From c04295f568f406cc46010a0f64cde55debd977be Mon Sep 17 00:00:00 2001 From: Duc Nguyen Date: Sun, 22 Oct 2023 13:04:27 -0400 Subject: [PATCH] remove const in LMS_serialize_key and add `is_locked` to OQS_SIG_STFL_SECRET_KEY initialization --- src/sig_stfl/lms/sig_stfl_lms.c | 64 ++++++++++++++++++++++- src/sig_stfl/lms/sig_stfl_lms.h | 2 +- src/sig_stfl/lms/sig_stfl_lms_functions.c | 11 ++-- 3 files changed, 67 insertions(+), 10 deletions(-) diff --git a/src/sig_stfl/lms/sig_stfl_lms.c b/src/sig_stfl/lms/sig_stfl_lms.c index 3503c7447b..d5a978bfa1 100644 --- a/src/sig_stfl/lms/sig_stfl_lms.c +++ b/src/sig_stfl/lms/sig_stfl_lms.c @@ -8,7 +8,7 @@ #include "sig_stfl_lms.h" /* Convert LMS secret key object to byte string */ -static OQS_STATUS OQS_SECRET_KEY_LMS_serialize_key(const OQS_SIG_STFL_SECRET_KEY *sk, size_t *sk_len, uint8_t **sk_buf_ptr); +static OQS_STATUS OQS_SECRET_KEY_LMS_serialize_key(OQS_SIG_STFL_SECRET_KEY *sk, size_t *sk_len, uint8_t **sk_buf_ptr); /* Insert lms byte string in an LMS secret key object */ static OQS_STATUS OQS_SECRET_KEY_LMS_deserialize_key(OQS_SIG_STFL_SECRET_KEY *sk, const size_t sk_len, const uint8_t *sk_buf, void *context); @@ -82,6 +82,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H5_W1_new(void) { */ sk->lock_key = NULL; + /* Boolean if the secret key is locked */ + sk->is_locked = false; + /* * Set Secret Key Unlocking / Releasing Function */ @@ -169,6 +172,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H5_W2_new(void) { */ sk->lock_key = NULL; + /* Boolean if the secret key is locked */ + sk->is_locked = false; + /* * Set Secret Key Unlocking / Releasing Function */ @@ -256,6 +262,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H5_W4_new(void) { */ sk->lock_key = NULL; + /* Boolean if the secret key is locked */ + sk->is_locked = false; + /* * Set Secret Key Unlocking / Releasing Function */ @@ -343,6 +352,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H5_W8_new(void) { */ sk->lock_key = NULL; + /* Boolean if the secret key is locked */ + sk->is_locked = false; + /* * Set Secret Key Unlocking / Releasing Function */ @@ -430,6 +442,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H10_W1_new(void) { */ sk->lock_key = NULL; + /* Boolean if the secret key is locked */ + sk->is_locked = false; + /* * Set Secret Key Unlocking / Releasing Function */ @@ -517,6 +532,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H10_W2_new(void) { */ sk->lock_key = NULL; + /* Boolean if the secret key is locked */ + sk->is_locked = false; + /* * Set Secret Key Unlocking / Releasing Function */ @@ -604,6 +622,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H10_W4_new(void) { */ sk->lock_key = NULL; + /* Boolean if the secret key is locked */ + sk->is_locked = false; + /* * Set Secret Key Unlocking / Releasing Function */ @@ -691,6 +712,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H10_W8_new(void) { */ sk->lock_key = NULL; + /* Boolean if the secret key is locked */ + sk->is_locked = false; + /* * Set Secret Key Unlocking / Releasing Function */ @@ -778,6 +802,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H15_W1_new(void) { */ sk->lock_key = NULL; + /* Boolean if the secret key is locked */ + sk->is_locked = false; + /* * Set Secret Key Unlocking / Releasing Function */ @@ -865,6 +892,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H15_W2_new(void) { */ sk->lock_key = NULL; + /* Boolean if the secret key is locked */ + sk->is_locked = false; + /* * Set Secret Key Unlocking / Releasing Function */ @@ -952,6 +982,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H15_W4_new(void) { */ sk->lock_key = NULL; + /* Boolean if the secret key is locked */ + sk->is_locked = false; + /* * Set Secret Key Unlocking / Releasing Function */ @@ -1039,6 +1072,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H15_W8_new(void) { */ sk->lock_key = NULL; + /* Boolean if the secret key is locked */ + sk->is_locked = false; + /* * Set Secret Key Unlocking / Releasing Function */ @@ -1126,6 +1162,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H20_W1_new(void) { */ sk->lock_key = NULL; + /* Boolean if the secret key is locked */ + sk->is_locked = false; + /* * Set Secret Key Unlocking / Releasing Function */ @@ -1213,6 +1252,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H20_W2_new(void) { */ sk->lock_key = NULL; + /* Boolean if the secret key is locked */ + sk->is_locked = false; + /* * Set Secret Key Unlocking / Releasing Function */ @@ -1300,6 +1342,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H20_W4_new(void) { */ sk->lock_key = NULL; + /* Boolean if