,7 +1066,7 @@ OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h20_w1_keypair(uint8_t *public_ke return OQS_ERROR; } - if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_n32_h20_w1) != 0) { + if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_h20_w1) != 0) { return OQS_ERROR; } return OQS_SUCCESS; @@ -1080,8 +1080,8 @@ OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h20_w1_new(void) { } memset(sig, 0, sizeof(OQS_SIG_STFL)); - sig->oid = OQS_LMS_ID_sha256_n32_h20_w1; - sig->method_name = OQS_SIG_STFL_alg_lms_sha256_n32_h20_w1; + sig->oid = OQS_LMS_ID_sha256_h20_w1; + sig->method_name = OQS_SIG_STFL_alg_lms_sha256_h20_w1; sig->alg_version = "https://datatracker.ietf.org/doc/html/rfc8554"; sig->euf_cma = true; @@ -1153,7 +1153,7 @@ OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h20_w2_keypair(uint8_t *public_ke return OQS_ERROR; } - if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_n32_h20_w2) != 0) { + if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_h20_w2) != 0) { return OQS_ERROR; } return OQS_SUCCESS; @@ -1167,8 +1167,8 @@ OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h20_w2_new(void) { } memset(sig, 0, sizeof(OQS_SIG_STFL)); - sig->oid = OQS_LMS_ID_sha256_n32_h20_w2; - sig->method_name = OQS_SIG_STFL_alg_lms_sha256_n32_h20_w2; + sig->oid = OQS_LMS_ID_sha256_h20_w2; + sig->method_name = OQS_SIG_STFL_alg_lms_sha256_h20_w2; sig->alg_version = "https://datatracker.ietf.org/doc/html/rfc8554"; sig->euf_cma = true; @@ -1240,7 +1240,7 @@ OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h20_w4_keypair(uint8_t *public_ke return OQS_ERROR; } - if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_n32_h20_w4) != 0) { + if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_h20_w4) != 0) { return OQS_ERROR; } return OQS_SUCCESS; @@ -1254,8 +1254,8 @@ OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h20_w4_new(void) { } memset(sig, 0, sizeof(OQS_SIG_STFL)); - sig->oid = OQS_LMS_ID_sha256_n32_h20_w4; - sig->method_name = OQS_SIG_STFL_alg_lms_sha256_n32_h20_w4; + sig->oid = OQS_LMS_ID_sha256_h20_w4; + sig->method_name = OQS_SIG_STFL_alg_lms_sha256_h20_w4; sig->alg_version = "https://datatracker.ietf.org/doc/html/rfc8554"; sig->euf_cma = true; @@ -1327,7 +1327,7 @@ OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h20_w8_keypair(uint8_t *public_ke return OQS_ERROR; } - if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_n32_h20_w8) != 0) { + if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_h20_w8) != 0) { return OQS_ERROR; } return OQS_SUCCESS; @@ -1341,8 +1341,8 @@ OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h20_w8_new(void) { } memset(sig, 0, sizeof(OQS_SIG_STFL)); - sig->oid = OQS_LMS_ID_sha256_n32_h20_w8; - sig->method_name = OQS_SIG_STFL_alg_lms_sha256_n32_h20_w8; + sig->oid = OQS_LMS_ID_sha256_h20_w8; + sig->method_name = OQS_SIG_STFL_alg_lms_sha256_h20_w8; sig->alg_version = "https://datatracker.ietf.org/doc/html/rfc8554"; sig->euf_cma = true; @@ -1414,7 +1414,7 @@ OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h25_w1_keypair(uint8_t *public_ke return OQS_ERROR; } - if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_n32_h25_w1) != 0) { + if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_h25_w1) != 0) { return OQS_ERROR; } return OQS_SUCCESS; @@ -1428,8 +1428,8 @@ OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h25_w1_new(void) { } memset(sig, 0, sizeof(OQS_SIG_STFL)); - sig->oid = OQS_LMS_ID_sha256_n32_h25_w1; - sig->method_name = OQS_SIG_STFL_alg_lms_sha256_n32_h25_w1; + sig->oid = OQS_LMS_ID_sha256_h25_w1; + sig->method_name = OQS_SIG_STFL_alg_lms_sha256_h25_w1; sig->alg_version = "https://datatracker.ietf.org/doc/html/rfc8554"; sig->euf_cma = true; @@ -1501,7 +1501,7 @@ OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h25_w2_keypair(uint8_t *public_ke return OQS_ERROR; } - if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_n32_h25_w2) != 0) { + if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_h25_w2) != 0) { return OQS_ERROR; } return OQS_SUCCESS; @@ -1515,8 +1515,8 @@ OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h25_w2_new(void) { } memset(sig, 0, sizeof(OQS_SIG_STFL)); - sig->oid = OQS_LMS_ID_sha256_n32_h25_w2; - sig->method_name = OQS_SIG_STFL_alg_lms_sha256_n32_h25_w2; + sig->oid = OQS_LMS_ID_sha256_h25_w2; + sig->method_name = OQS_SIG_STFL_alg_lms_sha256_h25_w2; sig->alg_version = "https://datatracker.ietf.org/doc/html/rfc8554"; sig->euf_cma = true; @@ -1588,7 +1588,7 @@ OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h25_w4_keypair(uint8_t *public_ke return OQS_ERROR; } - if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_n32_h25_w4) != 0) { + if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_h25_w4) != 0) { return OQS_ERROR; } return OQS_SUCCESS; @@ -1602,8 +1602,8 @@ OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h25_w4_new(void) { } memset(sig, 0, sizeof(OQS_SIG_STFL)); - sig->oid = OQS_LMS_ID_sha256_n32_h25_w4; - sig->method_name = OQS_SIG_STFL_alg_lms_sha256_n32_h25_w4; + sig->oid = OQS_LMS_ID_sha256_h25_w4; + sig->method_name = OQS_SIG_STFL_alg_lms_sha256_h25_w4; sig->alg_version = "https://datatracker.ietf.org/doc/html/rfc8554"; sig->euf_cma = true; @@ -1675,7 +1675,7 @@ OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h25_w8_keypair(uint8_t *public_ke return OQS_ERROR; } - if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_n32_h25_w8) != 0) { + if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_h25_w8) != 0) { return OQS_ERROR; } return OQS_SUCCESS; @@ -1689,8 +1689,8 @@ OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h25_w8_new(void) { } memset(sig, 0, sizeof(OQS_SIG_STFL)); - sig->oid = OQS_LMS_ID_sha256_n32_h25_w8; - sig->method_name = OQS_SIG_STFL_alg_lms_sha256_n32_h25_w8; + sig->oid = OQS_LMS_ID_sha256_h25_w8; + sig->method_name = OQS_SIG_STFL_alg_lms_sha256_h25_w8; sig->alg_version = "https://datatracker.ietf.org/doc/html/rfc8554"; sig->euf_cma = true; @@ -1755,6 +1755,1121 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H25_W8_new(void) { return sk; } +// +//2-Level LMS +// ======================== LMS-SHA256 H5/W8, H5/W8 ======================== // + +OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h5_w8_h5_w8_keypair(uint8_t *public_key, OQS_SIG_STFL_SECRET_KEY *secret_key) { + if (secret_key == NULL || public_key == NULL) { + return OQS_ERROR; + } + + if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_h5_w8_h5_w8) != 0) { + return OQS_ERROR; + } + return OQS_SUCCESS; +} + +OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h5_w8_h5_w8_new(void) { + + OQS_SIG_STFL *sig = (OQS_SIG_STFL *)malloc(sizeof(OQS_SIG_STFL)); + if (sig == NULL) { + return NULL; + } + memset(sig, 0, sizeof(OQS_SIG_STFL)); + + sig->oid = OQS_LMS_ID_sha256_h5_w8_h5_w8; + sig->method_name = OQS_SIG_STFL_alg_lms_sha256_h5_w8_h5_w8; + sig->alg_version = "https://datatracker.ietf.org/doc/html/rfc8554"; + sig->euf_cma = true; + + sig->length_public_key = OQS_SIG_STFL_alg_lms_length_public_key; + sig->length_signature = OQS_SIG_STFL_alg_lms_sha256_h5_w8_h5_w8_length_signature; + sig->length_secret_key = OQS_SIG_STFL_alg_lms_length_private_key; + + sig->keypair = OQS_SIG_STFL_alg_lms_sha256_h5_w8_h5_w8_keypair; + sig->sign = OQS_SIG_STFL_alg_lms_sign; + sig->verify = OQS_SIG_STFL_alg_lms_verify; + + sig->sigs_remaining = OQS_SIG_STFL_lms_sigs_left; + sig->sigs_total = OQS_SIG_STFL_lms_sigs_total; + + return sig; +} + +OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H5_W8_H5_W8_new(void) { + + // Initialize the secret key in the heap with adequate memory + OQS_SIG_STFL_SECRET_KEY *sk = malloc(sizeof(OQS_SIG_STFL_SECRET_KEY)); + if (sk == NULL) { + return NULL; + } + memset(sk, 0, sizeof(OQS_SIG_STFL_SECRET_KEY)); + + // Initialize the key with length_secret_key amount of bytes. + sk->length_secret_key = OQS_SIG_STFL_alg_lms_length_private_key; + + /* + * Secret Key retrieval Function + */ + sk->serialize_key = OQS_SECRET_KEY_LMS_serialize_key; + + /* + * set Secret Key to internal structure Function + */ + sk->deserialize_key = OQS_SECRET_KEY_LMS_deserialize_key; + + /* + * Set Secret Key Locking Function + */ + sk->lock_key = NULL; + + /* + * Set Secret Key Saving Function + */ + sk->secure_store_scrt_key = NULL; + + /* + * Set Secret Key free function + */ + sk->free_key = OQS_SECRET_KEY_LMS_free; + + sk->set_scrt_key_store_cb = OQS_SECRET_KEY_LMS_set_store_cb; + + return sk; +} + +// ======================== LMS-SHA256 H10/W2, H10/W2 ======================== // + +OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h10_w2_h10_w2_keypair(uint8_t *public_key, OQS_SIG_STFL_SECRET_KEY *secret_key) { + if (secret_key == NULL || public_key == NULL) { + return OQS_ERROR; + } + + if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_h10_w2_h10_w2) != 0) { + return OQS_ERROR; + } + return OQS_SUCCESS; +} + +OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h10_w2_h10_w2_new(void) { + + OQS_SIG_STFL *sig = (OQS_SIG_STFL *)malloc(sizeof(OQS_SIG_STFL)); + if (sig == NULL) { + return NULL; + } + memset(sig, 0, sizeof(OQS_SIG_STFL)); + + sig->oid = OQS_LMS_ID_sha256_h10_w2_h10_w2; + sig->method_name = OQS_SIG_STFL_alg_lms_sha256_h10_w2_h10_w2; + sig->alg_version = "https://datatracker.ietf.org/doc/html/rfc8554"; + sig->euf_cma = true; + + sig->length_public_key = OQS_SIG_STFL_alg_lms_length_public_key; + sig->length_signature = OQS_SIG_STFL_alg_lms_sha256_h10_w2_h10_w2_length_signature; + sig->length_secret_key = OQS_SIG_STFL_alg_lms_length_private_key; + + sig->keypair = OQS_SIG_STFL_alg_lms_sha256_h10_w2_h10_w2_keypair; + sig->sign = OQS_SIG_STFL_alg_lms_sign; + sig->verify = OQS_SIG_STFL_alg_lms_verify; + + sig->sigs_remaining = OQS_SIG_STFL_lms_sigs_left; + sig->sigs_total = OQS_SIG_STFL_lms_sigs_total; + + return sig; +} + +OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H10_W2_H10_W2_new(void) { + + // Initialize the secret key in the heap with adequate memory + OQS_SIG_STFL_SECRET_KEY *sk = malloc(sizeof(OQS_SIG_STFL_SECRET_KEY)); + if (sk == NULL) { + return NULL; + } + memset(sk, 0, sizeof(OQS_SIG_STFL_SECRET_KEY)); + + // Initialize the key with length_secret_key amount of bytes. + sk->length_secret_key = OQS_SIG_STFL_alg_lms_length_private_key; + + /* + * Secret Key retrieval Function + */ + sk->serialize_key = OQS_SECRET_KEY_LMS_serialize_key; + + /* + * set Secret Key to internal structure Function + */ + sk->deserialize_key = OQS_SECRET_KEY_LMS_deserialize_key; + + /* + * Set Secret Key Locking Function + */ + sk->lock_key = NULL; + + /* + * Set Secret Key Saving Function + */ + sk->secure_store_scrt_key = NULL; + + /* + * Set Secret Key free function + */ + sk->free_key = OQS_SECRET_KEY_LMS_free; + + sk->set_scrt_key_store_cb = OQS_SECRET_KEY_LMS_set_store_cb; + + return sk; +} + +// ======================== LMS-SHA256 H10/W4, H5/W8 ======================== // + +OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h10_w4_h5_w8_keypair(uint8_t *public_key, OQS_SIG_STFL_SECRET_KEY *secret_key) { + if (secret_key == NULL || public_key == NULL) { + return OQS_ERROR; + } + + if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_h10_w4_h5_w8) != 0) { + return OQS_ERROR; + } + return OQS_SUCCESS; +} + +OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h10_w4_h5_w8_new(void) { + + OQS_SIG_STFL *sig = (OQS_SIG_STFL *)malloc(sizeof(OQS_SIG_STFL)); + if (sig == NULL) { + return NULL; + } + memset(sig, 0, sizeof(OQS_SIG_STFL)); + + sig->oid = OQS_LMS_ID_sha256_h10_w4_h5_w8; + sig->method_name = OQS_SIG_STFL_alg_lms_sha256_h10_w4_h5_w8; + sig->alg_version = "https://datatracker.ietf.org/doc/html/rfc8554"; + sig->euf_cma = true; + + sig->length_public_key = OQS_SIG_STFL_alg_lms_length_public_key; + sig->length_signature = OQS_SIG_STFL_alg_lms_sha256_h10_w4_h5_w8_length_signature; + sig->length_secret_key = OQS_SIG_STFL_alg_lms_length_private_key; + + sig->keypair = OQS_SIG_STFL_alg_lms_sha256_h10_w4_h5_w8_keypair; + sig->sign = OQS_SIG_STFL_alg_lms_sign; + sig->verify = OQS_SIG_STFL_alg_lms_verify; + + sig->sigs_remaining = OQS_SIG_STFL_lms_sigs_left; + sig->sigs_total = OQS_SIG_STFL_lms_sigs_total; + + return sig; +} + +OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H10_W4_H5_W8_new(void) { + + // Initialize the secret key in the heap with adequate memory + OQS_SIG_STFL_SECRET_KEY *sk = malloc(sizeof(OQS_SIG_STFL_SECRET_KEY)); + if (sk == NULL) { + return NULL; + } + memset(sk, 0, sizeof(OQS_SIG_STFL_SECRET_KEY)); + + // Initialize the key with length_secret_key amount of bytes. + sk->length_secret_key = OQS_SIG_STFL_alg_lms_length_private_key; + + /* + * Secret Key retrieval Function + */ + sk->serialize_key = OQS_SECRET_KEY_LMS_serialize_key; + + /* + * set Secret Key to internal structure Function + */ + sk->deserialize_key = OQS_SECRET_KEY_LMS_deserialize_key; + + /* + * Set Secret Key Locking Function + */ + sk->lock_key = NULL; + + /* + * Set Secret Key Saving Function + */ + sk->secure_store_scrt_key = NULL; + + /* + * Set Secret Key free function + */ + sk->free_key = OQS_SECRET_KEY_LMS_free; + + sk->set_scrt_key_store_cb = OQS_SECRET_KEY_LMS_set_store_cb; + + return sk; +} + +// ======================== LMS-SHA256 H10/W4, H10/W4 ======================== // + +OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h10_w4_h10_w4_keypair(uint8_t *public_key, OQS_SIG_STFL_SECRET_KEY *secret_key) { + if (secret_key == NULL || public_key == NULL) { + return OQS_ERROR; + } + + if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_h10_w4_h10_w4) != 0) { + return OQS_ERROR; + } + return OQS_SUCCESS; +} + +OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h10_w4_h10_w4_new(void) { + + OQS_SIG_STFL *sig = (OQS_SIG_STFL *)malloc(sizeof(OQS_SIG_STFL)); + if (sig == NULL) { + return NULL; + } + memset(sig, 0, sizeof(OQS_SIG_STFL)); + + sig->oid = OQS_LMS_ID_sha256_h10_w4_h10_w4; + sig->method_name = OQS_SIG_STFL_alg_lms_sha256_h10_w4_h10_w4; + sig->alg_version = "https://datatracker.ietf.org/doc/html/rfc8554"; + sig->euf_cma = true; + + sig->length_public_key = OQS_SIG_STFL_alg_lms_length_public_key; + sig->length_signature = OQS_SIG_STFL_alg_lms_sha256_h10_w4_h10_w4_length_signature; + sig->length_secret_key = OQS_SIG_STFL_alg_lms_length_private_key; + + sig->keypair = OQS_SIG_STFL_alg_lms_sha256_h10_w4_h10_w4_keypair; + sig->sign = OQS_SIG_STFL_alg_lms_sign; + sig->verify = OQS_SIG_STFL_alg_lms_verify; + + sig->sigs_remaining = OQS_SIG_STFL_lms_sigs_left; + sig->sigs_total = OQS_SIG_STFL_lms_sigs_total; + + return sig; +} + +OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H10_W4_H10_W4_new(void) { + + // Initialize the secret key in the heap with adequate memory + OQS_SIG_STFL_SECRET_KEY *sk = malloc(sizeof(OQS_SIG_STFL_SECRET_KEY)); + if (sk == NULL) { + return NULL; + } + memset(sk, 0, sizeof(OQS_SIG_STFL_SECRET_KEY)); + + // Initialize the key with length_secret_key amount of bytes. + sk->length_secret_key = OQS_SIG_STFL_alg_lms_length_private_key; + + /* + * Secret Key retrieval Function + */ + sk->serialize_key = OQS_SECRET_KEY_LMS_serialize_key; + + /* + * set Secret Key to internal structure Function + */ + sk->deserialize_key = OQS_SECRET_KEY_LMS_deserialize_key; + + /* + * Set Secret Key Locking Function + */ + sk->lock_key = NULL; + + /* + * Set Secret Key Saving Function + */ + sk->secure_store_scrt_key = NULL; + + /* + * Set Secret Key free function + */ + sk->free_key = OQS_SECRET_KEY_LMS_free; + + sk->set_scrt_key_store_cb = OQS_SECRET_KEY_LMS_set_store_cb; + + return sk; +} + +// ======================== LMS-SHA256 H10/W8, H5/W8 ======================== // + +OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h10_w8_h5_w8_keypair(uint8_t *public_key, OQS_SIG_STFL_SECRET_KEY *secret_key) { + if (secret_key == NULL || public_key == NULL) { + return OQS_ERROR; + } + + if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_h10_w8_h5_w8) != 0) { + return OQS_ERROR; + } + return OQS_SUCCESS; +} + +OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h10_w8_h5_w8_new(void) { + + OQS_SIG_STFL *sig = (OQS_SIG_STFL *)malloc(sizeof(OQS_SIG_STFL)); + if (sig == NULL) { + return NULL; + } + memset(sig, 0, sizeof(OQS_SIG_STFL)); + + sig->oid = OQS_LMS_ID_sha256_h10_w8_h5_w8; + sig->method_name = OQS_SIG_STFL_alg_lms_sha256_h10_w8_h5_w8; + sig->alg_version = "https://datatracker.ietf.org/doc/html/rfc8554"; + sig->euf_cma = true; + + sig->length_public_key = OQS_SIG_STFL_alg_lms_length_public_key; + sig->length_signature = OQS_SIG_STFL_alg_lms_sha256_h10_w8_h5_w8_length_signature; + sig->length_secret_key = OQS_SIG_STFL_alg_lms_length_private_key; + + sig->keypair = OQS_SIG_STFL_alg_lms_sha256_h10_w8_h5_w8_keypair; + sig->sign = OQS_SIG_STFL_alg_lms_sign; + sig->verify = OQS_SIG_STFL_alg_lms_verify; + + sig->sigs_remaining = OQS_SIG_STFL_lms_sigs_left; + sig->sigs_total = OQS_SIG_STFL_lms_sigs_total; + + return sig; +} + +OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H10_W8_H5_W8_new(void) { + + // Initialize the secret key in the heap with adequate memory + OQS_SIG_STFL_SECRET_KEY *sk = malloc(sizeof(OQS_SIG_STFL_SECRET_KEY)); + if (sk == NULL) { + return NULL; + } + memset(sk, 0, sizeof(OQS_SIG_STFL_SECRET_KEY)); + + // Initialize the key with length_secret_key amount of bytes. + sk->length_secret_key = OQS_SIG_STFL_alg_lms_length_private_key; + + /* + * Secret Key retrieval Function + */ + sk->serialize_key = OQS_SECRET_KEY_LMS_serialize_key; + + /* + * set Secret Key to internal structure Function + */ + sk->deserialize_key = OQS_SECRET_KEY_LMS_deserialize_key; + + /* + * Set Secret Key Locking Function + */ + sk->lock_key = NULL; + + /* + * Set Secret Key Unlocking / Releasing Function + */ + sk->unlock_key = NULL; + + /* + * Set Secret Key Saving Function + */ + sk->secure_store_scrt_key = NULL; + + /* + * Set Secret Key free function + */ + sk->free_key = OQS_SECRET_KEY_LMS_free; + + sk->set_scrt_key_store_cb = OQS_SECRET_KEY_LMS_set_store_cb; + + return sk; +} + +// ======================== LMS-SHA256 H10/W8, H10/W8 ======================== // + +OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h10_w8_h10_w8_keypair(uint8_t *public_key, OQS_SIG_STFL_SECRET_KEY *secret_key) { + if (secret_key == NULL || public_key == NULL) { + return OQS_ERROR; + } + + if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_h10_w8_h10_w8) != 0) { + return OQS_ERROR; + } + return OQS_SUCCESS; +} + +OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h10_w8_h10_w8_new(void) { + + OQS_SIG_STFL *sig = (OQS_SIG_STFL *)malloc(sizeof(OQS_SIG_STFL)); + if (sig == NULL) { + return NULL; + } + memset(sig, 0, sizeof(OQS_SIG_STFL)); + + sig->oid = OQS_LMS_ID_sha256_h15_w4; + sig->method_name = OQS_SIG_STFL_alg_lms_sha256_h10_w8_h10_w8; + sig->alg_version = "https://datatracker.ietf.org/doc/html/rfc8554"; + sig->euf_cma = true; + + sig->length_public_key = OQS_SIG_STFL_alg_lms_length_public_key; + sig->length_signature = OQS_SIG_STFL_alg_lms_sha256_h10_w8_h10_w8_length_signature; + sig->length_secret_key = OQS_SIG_STFL_alg_lms_length_private_key; + + sig->keypair = OQS_SIG_STFL_alg_lms_sha256_h10_w8_h10_w8_keypair; + sig->sign = OQS_SIG_STFL_alg_lms_sign; + sig->verify = OQS_SIG_STFL_alg_lms_verify; + + sig->sigs_remaining = OQS_SIG_STFL_lms_sigs_left; + sig->sigs_total = OQS_SIG_STFL_lms_sigs_total; + + return sig; +} + +OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H10_W8_H10_W8_new(void) { + + // Initialize the secret key in the heap with adequate memory + OQS_SIG_STFL_SECRET_KEY *sk = malloc(sizeof(OQS_SIG_STFL_SECRET_KEY)); + if (sk == NULL) { + return NULL; + } + memset(sk, 0, sizeof(OQS_SIG_STFL_SECRET_KEY)); + + // Initialize the key with length_secret_key amount of bytes. + sk->length_secret_key = OQS_SIG_STFL_alg_lms_length_private_key; + + /* + * Secret Key retrieval Function + */ + sk->serialize_key = OQS_SECRET_KEY_LMS_serialize_key; + + /* + * set Secret Key to internal structure Function + */ + sk->deserialize_key = OQS_SECRET_KEY_LMS_deserialize_key; + + /* + * Set Secret Key Locking Function + */ + sk->lock_key = NULL; + + /* + * Set Secret Key Unlocking / Releasing Function + */ + sk->unlock_key = NULL; + + /* + * Set Secret Key Saving Function + */ + sk->secure_store_scrt_key = NULL; + + /* + * Set Secret Key free function + */ + sk->free_key = OQS_SECRET_KEY_LMS_free; + + sk->set_scrt_key_store_cb = OQS_SECRET_KEY_LMS_set_store_cb; + + return sk; +} + +// ======================== LMS-SHA256 H15/W8, H5/W8 ======================== // + +OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h15_w8_h5_w8_keypair(uint8_t *public_key, OQS_SIG_STFL_SECRET_KEY *secret_key) { + if (secret_key == NULL || public_key == NULL) { + return OQS_ERROR; + } + + if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_h15_w8_h5_w8) != 0) { + return OQS_ERROR; + } + return OQS_SUCCESS; +} + +OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h15_w8_h5_w8_new(void) { + + OQS_SIG_STFL *sig = (OQS_SIG_STFL *)malloc(sizeof(OQS_SIG_STFL)); + if (sig == NULL) { + return NULL; + } + memset(sig, 0, sizeof(OQS_SIG_STFL)); + + sig->oid = OQS_LMS_ID_sha256_h15_w8_h5_w8; + sig->method_name = OQS_SIG_STFL_alg_lms_sha256_h15_w8_h5_w8; + sig->alg_version = "https://datatracker.ietf.org/doc/html/rfc8554"; + sig->euf_cma = true; + + sig->length_public_key = OQS_SIG_STFL_alg_lms_length_public_key; + sig->length_signature = OQS_SIG_STFL_alg_lms_sha256_h15_w8_h5_w8_length_signature; + sig->length_secret_key = OQS_SIG_STFL_alg_lms_length_private_key; + + sig->keypair = OQS_SIG_STFL_alg_lms_sha256_h15_w8_h5_w8_keypair; + sig->sign = OQS_SIG_STFL_alg_lms_sign; + sig->verify = OQS_SIG_STFL_alg_lms_verify; + + sig->sigs_remaining = OQS_SIG_STFL_lms_sigs_left; + sig->sigs_total = OQS_SIG_STFL_lms_sigs_total; + + return sig; +} + +OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H15_W8_H5_W8_new(void) { + + // Initialize the secret key in the heap with adequate memory + OQS_SIG_STFL_SECRET_KEY *sk = malloc(sizeof(OQS_SIG_STFL_SECRET_KEY)); + if (sk == NULL) { + return NULL; + } + memset(sk, 0, sizeof(OQS_SIG_STFL_SECRET_KEY)); + + // Initialize the key with length_secret_key amount of bytes. + sk->length_secret_key = OQS_SIG_STFL_alg_lms_length_private_key; + + /* + * Secret Key retrieval Function + */ + sk->serialize_key = OQS_SECRET_KEY_LMS_serialize_key; + + /* + * set Secret Key to internal structure Function + */ + sk->deserialize_key = OQS_SECRET_KEY_LMS_deserialize_key; + + /* + * Set Secret Key Locking Function + */ + sk->lock_key = NULL; + + /* + * Set Secret Key Unlocking / Releasing Function + */ + sk->unlock_key = NULL; + + /* + * Set Secret Key Saving Function + */ + sk->secure_store_scrt_key = NULL; + + /* + * Set Secret Key free function + */ + sk->free_key = OQS_SECRET_KEY_LMS_free; + + sk->set_scrt_key_store_cb = OQS_SECRET_KEY_LMS_set_store_cb; + + return sk; +} + +// ======================== LMS-SHA256 H15/W8, H10/W8 ======================== // + +OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h15_w8_h10_w8_keypair(uint8_t *public_key, OQS_SIG_STFL_SECRET_KEY *secret_key) { + if (secret_key == NULL || public_key == NULL) { + return OQS_ERROR; + } + + if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_h15_w8_h10_w8) != 0) { + return OQS_ERROR; + } + return OQS_SUCCESS; +} + +OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h15_w8_h10_w8_new(void) { + + OQS_SIG_STFL *sig = (OQS_SIG_STFL *)malloc(sizeof(OQS_SIG_STFL)); + if (sig == NULL) { + return NULL; + } + memset(sig, 0, sizeof(OQS_SIG_STFL)); + + sig->oid = OQS_LMS_ID_sha256_h15_w8_h10_w8; + sig->method_name = OQS_SIG_STFL_alg_lms_sha256_h15_w8_h10_w8; + sig->alg_version = "https://datatracker.ietf.org/doc/html/rfc8554"; + sig->euf_cma = true; + + sig->length_public_key = OQS_SIG_STFL_alg_lms_length_public_key; + sig->length_signature = OQS_SIG_STFL_alg_lms_sha256_h15_w8_h10_w8_length_signature; + sig->length_secret_key = OQS_SIG_STFL_alg_lms_length_private_key; + + sig->keypair = OQS_SIG_STFL_alg_lms_sha256_h15_w8_h10_w8_keypair; + sig->sign = OQS_SIG_STFL_alg_lms_sign; + sig->verify = OQS_SIG_STFL_alg_lms_verify; + + sig->sigs_remaining = OQS_SIG_STFL_lms_sigs_left; + sig->sigs_total = OQS_SIG_STFL_lms_sigs_total; + + return sig; +} + +OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H15_W8_H10_W8_new(void) { + + // Initialize the secret key in the heap with adequate memory + OQS_SIG_STFL_SECRET_KEY *sk = malloc(sizeof(OQS_SIG_STFL_SECRET_KEY)); + if (sk == NULL) { + return NULL; + } + memset(sk, 0, sizeof(OQS_SIG_STFL_SECRET_KEY)); + + // Initialize the key with length_secret_key amount of bytes. + sk->length_secret_key = OQS_SIG_STFL_alg_lms_length_private_key; + + /* + * Secret Key retrieval Function + */ + sk->serialize_key = OQS_SECRET_KEY_LMS_serialize_key; + + /* + * set Secret Key to internal structure Function + */ + sk->deserialize_key = OQS_SECRET_KEY_LMS_deserialize_key; + + /* + * Set Secret Key Locking Function + */ + sk->lock_key = NULL; + + /* + * Set Secret Key Unlocking / Releasing Function + */ + sk->unlock_key = NULL; + + /* + * Set Secret Key Saving Function + */ + sk->secure_store_scrt_key = NULL; + + /* + * Set Secret Key free function + */ + sk->free_key = OQS_SECRET_KEY_LMS_free; + + sk->set_scrt_key_store_cb = OQS_SECRET_KEY_LMS_set_store_cb; + + return sk; +} + +// ======================== LMS-SHA256 H15/W8, H15/W8 ======================== // + +OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h15_w8_h15_w8_keypair(uint8_t *public_key, OQS_SIG_STFL_SECRET_KEY *secret_key) { + if (secret_key == NULL || public_key == NULL) { + return OQS_ERROR; + } + + if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_h15_w8_h15_w8) != 0) { + return OQS_ERROR; + } + return OQS_SUCCESS; +} + +OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h15_w8_h15_w8_new(void) { + + OQS_SIG_STFL *sig = (OQS_SIG_STFL *)malloc(sizeof(OQS_SIG_STFL)); + if (sig == NULL) { + return NULL; + } + memset(sig, 0, sizeof(OQS_SIG_STFL)); + + sig->oid = OQS_LMS_ID_sha256_h15_w8_h15_w8; + sig->method_name = OQS_SIG_STFL_alg_lms_sha256_h15_w8_h15_w8; + sig->alg_version = "https://datatracker.ietf.org/doc/html/rfc8554"; + sig->euf_cma = true; + + sig->length_public_key = OQS_SIG_STFL_alg_lms_length_public_key; + sig->length_signature = OQS_SIG_STFL_alg_lms_sha256_h15_w8_h15_w8_length_signature; + sig->length_secret_key = OQS_SIG_STFL_alg_lms_length_private_key; + + sig->keypair = OQS_SIG_STFL_alg_lms_sha256_h15_w8_h15_w8_keypair; + sig->sign = OQS_SIG_STFL_alg_lms_sign; + sig->verify = OQS_SIG_STFL_alg_lms_verify; + + sig->sigs_remaining = OQS_SIG_STFL_lms_sigs_left; + sig->sigs_total = OQS_SIG_STFL_lms_sigs_total; + + return sig; +} + +OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H15_W8_H15_W8_new(void) { + + // Initialize the secret key in the heap with adequate memory + OQS_SIG_STFL_SECRET_KEY *sk = malloc(sizeof(OQS_SIG_STFL_SECRET_KEY)); + if (sk == NULL) { + return NULL; + } + memset(sk, 0, sizeof(OQS_SIG_STFL_SECRET_KEY)); + + // Initialize the key with length_secret_key amount of bytes. + sk->length_secret_key = OQS_SIG_STFL_alg_lms_length_private_key; + + /* + * Secret Key retrieval Function + */ + sk->serialize_key = OQS_SECRET_KEY_LMS_serialize_key; + + /* + * set Secret Key to internal structure Function + */ + sk->deserialize_key = OQS_SECRET_KEY_LMS_deserialize_key; + + /* + * Set Secret Key Locking Function + */ + sk->lock_key = NULL; + + /* + * Set Secret Key Unlocking / Releasing Function + */ + sk->unlock_key = NULL; + + /* + * Set Secret Key Saving Function + */ + sk->secure_store_scrt_key = NULL; + + /* + * Set Secret Key free function + */ + sk->free_key = OQS_SECRET_KEY_LMS_free; + + sk->set_scrt_key_store_cb = OQS_SECRET_KEY_LMS_set_store_cb; + + return sk; +} + +// ======================== LMS-SHA256 H20/W8, H5/W8 ======================== // + +OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h20_w8_h5_w8_keypair(uint8_t *public_key, OQS_SIG_STFL_SECRET_KEY *secret_key) { + if (secret_key == NULL || public_key == NULL) { + return OQS_ERROR; + } + + if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_h20_w8_h5_w8) != 0) { + return OQS_ERROR; + } + return OQS_SUCCESS; +} + +OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h20_w8_h5_w8_new(void) { + + OQS_SIG_STFL *sig = (OQS_SIG_STFL *)malloc(sizeof(OQS_SIG_STFL)); + if (sig == NULL) { + return NULL; + } + memset(sig, 0, sizeof(OQS_SIG_STFL)); + + sig->oid = OQS_LMS_ID_sha256_h20_w8_h5_w8; + sig->method_name = OQS_SIG_STFL_alg_lms_sha256_h20_w8_h5_w8; + sig->alg_version = "https://datatracker.ietf.org/doc/html/rfc8554"; + sig->euf_cma = true; + + sig->length_public_key = OQS_SIG_STFL_alg_lms_length_public_key; + sig->length_signature = OQS_SIG_STFL_alg_lms_sha256_h20_w8_h5_w8_length_signature; + sig->length_secret_key = OQS_SIG_STFL_alg_lms_length_private_key; + + sig->keypair = OQS_SIG_STFL_alg_lms_sha256_h20_w8_h5_w8_keypair; + sig->sign = OQS_SIG_STFL_alg_lms_sign; + sig->verify = OQS_SIG_STFL_alg_lms_verify; + + sig->sigs_remaining = OQS_SIG_STFL_lms_sigs_left; + sig->sigs_total = OQS_SIG_STFL_lms_sigs_total; + + return sig; +} + +OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H20_W8_H5_W8_new(void) { + + // Initialize the secret key in the heap with adequate memory + OQS_SIG_STFL_SECRET_KEY *sk = malloc(sizeof(OQS_SIG_STFL_SECRET_KEY)); + if (sk == NULL) { + return NULL; + } + memset(sk, 0, sizeof(OQS_SIG_STFL_SECRET_KEY)); + + // Initialize the key with length_secret_key amount of bytes. + sk->length_secret_key = OQS_SIG_STFL_alg_lms_length_private_key; + + /* + * Secret Key retrieval Function + */ + sk->serialize_key = OQS_SECRET_KEY_LMS_serialize_key; + + /* + * set Secret Key to internal structure Function + */ + sk->deserialize_key = OQS_SECRET_KEY_LMS_deserialize_key; + + /* + * Set Secret Key Locking Function + */ + sk->lock_key = NULL; + + /* + * Set Secret Key Unlocking / Releasing Function + */ + sk->unlock_key = NULL; + + /* + * Set Secret Key Saving Function + */ + sk->secure_store_scrt_key = NULL; + + /* + * Set Secret Key free function + */ + sk->free_key = OQS_SECRET_KEY_LMS_free; + + sk->set_scrt_key_store_cb = OQS_SECRET_KEY_LMS_set_store_cb; + + return sk; +} + +// ======================== LMS-SHA256 H20/W8, H10/W8 ======================== // + +OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h20_w8_h10_w8_keypair(uint8_t *public_key, OQS_SIG_STFL_SECRET_KEY *secret_key) { + if (secret_key == NULL || public_key == NULL) { + return OQS_ERROR; + } + + if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_h20_w8_h10_w8) != 0) { + return OQS_ERROR; + } + return OQS_SUCCESS; +} + +OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h20_w8_h10_w8_new(void) { + + OQS_SIG_STFL *sig = (OQS_SIG_STFL *)malloc(sizeof(OQS_SIG_STFL)); + if (sig == NULL) { + return NULL; + } + memset(sig, 0, sizeof(OQS_SIG_STFL)); + + sig->oid = OQS_LMS_ID_sha256_h20_w8_h10_w8; + sig->method_name = OQS_SIG_STFL_alg_lms_sha256_h20_w8_h10_w8; + sig->alg_version = "https://datatracker.ietf.org/doc/html/rfc8554"; + sig->euf_cma = true; + + sig->length_public_key = OQS_SIG_STFL_alg_lms_length_public_key; + sig->length_signature = OQS_SIG_STFL_alg_lms_sha256_h20_w8_h10_w8_length_signature; + sig->length_secret_key = OQS_SIG_STFL_alg_lms_length_private_key; + + sig->keypair = OQS_SIG_STFL_alg_lms_sha256_h20_w8_h10_w8_keypair; + sig->sign = OQS_SIG_STFL_alg_lms_sign; + sig->verify = OQS_SIG_STFL_alg_lms_verify; + + sig->sigs_remaining = OQS_SIG_STFL_lms_sigs_left; + sig->sigs_total = OQS_SIG_STFL_lms_sigs_total; + + return sig; +} + +OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H20_W8_H10_W8_new(void) { + + // Initialize the secret key in the heap with adequate memory + OQS_SIG_STFL_SECRET_KEY *sk = malloc(sizeof(OQS_SIG_STFL_SECRET_KEY)); + if (sk == NULL) { + return NULL; + } + memset(sk, 0, sizeof(OQS_SIG_STFL_SECRET_KEY)); + + // Initialize the key with length_secret_key amount of bytes. + sk->length_secret_key = OQS_SIG_STFL_alg_lms_length_private_key; + + /* + * Secret Key retrieval Function + */ + sk->serialize_key = OQS_SECRET_KEY_LMS_serialize_key; + + /* + * set Secret Key to internal structure Function + */ + sk->deserialize_key = OQS_SECRET_KEY_LMS_deserialize_key; + + /* + * Set Secret Key Locking Function + */ + sk->lock_key = NULL; + + /* + * Set Secret Key Unlocking / Releasing Function + */ + sk->unlock_key = NULL; + + /* + * Set Secret Key Saving Function + */ + sk->secure_store_scrt_key = NULL; + + /* + * Set Secret Key free function + */ + sk->free_key = OQS_SECRET_KEY_LMS_free; + + sk->set_scrt_key_store_cb = OQS_SECRET_KEY_LMS_set_store_cb; + + return sk; +} + +// ======================== LMS-SHA256 H20/W8, H15/W8 ======================== // + +OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h20_w8_h15_w8_keypair(uint8_t *public_key, OQS_SIG_STFL_SECRET_KEY *secret_key) { + if (secret_key == NULL || public_key == NULL) { + return OQS_ERROR; + } + + if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_h20_w8_h15_w8) != 0) { + return OQS_ERROR; + } + return OQS_SUCCESS; +} + +OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h20_w8_h15_w8_new(void) { + + OQS_SIG_STFL *sig = (OQS_SIG_STFL *)malloc(sizeof(OQS_SIG_STFL)); + if (sig == NULL) { + return NULL; + } + memset(sig, 0, sizeof(OQS_SIG_STFL)); + + sig->oid = OQS_LMS_ID_sha256_h20_w8_h15_w8; + sig->method_name = OQS_SIG_STFL_alg_lms_sha256_h20_w8_h15_w8; + sig->alg_version = "https://datatracker.ietf.org/doc/html/rfc8554"; + sig->euf_cma = true; + + sig->length_public_key = OQS_SIG_STFL_alg_lms_length_public_key; + sig->length_signature = OQS_SIG_STFL_alg_lms_sha256_h20_w8_h15_w8_length_signature; + sig->length_secret_key = OQS_SIG_STFL_alg_lms_length_private_key; + + sig->keypair = OQS_SIG_STFL_alg_lms_sha256_h20_w8_h15_w8_keypair; + sig->sign = OQS_SIG_STFL_alg_lms_sign; + sig->verify = OQS_SIG_STFL_alg_lms_verify; + + sig->sigs_remaining = OQS_SIG_STFL_lms_sigs_left; + sig->sigs_total = OQS_SIG_STFL_lms_sigs_total; + + return sig; +} + +OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H20_W8_H15_W8_new(void) { + + // Initialize the secret key in the heap with adequate memory + OQS_SIG_STFL_SECRET_KEY *sk = malloc(sizeof(OQS_SIG_STFL_SECRET_KEY)); + if (sk == NULL) { + return NULL; + } + memset(sk, 0, sizeof(OQS_SIG_STFL_SECRET_KEY)); + + // Initialize the key with length_secret_key amount of bytes. + sk->length_secret_key = OQS_SIG_STFL_alg_lms_length_private_key; + + /* + * Secret Key retrieval Function + */ + sk->serialize_key = OQS_SECRET_KEY_LMS_serialize_key; + + /* + * set Secret Key to internal structure Function + */ + sk->deserialize_key = OQS_SECRET_KEY_LMS_deserialize_key; + + /* + * Set Secret Key Locking Function + */ + sk->lock_key = NULL; + + /* + * Set Secret Key Unlocking / Releasing Function + */ + sk->unlock_key = NULL; + + /* + * Set Secret Key Saving Function + */ + sk->secure_store_scrt_key = NULL; + + /* + * Set Secret Key free function + */ + sk->free_key = OQS_SECRET_KEY_LMS_free; + + sk->set_scrt_key_store_cb = OQS_SECRET_KEY_LMS_set_store_cb; + + return sk; +} + +// ======================== LMS-SHA256 H20/W8, H20/W8 ======================== // + +OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h20_w8_h20_w8_keypair(uint8_t *public_key, OQS_SIG_STFL_SECRET_KEY *secret_key) { + if (secret_key == NULL || public_key == NULL) { + return OQS_ERROR; + } + + if (oqs_sig_stfl_lms_keypair(public_key, secret_key, (const uint32_t)OQS_LMS_ID_sha256_h20_w8_h20_w8) != 0) { + return OQS_ERROR; + } + return OQS_SUCCESS; +} + +OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h20_w8_h20_w8_new(void) { + + OQS_SIG_STFL *sig = (OQS_SIG_STFL *)malloc(sizeof(OQS_SIG_STFL)); + if (sig == NULL) { + return NULL; + } + memset(sig, 0, sizeof(OQS_SIG_STFL)); + + sig->oid = OQS_LMS_ID_sha256_h20_w8_h20_w8; + sig->method_name = OQS_SIG_STFL_alg_lms_sha256_h20_w8_h20_w8; + sig->alg_version = "https://datatracker.ietf.org/doc/html/rfc8554"; + sig->euf_cma = true; + + sig->length_public_key = OQS_SIG_STFL_alg_lms_length_public_key; + sig->length_signature = OQS_SIG_STFL_alg_lms_sha256_h20_w8_h20_w8_length_signature; + sig->length_secret_key = OQS_SIG_STFL_alg_lms_length_private_key; + + sig->keypair = OQS_SIG_STFL_alg_lms_sha256_h20_w8_h20_w8_keypair; + sig->sign = OQS_SIG_STFL_alg_lms_sign; + sig->verify = OQS_SIG_STFL_alg_lms_verify; + + sig->sigs_remaining = OQS_SIG_STFL_lms_sigs_left; + sig->sigs_total = OQS_SIG_STFL_lms_sigs_total; + + return sig; +} + +OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H20_W8_H20_W8_new(void) { + + // Initialize the secret key in the heap with adequate memory + OQS_SIG_STFL_SECRET_KEY *sk = malloc(sizeof(OQS_SIG_STFL_SECRET_KEY)); + if (sk == NULL) { + return NULL; + } + memset(sk, 0, sizeof(OQS_SIG_STFL_SECRET_KEY)); + + // Initialize the key with length_secret_key amount of bytes. + sk->length_secret_key = OQS_SIG_STFL_alg_lms_length_private_key; + + /* + * Secret Key retrieval Function + */ + sk->serialize_key = OQS_SECRET_KEY_LMS_serialize_key; + + /* + * set Secret Key to internal structure Function + */ + sk->deserialize_key = OQS_SECRET_KEY_LMS_deserialize_key; + + /* + * Set Secret Key Locking Function + */ + sk->lock_key = NULL; + + /* + * Set Secret Key Unlocking / Releasing Function + */ + sk->unlock_key = NULL; + + /* + * Set Secret Key Saving Function + */ + sk->secure_store_scrt_key = NULL; + + /* + * Set Secret Key free function + */ + sk->free_key = OQS_SECRET_KEY_LMS_free; + + sk->set_scrt_key_store_cb = OQS_SECRET_KEY_LMS_set_store_cb; + + return sk; +} +//2-Level LMS + + void OQS_SECRET_KEY_LMS_free(OQS_SIG_STFL_SECRET_KEY *sk) { oqs_secret_lms_key_free(sk); } diff --git a/src/sig_stfl/lms/sig_stfl_lms.h b/src/sig_stfl/lms/sig_stfl_lms.h index b75446d2e3..8380656eb0 100644 --- a/src/sig_stfl/lms/sig_stfl_lms.h +++ b/src/sig_stfl/lms/sig_stfl_lms.h @@ -7,30 +7,88 @@ //OQS LMS parameter identifiers /* Defined LM parameter sets */ -#define OQS_LMS_ID_sha256_n32_h5_w1 0x1 //"5/1" -#define OQS_LMS_ID_sha256_n32_h5_w2 0x2 //"5/2" -#define OQS_LMS_ID_sha256_n32_h5_w4 0x3 //"5/4" -#define OQS_LMS_ID_sha256_n32_h5_w8 0x4 //"5/8" - -#define OQS_LMS_ID_sha256_n32_h10_w1 0x5 //"10/1" -#define OQS_LMS_ID_sha256_n32_h10_w2 0x7 //"10/2" -#define OQS_LMS_ID_sha256_n32_h10_w4 0x8 //"10/4" -#define OQS_LMS_ID_sha256_n32_h10_w8 0x9 //"10/8" - -#define OQS_LMS_ID_sha256_n32_h15_w1 0xa //"15/1" -#define OQS_LMS_ID_sha256_n32_h15_w2 0xb //"15/2" -#define OQS_LMS_ID_sha256_n32_h15_w4 0xc//"15/4" -#define OQS_LMS_ID_sha256_n32_h15_w8 0xd //"15/8" - -#define OQS_LMS_ID_sha256_n32_h20_w1 0xe //"20/1" -#define OQS_LMS_ID_sha256_n32_h20_w2 0xf //"20/2" -#define OQS_LMS_ID_sha256_n32_h20_w4 0x10 //"20/4" -#define OQS_LMS_ID_sha256_n32_h20_w8 0x11 //"20/8" - -#define OQS_LMS_ID_sha256_n32_h25_w1 0x12 //"25/1" -#define OQS_LMS_ID_sha256_n32_h25_w2 0x13 //"25/2" -#define OQS_LMS_ID_sha256_n32_h25_w4 0x14 //"25/4" -#define OQS_LMS_ID_sha256_n32_h25_w8 0x15 //"25/8" +/* + * Convention + * Where ... + * L = number of Levels + * H = LMS H ID + * LMS_SHA256_M32_H5 0x05 + * LMS_SHA256_M32_H10 0x06 + * LMS_SHA256_M32_H15 0x07 + * LMS_SHA256_M32_H20 0x08 + * LMS_SHA256_M32_H25 0x09 + * + * W = Winternitz value + * LMOTS_SHA256_N32_W1 0x01 + * LMOTS_SHA256_N32_W2 0x02 + * LMOTS_SHA256_N32_W4 0x03 + * LMOTS_SHA256_N32_W8 0x04 + * + * e.g. + * OQS_LMS_ID_sha256_h5_w1 -- "5/1" ----- 0x0151 + * "5/1,5/2" ----- 0x025152 + * Number of levels L {1, 2, 3, ..., 8} + * 0x0LH(l1))W(l1)H(l2)W(l2) + * e.g + * For OQS_LMS_ID_sha256_h5_w1 the oid is 0x0151 + * Number of levels is.....0x01 + * H5 ID is.........5 + * W1 ID is..........1 + * +* For OQS_LMS_ID_sha256_h10_w4_h5_w8 the is 0x026354 + * Number of levels is.......0x02 + * Level 1 H10 ID is...........6 + * Level 1 W4 ID is............3 + * Level 2 H5 ID is.............5 + * Level 2 W8 ID is..............4 + */ +#define OQS_LMS_ID_sha256_h5_w1 0x0151 //"5/1" +#define OQS_LMS_ID_sha256_h5_w2 0x0152 //"5/2" +#define OQS_LMS_ID_sha256_h5_w4 0x0153 //"5/4" +#define OQS_LMS_ID_sha256_h5_w8 0x0154 //"5/8" + +#define OQS_LMS_ID_sha256_h10_w1 0x0161 //"10/1" +#define OQS_LMS_ID_sha256_h10_w2 0x0162 //"10/2" +#define OQS_LMS_ID_sha256_h10_w4 0x0163 //"10/4" +#define OQS_LMS_ID_sha256_h10_w8 0x0164 //"10/8" + +#define OQS_LMS_ID_sha256_h15_w1 0x0171 //"15/1" +#define OQS_LMS_ID_sha256_h15_w2 0x0172 //"15/2" +#define OQS_LMS_ID_sha256_h15_w4 0x0173 //"15/4" +#define OQS_LMS_ID_sha256_h15_w8 0x0174 //"15/8" + +#define OQS_LMS_ID_sha256_h20_w1 0x0181 //"20/1" +#define OQS_LMS_ID_sha256_h20_w2 0x0182 //"20/2" +#define OQS_LMS_ID_sha256_h20_w4 0x0183 //"20/4" +#define OQS_LMS_ID_sha256_h20_w8 0x0184 //"20/8" + +#define OQS_LMS_ID_sha256_h25_w1 0x0191 //"25/1" +#define OQS_LMS_ID_sha256_h25_w2 0x0192 //"25/2" +#define OQS_LMS_ID_sha256_h25_w4 0x0193 //"25/4" +#define OQS_LMS_ID_sha256_h25_w8 0x0194 //"25/8" + +//2-Level LMS + +//RFC 8554 example +#define OQS_LMS_ID_sha256_h5_w8_h5_w8 0x025454 //"5/8,5/8" + +//RFC 8554 example +#define OQS_LMS_ID_sha256_h10_w4_h5_w8 0x026354 //"10/4,5/8" + +//Wolf +#define OQS_LMS_ID_sha256_h10_w2_h10_w2 0x026262 //"10/2,10/2" +#define OQS_LMS_ID_sha256_h10_w4_h10_w4 0x026363 //"10/4,10/4" + +#define OQS_LMS_ID_sha256_h10_w8_h5_w8 0x026454 //"10/8,5/8" +//Wolf +#define OQS_LMS_ID_sha256_h10_w8_h10_w8 0x026464 //"10/8,10/8" +#define OQS_LMS_ID_sha256_h15_w8_h5_w8 0x027454 //"15/8,5/8" +#define OQS_LMS_ID_sha256_h15_w8_h10_w8 0x027464 //"15/8,10/8" +#define OQS_LMS_ID_sha256_h15_w8_h15_w8 0x027474 //"15/8,15/8" +#define OQS_LMS_ID_sha256_h20_w8_h5_w8 0x028454 //"20/8,5/8" +#define OQS_LMS_ID_sha256_h20_w8_h10_w8 0x028464 //"20/8,10/8" +#define OQS_LMS_ID_sha256_h20_w8_h15_w8 0x028474 //"20/8,15/8" +#define OQS_LMS_ID_sha256_h20_w8_h20_w8 0x028484 //"20/8,20/8" //H5 #define OQS_SIG_STFL_alg_lms_sha256_h5_w1_length_signature 8688 @@ -198,6 +256,81 @@ OQS_API OQS_STATUS OQS_SIG_STFL_lms_sigs_total(unsigned long long *totaln, const void OQS_SECRET_KEY_LMS_free(OQS_SIG_STFL_SECRET_KEY *sk); + +//2-Level LMS +#define OQS_SIG_STFL_alg_lms_length_private_key 64 +#define OQS_SIG_STFL_alg_lms_length_public_key 60 +#define OQS_SIG_STFL_alg_lms_sha256_h5_w8_h5_w8_length_signature 2644 + +#define OQS_SIG_STFL_alg_lms_sha256_h10_w8_h5_w8_length_signature 2804 + +#define OQS_SIG_STFL_alg_lms_sha256_h10_w4_h5_w8_length_signature 3860 + +#define OQS_SIG_STFL_alg_lms_sha256_h10_w2_h10_w2_length_signature 9300 +#define OQS_SIG_STFL_alg_lms_sha256_h10_w4_h10_w4_length_signature 5076 +#define OQS_SIG_STFL_alg_lms_sha256_h10_w8_h10_w8_length_signature 2964 + +#define OQS_SIG_STFL_alg_lms_sha256_h15_w8_h5_w8_length_signature 2964 +#define OQS_SIG_STFL_alg_lms_sha256_h15_w8_h10_w8_length_signature 3124 +#define OQS_SIG_STFL_alg_lms_sha256_h15_w8_h15_w8_length_signature 