Update sig_stfl.h document for #1650
#1655
Conversation
ducnguyen-sb
changed the title
sig_stfl.h documentsig_stfl.h document for #1650
| */ | ||
| OQS_API OQS_STATUS OQS_SIG_STFL_SECRET_KEY_lock(OQS_SIG_STFL_SECRET_KEY *sk); | ||
|
|
||
| /** | ||
| * OQS_SIG_STFL_SECRET_KEY_unlock . | ||
| * Unlock the secret key, making it accessible to other processes. |
There was a problem hiding this comment.
Same question as above: When does (an application) need to call this function?
There was a problem hiding this comment.
So I added:
* This operation is essential in multi-threaded or multi-process contexts
* in order to prevent simultaneous operations that could compromise the stateful signature security.
...
* @note It's not required to use lock and unlock functions in a single-threaded environment.
So, it's should be call in multi-threaded environment.
I wonder if the current documentation is good enough, let me know if it's unclear.
There was a problem hiding this comment.
I wonder if the current documentation is good enough, let me know if it's unclear.
I can only judge from my perspective and cannot know what other's may (mis)understand, so here goes my question now: Which (liboqs API) calls ("operations" in your wording above) need to be guarded with this function in multi-threaded environments? And a much more basic question: If there are such library functions failing to properly operate in a multi-threaded environment, wouldn't it be better to document them accordingly? And as follow-on question: Does it need such liboqs-based "lock/unlock" functions at all if such documentation exists? Why isn't use of any external, e.g. as provided by the application-chosen threading library, lock/unlock mechanisms sufficient?
I guess what I'd like to suggest in a more "brutal question": Should we not strive to implement a thread-safe library API OR completely get out of the way (giving the app developer full control of what they want/need to do)? Anything in between IMO has the potential for a "support nightmare" ("use API XYZ if you are using threading library ABC; if not using any threading, disregard XYZ but use API XZZ", etc....)
There was a problem hiding this comment.
I answer each question below.
- What function need to be guarded with this function in a concurrent environment?
Only the Signing operation.
Thanks to your question, I updated this note:
* @note It's not necessary to use this function in either Keygen or Verifying operations.
* In a concurrent environment, the user is responsible for locking and unlocking the private key,
* to make sure that only one thread can access the private key during a Signing operation.
- Why such lock/unlock APIs are there? Is it meant we strive to be a thread-safe library?
These APIs intention is to limit to one owner of private key at a time in a concurrent environment.
If users supply lock/unlock logic with a mutex, we acquire the lock to be the only owner of the private key, and unlock after the Signing operation complete.
If users don't supply the lock/unlock logic or a mutex, they are simply NOP operations.
I think the key different here is: We don't execute stateful signature in multi-thread at the library itself, but we provide a way to let users use multi-thread securely, in the right way.
- Does it need such liboqs-based "lock/unlock" functions at all if such documentation exists?
I think to have lock/unlock functions help liboqs in:
- Testing. Someone has to foreseen the usage of our proposed APIs in multi-thread environment, so we need
lock/unlockto test if it's still safe in such if our low-level implementation change.
So we have it in test, well, why not exposed them to library user, it's convenience anyway. So there are liboqs-based lock/unlock functions.
- Why isn't use of any external, e.g. as provided by the application-chosen threading library, lock/unlock mechanisms sufficient?
Actually we don't concretely define the lock/unlock mechanisms in liboqs, if the function pointers of lock/unlock are non-NULL then we will run them to perform lock/unlock the private key.
So, we open to any application-chosen threading library, and it's user responsibility to create a proper lock/unlock functions, and it's up to them to define their mutex.
- Anything in between IMO has the potential for a "support nightmare" ("use API XYZ if you are using threading library ABC; if not using any threading, disregard XYZ but use API XZZ", etc....)
I totally agree with you, we don't want to get into "support nightmare". I want to run away from it as far as possible. :))
You have more experience than me in this matter, please let me know if there is something I need to change to get out of "support nightmare".
There was a problem hiding this comment.
@baentsch before I merge this PR, do I answer your questions?
There was a problem hiding this comment.
You have more experience than me in this matter, please let me know if there is something I need to change to get out of "support nightmare".
I'm not sure I do -- I did not use these APIs -- yet. My "general" question regarding minimizing support effort is: Could we completely do away with those functions in the external OQS API? If we could, we won't have to support them.
So we have it in test, well, why not exposed them to library user, it's convenience anyway. So there are liboqs-based lock/unlock functions.
That's what I'm concerned with: If it's mere "convenience" (for us) we shouldn't externally make it available. Any API externally visible creates more support effort. Please see the discussion in #1648 and decide whether mutex/lock/unlock is another candidate for this internal API.
There was a problem hiding this comment.
I double check, these APIs just for testing purpose, so I moved them to internal APIs.
Updated in 8b0e15e
There was a problem hiding this comment.
The set_lock, set_mutex, and set_unlock should still be public APIs.
@baentsch
There was a problem hiding this comment.
:-( I won't respond to user questions about them.
There was a problem hiding this comment.
Thanks for the updates addressing many of my original comments, @ducnguyen-sb ! I only re-reviewed the changes in the PR, not the merge-to-main PR again: Please let me know when I should do that (to close out/mark as resolved my comments there).
* update the stateful siganture header documentation * catch the case when mutex is not set * stress that only the Signing operation need to be locked/unlocked. * make lock and unlock function to internal APIs.
* update the stateful siganture header documentation * catch the case when mutex is not set * stress that only the Signing operation need to be locked/unlocked. * make lock and unlock function to internal APIs.
* update the stateful siganture header documentation * catch the case when mutex is not set * stress that only the Signing operation need to be locked/unlocked. * make lock and unlock function to internal APIs.
* update the stateful siganture header documentation * catch the case when mutex is not set * stress that only the Signing operation need to be locked/unlocked. * make lock and unlock function to internal APIs.
* update the stateful siganture header documentation * catch the case when mutex is not set * stress that only the Signing operation need to be locked/unlocked. * make lock and unlock function to internal APIs.
* update the stateful siganture header documentation * catch the case when mutex is not set * stress that only the Signing operation need to be locked/unlocked. * make lock and unlock function to internal APIs.
commit 244288f Add XMSS parameter xmss_sha256_h10 (#1482) commit a7e26d9 Add 12 XMSS and 16 XMSSMT parameters. (#1489) commit 4694fc3 Add secret key object to XMSS (#1530) commit 99067be Add XMSS Serialize/Deserialize (#1542) commit 2dbfc40 Update XMSS secret key object APIs, sync with LMS (#1588) commit 47740ad Enforce idx from unsigned int to uint32_t. (#1611) commit 9610576 Fix windows-x86 and arm compiling error. (#1634) commit bb658b7 Address stateful-sigs comments in #1650 (#1656) commit 7db8ddf Update `sig_stfl.h` document for #1650 (#1655) commit c3e5750 Add Apache 2.0 and MIT License to XMSS (#1662) commit e1f02b2 Change XMSS License from `(Apache 2.0 AND MIT)` to `(Apache 2.0 OR MIT) AND CC0-1.0` (#1697) commit 17c12c3 Add return status for XMSS lock/unlock functions. (#1712) commit 1941636 Add return check for lock/unlock function (#1727) commit b45415c Use `abort()` instead of exit to get the trace log. (#1728) commit ba63672 Reduce number of `malloc/free` call in `XMSS/external` (#1724) Signed-off-by: Duc Tri Nguyen <[email protected]>
This PR address the comments in #1650
This PR rewrite the documentation in
sig_stfl.hheader for a few APIs, make simpler and (somewhat) easier to read.