remove const in LMS_serialize_key and add is_locked to OQS_SIG_STFL…

…_SECRET_KEY initialization
open-quantum-safe · Oct 22, 2023 · c04295f · c04295f
1 parent 4ad3f42
commit c04295f
Show file tree

Hide file tree

Showing 3 changed files with 67 additions and 10 deletions.
diff --git a/src/sig_stfl/lms/sig_stfl_lms.c b/src/sig_stfl/lms/sig_stfl_lms.c
@@ -8,7 +8,7 @@
 #include "sig_stfl_lms.h"
 
 /* Convert LMS secret key object to byte string */
-static OQS_STATUS OQS_SECRET_KEY_LMS_serialize_key(const OQS_SIG_STFL_SECRET_KEY *sk, size_t *sk_len, uint8_t **sk_buf_ptr);
+static OQS_STATUS OQS_SECRET_KEY_LMS_serialize_key(OQS_SIG_STFL_SECRET_KEY *sk, size_t *sk_len, uint8_t **sk_buf_ptr);
 
 /* Insert lms byte string in an LMS secret key object */
 static OQS_STATUS OQS_SECRET_KEY_LMS_deserialize_key(OQS_SIG_STFL_SECRET_KEY *sk, const size_t sk_len, const uint8_t *sk_buf, void *context);
@@ -82,6 +82,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H5_W1_new(void) {
 	 */
 	sk->lock_key = NULL;
 
+	/* Boolean if the secret key is locked */
+	sk->is_locked = false;
+
 	/*
 	 * Set Secret Key Unlocking / Releasing Function
 	 */
@@ -169,6 +172,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H5_W2_new(void) {
 	 */
 	sk->lock_key = NULL;
 
+	/* Boolean if the secret key is locked */
+	sk->is_locked = false;
+
 	/*
 	 * Set Secret Key Unlocking / Releasing Function
 	 */
@@ -256,6 +262,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H5_W4_new(void) {
 	 */
 	sk->lock_key = NULL;
 
+	/* Boolean if the secret key is locked */
+	sk->is_locked = false;
+
 	/*
 	 * Set Secret Key Unlocking / Releasing Function
 	 */
@@ -343,6 +352,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H5_W8_new(void) {
 	 */
 	sk->lock_key = NULL;
 
+	/* Boolean if the secret key is locked */
+	sk->is_locked = false;
+
 	/*
 	 * Set Secret Key Unlocking / Releasing Function
 	 */
@@ -430,6 +442,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H10_W1_new(void) {
 	 */
 	sk->lock_key = NULL;
 
+	/* Boolean if the secret key is locked */
+	sk->is_locked = false;
+
 	/*
 	 * Set Secret Key Unlocking / Releasing Function
 	 */
@@ -517,6 +532,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H10_W2_new(void) {
 	 */
 	sk->lock_key = NULL;
 
+	/* Boolean if the secret key is locked */
+	sk->is_locked = false;
+
 	/*
 	 * Set Secret Key Unlocking / Releasing Function
 	 */
@@ -604,6 +622,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H10_W4_new(void) {
 	 */
 	sk->lock_key = NULL;
 
+	/* Boolean if the secret key is locked */
+	sk->is_locked = false;
+
 	/*
 	 * Set Secret Key Unlocking / Releasing Function
 	 */
@@ -691,6 +712,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H10_W8_new(void) {
 	 */
 	sk->lock_key = NULL;
 
+	/* Boolean if the secret key is locked */
+	sk->is_locked = false;
+
 	/*
 	 * Set Secret Key Unlocking / Releasing Function
 	 */
@@ -778,6 +802,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H15_W1_new(void) {
 	 */
 	sk->lock_key = NULL;
 
+	/* Boolean if the secret key is locked */
+	sk->is_locked = false;
+
 	/*
 	 * Set Secret Key Unlocking / Releasing Function
 	 */
@@ -865,6 +892,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H15_W2_new(void) {
 	 */
 	sk->lock_key = NULL;
 
+	/* Boolean if the secret key is locked */
+	sk->is_locked = false;
+
 	/*
 	 * Set Secret Key Unlocking / Releasing Function
 	 */
@@ -952,6 +982,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H15_W4_new(void) {
 	 */
 	sk->lock_key = NULL;
 
+	/* Boolean if the secret key is locked */
+	sk->is_locked = false;
+
 	/*
 	 * Set Secret Key Unlocking / Releasing Function
 	 */
@@ -1039,6 +1072,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H15_W8_new(void) {
 	 */
 	sk->lock_key = NULL;
 
+	/* Boolean if the secret key is locked */
+	sk->is_locked = false;
+
 	/*
 	 * Set Secret Key Unlocking / Releasing Function
 	 */
@@ -1126,6 +1162,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H20_W1_new(void) {
 	 */
 	sk->lock_key = NULL;
 
+	/* Boolean if the secret key is locked */
+	sk->is_locked = false;
+
 	/*
 	 * Set Secret Key Unlocking / Releasing Function
 	 */
@@ -1213,6 +1252,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H20_W2_new(void) {
 	 */
 	sk->lock_key = NULL;
 
+	/* Boolean if the secret key is locked */
+	sk->is_locked = false;
+
 	/*
 	 * Set Secret Key Unlocking / Releasing Function
 	 */
@@ -1300,6 +1342,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H20_W4_new(void) {
 	 */
 	sk->lock_key = NULL;
 
+	/* Boolean if the secret key is locked */
+	sk->is_locked = false;
+
 	/*
 	 * Set Secret Key Unlocking / Releasing Function
 	 */
@@ -1387,6 +1432,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H20_W8_new(void) {
 	 */
 	sk->lock_key = NULL;
 