3284 + +#define OQS_SIG_STFL_alg_lms_sha256_h20_w8_h5_w8_length_signature 3124 +#define OQS_SIG_STFL_alg_lms_sha256_h20_w8_h10_w8_length_signature 3284 +#define OQS_SIG_STFL_alg_lms_sha256_h20_w8_h15_w8_length_signature 3444 +#define OQS_SIG_STFL_alg_lms_sha256_h20_w8_h20_w8_length_signature 3604 + +OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h5_w8_h5_w8_keypair(uint8_t *public_key, OQS_SIG_STFL_SECRET_KEY *secret_key); +OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H5_W8_H5_W8_new(void); +OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h5_w8_h5_w8_new(void); + +OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h10_w4_h5_w8_keypair(uint8_t *public_key, OQS_SIG_STFL_SECRET_KEY *secret_key); +OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H10_W4_H5_W8_new(void); +OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h10_w4_h5_w8_new(void); + +OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h10_w8_h5_w8_keypair(uint8_t *public_key, OQS_SIG_STFL_SECRET_KEY *secret_key); +OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H10_W8_H5_W8_new(void); +OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h10_w8_h5_w8_new(void); + +OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h10_w2_h10_w2_keypair(uint8_t *public_key, OQS_SIG_STFL_SECRET_KEY *secret_key); +OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H10_W2_H10_W2_new(void); +OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h10_w2_h10_w2_new(void); + +OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h10_w4_h10_w4_keypair(uint8_t *public_key, OQS_SIG_STFL_SECRET_KEY *secret_key); +OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H10_W4_H10_W4_new(void); +OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h10_w4_h10_w4_new(void); + +OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h10_w8_h10_w8_keypair(uint8_t *public_key, OQS_SIG_STFL_SECRET_KEY *secret_key); +OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H10_W8_H10_W8_new(void); +OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h10_w8_h10_w8_new(void); + +OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h15_w8_h5_w8_keypair(uint8_t *public_key, OQS_SIG_STFL_SECRET_KEY *secret_key); +OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H15_W8_H5_W8_new(void); +OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h15_w8_h5_w8_new(void); + +OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h15_w8_h10_w8_keypair(uint8_t *public_key, OQS_SIG_STFL_SECRET_KEY *secret_key); +OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H15_W8_H10_W8_new(void); +OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h15_w8_h10_w8_new(void); + +OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h15_w8_h15_w8_keypair(uint8_t *public_key, OQS_SIG_STFL_SECRET_KEY *secret_key); +OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H15_W8_H15_W8_new(void); +OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h15_w8_h15_w8_new(void); + +OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h20_w8_h5_w8_keypair(uint8_t *public_key, OQS_SIG_STFL_SECRET_KEY *secret_key); +OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H20_W8_H5_W8_new(void); +OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h20_w8_h5_w8_new(void); + +OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h20_w8_h10_w8_keypair(uint8_t *public_key, OQS_SIG_STFL_SECRET_KEY *secret_key); +OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H20_W8_H10_W8_new(void); +OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h20_w8_h10_w8_new(void); + +OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h20_w8_h15_w8_keypair(uint8_t *public_key, OQS_SIG_STFL_SECRET_KEY *secret_key); +OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H20_W8_H15_W8_new(void); +OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h20_w8_h15_w8_new(void); + +OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sha256_h20_w8_h20_w8_keypair(uint8_t *public_key, OQS_SIG_STFL_SECRET_KEY *secret_key); +OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H20_W8_H20_W8_new(void); +OQS_SIG_STFL *OQS_SIG_STFL_alg_lms_sha256_h20_w8_h20_w8_new(void); + // ----------------------------------- WRAPPER FUNCTIONS ------------------------------------------------ int oqs_sig_stfl_lms_keypair(uint8_t *pk, OQS_SIG_STFL_SECRET_KEY *sk, const uint32_t oid); diff --git a/src/sig_stfl/lms/sig_stfl_lms_functions.c b/src/sig_stfl/lms/sig_stfl_lms_functions.c index 1e3154b009..b05910d089 100644 --- a/src/sig_stfl/lms/sig_stfl_lms_functions.c +++ b/src/sig_stfl/lms/sig_stfl_lms_functions.c @@ -205,7 +205,7 @@ OQS_API OQS_STATUS OQS_SIG_STFL_lms_sigs_total(unsigned long long *total, const } *total = (unsigned long long)working_key->max_count; - OQS_MEM_secure_free(working_key, sizeof(struct hss_working_key)); + hss_free_working_key(working_key); return OQS_SUCCESS; } @@ -276,91 +276,182 @@ int oqs_sig_stfl_lms_keypair(uint8_t *pk, OQS_SIG_STFL_SECRET_KEY *sk, const uin /* Set lms param set */ switch (oid) { - case OQS_LMS_ID_sha256_n32_h5_w1: + case OQS_LMS_ID_sha256_h5_w1: oqs_key_data->lm_type[0] = LMS_SHA256_N32_H5; oqs_key_data->lm_ots_type[0] = LMOTS_SHA256_N32_W1; break; - case OQS_LMS_ID_sha256_n32_h5_w2: + case OQS_LMS_ID_sha256_h5_w2: oqs_key_data->lm_type[0] = LMS_SHA256_N32_H5; oqs_key_data->lm_ots_type[0] = LMOTS_SHA256_N32_W2; break; - case OQS_LMS_ID_sha256_n32_h5_w4: + case OQS_LMS_ID_sha256_h5_w4: oqs_key_data->lm_type[0] = LMS_SHA256_N32_H5; oqs_key_data->lm_ots_type[0] = LMOTS_SHA256_N32_W4; break; - case OQS_LMS_ID_sha256_n32_h5_w8: + case OQS_LMS_ID_sha256_h5_w8: oqs_key_data->lm_type[0] = LMS_SHA256_N32_H5; oqs_key_data->lm_ots_type[0] = LMOTS_SHA256_N32_W8; break; - case OQS_LMS_ID_sha256_n32_h10_w1: + case OQS_LMS_ID_sha256_h10_w1: oqs_key_data->lm_type[0] = LMS_SHA256_N32_H10; oqs_key_data->lm_ots_type[0] = LMOTS_SHA256_N32_W1; break; - case OQS_LMS_ID_sha256_n32_h10_w2: + case OQS_LMS_ID_sha256_h10_w2: oqs_key_data->lm_type[0] = LMS_SHA256_N32_H10; oqs_key_data->lm_ots_type[0] = LMOTS_SHA256_N32_W2; break; - case OQS_LMS_ID_sha256_n32_h10_w4: + case OQS_LMS_ID_sha256_h10_w4: oqs_key_data->lm_type[0] = LMS_SHA256_N32_H10; oqs_key_data->lm_ots_type[0] = LMOTS_SHA256_N32_W4; break; - case OQS_LMS_ID_sha256_n32_h10_w8: + case OQS_LMS_ID_sha256_h10_w8: oqs_key_data->lm_type[0] = LMS_SHA256_N32_H10; oqs_key_data->lm_ots_type[0] = LMOTS_SHA256_N32_W8; break; - case OQS_LMS_ID_sha256_n32_h15_w1: + case OQS_LMS_ID_sha256_h15_w1: oqs_key_data->lm_type[0] = LMS_SHA256_N32_H15; oqs_key_data->lm_ots_type[0] = LMOTS_SHA256_N32_W1; break; - case OQS_LMS_ID_sha256_n32_h15_w2: + case OQS_LMS_ID_sha256_h15_w2: oqs_key_data->lm_type[0] = LMS_SHA256_N32_H15; oqs_key_data->lm_ots_type[0] = LMOTS_SHA256_N32_W2; break; - case OQS_LMS_ID_sha256_n32_h15_w4: + case OQS_LMS_ID_sha256_h15_w4: oqs_key_data->lm_type[0] = LMS_SHA256_N32_H15; oqs_key_data->lm_ots_type[0] = LMOTS_SHA256_N32_W4; break; - case OQS_LMS_ID_sha256_n32_h15_w8: + case OQS_LMS_ID_sha256_h15_w8: oqs_key_data->lm_type[0] = LMS_SHA256_N32_H15; oqs_key_data->lm_ots_type[0] = LMOTS_SHA256_N32_W8; break; - case OQS_LMS_ID_sha256_n32_h20_w1: + case OQS_LMS_ID_sha256_h20_w1: oqs_key_data->lm_type[0] = LMS_SHA256_N32_H20; oqs_key_data->lm_ots_type[0] = LMOTS_SHA256_N32_W1; break; - case OQS_LMS_ID_sha256_n32_h20_w2: + case OQS_LMS_ID_sha256_h20_w2: oqs_key_data->lm_type[0] = LMS_SHA256_N32_H20; oqs_key_data->lm_ots_type[0] = LMOTS_SHA256_N32_W2; break; - case OQS_LMS_ID_sha256_n32_h20_w4: + case OQS_LMS_ID_sha256_h20_w4: oqs_key_data->lm_type[0] = LMS_SHA256_N32_H20; oqs_key_data->lm_ots_type[0] = LMOTS_SHA256_N32_W4; break; - case OQS_LMS_ID_sha256_n32_h20_w8: + case OQS_LMS_ID_sha256_h20_w8: oqs_key_data->lm_type[0] = LMS_SHA256_N32_H20; oqs_key_data->lm_ots_type[0] = LMOTS_SHA256_N32_W8; break; - case OQS_LMS_ID_sha256_n32_h25_w1: + case OQS_LMS_ID_sha256_h25_w1: oqs_key_data->lm_type[0] = LMS_SHA256_N32_H25; oqs_key_data->lm_ots_type[0] = LMOTS_SHA256_N32_W1; break; - case OQS_LMS_ID_sha256_n32_h25_w2: + case OQS_LMS_ID_sha256_h25_w2: oqs_key_data->lm_type[0] = LMS_SHA256_N32_H25; oqs_key_data->lm_ots_type[0] = LMOTS_SHA256_N32_W2; break; - case OQS_LMS_ID_sha256_n32_h25_w4: + case OQS_LMS_ID_sha256_h25_w4: oqs_key_data->lm_type[0] = LMS_SHA256_N32_H25; oqs_key_data->lm_ots_type[0] = LMOTS_SHA256_N32_W4; break; - case OQS_LMS_ID_sha256_n32_h25_w8: + case OQS_LMS_ID_sha256_h25_w8: oqs_key_data->lm_type[0] = LMS_SHA256_N32_H25; oqs_key_data->lm_ots_type[0] = LMOTS_SHA256_N32_W8; break; - + case OQS_LMS_ID_sha256_h5_w8_h5_w8: + oqs_key_data->levels = 2; + oqs_key_data->lm_type[0] = LMS_SHA256_N32_H5; + oqs_key_data->lm_ots_type[0] = LMOTS_SHA256_N32_W8; + oqs_key_data->lm_type[1] = LMS_SHA256_N32_H5; + oqs_key_data->lm_ots_type[1] = LMOTS_SHA256_N32_W8; + break; + case OQS_LMS_ID_sha256_h10_w8_h5_w8: + oqs_key_data->levels = 2; + oqs_key_data->lm_type[0] = LMS_SHA256_N32_H10; + oqs_key_data->lm_ots_type[0] = LMOTS_SHA256_N32_W8; + oqs_key_data->lm_type[1] = LMS_SHA256_N32_H5; + oqs_key_data->lm_ots_type[1] = LMOTS_SHA256_N32_W8; + break; + case OQS_LMS_ID_sha256_h10_w2_h10_w2: + oqs_key_data->levels = 2; + oqs_key_data->lm_type[0] = LMS_SHA256_N32_H10; + oqs_key_data->lm_ots_type[0] = LMOTS_SHA256_N32_W2; + oqs_key_data->lm_type[1] = LMS_SHA256_N32_H10; + oqs_key_data->lm_ots_type[1] = LMOTS_SHA256_N32_W2; + break; + case OQS_LMS_ID_sha256_h10_w4_h5_w8: + oqs_key_data->levels = 2; + oqs_key_data->lm_type[0] = LMS_SHA256_N32_H10; + oqs_key_data->lm_ots_type[0] = LMOTS_SHA256_N32_W4; + oqs_key_data->lm_type[1] = LMS_SHA256_N32_H5; + oqs_key_data->lm_ots_type[1] = LMOTS_SHA256_N32_W8; + break; + case OQS_LMS_ID_sha256_h10_w4_h10_w4: + oqs_key_data->levels = 2; + oqs_key_data->lm_type[0] = LMS_SHA256_N32_H10; + oqs_key_data->lm_ots_type[0] = LMOTS_SHA256_N32_W4; + oqs_key_data->lm_type[1] = LMS_SHA256_N32_H10; + oqs_key_data->lm_ots_type[1] = LMOTS_SHA256_N32_W4; + break; + case OQS_LMS_ID_sha256_h10_w8_h10_w8: + oqs_key_data->levels = 2; + oqs_key_data->lm_type[0] = LMS_SHA256_N32_H10; + oqs_key_data->lm_ots_type[0] = LMOTS_SHA256_N32_W8; + oqs_key_data->lm_type[1] = LMS_SHA256_N32_H10; + oqs_key_data->lm_ots_type[1] = LMOTS_SHA256_N32_W8; + break; + case OQS_LMS_ID_sha256_h15_w8_h5_w8: + oqs_key_data->levels = 2; + oqs_key_data->lm_type[0] = LMS_SHA256_N32_H15; + oqs_key_data->lm_ots_type[0] = LMOTS_SHA256_N32_W8; + oqs_key_data->lm_type[1] = LMS_SHA256_N32_H5; + oqs_key_data->lm_ots_type[1] = LMOTS_SHA256_N32_W8; + break; + case OQS_LMS_ID_sha256_h15_w8_h10_w8: + oqs_key_data->levels = 2; + oqs_key_data->lm_type[0] = LMS_SHA256_N32_H15; + oqs_key_data->lm_ots_type[0] = LMOTS_SHA256_N32_W8; + oqs_key_data->lm_type[1] = LMS_SHA256_N32_H10; + oqs_key_data->lm_ots_type[1] = LMOTS_SHA256_N32_W8; + break; + case OQS_LMS_ID_sha256_h15_w8_h15_w8: + oqs_key_data->levels = 2; + oqs_key_data->lm_type[0] = LMS_SHA256_N32_H15; + oqs_key_data->lm_ots_type[0] = LMOTS_SHA256_N32_W8; + oqs_key_data->lm_type[1] = LMS_SHA256_N32_H15; + oqs_key_data->lm_ots_type[1] = LMOTS_SHA256_N32_W8; + break; + case OQS_LMS_ID_sha256_h20_w8_h5_w8: + oqs_key_data->levels = 2; + oqs_key_data->lm_type[0] = LMS_SHA256_N32_H20; + oqs_key_data->lm_ots_type[0] = LMOTS_SHA256_N32_W8; + oqs_key_data->lm_type[1] = LMS_SHA256_N32_H5; + oqs_key_data->lm_ots_type[1] = LMOTS_SHA256_N32_W8; + break; + case OQS_LMS_ID_sha256_h20_w8_h10_w8: + oqs_key_data->levels = 2; + oqs_key_data->lm_type[0] = LMS_SHA256_N32_H20; + oqs_key_data->lm_ots_type[0] = LMOTS_SHA256_N32_W8; + oqs_key_data->lm_type[1] = LMS_SHA256_N32_H10; + oqs_key_data->lm_ots_type[1] = LMOTS_SHA256_N32_W8; + break; + case OQS_LMS_ID_sha256_h20_w8_h15_w8: + oqs_key_data->levels = 2; + oqs_key_data->lm_type[0] = LMS_SHA256_N32_H20; + oqs_key_data->lm_ots_type[0] = LMOTS_SHA256_N32_W8; + oqs_key_data->lm_type[1] = LMS_SHA256_N32_H15; + oqs_key_data->lm_ots_type[1] = LMOTS_SHA256_N32_W8; + break; + case OQS_LMS_ID_sha256_h20_w8_h20_w8: + oqs_key_data->levels = 2; + oqs_key_data->lm_type[0] = LMS_SHA256_N32_H20; + oqs_key_data->lm_ots_type[0] = LMOTS_SHA256_N32_W8; + oqs_key_data->lm_type[1] = LMS_SHA256_N32_H20; + oqs_key_data->lm_ots_type[1] = LMOTS_SHA256_N32_W8; + break; + default: oqs_key_data->lm_type[0] = 0; oqs_key_data->lm_ots_type[0] = 0; parse_err = 1; @@ -503,6 +594,7 @@ int oqs_sig_stfl_lms_sign(OQS_SIG_STFL_SECRET_KEY *sk, *smlen = sig_len; memcpy(sm, sig, sig_len); OQS_MEM_insecure_free(sig); + hss_free_working_key(w); return 0; } diff --git a/src/sig_stfl/sig_stfl.c b/src/sig_stfl/sig_stfl.c index 9bdee77780..dafbcd8aa5 100644 --- a/src/sig_stfl/sig_stfl.c +++ b/src/sig_stfl/sig_stfl.c @@ -44,30 +44,48 @@ OQS_API const char *OQS_SIG_STFL_alg_identifier(size_t i) { OQS_SIG_STFL_alg_xmssmt_shake128_h60_6, OQS_SIG_STFL_alg_xmssmt_shake128_h60_12, // LMS - OQS_SIG_STFL_alg_lms_sha256_n32_h5_w1, - OQS_SIG_STFL_alg_lms_sha256_n32_h5_w2, - OQS_SIG_STFL_alg_lms_sha256_n32_h5_w4, - OQS_SIG_STFL_alg_lms_sha256_n32_h5_w8, - - OQS_SIG_STFL_alg_lms_sha256_n32_h10_w1, - OQS_SIG_STFL_alg_lms_sha256_n32_h10_w2, - OQS_SIG_STFL_alg_lms_sha256_n32_h10_w4, - OQS_SIG_STFL_alg_lms_sha256_n32_h10_w8, - - OQS_SIG_STFL_alg_lms_sha256_n32_h15_w1, - OQS_SIG_STFL_alg_lms_sha256_n32_h15_w2, - OQS_SIG_STFL_alg_lms_sha256_n32_h15_w4, - OQS_SIG_STFL_alg_lms_sha256_n32_h15_w8, - - OQS_SIG_STFL_alg_lms_sha256_n32_h20_w1, - OQS_SIG_STFL_alg_lms_sha256_n32_h20_w2, - OQS_SIG_STFL_alg_lms_sha256_n32_h20_w4, - OQS_SIG_STFL_alg_lms_sha256_n32_h20_w8, - - OQS_SIG_STFL_alg_lms_sha256_n32_h25_w1, - OQS_SIG_STFL_alg_lms_sha256_n32_h25_w2, - OQS_SIG_STFL_alg_lms_sha256_n32_h25_w4, - OQS_SIG_STFL_alg_lms_sha256_n32_h25_w8, + OQS_SIG_STFL_alg_lms_sha256_h5_w1, + OQS_SIG_STFL_alg_lms_sha256_h5_w2, + OQS_SIG_STFL_alg_lms_sha256_h5_w4, + OQS_SIG_STFL_alg_lms_sha256_h5_w8, + + OQS_SIG_STFL_alg_lms_sha256_h10_w1, + OQS_SIG_STFL_alg_lms_sha256_h10_w2, + OQS_SIG_STFL_alg_lms_sha256_h10_w4, + OQS_SIG_STFL_alg_lms_sha256_h10_w8, + + OQS_SIG_STFL_alg_lms_sha256_h15_w1, + OQS_SIG_STFL_alg_lms_sha256_h15_w2, + OQS_SIG_STFL_alg_lms_sha256_h15_w4, + OQS_SIG_STFL_alg_lms_sha256_h15_w8, + + OQS_SIG_STFL_alg_lms_sha256_h20_w1, + OQS_SIG_STFL_alg_lms_sha256_h20_w2, + OQS_SIG_STFL_alg_lms_sha256_h20_w4, + OQS_SIG_STFL_alg_lms_sha256_h20_w8, + + OQS_SIG_STFL_alg_lms_sha256_h25_w1, + OQS_SIG_STFL_alg_lms_sha256_h25_w2, + OQS_SIG_STFL_alg_lms_sha256_h25_w4, + OQS_SIG_STFL_alg_lms_sha256_h25_w8, + + //2-Level