the secret key is locked */ + sk->is_locked = false; + /* * Set Secret Key Unlocking / Releasing Function */ @@ -1387,6 +1432,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H20_W8_new(void) { */ sk->lock_key = NULL; + /* Boolean if the secret key is locked */ + sk->is_locked = false; + /* * Set Secret Key Unlocking / Releasing Function */ @@ -1474,6 +1522,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H25_W1_new(void) { */ sk->lock_key = NULL; + /* Boolean if the secret key is locked */ + sk->is_locked = false; + /* * Set Secret Key Unlocking / Releasing Function */ @@ -1561,6 +1612,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H25_W2_new(void) { */ sk->lock_key = NULL; + /* Boolean if the secret key is locked */ + sk->is_locked = false; + /* * Set Secret Key Unlocking / Releasing Function */ @@ -1648,6 +1702,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H25_W4_new(void) { */ sk->lock_key = NULL; + /* Boolean if the secret key is locked */ + sk->is_locked = false; + /* * Set Secret Key Unlocking / Releasing Function */ @@ -1735,6 +1792,9 @@ OQS_SIG_STFL_SECRET_KEY *OQS_SECRET_KEY_LMS_SHA256_H25_W8_new(void) { */ sk->lock_key = NULL; + /* Boolean if the secret key is locked */ + sk->is_locked = false; + /* * Set Secret Key Unlocking / Releasing Function */ @@ -1760,7 +1820,7 @@ void OQS_SECRET_KEY_LMS_free(OQS_SIG_STFL_SECRET_KEY *sk) { } /* Convert LMS secret key object to byte string */ -static OQS_STATUS OQS_SECRET_KEY_LMS_serialize_key(const OQS_SIG_STFL_SECRET_KEY *sk, size_t *sk_len, uint8_t **sk_buf_ptr) { +static OQS_STATUS OQS_SECRET_KEY_LMS_serialize_key(OQS_SIG_STFL_SECRET_KEY *sk, size_t *sk_len, uint8_t **sk_buf_ptr) { OQS_STATUS status; if (sk->lock_key && sk->mutex) { sk->lock_key(sk->mutex); diff --git a/src/sig_stfl/lms/sig_stfl_lms.h b/src/sig_stfl/lms/sig_stfl_lms.h index e42450fd15..a2d00cd9bb 100644 --- a/src/sig_stfl/lms/sig_stfl_lms.h +++ b/src/sig_stfl/lms/sig_stfl_lms.h @@ -209,7 +209,7 @@ int oqs_sig_stfl_lms_verify(const uint8_t *m, size_t mlen, const uint8_t *sm, si void oqs_secret_lms_key_free(OQS_SIG_STFL_SECRET_KEY *sk); -OQS_STATUS oqs_serialize_lms_key(const OQS_SIG_STFL_SECRET_KEY *sk, size_t *sk_len, uint8_t **sk_key); +OQS_STATUS oqs_serialize_lms_key(OQS_SIG_STFL_SECRET_KEY *sk, size_t *sk_len, uint8_t **sk_key); OQS_STATUS oqs_deserialize_lms_key(OQS_SIG_STFL_SECRET_KEY *sk, const size_t sk_len, const uint8_t *sk_buf, void *context); void oqs_lms_key_set_store_cb(OQS_SIG_STFL_SECRET_KEY *sk, secure_store_sk store_cb, void *context); diff --git a/src/sig_stfl/lms/sig_stfl_lms_functions.c b/src/sig_stfl/lms/sig_stfl_lms_functions.c index 63db4c49f1..57baf021ae 100644 --- a/src/sig_stfl/lms/sig_stfl_lms_functions.c +++ b/src/sig_stfl/lms/sig_stfl_lms_functions.c @@ -47,11 +47,10 @@ typedef struct OQS_LMS_KEY_DATA { } oqs_lms_key_data; OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sign(uint8_t *signature, size_t *signature_length, const uint8_t *message, - size_t message_len, OQS_SIG_STFL_SECRET_KEY *secret_key) { + size_t message_len, OQS_SIG_STFL_SECRET_KEY *secret_key) { OQS_STATUS status = OQS_ERROR; OQS_STATUS rc_keyupdate = OQS_ERROR; oqs_lms_key_data *lms_key_data = NULL; - const OQS_SIG_STFL_SECRET_KEY *sk; uint8_t *sk_key_buf = NULL; size_t sk_key_buf_len = 0; void *context; @@ -89,8 +88,7 @@ OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sign(uint8_t *signature, size_t *signatu * but, delete signature and the serialized key other wise */ - sk = secret_key; - rc_keyupdate = oqs_serialize_lms_key(sk, &sk_key_buf_len, &sk_key_buf); + rc_keyupdate = oqs_serialize_lms_key(secret_key, &sk_key_buf_len, &sk_key_buf); if (rc_keyupdate != OQS_SUCCESS) { goto err; } @@ -121,8 +119,7 @@ OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_sign(uint8_t *signature, size_t *signatu } OQS_API OQS_STATUS OQS_SIG_STFL_alg_lms_verify(const uint8_t *message, size_t message_len, - const uint8_t *signature, size_t signature_len, - const uint8_t *public_key) { + const uint8_t *signature, size_t signature_len, const uint8_t *public_key) { if (message == NULL || signature == NULL || public_key == NULL) { return OQS_ERROR; @@ -566,7 +563,7 @@ void oqs_secret_lms_key_free(OQS_SIG_STFL_SECRET_KEY *sk) { * Convert LMS secret key object to byte string * Writes secret key + aux data if present */ -OQS_STATUS oqs_serialize_lms_key(const OQS_SIG_STFL_SECRET_KEY *sk, size_t *sk_len, uint8_t **sk_key) { +OQS_STATUS oqs_serialize_lms_key(OQS_SIG_STFL_SECRET_KEY *sk, size_t *sk_len, uint8_t **sk_key) { if (sk == NULL || sk_len == NULL || sk_key == NULL) { return OQS_ERROR;