+	/* Boolean if the secret key is locked */
+	sk->is_locked = false;
+
 	/*
 	 * Set Secret Key Unlocking / Releasing Function
 	 */
@@ -1474,6 +1522,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H25_W1_new(void) {
 	 */
 	sk->lock_key = NULL;
 
+	/* Boolean if the secret key is locked */
+	sk->is_locked = false;
+
 	/*
 	 * Set Secret Key Unlocking / Releasing Function
 	 */
@@ -1561,6 +1612,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H25_W2_new(void) {
 	 */
 	sk->lock_key = NULL;
 
+	/* Boolean if the secret key is locked */
+	sk->is_locked = false;
+
 	/*
 	 * Set Secret Key Unlocking / Releasing Function
 	 */
@@ -1648,6 +1702,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H25_W4_new(void) {
 	 */
 	sk->lock_key = NULL;
 
+	/* Boolean if the secret key is locked */
+	sk->is_locked = false;
+
 	/*
 	 * Set Secret Key Unlocking / Releasing Function
 	 */
@@ -1735,6 +1792,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H25_W8_new(void) {
 	 */
 	sk->lock_key = NULL;
 
+	/* Boolean if the secret key is locked */
+	sk->is_locked = false;
+
 	/*
 	 * Set Secret Key Unlocking / Releasing Function
 	 */
@@ -1760,7 +1820,7 @@ void OQS_SECRET_KEY_LMS_free(OQS_SIG_STFL_SECRET_KEY *sk) {
 }
 
 /* Convert LMS secret key object to byte string */
-static OQS_STATUS OQS_SECRET_KEY_LMS_serialize_key(const OQS_SIG_STFL_SECRET_KEY *sk, size_t *sk_len, uint8_t **sk_buf_ptr) {
+static OQS_STATUS OQS_SECRET_KEY_LMS_serialize_key(OQS_SIG_STFL_SECRET_KEY *sk, size_t *sk_len, uint8_t **sk_buf_ptr) {
 	OQS_STATUS status;
 	if (sk->lock_key && sk->mutex) {
 		sk->lock_key(sk->mutex);

diff --git a/src/sig_stfl/lms/sig_stfl_lms.h b/src/sig_stfl/lms/sig_stfl_lms.h
@@ -209,7 +209,7 @@ int oqs_sig_stfl_lms_verify(const uint8_t *m, size_t mlen, const uint8_t *sm, si
 
 void oqs_secret_lms_key_free(OQS_SIG_STFL_SECRET_KEY *sk);
 
-OQS_STATUS oqs_serialize_lms_key(const OQS_SIG_STFL_SECRET_KEY *sk, size_t *sk_len, uint8_t **sk_key);
+OQS_STATUS oqs_serialize_lms_key(OQS_SIG_STFL_SECRET_KEY *sk, size_t *sk_len, uint8_t **sk_key);
 OQS_STATUS oqs_deserialize_lms_key(OQS_SIG_STFL_SECRET_KEY *sk, const size_t sk_len, const uint8_t *sk_buf, void *context);
 void oqs_lms_key_set_store_cb(OQS_SIG_STFL_SECRET_KEY *sk, secure_store_sk store_cb, void *context);
 

diff --git a/src/sig_stfl/lms/sig_stfl_lms_functions.c b/src/sig_stfl/lms/sig_stfl_lms_functions.c
@@ -47,11 +47,10 @@ typedef struct OQS_LMS_KEY_DATA {
 } oqs_lms_key_data;
 
 OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sign(uint8_t *signature, size_t *signature_length, const uint8_t *message,
-        size_t message_len, OQS_SIG_STFL_SECRET_KEY *secret_key) {
+    size_t message_len, OQS_SIG_STFL_SECRET_KEY *secret_key) {
 	OQS_STATUS status = OQS_ERROR;
 	OQS_STATUS rc_keyupdate = OQS_ERROR;
 	oqs_lms_key_data *lms_key_data = NULL;
-	const OQS_SIG_STFL_SECRET_KEY *sk;
 	uint8_t *sk_key_buf = NULL;
 	size_t sk_key_buf_len = 0;
 	void *context;
@@ -89,8 +88,7 @@ OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sign(uint8_t *signature, size_t *signatu
 	 * but, delete signature and the serialized key other wise
 	 */
 
-	sk = secret_key;
-	rc_keyupdate = oqs_serialize_lms_key(sk, &sk_key_buf_len, &sk_key_buf);
+	rc_keyupdate = oqs_serialize_lms_key(secret_key, &sk_key_buf_len, &sk_key_buf);
 	if (rc_keyupdate != OQS_SUCCESS) {
 		goto err;
 	}
@@ -121,8 +119,7 @@ OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sign(uint8_t *signature, size_t *signatu
 }
 
 OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_verify(const uint8_t *message, size_t message_len,
-        const uint8_t *signature, size_t signature_len,
-        const uint8_t *public_key) {
+    const uint8_t *signature, size_t signature_len, const uint8_t *public_key) {
 
 	if (message == NULL || signature == NULL || public_key == NULL) {
 		return OQS_ERROR;
@@ -566,7 +563,7 @@ void oqs_secret_lms_key_free(OQS_SIG_STFL_SECRET_KEY *sk) {
  * Convert LMS secret key object to byte string
  * Writes secret key + aux data if present
  */
-OQS_STATUS oqs_serialize_lms_key(const OQS_SIG_STFL_SECRET_KEY *sk, size_t *sk_len, uint8_t **sk_key) {
+OQS_STATUS oqs_serialize_lms_key(OQS_SIG_STFL_SECRET_KEY *sk, size_t *sk_len, uint8_t **sk_key) {
 
 	if (sk == NULL || sk_len == NULL || sk_key == NULL) {
 		return OQS_ERROR;