LMS + OQS_SIG_STFL_alg_lms_sha256_h5_w8_h5_w8, + OQS_SIG_STFL_alg_lms_sha256_h10_w4_h5_w8, + + OQS_SIG_STFL_alg_lms_sha256_h10_w8_h5_w8, + OQS_SIG_STFL_alg_lms_sha256_h10_w2_h10_w2, + OQS_SIG_STFL_alg_lms_sha256_h10_w4_h10_w4, + OQS_SIG_STFL_alg_lms_sha256_h10_w8_h10_w8, + + OQS_SIG_STFL_alg_lms_sha256_h15_w8_h5_w8, + OQS_SIG_STFL_alg_lms_sha256_h15_w8_h10_w8, + OQS_SIG_STFL_alg_lms_sha256_h15_w8_h15_w8, + + OQS_SIG_STFL_alg_lms_sha256_h20_w8_h5_w8, + OQS_SIG_STFL_alg_lms_sha256_h20_w8_h10_w8, + OQS_SIG_STFL_alg_lms_sha256_h20_w8_h15_w8, + OQS_SIG_STFL_alg_lms_sha256_h20_w8_h20_w8, }; if (i >= OQS_SIG_STFL_algs_length) { @@ -256,51 +274,79 @@ OQS_API int OQS_SIG_STFL_alg_is_enabled(const char *method_name) { #endif } #ifdef OQS_ENABLE_SIG_STFL_LMS - else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h5_w1)) { + else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h5_w1)) { return 1; - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h5_w2)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h5_w2)) { return 1; - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h5_w4)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h5_w4)) { return 1; - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h5_w8)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h5_w8)) { return 1; - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h10_w1)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h10_w1)) { return 1; - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h10_w2)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h10_w2)) { return 1; - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h10_w4)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h10_w4)) { return 1; - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h10_w8)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h10_w8)) { return 1; } - else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h15_w1)) { + else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h15_w1)) { return 1; - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h15_w2)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h15_w2)) { return 1; - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h15_w4)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h15_w4)) { return 1; - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h15_w8)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h15_w8)) { return 1; } - else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h20_w1)) { + else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h20_w1)) { return 1; - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h20_w2)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h20_w2)) { return 1; - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h20_w4)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h20_w4)) { return 1; - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h20_w8)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h20_w8)) { return 1; } - else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h25_w1)) { + else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h25_w1)) { return 1; - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h25_w2)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h25_w2)) { return 1; - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h25_w4)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h25_w4)) { return 1; - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h25_w8)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h25_w8)) { + return 1; + } + //2-Level LMS + else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h5_w8_h5_w8)) { + return 1; + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h10_w4_h5_w8)) { + return 1; + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h10_w8_h5_w8)) { + return 1; + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h10_w2_h10_w2)) { + return 1; + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h10_w4_h10_w4)) { + return 1; + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h10_w8_h10_w8)) { + return 1; + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h15_w8_h5_w8)) { + return 1; + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h15_w8_h10_w8)) { + return 1; + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h15_w8_h15_w8)) { + return 1; + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h20_w8_h5_w8)) { + return 1; + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h20_w8_h10_w8)) { + return 1; + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h20_w8_h15_w8)) { + return 1; + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h20_w8_h20_w8)) { return 1; } #endif //OQS_ENABLE_SIG_STFL_LMS @@ -484,47 +530,75 @@ OQS_API OQS_SIG_STFL *OQS_SIG_STFL_new(const char *method_name) { #endif } #ifdef OQS_ENABLE_SIG_STFL_LMS - else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h5_w1)) { + else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h5_w1)) { return OQS_SIG_STFL_alg_lms_sha256_h5_w1_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h5_w2)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h5_w2)) { return OQS_SIG_STFL_alg_lms_sha256_h5_w2_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h5_w4)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h5_w4)) { return OQS_SIG_STFL_alg_lms_sha256_h5_w4_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h5_w8)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h5_w8)) { return OQS_SIG_STFL_alg_lms_sha256_h5_w8_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h10_w1)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h10_w1)) { return OQS_SIG_STFL_alg_lms_sha256_h10_w1_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h10_w2)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h10_w2)) { return OQS_SIG_STFL_alg_lms_sha256_h10_w2_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h10_w4)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h10_w4)) { return OQS_SIG_STFL_alg_lms_sha256_h10_w4_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h10_w8)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h10_w8)) { return OQS_SIG_STFL_alg_lms_sha256_h10_w8_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h15_w1)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h15_w1)) { return OQS_SIG_STFL_alg_lms_sha256_h15_w1_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h15_w2)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h15_w2)) { return OQS_SIG_STFL_alg_lms_sha256_h15_w2_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h15_w4)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h15_w4)) { return OQS_SIG_STFL_alg_lms_sha256_h15_w4_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h15_w8)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h15_w8)) { return OQS_SIG_STFL_alg_lms_sha256_h15_w8_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h20_w1)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h20_w1)) { return OQS_SIG_STFL_alg_lms_sha256_h20_w1_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h20_w2)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h20_w2)) { return OQS_SIG_STFL_alg_lms_sha256_h20_w2_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h20_w4)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h20_w4)) { return OQS_SIG_STFL_alg_lms_sha256_h20_w4_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h20_w8)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h20_w8)) { return OQS_SIG_STFL_alg_lms_sha256_h20_w8_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h25_w1)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h25_w1)) { return OQS_SIG_STFL_alg_lms_sha256_h25_w1_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h25_w2)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h25_w2)) { return OQS_SIG_STFL_alg_lms_sha256_h25_w2_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h25_w4)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h25_w4)) { return OQS_SIG_STFL_alg_lms_sha256_h25_w4_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h25_w8)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h25_w8)) { return OQS_SIG_STFL_alg_lms_sha256_h25_w8_new(); } +//2-Level LMS + else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h5_w8_h5_w8)) { + return OQS_SIG_STFL_alg_lms_sha256_h5_w8_h5_w8_new(); + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h10_w4_h5_w8)) { + return OQS_SIG_STFL_alg_lms_sha256_h10_w4_h5_w8_new(); + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h10_w8_h5_w8)) { + return OQS_SIG_STFL_alg_lms_sha256_h10_w8_h5_w8_new(); + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h10_w2_h10_w2)) { + return OQS_SIG_STFL_alg_lms_sha256_h10_w2_h10_w2_new(); + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h10_w4_h10_w4)) { + return OQS_SIG_STFL_alg_lms_sha256_h10_w4_h10_w4_new(); + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h10_w8_h10_w8)) { + return OQS_SIG_STFL_alg_lms_sha256_h10_w8_h10_w8_new(); + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h15_w8_h5_w8)) { + return OQS_SIG_STFL_alg_lms_sha256_h15_w8_h5_w8_new(); + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h15_w8_h10_w8)) { + return OQS_SIG_STFL_alg_lms_sha256_h15_w8_h10_w8_new(); + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h15_w8_h15_w8)) { + return OQS_SIG_STFL_alg_lms_sha256_h15_w8_h15_w8_new(); + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h20_w8_h5_w8)) { + return OQS_SIG_STFL_alg_lms_sha256_h20_w8_h5_w8_new(); + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h20_w8_h10_w8)) { + return OQS_SIG_STFL_alg_lms_sha256_h20_w8_h10_w8_new(); + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h20_w8_h15_w8)) { + return OQS_SIG_STFL_alg_lms_sha256_h20_w8_h15_w8_new(); + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h20_w8_h20_w8)) { + return OQS_SIG_STFL_alg_lms_sha256_h20_w8_h20_w8_new(); + } #endif //OQS_ENABLE_SIG_STFL_LMS else { return NULL; @@ -754,47 +828,75 @@ OQS_API OQS_SIG_STFL_SECRET_KEY *OQS_SIG_STFL_SECRET_KEY_new(const char *method_ #endif } #ifdef OQS_ENABLE_SIG_STFL_LMS - else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h5_w1)) { + else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h5_w1)) { return OQS_SECRET_KEY_LMS_SHA256_H5_W1_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h5_w2)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h5_w2)) { return OQS_SECRET_KEY_LMS_SHA256_H5_W2_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h5_w4)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h5_w4)) { return OQS_SECRET_KEY_LMS_SHA256_H5_W4_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h5_w8)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h5_w8)) { return OQS_SECRET_KEY_LMS_SHA256_H5_W8_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h10_w1)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h10_w1)) { return OQS_SECRET_KEY_LMS_SHA256_H10_W1_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h10_w2)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h10_w2)) { return OQS_SECRET_KEY_LMS_SHA256_H10_W2_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h10_w4)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h10_w4)) { return OQS_SECRET_KEY_LMS_SHA256_H10_W4_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h10_w8)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h10_w8)) { return OQS_SECRET_KEY_LMS_SHA256_H10_W8_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h15_w1)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h15_w1)) { return OQS_SECRET_KEY_LMS_SHA256_H15_W1_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h15_w2)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h15_w2)) { return OQS_SECRET_KEY_LMS_SHA256_H15_W2_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h15_w4)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h15_w4)) { return OQS_SECRET_KEY_LMS_SHA256_H15_W4_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h15_w8)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h15_w8)) { return OQS_SECRET_KEY_LMS_SHA256_H15_W8_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h20_w1)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h20_w1)) { return OQS_SECRET_KEY_LMS_SHA256_H20_W1_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h20_w2)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h20_w2)) { return OQS_SECRET_KEY_LMS_SHA256_H20_W2_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h20_w4)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h20_w4)) { return OQS_SECRET_KEY_LMS_SHA256_H20_W4_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h20_w8)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h20_w8)) { return OQS_SECRET_KEY_LMS_SHA256_H20_W8_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h25_w1)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h25_w1)) { return OQS_SECRET_KEY_LMS_SHA256_H25_W1_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h25_w2)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h25_w2)) { return OQS_SECRET_KEY_LMS_SHA256_H25_W2_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h25_w4)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h25_w4)) { return OQS_SECRET_KEY_LMS_SHA256_H25_W4_new(); - } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_n32_h25_w8)) { + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h25_w8)) { return OQS_SECRET_KEY_LMS_SHA256_H25_W8_new(); } +//2-Level LMS + else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h5_w8_h5_w8)) { + return OQS_SECRET_KEY_LMS_SHA256_H5_W8_H5_W8_new(); + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h10_w8_h5_w8)) { + return OQS_SECRET_KEY_LMS_SHA256_H10_W8_H5_W8_new(); + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h10_w2_h10_w2)) { + return OQS_SECRET_KEY_LMS_SHA256_H10_W2_H10_W2_new(); + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h10_w4_h10_w4)) { + return OQS_SECRET_KEY_LMS_SHA256_H10_W4_H10_W4_new(); + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h10_w4_h5_w8)) { + return OQS_SECRET_KEY_LMS_SHA256_H10_W4_H5_W8_new(); + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h10_w8_h10_w8)) { + return OQS_SECRET_KEY_LMS_SHA256_H10_W8_H10_W8_new(); + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h15_w8_h5_w8)) { + return OQS_SECRET_KEY_LMS_SHA256_H15_W8_H5_W8_new(); + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h15_w8_h10_w8)) { + return OQS_SECRET_KEY_LMS_SHA256_H15_W8_H10_W8_new(); + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h15_w8_h15_w8)) { + return OQS_SECRET_KEY_LMS_SHA256_H15_W8_H15_W8_new(); + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h20_w8_h5_w8)) { + return OQS_SECRET_KEY_LMS_SHA256_H20_W8_H5_W8_new(); + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h20_w8_h10_w8)) { + return OQS_SECRET_KEY_LMS_SHA256_H20_W8_H10_W8_new(); + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h20_w8_h15_w8)) { + return OQS_SECRET_KEY_LMS_SHA256_H20_W8_H15_W8_new(); + } else if (0 == strcasecmp(method_name, OQS_SIG_STFL_alg_lms_sha256_h20_w8_h20_w8)) { + return OQS_SECRET_KEY_LMS_SHA256_H20_W8_H20_W8_new(); + } #endif //OQS_ENABLE_SIG_STFL_LMS else { return NULL; diff --git a/src/sig_stfl/sig_stfl.h b/src/sig_stfl/sig_stfl.h index ad55b11d1a..aa83e4c486 100644 --- a/src/sig_stfl/sig_stfl.h +++ b/src/sig_stfl/sig_stfl.h @@ -73,36 +73,55 @@ extern "C" { #define OQS_SIG_STFL_alg_xmssmt_shake128_h60_12 "XMSSMT-SHAKE_60/12_256" /* Defined LMS parameter identifiers */ -#define OQS_SIG_STFL_alg_lms_sha256_n32_h5_w1 "LMS_SHA256_H5_W1" //"5/1" -#define OQS_SIG_STFL_alg_lms_sha256_n32_h5_w2 "LMS_SHA256_H5_W2" //"5/2" -#define OQS_SIG_STFL_alg_lms_sha256_n32_h5_w4 "LMS_SHA256_H5_W4" //"5/4" -#define OQS_SIG_STFL_alg_lms_sha256_n32_h5_w8 "LMS_SHA256_H5_W8" //"5/8" +#define OQS_SIG_STFL_alg_lms_sha256_h5_w1 "LMS_SHA256_H5_W1" //"5/1" +#define OQS_SIG_STFL_alg_lms_sha256_h5_w2 "LMS_SHA256_H5_W2" //"5/2" +#define OQS_SIG_STFL_alg_lms_sha256_h5_w4 "LMS_SHA256_H5_W4" //"5/4" +#define OQS_SIG_STFL_alg_lms_sha256_h5_w8 "LMS_SHA256_H5_W8" //"5/8" + +#define OQS_SIG_STFL_alg_lms_sha256_h10_w1 "LMS_SHA256_H10_W1" //"10/1" +#define OQS_SIG_STFL_alg_lms_sha256_h10_w2 "LMS_SHA256_H10_W2" //"10/2" +#define OQS_SIG_STFL_alg_lms_sha256_h10_w4 "LMS_SHA256_H10_W4" //"10/4" +#define OQS_SIG_STFL_alg_lms_sha256_h10_w8 "LMS_SHA256_H10_W8" //"10/8" + +#define OQS_SIG_STFL_alg_lms_sha256_h15_w1 "LMS_SHA256_H15_W1" //"15/1" +#define OQS_SIG_STFL_alg_lms_sha256_h15_w2 "LMS_SHA256_H15_W2" //"15/2" +#define OQS_SIG_STFL_alg_lms_sha256_h15_w4 "LMS_SHA256_H15_W4" //"15/4" +#define OQS_SIG_STFL_alg_lms_sha256_h15_w8 "LMS_SHA256_H15_W8" //"15/8" + +#define OQS_SIG_STFL_alg_lms_sha256_h20_w1 "LMS_SHA256_H20_W1" //"20/1" +#define OQS_SIG_STFL_alg_lms_sha256_h20_w2 "LMS_SHA256_H20_W2" //"20/2" +#define OQS_SIG_STFL_alg_lms_sha256_h20_w4 "LMS_SHA256_H20_W4" //"20/4" +#define OQS_SIG_STFL_alg_lms_sha256_h20_w8 "LMS_SHA256_H20_W8" //"20/8" + +#define OQS_SIG_STFL_alg_lms_sha256_h25_w1 "LMS_SHA256_H25_W1" //"25/1" +#define OQS_SIG_STFL_alg_lms_sha256_h25_w2 "LMS_SHA256_H25_W2" //"25/2" +#define OQS_SIG_STFL_alg_lms_sha256_h25_w4 "LMS_SHA256_H25_W4" //"25/4" +#define OQS_SIG_STFL_alg_lms_sha256_h25_w8 "LMS_SHA256_H25_W8" //"25/8" + +//2-Level LMS +#define OQS_SIG_STFL_alg_lms_sha256_h5_w8_h5_w8 "LMS_SHA256_H5_W8_H5_W8" //"5/8, 5/8" + +//RFC 6554 +#define OQS_SIG_STFL_alg_lms_sha256_h10_w4_h5_w8 "LMS_SHA256_H10_W4_H5_W8" //"10/4, 5/8" + +#define OQS_SIG_STFL_alg_lms_sha256_h10_w8_h5_w8 "LMS_SHA256_H10_W8_H5_W8" //"10/8, 5/8" +#define OQS_SIG_STFL_alg_lms_sha256_h10_w2_h10_w2 "LMS_SHA256_H10_W2_H10_W2" //"10/2, 10/2" +#define OQS_SIG_STFL_alg_lms_sha256_h10_w4_h10_w4 "LMS_SHA256_H10_W4_H10_W4" //"10/4, 10/4" +#define OQS_SIG_STFL_alg_lms_sha256_h10_w8_h10_w8 "LMS_SHA256_H10_W8_H10_W8" //"10/8, 10/8" + +#define OQS_SIG_STFL_alg_lms_sha256_h15_w8_h5_w8 "LMS_SHA256_H15_W8_H5_W8" //"15/8, 5/8" +#define OQS_SIG_STFL_alg_lms_sha256_h15_w8_h10_w8 "LMS_SHA256_H15_W8_H10_W8" //"15/8, 10/8" +#define OQS_SIG_STFL_alg_lms_sha256_h15_w8_h15_w8 "LMS_SHA256_H15_W8_H15_W8" //"15/8, 15/8" + +#define OQS_SIG_STFL_alg_lms_sha256_h20_w8_h5_w8 "LMS_SHA256_H20_W8_H5_W8" //"20/8, 5/8" +#define OQS_SIG_STFL_alg_lms_sha256_h20_w8_h10_w8 "LMS_SHA256_H20_W8_H10_W8" //"20/8, 10/8" +#define OQS_SIG_STFL_alg_lms_sha256_h20_w8_h15_w8 "LMS_SHA256_H20_W8_H15_W8" //"20/8, 15/8" +#define OQS_SIG_STFL_alg_lms_sha256_h20_w8_h20_w8 "LMS_SHA256_H20_W8_H20_W8" //"20/8, 20/8" -#define OQS_SIG_STFL_alg_lms_sha256_n32_h10_w1 "LMS_SHA256_H10_W1" //"10/1" -#define OQS_SIG_STFL_alg_lms_sha256_n32_h10_w2 "LMS_SHA256_H10_W2" //"10/2" -#define OQS_SIG_STFL_alg_lms_sha256_n32_h10_w4 "LMS_SHA256_H10_W4" //"10/4" -#define OQS_SIG_STFL_alg_lms_sha256_n32_h10_w8 "LMS_SHA256_H10_W8" //"10/8" - -#define OQS_SIG_STFL_alg_lms_sha256_n32_h15_w1 "LMS_SHA256_H15_W1" //"15/1" -#define OQS_SIG_STFL_alg_lms_sha256_n32_h15_w2 "LMS_SHA256_H15_W2" //"15/2" -#define OQS_SIG_STFL_alg_lms_sha256_n32_h15_w4 "LMS_SHA256_H15_W4" //"15/4" -#define OQS_SIG_STFL_alg_lms_sha256_n32_h15_w8 "LMS_SHA256_H15_W8" //"15/8" - -#define OQS_SIG_STFL_alg_lms_sha256_n32_h20_w1 "LMS_SHA256_H20_W1" //"20/1" -#define OQS_SIG_STFL_alg_lms_sha256_n32_h20_w2 "LMS_SHA256_H20_W2" //"20/2" -#define OQS_SIG_STFL_alg_lms_sha256_n32_h20_w4 "LMS_SHA256_H20_W4" //"20/4" -#define OQS_SIG_STFL_alg_lms_sha256_n32_h20_w8 "LMS_SHA256_H20_W8" //"20/8" - -#define OQS_SIG_STFL_alg_lms_sha256_n32_h25_w1 "LMS_SHA256_H25_W1" //"25/1" -#define OQS_SIG_STFL_alg_lms_sha256_n32_h25_w2 "LMS_SHA256_H25_W2" //"25/2" -#define OQS_SIG_STFL_alg_lms_sha256_n32_h25_w4 "LMS_SHA256_H25_W4" //"25/4" -#define OQS_SIG_STFL_alg_lms_sha256_n32_h25_w8 "LMS_SHA256_H25_W8" //"25/8" - -#define OQS_SIG_STFL_algs_length 48 - -/* Defined LM parameter identifiers */ -/* Algorithm identifier for LMS-SHA256_N32_H5 */ -#define OQS_SIG_STFL_alg_lms_sha256_n32_h5 "LMS-SHA256_N32_H5" //0x00000005 +/* + * Total number of stateful variants defined above, used to create the tracking array + */ +#define OQS_SIG_STFL_algs_length 61 typedef struct OQS_SIG_STFL_SECRET_KEY OQS_SIG_STFL_SECRET_KEY; @@ -110,7 +129,7 @@ typedef struct OQS_SIG_STFL_SECRET_KEY OQS_SIG_STFL_SECRET_KEY; * Application provided function to securely store data * @param[in] sk_buf pointer to the data to be saved * @param[in] buf_len length of the data to be stored - * @param[out] context pointer to application relevant data. + * @param[out] context pass back application data related to secret key data storage. * return OQS_SUCCESS if successful, otherwise OQS_ERROR */ typedef OQS_STATUS (*secure_store_sk)(uint8_t *sk_buf, size_t buf_len, void *context); @@ -200,7 +219,7 @@ typedef struct OQS_SIG_STFL { * compile-time macros `OQS_SIG_STFL_*_length_*`. * * @param[out] public_key The public key is represented as a byte string. - * @param[out] secret_key The secret key is represented as a byte string + * @param[out] secret_key The secret key object * @return OQS_SUCCESS or OQS_ERROR */ OQS_STATUS (*keypair)(uint8_t *public_key, OQS_SIG_STFL_SECRET_KEY *secret_key); @@ -216,7 +235,7 @@ typedef struct OQS_SIG_STFL { * @param[out] signature_len The length of the signature. * @param[in] message The message to sign is represented as a byte string. * @param[in] message_len The length of the message to sign. - * @param[in] secret_key The secret key is represented as a byte string. + * @param[in] secret_key The secret key object pointer. * @return OQS_SUCCESS or OQS_ERROR */ OQS_STATUS (*sign)(uint8_t *signature, size_t *signature_len, const uint8_t *message, size_t message_len, OQS_SIG_STFL_SECRET_KEY *secret_key); @@ -237,7 +256,7 @@ typedef struct OQS_SIG_STFL { * Query number of remaining signatures * * @param[out] remain The number of remaining signatures - * @param[in] secret_key The secret key is represented as a byte string. + * @param[in] secret_key The secret key object pointer. * @return OQS_SUCCESS or OQS_ERROR */ OQS_STATUS (*sigs_remaining)(unsigned long long *remain, const OQS_SIG_STFL_SECRET_KEY *secret_key); @@ -246,7 +265,7 @@ typedef struct OQS_SIG_STFL { * Total number of signatures * * @param[out] total The total number of signatures - * @param[in] secret_key The secret key is represented as a byte string. + * @param[in] secret_key The secret key key object pointer. * @return OQS_SUCCESS or OQS_ERROR */ OQS_STATUS (*sigs_total)(unsigned long long *total, const OQS_SIG_STFL_SECRET_KEY *secret_key); @@ -271,7 +290,7 @@ typedef struct OQS_SIG_STFL_SECRET_KEY { /* mutual exclusion struct */ void *mutex; - /* file storage handle */ + /* Application managed data related to secure storage of secret key data */ void *context; /** @@ -292,6 +311,8 @@ typedef struct OQS_SIG_STFL_SECRET_KEY { * @param[in] key_len length of the returned byte string * @param[in] sk_buf The secret key data to populate the key object * @param[in] context application-specific data + * used to keep track of this secret key stored in a secure manner. + * The application manages this memory. * @returns status of the operation populated with key material none zero length. * Caller is responsible to **unallocate** the buffer `sk_buf`. */ @@ -315,10 +336,12 @@ typedef struct OQS_SIG_STFL_SECRET_KEY { /** * Store Secret Key Function - * Callback function used to securely store key data + * Callback function used to securely store key data after a signature generation. + * When populated, this pointer points to the application supplied secure storage function. * @param[in] sk_buf The serialized secret key data to secure store * @param[in] buf_len length of data to secure - * @param[in] context aids the secure writing of data + * @param[in] context application supplied data used to locate where this secret key + * is stored (passed in at the time the function pointer was set). * * @return OQS_SUCCESS or OQS_ERROR * Ideally written to secure device @@ -333,12 +356,22 @@ typedef struct OQS_SIG_STFL_SECRET_KEY { */ void (*free_key)(OQS_SIG_STFL_SECRET_KEY *sk); + /* + * Secure storage for private keys used in stateful signature schemes is outside the scope of the OQS library. + * This is the responsibility of any adopting application. The application must supply + * a function to for this purpose. A callback function and context data must be set in-order + * to perform stateful signature generation. + * The context var may contain, for example an HSM context, a filename or other such data that + * is used to store the private key. This var is passed into the OQS lib when the application sets + * the callback function use to save/update the private key. + */ /** * Set Secret Key store callback Function * * @param[in] sk secret key pointer to be updated * @param[in] store_cb callback pointer - * @param[in] context secret key specific data/identifier + * @param[in] context application data related to secret key data/identifier storage. + * Provided when OQS_SIG_STFL_SECRET_KEY_SET_store_cb() is called. */ void (*set_scrt_key_store_cb)(OQS_SIG_STFL_SECRET_KEY *sk, secure_store_sk store_cb, void *context); } OQS_SIG_STFL_SECRET_KEY; @@ -364,7 +397,7 @@ OQS_API OQS_SIG_STFL *OQS_SIG_STFL_new(const char *method_name); * * @param[in] sig The OQS_SIG_STFL object representing the signature scheme. * @param[out] public_key The public key is represented as a byte string. - * @param[out] secret_key The secret key is represented as a byte string. + * @param[out] secret_key The secret key object pointer. * @return OQS_SUCCESS or OQS_ERROR */ OQS_API OQS_STATUS OQS_SIG_STFL_keypair(const OQS_SIG_STFL *sig, uint8_t *public_key, OQS_SIG_STFL_SECRET_KEY *secret_key); @@ -381,7 +414,7 @@ OQS_API OQS_STATUS OQS_SIG_STFL_keypair(const OQS_SIG_STFL *sig, uint8_t *public * @param[out] signature_len The length of the signature. * @param[in] message The message to sign is represented as a byte string. * @param[in] message_len The length of the message to sign. - * @param[in] secret_key The secret key is represented as a byte string. + * @param[in] secret_key The secret key object pointer. * @return OQS_SUCCESS or OQS_ERROR */ OQS_API OQS_STATUS OQS_SIG_STFL_sign(const OQS_SIG_STFL *sig, uint8_t *signature, size_t *signature_len, const uint8_t *message, size_t message_len, OQS_SIG_STFL_SECRET_KEY *secret_key); @@ -403,7 +436,7 @@ OQS_API OQS_STATUS OQS_SIG_STFL_verify(const OQS_SIG_STFL *sig, const uint8_t *m * Query number of remaining signatures * * @param[in] sig The OQS_SIG_STFL object representing the signature scheme. - * @param[in] secret_key The secret key is represented as a byte string. + * @param[in] secret_key The secret key object. * @return OQS_SUCCESS or OQS_ERROR */ OQS_API OQS_STATUS OQS_SIG_STFL_sigs_remaining(const OQS_SIG_STFL *sig, unsigned long long *remain, const OQS_SIG_STFL_SECRET_KEY *secret_key); @@ -413,7 +446,7 @@ OQS_API OQS_STATUS OQS_SIG_STFL_sigs_remaining(const OQS_SIG_STFL *sig, unsigned * * @param[in] sig The OQS_SIG_STFL object representing the signature scheme. * @param[out] max The number of remaining signatures - * @param[in] secret_key The secret key is represented as a byte string. + * @param[in] secret_key The secret key object. * @return OQS_SUCCESS or OQS_ERROR */ OQS_API OQS_STATUS OQS_SIG_STFL_sigs_total(const OQS_SIG_STFL *sig, unsigned long long *max, const OQS_SIG_STFL_SECRET_KEY *secret_key); @@ -506,15 +539,36 @@ OQS_STATUS OQS_SIG_STFL_SECRET_KEY_unlock(OQS_SIG_STFL_SECRET_KEY *sk); * * @param[in] sk secret key pointer to be updated * @param[in] store_cb callback pointer - * @param[in] context secret key specific data/identifier + * @param[in] context application data related to where/how secret key data storage. + * Applications allocates, tracks, deallocates this. Signature generation fails without this set. * */ void OQS_SIG_STFL_SECRET_KEY_SET_store_cb(OQS_SIG_STFL_SECRET_KEY *sk, secure_store_sk store_cb, void *context); -/* Serialize stateful secret key data into a byte string, and return an allocated buffer. Users are responsible for deallocating the buffer `sk_buf`. */ +/** + * OQS_SECRET_KEY_STFL_serialize_key . + * + * Serialize stateful secret key data into a byte string, and + * return an allocated buffer. Users are responsible for deallocating + * the buffer `sk_buf_ptr`. + * + * @param[out] sk_buf_ptr secret key buffer returned. Caller deletes. + * @param[out] sk_len size of the buffer returned + * @param[in] sk secret key pointer to be serialize + */ OQS_API OQS_STATUS OQS_SECRET_KEY_STFL_serialize_key(uint8_t **sk_buf_ptr, size_t *sk_len, const OQS_SIG_STFL_SECRET_KEY *sk); -/* Insert stateful byte string into a secret key object. Users are responsible for deallocating buffer `sk_buf`. */ +/** + * OQS_SECRET_KEY_STFL_deserialize_key . + * + * Insert stateful byte string into a secret key object. + * Users are responsible for deallocating buffer `sk_buf`. + * + * @param[in] sk secret key pointer to be populated + * @param[in] sk_len size of the supplied buffer + * @param[in] sk_buf secret key buffer. Caller deletes. + * @param[in] context application managed data related to where/how secret key data is stored. + */ OQS_API OQS_STATUS OQS_SECRET_KEY_STFL_deserialize_key(OQS_SIG_STFL_SECRET_KEY *sk, size_t key_len, const uint8_t *sk_buf, void *context); #if defined(__cplusplus) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 22c26a053a..c59657f646 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -88,6 +88,10 @@ set(KEM_TESTS example_kem kat_kem test_kem test_kem_mem speed_kem vectors_kem) add_executable(example_sig example_sig.c) target_link_libraries(example_sig PRIVATE ${TEST_DEPS}) +# Stateful SIG API tests +add_executable(example_sig_stfl example_sig_stfl.c) +target_link_libraries(example_sig_stfl PRIVATE ${TEST_DEPS}) + add_executable(kat_sig kat_sig.c test_helpers.c) target_link_libraries(kat_sig PRIVATE ${TEST_DEPS}) if(CMAKE_SYSTEM_NAME STREQUAL "Windows" AND BUILD_SHARED_LIBS) diff --git a/tests/KATs/sig_stfl/kats.json b/tests/KATs/sig_stfl/kats.json index 7ed8350ad1..592008ce84 100644 --- a/tests/KATs/sig_stfl/kats.json +++ b/tests/KATs/sig_stfl/kats.json @@ -26,5 +26,7 @@ "XMSSMT-SHAKE_40/8_256" : "cf301b7d978d5c0afcdf3300ba97d829e2e5f737cb449968b19b45f05b987591", "XMSSMT-SHAKE_60/3_256" : "09d26df5e911e98e71ef73a1ab6f224964d4a7beacd8071b4c7f7d1930a537bd", "XMSSMT-SHAKE_60/6_256" : "0692a32e318d5c3ac8631120910b783edfed4cb7ed69e3ffa29f83aaa34e27d5", - "XMSSMT-SHAKE_60/12_256" : "1a05ff4a4fea850a5fe5c9e976006577335eab0494e1759fe217c2f33f5a84e6" + "XMSSMT-SHAKE_60/12_256" : "1a05ff4a4fea850a5fe5c9e976006577335eab0494e1759fe217c2f33f5a84e6", + "LMS_SHA256_H5_W8_H5_W8": "fa6f9a0948626c1e078ad442ea2fccdf456b529413eba441c175cbb681f9bc32", + "LMS_SHA256_H10_W4_H5_W8": "2485c56164bbfa4bdc8604195bf397bfe8f54e2ebe925423e4e70fce173c0fff" } \ No newline at end of file diff --git a/tests/KATs/sig_stfl/lms/LMS_SHA256_H10_W4_H5_W8.rsp b/tests/KATs/sig_stfl/lms/LMS_SHA256_H10_W4_H5_W8.rsp new file mode 100644 index 0000000000..d5b66c3f7d --- /dev/null +++ b/tests/KATs/sig_stfl/lms/LMS_SHA256_H10_W4_H5_W8.rsp @@ -0,0 +1,8 @@ +# LMS_SHA256_H10_W4_H5_W8 + +msg = 54686520656e756d65726174696f6e20696e2074686520436f6e737469747574696f6e2c206f66206365727461696e207269676874732c207368616c6c206e6f7420626520636f6e73747275656420746f2064656e79206f7220646973706172616765206f74686572732072657461696e6564206279207468652070656f706c652e0a + +sm = 0000000100000003000000033d46bee8660f8f215d3f96408a7a64cf1c4da02b63a55f62c666ef5707a914ce0674e8cb7a55f0c48d484f31f3aa4af9719a74f22cf823b94431d01c926e2a76bb71226d279700ec81c9e95fb11a0d10d065279a5796e265ae17737c44eb8c594508e126a9a7870bf4360820bdeb9a01d9693779e416828e75bddd7d8c70d50a0ac8ba39810909d445f44cb5bb58de737e60cb4345302786ef2c6b14af212ca19edeaa3bfcfe8baa6621ce88480df2371dd37add732c9de4ea2ce0dffa53c92649a18d39a50788f4652987f226a1d48168205df6ae7c58e049a25d4907edc1aa90da8aa5e5f7671773e941d8055360215c6b60dd35463cf2240a9c06d694e9cb54e7b1e1bf494d0d1a28c0d31acc75161f4f485dfd3cb9578e836ec2dc722f37ed30872e07f2b8bd0374eb57d22c614e09150f6c0d8774a39a6e168211035dc52988ab46eaca9ec597fb18b4936e66ef2f0df26e8d1e34da28cbb3af752313720c7b345434f72d65314328bbb030d0f0f6d5e47b28ea91008fb11b05017705a8be3b2adb83c60a54f9d1d1b2f476f9e393eb5695203d2ba6ad815e6a111ea293dcc21033f9453d49c8e5a6387f588b1ea4f706217c151e05f55a6eb7997be09d56a326a32f9cba1fbe1c07bb49fa04cecf9df1a1b815483c75d7a27cc88ad1b1238e5ea986b53e087045723ce16187eda22e33b2c70709e53251025abde8939645fc8c0693e97763928f00b2e3c75af3942d8ddaee81b59a6f1f67efda0ef81d11873b59137f67800b35e81b01563d187c4a1575a1acb92d087b517a8833383f05d357ef4678de0c57ff9f1b2da61dfde5d88318bcdde4d9061cc75c2de3cd4740dd7739ca3ef66f1930026f47d9ebaa713b07176f76f953e1c2e7f8f271a6ca375dbfb83d719b1635a7d8a13891957944b1c29bb101913e166e11bd5f34186fa6c0a555c9026b256a6860f4866bd6d0b5bf90627086c6149133f8282ce6c9b3622442443d5eca959d6c14ca8389d12c4068b503e4e3c39b635bea245d9d05a2558f249c9661c0427d2e489ca5b5dde220a90333f4862aec793223c781997da98266c12c50ea28b2c438e7a379eb106eca0c7fd6006e9bf612f3ea0a454ba3bdb76e8027992e60de01e9094fddeb3349883914fb17a9621ab929d970d101e45f8278c14b032bcab02bd15692d21b6c5c204abbf077d465553bd6eda645e6c3065d33b10d518a61e15ed0f092c32226281a29c8a0f50cde0a8c66236e29c2f310a375cebda1dc6bb9a1a01dae6c7aba8ebedc6371a7d52aacb955f83bd6e4f84d2949dcc198fb77c7e5cdf6040b0f84faf82808bf985577f0a2acf2ec7ed7c0b0ae8a270e951743ff23e0b2dd12e9c3c828fb5598a22461af94d568f29240ba2820c4591f71c088f96e095dd98beae456579ebbba36f6d9ca2613d1c26eee4d8c73217ac5962b5f3147b492e8831597fd89b64aa7fde82e1974d2f6779504dc21435eb3109350756b9fdabe1c6f368081bd40b27ebcb9819a75d7df8bb07bb05db1bab705a4b7e37125186339464ad8faaa4f052cc1272919fde3e025bb64aa8e0eb1fcbfcc25acb5f718ce4f7c2182fb393a1814b0e942490e52d3bca817b2b26e90d4c9b0cc38608a6cef5eb153af0858acc867c9922aed43bb67d7b33acc519313d28d41a5c6fe6cf3595dd5ee63f0a4c4065a083590b275788bee7ad875a7f88dd73720708c6c6c0ecf1f43bbaadae6f208557fdc07bd4ed91f88ce4c0de842761c70c186bfdafafc444834bd3418be4253a71eaf41d718753ad07754ca3effd5960b0336981795721426803599ed5b2b7516920efcbe32ada4bcf6c73bd29e3fa152d9adeca36020fdeeee1b739521d3ea8c0da497003df1513897b0f54794a873670b8d93bcca2ae47e64424b7423e1f078d9554bb5232cc6de8aae9b83fa5b9510beb39ccf4b4e1d9c0f19d5e17f58e5b8705d9a6837a7d9bf99cd13387af256a8491671f1f2f22af253bcff54b673199bdb7d05d81064ef05f80f0153d0be7919684b23da8d42ff3effdb7ca0985033f389181f47659138003d712b5ec0a614d31cc7487f52de8664916af79c98456b2c94a8038083db55391e3475862250274a1de2584fec975fb09536792cfbfcf6192856cc76eb5b13dc4709e2f7301ddff26ec1b23de2d188c999166c74e1e14bbc15f457cf4e471ae13dcbdd9c50f4d646fc6278e8fe7eb6cb5c94100fa870187380b777ed19d7868fd8ca7ceb7fa7d5cc861c5bdac98e7495eb0a2ceec1924ae979f44c5390ebedddc65d6ec11287d978b8df064219bc5679f7d7b264a76ff272b2ac9f2f7cfc9fdcfb6a51428240027afd9d52a79b647c90c2709e060ed70f87299dd798d68f4fadd3da6c51d839f851f98f67840b964ebe73f8cec41572538ec6bc131034ca2894eb736b3bda93d9f5f6fa6f6c0f03ce43362b8414940355fb54d3dfdd03633ae108f3de3ebc85a3ff51efeea3bc2cf27e1658f1789ee612c83d0f5fd56f7cd071930e2946beeecaa04dccea9f97786001475e0294bc2852f62eb5d39bb9fbeef75916efe44a662ecae37ede27e9d6eadfdeb8f8b2b2dbccbf96fa6dbaf7321fb0e701f4d429c2f4dcd153a2742574126e5eaccc77686acf6e3ee48f423766e0fc466810a905ff5453ec99897b56bc55dd49b991142f65043f2d744eeb935ba7f4ef23cf80cc5a8a335d3619d781e7454826df720eec82e06034c44699b5f0c44a8787752e057fa3419b5bb0e25d30981e41cb1361322dba8f69931cf42fad3f3bce6ded5b8bfc3d20a2148861b2afc14562ddd27f12897abf0685288dcc5c4982f826026846a24bf77e383c7aacab1ab692b29ed8c018a65f3dc2b87ff619a633c41b4fadb1c78725c1f8f922f6009787b1964247df0136b1bc614ab575c59a16d089917bd4a8b6f04d95c581279a139be09fcf6e98a470a0bceca191fce476f9370021cbc05518a7efd35d89d8577c990a5e19961ba16203c959c91829ba7497cffcbb4b294546454fa5388a23a22e805a5ca35f956598848bda678615fec28afd5da61a00000006b326493313053ced3876db9d237148181b7173bc7d042cefb4dbe94d2e58cd21a769db4657a103279ba8ef3a629ca84ee836172a9c50e51f45581741cf8083150b491cb4ecbbabec128e7c81a46e62a67b57640a0a78be1cbf7dd9d419a10cd8686d16621a80816bfdb5bdc56211d72ca70b81f1117d129529a7570cf79cf52a7028a48538ecdd3b38d3d5d62d26246595c4fb73a525a5ed2c30524ebb1d8cc82e0c19bc4977c6898ff95fd3d310b0bae71696cef93c6a552456bf96e9d075e383bb7543c675842bafbfc7cdb88483b3276c29d4f0a341c2d406e40d4653b7e4d045851acf6a0a0ea9c710b805cced4635ee8c107362f0fc8d80c14d0ac49c516703d26d14752f34c1c0d2c4247581c18c2cf4de48e9ce949be7c888e9caebe4a415e291fd107d21dc1f084b1158208249f28f4f7c7e931ba7b3bd0d824a45700000000500000004215f83b7ccb9acbcd08db97b0d04dc2ba1cd035833e0e90059603f26e07ad2aad152338e7a5e5984bcd5f7bb4eba40b700000004000000040eb1ed54a2460d512388cad533138d240534e97b1e82d33bd927d201dfc24ebb11b3649023696f85150b189e50c00e98850ac343a77b3638319c347d7310269d3b7714fa406b8c35b021d54d4fdada7b9ce5d4ba5b06719e72aaf58c5aae7aca057aa0e2e74e7dcfd17a0823429db62965b7d563c57b4cec942cc865e29c1dad83cac8b4d61aacc457f336e6a10b66323f5887bf3523dfcadee158503bfaa89dc6bf59daa82afd2b5ebb2a9ca6572a6067cee7c327e9039b3b6ea6a1edc7fdc3df927aade10c1c9f2d5ff446450d2a3998d0f9f6202b5e07c3f97d2458c69d3c8190643978d7a7f4d64e97e3f1c4a08a7c5bc03fd55682c017e2907eab07e5bb2f190143475a6043d5e6d5263471f4eecf6e2575fbc6ff37edfa249d6cda1a09f797fd5a3cd53a066700f45863f04b6c8a58cfd341241e002d0d2c0217472bf18b636ae547c1771368d9f317835c9b0ef430b3df4034f6af00d0da44f4af7800bc7a5cf8a5abdb12dc718b559b74cab9090e33cc58a955300981c420c4da8ffd67df540890a062fe40dba8b2c1c548ced22473219c534911d48ccaabfb71bc71862f4a24ebd376d288fd4e6fb06ed8705787c5fedc813cd2697e5b1aac1ced45767b14ce88409eaebb601a93559aae893e143d1c395bc326da821d79a9ed41dcfbe549147f71c092f4f3ac522b5cc57290706650487bae9bb5671ecc9ccc2ce51ead87ac01985268521222fb9057df7ed41810b5ef0d4f7cc67368c90f573b1ac2ce956c365ed38e893ce7b2fae15d3685a3df2fa3d4cc098fa57dd60d2c9754a8ade980ad0f93f6787075c3f680a2ba1936a8c61d1af52ab7e21f416be09d2a8d64c3d3d8582968c2839902229f85aee297e717c094c8df4a23bb5db658dd377bf0f4ff3ffd8fba5e383a48574802ed545bbe7a6b4753533353d73706067640135a7ce517279cd683039747d218647c86e097b0daa2872d54b8f3e5085987629547b830d8118161b65079fe7bc59a99e9c3c7380e3e70b7138fe5d9be2551502b698d09ae193972f27d40f38dea264a0126e637d74ae4c92a6249fa103436d3eb0d4029ac712bfc7a5eacbdd7518d6d4fe903a5ae65527cd65bb0d4e9925ca24fd7214dc617c150544e423f450c99ce51ac8005d33acd74f1bed3b17b7266a4a3bb86da7eba80b101e15cb79de9a207852cf91249ef480619ff2af8cabca83125d1faa94cbb0a03a906f683b3f47a97c871fd513e510a7a25f283b196075778496152a91c2bf9da76ebe089f4654877f2d586ae7149c406e663eadeb2b5c7e82429b9e8cb4834c83464f079995332e4b3c8f5a72bb4b8c6f74b0d45dc6c1f79952c0b7420df525e37c15377b5f0984319c3993921e5ccd97e097592064530d33de3afad5733cbe7703c5296263f77342efbf5a04755b0b3c997c4328463e84caa2de3ffdcd297baaaacd7ae646e44b5c0f16044df38fabd296a47b3a838a913982fb2e370c078edb042c84db34ce36b46ccb76460a690cc86c302457dd1cde197ec8075e82b393d542075134e2a17ee70a5e187075d03ae3c853cff60729ba4000000054de1f6965bdabc676c5a4dc7c35f97f82cb0e31c68d04f1dad96314ff09e6b3de96aeee300d1f68bf1bca9fc58e4032336cd819aaf578744e50d1357a0e4286704d341aa0a337b19fe4bc43c2e79964d4f351089f2e0e41c7c43ae0d49e7f404b0f75be80ea3af098c9752420a8ac0ea2bbb1f4eeba05238aef0d8ce63f0c6e5e4041d95398a6f7f3e0ee97cc1591849d4ed236338b147abde9f51ef9fd4e1c1 + +pk = 000000020000000600000003d08fabd4a2091ff0a8cb4ed834e7453432a58885cd9ba0431235466bff9651c6c92124404d45fa53cf161c28f1ad5a8e + diff --git a/tests/KATs/sig_stfl/lms/LMS_SHA256_H5_W8_H5_W8.rsp b/tests/KATs/sig_stfl/lms/LMS_SHA256_H5_W8_H5_W8.rsp new file mode 100644 index 0000000000..7e8dc7bd21 --- /dev/null +++ b/tests/KATs/sig_stfl/lms/LMS_SHA256_H5_W8_H5_W8.rsp @@ -0,0 +1,8 @@ +# LMS_SHA256_H5_W8_H5_W8 + +msg = 54686520706f77657273206e6f742064656c65676174656420746f2074686520556e69746564205374617465732062792074686520436f6e737469747574696f6e2c206e6f722070726f6869626974656420627920697420746f20746865205374617465732c2061726520726573657276656420746f207468652053746174657320726573706563746976656c792c206f7220746f207468652070656f706c652e0a + +sm = 000000010000000500000004d32b56671d7eb98833c49b433c272586bc4a1c8a8970528ffa04b966f9426eb9965a25bfd37f196b9073f3d4a232feb69128ec45146f86292f9dff9610a7bf95a64c7f60f6261a62043f86c70324b7707f5b4a8a6e19c114c7be866d488778a0e05fd5c6509a6e61d559cf1a77a970de927d60c70d3de31a7fa0100994e162a2582e8ff1b10cd99d4e8e413ef469559f7d7ed12c838342f9b9c96b83a4943d1681d84b15357ff48ca579f19f5e71f18466f2bbef4bf660c2518eb20de2f66e3b14784269d7d876f5d35d3fbfc7039a462c716bb9f6891a7f41ad133e9e1f6d9560b960e7777c52f060492f2d7c660e1471e07e72655562035abc9a701b473ecbc3943c6b9c4f2405a3cb8bf8a691ca51d3f6ad2f428bab6f3a30f55dd9625563f0a75ee390e385e3ae0b906961ecf41ae073a0590c2eb6204f44831c26dd768c35b167b28ce8dc988a3748255230cef99ebf14e730632f27414489808afab1d1e783ed04516de012498682212b07810579b250365941bcc98142da13609e9768aaf65de7620dabec29eb82a17fde35af15ad238c73f81bdb8dec2fc0e7f932701099762b37f43c4a3c20010a3d72e2f606be108d310e639f09ce7286800d9ef8a1a40281cc5a7ea98d2adc7c7400c2fe5a101552df4e3cccfd0cbf2ddf5dc6779cbbc68fee0c3efe4ec22b83a2caa3e48e0809a0a750b73ccdcf3c79e6580c154f8a58f7f24335eec5c5eb5e0cf01dcf4439424095fceb077f66ded5bec73b27c5b9f64a2a9af2f07c05e99e5cf80f00252e39db32f6c19674f190c9fbc506d826857713afd2ca6bb85cd8c107347552f30575a5417816ab4db3f603f2df56fbc413e7d0acd8bdd81352b2471fc1bc4f1ef296fea1220403466b1afe78b94f7ecf7cc62fb92be14f18c2192384ebceaf8801afdf947f698ce9c6ceb696ed70e9e87b0144417e8d7baf25eb5f70f09f016fc925b4db048ab8d8cb2a661ce3b57ada67571f5dd546fc22cb1f97e0ebd1a65926b1234fd04f171cf469c76b884cf3115cce6f792cc84e36da58960c5f1d760f32c12faef477e94c92eb75625b6a371efc72d60ca5e908b3a7dd69fef0249150e3eebdfed39cbdc3ce9704882a2072c75e13527b7a581a556168783dc1e97545e31865ddc46b3c957835da252bb7328d3ee2062445dfb85ef8c35f8e1f3371af34023cef626e0af1e0bc017351aae2ab8f5c612ead0b729a1d059d02bfe18efa971b7300e882360a93b025ff97e9e0eec0f3f3f13039a17f88b0cf808f488431606cb13f9241f40f44e537d302c64a4f1f4ab949b9feefadcb71ab50ef27d6d6ca8510f150c85fb525bf25703df7209b6066f09c37280d59128d2f0f637c7d7d7fad4ed1c1ea04e628d221e3d8db77b7c878c9411cafc5071a34a00f4cf07738912753dfce48f07576f0d4f94f42c6d76f7ce973e9367095ba7e9a3649b7f461d9f9ac1332a4d1044c96aefee67676401b64457c54d65fef6500c59cdfb69af7b6dddfcb0f086278dd8ad0686078dfb0f3f79cd893d314168648499898fbc0ced5f95b74e8ff14d735cdea968bee7400000005d8b8112f9200a5e50c4a262165bd342cd800b8496810bc716277435ac376728d129ac6eda839a6f357b5a04387c5ce97382a78f2a4372917eefcbf93f63bb59112f5dbe400bd49e4501e859f885bf0736e90a509b30a26bfac8c17b5991c157eb5971115aa39efd8d564a6b90282c3168af2d30ef89d51bf14654510a12b8a144cca1848cf7da59cc2b3d9d0692dd2a20ba3863480e25b1b85ee860c62bf51360000000500000004d2f14ff6346af964569f7d6cb880a1b66c5004917da6eafe4d9ef6c6407b3db0e5485b122d9ebe15cda93cfec582d7ab0000000a000000040703c491e7558b35011ece3592eaa5da4d918786771233e8353bc4f62323185c95cae05b899e35dffd717054706209988ebfdf6e37960bb5c38d7657e8bffeef9bc042da4b4525650485c66d0ce19b317587c6ba4bffcc428e25d08931e72dfb6a120c5612344258b85efdb7db1db9e1865a73caf96557eb39ed3e3f426933ac9eeddb03a1d2374af7bf77185577456237f9de2d60113c23f846df26fa942008a698994c0827d90e86d43e0df7f4bfcdb09b86a373b98288b7094ad81a0185ac100e4f2c5fc38c003c1ab6fea479eb2f5ebe48f584d7159b8ada03586e65ad9c969f6aecbfe44cf356888a7b15a3ff074f771760b26f9c04884ee1faa329fbf4e61af23aee7fa5d4d9a5dfcf43c4c26ce8aea2ce8a2990d7ba7b57108b47dabfbeadb2b25b3cacc1ac0cef346cbb90fb044beee4fac2603a442bdf7e507243b7319c9944b1586e899d431c7f91bcccc8690dbf59b28386b2315f3d36ef2eaa3cf30b2b51f48b71b003dfb08249484201043f65f5a3ef6bbd61ddfee81aca9ce60081262a00000480dcbc9a3da6fbef5c1c0a55e48a0e729f9184fcb1407c31529db268f6fe50032a363c9801306837fafabdf957fd97eafc80dbd165e435d0e2dfd836a28b354023924b6fb7e48bc0b3ed95eea64c2d402f4d734c8dc26f3ac591825daef01eae3c38e3328d00a77dc657034f287ccb0f0e1c9a7cbdc828f627205e4737b84b58376551d44c12c3c215c812a0970789c83de51d6ad787271963327f0a5fbb6b5907dec02c9a90934af5a1c63b72c82653605d1dcce51596b3c2b45696689f2eb382007497557692caac4d57b5de9f5569bc2ad0137fd47fb47e664fcb6db4971f5b3e07aceda9ac130e9f38182de994cff192ec0e82fd6d4cb7f3fe00812589b7a7ce515440456433016b84a59bec6619a1c6c0b37dd1450ed4f2d8b584410ceda8025f5d2d8dd0d2176fc1cf2cc06fa8c82bed4d944e71339ece780fd025bd41ec34ebff9d4270a3224e019fcb444474d482fd2dbe75efb20389cc10cd600abb54c47ede93e08c114edb04117d714dc1d525e11bed8756192f929d15462b939ff3f52f2252da2ed64d8fae88818b1efa2c7b08c8794fb1b214aa233db3162833141ea4383f1a6f120be1db82ce3630b3429114463157a64e91234d475e2f79cbf05e4db6a9407d72c6bff7d1198b5c4d6aad2831db61274993715a0182c7dc8089e32c8531deed4f7431c07c02195eba2ef91efb5613c37af7ae0c066babc69369700e1dd26eddc0d216c781d56e4ce47e3303fa73007ff7b949ef23be2aa4dbf25206fe45c20dd888395b2526391a724996a44156beac808212858792bf8e74cba49dee5e8812e019da87454bff9e847ed83db07af313743082f880a278f682c2bd0ad6887cb59f652e155987d61bbf6a88d36ee93b6072e6656d9ccbaae3d655852e38deb3a2dcf8058dc9fb6f2ab3d3b3539eb77b248a661091d05eb6e2f297774fe6053598457cc61908318de4b826f0fc86d4bb117d33e865aa805009cc2918d9c2f840c4da43a703ad9f5b5806163d7161696b5a0adc00000005d5c0d1bebb06048ed6fe2ef2c6cef305b3ed633941ebc8b3bec9738754cddd60e1920ada52f43d055b5031cee6192520d6a5115514851ce7fd448d4a39fae2ab2335b525f484e9b40d6a4a969394843bdcf6d14c48e8015e08ab92662c05c6e9f90b65a7a6201689999f32bfd368e5e3ec9cb70ac7b8399003f175c40885081a09ab3034911fe125631051df0408b3946b0bde790911e8978ba07dd56c73e7ee + +pk = 00000002000000050000000461a5d57d37f5e46bfb7520806b07a1b850650e3b31fe4a773ea29a07f09cf2ea30e579f0df58ef8e298da0434cb2b878 + diff --git a/tests/example_sig_stfl.c b/tests/example_sig_stfl.c new file mode 100644 index 0000000000..b332d8479b --- /dev/null +++ b/tests/example_sig_stfl.c @@ -0,0 +1,133 @@ +/* + * example_sig_stfl.c + * + * Minimal example of using a post-quantum stateful signature implemented in liboqs. + * + * SPDX-License-Identifier: MIT + */ + +#include +#include +#include +#include + +#include + +#define MESSAGE_LEN 50 + +static OQS_STATUS do_nothing_save(uint8_t *key_buf, size_t buf_len, void *context) { + (void)(context); + (void)(buf_len); + return key_buf != NULL ? OQS_SUCCESS : OQS_ERROR; +} + +/* This function gives an example of the signing operations, + * allocating variables dynamically on the heap and calling the + * OQS_SIG_STFL and OQS_SIG_STFL_SECRET_KEY objects. + * + * This does not require the use of compile-time macros to check if the + * algorithm in question was enabled at compile-time; instead, the caller + * must check that the OQS_SIG object returned is not NULL. + */ +static OQS_STATUS stfl_example(char *method_name) { + + OQS_SIG_STFL *sig = NULL; + uint8_t *public_key = NULL; + OQS_SIG_STFL_SECRET_KEY *secret_key = NULL; + uint8_t *message = NULL; + uint8_t *signature = NULL; + size_t message_len = MESSAGE_LEN; + size_t signature_len; + char *sk_fname = NULL; + OQS_STATUS rc = OQS_ERROR; + + /* + * Steps + * 1. create stateful signature object + * 2. create secret key object + * 3. set key storage callback function + * set mutex if necessary + * 4. Generate key-pair + * 5. Signature generation + * 6. verify signature + */ + sig = OQS_SIG_STFL_new(method_name); + if (sig == NULL) { + printf("[Stateful sig] %s new failed.\n", method_name); + return OQS_ERROR; + } + + secret_key = OQS_SIG_STFL_SECRET_KEY_new(method_name); + if (secret_key == NULL) { + printf("[Stateful secret key] %s new failed.\n", method_name); + goto err; + } + + /* + * Allocate storage for public key, secret key filename, message and signature + */ + public_key = malloc(sig->length_public_key); + sk_fname = malloc(strlen(method_name) + strlen(".sk")); + message = malloc(message_len); + signature = malloc(sig->length_signature); + if ((public_key == NULL) || (message == NULL) || (signature == NULL) || (sk_fname == NULL)) { + fprintf(stderr, "ERROR: malloc failed!\n"); + goto err; + } + + strcpy(sk_fname, method_name); + strcat(sk_fname, ".sk"); + /* + * set callback to securely store the secret key + * secret keys are one time use only. So after a signature gen + * the secret key most be advanced to the next + */ + OQS_SIG_STFL_SECRET_KEY_SET_store_cb(secret_key, do_nothing_save, (void *)sk_fname); + + /* + * Generate key pair + */ + rc = OQS_SIG_STFL_keypair(sig, public_key, secret_key); + if (rc != OQS_SUCCESS) { + printf("[Stateful key pair generation] %s new failed.\n", method_name); + goto err; + } + + // let's create a random test message to sign + OQS_randombytes(message, message_len); + + rc = OQS_SIG_STFL_sign(sig, signature, &signature_len, message, message_len, secret_key); + if (rc != OQS_SUCCESS) { + fprintf(stderr, "ERROR: OQS_SIG_STFL_sign failed %s!\n", method_name); + goto err; + } + rc = OQS_SIG_STFL_verify(sig, message, message_len, signature, signature_len, public_key); + if (rc != OQS_SUCCESS) { + fprintf(stderr, "ERROR: OQS_SIG_STFL_verify failed %s!\n", method_name); + goto err; + } + + printf("[Stateful signature] %s operations completed.\n", method_name); +err: +//cleanup + OQS_MEM_insecure_free(public_key); + OQS_MEM_insecure_free(sk_fname); + OQS_MEM_insecure_free(message); + OQS_MEM_insecure_free(signature); + OQS_SIG_STFL_free(sig); + OQS_SIG_STFL_SECRET_KEY_free(secret_key); + + return rc; +} + +int main(void) { + OQS_init(); + if (stfl_example("XMSS-SHA2_10_256") == OQS_SUCCESS && stfl_example("LMS_SHA256_H10_W4") == OQS_SUCCESS) { + OQS_destroy(); + return EXIT_SUCCESS; + } else { + OQS_destroy(); + return EXIT_FAILURE; + } +} + diff --git a/tests/helpers.py b/tests/helpers.py index 781df5e45a..b911f5d9bd 100644 --- a/tests/helpers.py +++ b/tests/helpers.py @@ -114,8 +114,8 @@ def available_sig_stfls_by_name(): with open(os.path.join('src', 'sig_stfl', 'sig_stfl.h')) as fh: for line in fh: if line.startswith("#define OQS_SIG_STFL_alg_"): - sig_stfl_name = line.split(' ')[2] - sig_stfl_name = sig_stfl_name[1:-2] + sig_stfl_name = line.split(' ')[2].strip() + sig_stfl_name = sig_stfl_name[1:-1] available_names.append(sig_stfl_name) return available_names @@ -126,8 +126,8 @@ def is_sig_stfl_enabled_by_name(name): if line.startswith("#define OQS_SIG_STFL_alg_"): sig_stfl_symbol = line.split(' ')[1] sig_stfl_symbol = sig_stfl_symbol[len("OQS_SIG_STFL_alg_"):] - sig_stfl_name = line.split(' ')[2] - sig_stfl_name = sig_stfl_name[1:-2] + sig_stfl_name = line.split(' ')[2].strip() + sig_stfl_name = sig_stfl_name[1:-1] if sig_stfl_name == name: symbol = sig_stfl_symbol break @@ -202,8 +202,10 @@ def get_katfile(t: str, sig_stfl_name: str) -> str: algo_dir = '' if "XMSS" in sig_stfl_name: algo_dir = 'xmss' - if not algo_dir: - return '' + if "LMS" in sig_stfl_name: + algo_dir = 'lms' + if algo_dir == '': + return '' # Replace the "/" to "-" in XMSSMT parameters clean_sig_stfl_name = sig_stfl_name.replace("/", "-", 1) kat_filename = f"{clean_sig_stfl_name}.rsp" diff --git a/tests/kat_sig_stfl.c b/tests/kat_sig_stfl.c index 4607977065..457a5c3778 100644 --- a/tests/kat_sig_stfl.c +++ b/tests/kat_sig_stfl.c @@ -71,11 +71,29 @@ int FindMarker(FILE *infile, const char *marker) { // // ALLOW TO READ HEXADECIMAL ENTRY (KEYS, DATA, TEXT, etc.) // -int ReadHex(FILE *infile, unsigned char *a, unsigned long Length, const char *str) { +size_t ReadHex(FILE *infile, unsigned char *a, unsigned long Length, const char *str) { int ch, started; unsigned long i; unsigned char ich; + /* + * Caller is just trying to get the length target data + */ + if ((Length == 0) && (a == NULL)) { + i = 0; + if (FindMarker(infile, str)) { + while ((ch = fgetc(infile)) != EOF) { + if (!isxdigit(ch)) { + if (ch == '\n') { + break; + } + } + i += 1; + } + } + return (i / 2); + } + if (Length == 0) { a[0] = 0x00; return 1; @@ -118,6 +136,18 @@ int ReadHex(FILE *infile, unsigned char *a, unsigned long Length, const char *st return 1; } +void fprint_l_str(FILE *fp, const char *S, const uint8_t *A, size_t L) { + size_t i; + fprintf(fp, "%s", S); + for (i = 0; i < L; i++) { + fprintf(fp, "%02x", A[i]); + } + if (L == 0) { + fprintf(fp, "00"); + } + fprintf(fp, "\n"); +} + OQS_STATUS sig_stfl_kat(const char *method_name, const char *katfile) { uint8_t seed[48]; @@ -283,7 +313,112 @@ OQS_STATUS sig_stfl_kat(const char *method_name, const char *katfile) { return ret; } +/* + * LMS Test Vector + */ +static OQS_STATUS test_lms_kat(const char *method_name, const char *katfile) { + OQS_STATUS rc = OQS_ERROR; + OQS_SIG_STFL *sig = NULL; + uint8_t *public_key = NULL; + uint8_t *msg = NULL; + size_t msg_len = 0; + uint8_t *sm = NULL; + FILE *fp_rsp = NULL; + FILE *fh = NULL; + + if ((fp_rsp = fopen(katfile, "r")) == NULL) { + fprintf(stderr, "Couldn't open <%s> for read\n", katfile); + goto err; + } + + //Allocate a OQS stateful signature struct + sig = OQS_SIG_STFL_new(method_name); + if (sig == NULL) { + fprintf(stderr, "ERROR: Failed to create signature object for %s\n", method_name); + goto err; + } + + /* + * Get the message length + * Zero length means no KAT is currently available, so skip this method + * and return success + */ + msg_len = ReadHex(fp_rsp, 0, 0, "msg = "); + if (!(msg_len > 0)) { + fprintf(stderr, "No msg present\n"); + goto err; + } + + fclose(fp_rsp); + if ((fp_rsp = fopen(katfile, "r")) == NULL) { + fprintf(stderr, "Couldn't open <%s> for read\n", katfile); + goto err; + } + + public_key = malloc(sig->length_public_key); + sm = malloc(sig->length_signature); + msg = malloc((unsigned long)msg_len); + + if ((!msg || !sm || !public_key)) { + fprintf(stderr, "ERROR: unable to allocate memory.\n"); + goto err; + } + + /* + * Read signature and public key, msg and signature data from KAT file + */ + if (!ReadHex(fp_rsp, public_key, sig->length_public_key, "pk = ")) { + fprintf(stderr, "ERROR: unable to read 'pk' from <%s>\n", katfile); + goto err; + } + fclose(fp_rsp); + if ((fp_rsp = fopen(katfile, "r")) == NULL) { + fprintf(stderr, "Couldn't open <%s> for read\n", katfile); + goto err; + } + + if (!ReadHex(fp_rsp, msg, msg_len, "msg = ")) { + fprintf(stderr, "ERROR: unable to read 'msg' from <%s>\n", katfile); + goto err; + } + fclose(fp_rsp); + if ((fp_rsp = fopen(katfile, "r")) == NULL) { + fprintf(stderr, "Couldn't open <%s> for read\n", katfile); + goto err; + } + + if (!ReadHex(fp_rsp, sm, sig->length_signature, "sm = ")) { + fprintf(stderr, "ERROR: unable to read 'sm' from <%s>\n", katfile); + goto err; + } + + //Verify KAT + rc = OQS_SIG_STFL_verify(sig, msg, msg_len, sm, sig->length_signature, public_key); + if (rc != OQS_SUCCESS) { + fprintf(stderr, "ERROR: Verify test vector failed: %s\n", method_name); + } else { + fh = stdout; + fprintf(fh, "# %s\n\n", sig->method_name); + fprint_l_str(fh, "msg = ", msg, msg_len); + fprintf(fh, "\n"); + fprint_l_str(fh, "sm = ", sm, sig->length_signature); + fprintf(fh, "\n"); + fprint_l_str(fh, "pk = ", public_key, sig->length_public_key); + fprintf(fh, "\n"); + } +err: + OQS_SIG_STFL_free(sig); + OQS_MEM_insecure_free(sm); + OQS_MEM_insecure_free(public_key); + OQS_MEM_insecure_free(msg); + if (fp_rsp) { + fclose(fp_rsp); + } + return rc; +} + int main(int argc, char **argv) { + OQS_STATUS rc; OQS_init(); if (argc != 3) { @@ -304,7 +439,11 @@ int main(int argc, char **argv) { char *alg_name = argv[1]; char *katfile = argv[2]; - OQS_STATUS rc = sig_stfl_kat(alg_name, katfile); + if (strncmp(alg_name, "LMS", 3) != 0) { + rc = sig_stfl_kat(alg_name, katfile); + } else { + rc = test_lms_kat(alg_name, katfile); + } if (rc != OQS_SUCCESS) { OQS_destroy(); return EXIT_FAILURE; diff --git a/tests/test_hash.c b/tests/test_hash.c index 3fea2f00ad..788f41ffb2 100644 --- a/tests/test_hash.c +++ b/tests/test_hash.c @@ -62,11 +62,12 @@ static int do_sha256(void) { OQS_SHA2_sha256_inc_init(&state); // clone state - OQS_SHA2_sha256_ctx state2, state3, state4, state5; + OQS_SHA2_sha256_ctx state2, state3, state4, state5, state6; OQS_SHA2_sha256_inc_ctx_clone(&state2, &state); OQS_SHA2_sha256_inc_ctx_clone(&state3, &state); OQS_SHA2_sha256_inc_ctx_clone(&state4, &state); OQS_SHA2_sha256_inc_ctx_clone(&state5, &state); + OQS_SHA2_sha256_inc_ctx_clone(&state6, &state); // hash with first state if (msg_len > 64) { @@ -94,7 +95,7 @@ static int do_sha256(void) { return -3; } - // hash with increment API less than block size + // hash with increment 1 byte at a time size_t i = 0; for (i = 0; i < msg_len; i++) { OQS_SHA2_sha256_inc(&state3, &msg[i], 1); @@ -106,6 +107,15 @@ static int do_sha256(void) { return -4; } + // hash increment with the entire msg len + OQS_SHA2_sha256_inc(&state6, msg, msg_len); + OQS_SHA2_sha256_inc_finalize(output_inc, &state6, NULL, 0); + if (memcmp(output, output_inc, 32) != 0) { + fprintf(stderr, "ERROR: Incremental API with the entire msg.\n"); + free(msg); + return -3; + } + // hash with combination of block-size increments and non block-size increments [64 bytes] + [n < 64 bytes] if (msg_len > 64) { OQS_SHA2_sha256_inc_blocks(&state4, msg, 1); diff --git a/tests/test_sig_stfl.c b/tests/test_sig_stfl.c index dd75b8a916..55ba104d56 100644 --- a/tests/test_sig_stfl.c +++ b/tests/test_sig_stfl.c @@ -1001,6 +1001,7 @@ int main(int argc, char **argv) { const char *alg_name = argv[1]; const char *katfile = argv[2]; + if (!OQS_SIG_STFL_alg_is_enabled(alg_name)) { printf("Stateful signature algorithm %s not enabled!\n", alg_name); OQS_destroy();