void
_xmss_gen (const struct slh_hash *hash,
const uint8_t *public_seed, const uint8_t *secret_seed,
- const struct slh_xmss_params *xmss,
- uint8_t *scratch, uint8_t *root);
+ const struct slh_xmss_params *xmss, uint8_t *root,
+ void *tree_ctx, uint8_t *scratch);
/* Signs using wots, then signs wots public key using xmss. Also
returns the xmss public key (i.e., root hash).*/
_slh_dsa_sign (const struct slh_dsa_params *params,
const struct slh_hash *hash,
const uint8_t *pub, const uint8_t *priv,
- const uint8_t *digest, uint8_t *signature);
+ const uint8_t *digest, uint8_t *signature,
+ void *tree_ctx);
int
_slh_dsa_verify (const struct slh_dsa_params *params,
const struct slh_hash *hash,
const uint8_t *pub,
- const uint8_t *digest, const uint8_t *signature);
+ const uint8_t *digest, const uint8_t *signature,
+ void *tree_ctx);
#endif /* NETTLE_SLH_DSA_INTERNAL_H_INCLUDED */
#include "slh-dsa.h"
#include "slh-dsa-internal.h"
+#include "sha2.h"
+
#define SLH_DSA_M 34
#define XMSS_H 3
slh_dsa_sha2_128f_root (const uint8_t *public_seed, const uint8_t *private_seed,
uint8_t *root)
{
+ struct sha256_ctx tree_ctx;
uint8_t scratch[(XMSS_H + 1)*_SLH_DSA_128_SIZE];
_xmss_gen (&_slh_hash_sha256, public_seed, private_seed,
- &_slh_dsa_128f_params.xmss, scratch, root);
+ &_slh_dsa_128f_params.xmss, root,
+ &tree_ctx, scratch);
}
void
size_t length, const uint8_t *msg,
uint8_t *signature)
{
+ struct sha256_ctx tree_ctx;
uint8_t digest[SLH_DSA_M];
_slh_dsa_pure_rdigest (&_slh_hash_sha256,
pub, priv + _SLH_DSA_128_SIZE, length, msg,
signature, sizeof (digest), digest);
_slh_dsa_sign (&_slh_dsa_128f_params, &_slh_hash_sha256,
- pub, priv, digest, signature + _SLH_DSA_128_SIZE);
+ pub, priv, digest, signature + _SLH_DSA_128_SIZE,
+ &tree_ctx);
}
int
size_t length, const uint8_t *msg,
const uint8_t *signature)
{
+ struct sha256_ctx tree_ctx;
uint8_t digest[SLH_DSA_M];
_slh_dsa_pure_digest (&_slh_hash_sha256,
pub, length, msg, signature, sizeof (digest), digest);
return _slh_dsa_verify (&_slh_dsa_128f_params, &_slh_hash_sha256,
- pub, digest, signature + _SLH_DSA_128_SIZE);
+ pub, digest, signature + _SLH_DSA_128_SIZE,
+ &tree_ctx);
}
#include "slh-dsa.h"
#include "slh-dsa-internal.h"
+#include "sha2.h"
+
#define SLH_DSA_M 30
#define XMSS_H 9
slh_dsa_sha2_128s_root (const uint8_t *public_seed, const uint8_t *private_seed,
uint8_t *root)
{
+ struct sha256_ctx tree_ctx;
uint8_t scratch[(XMSS_H + 1)*_SLH_DSA_128_SIZE];
_xmss_gen (&_slh_hash_sha256, public_seed, private_seed,
- &_slh_dsa_128s_params.xmss, scratch, root);
+ &_slh_dsa_128s_params.xmss, root,
+ &tree_ctx, scratch);
}
void
slh_dsa_sha2_128s_generate_keypair (uint8_t *pub, uint8_t *priv,
- void *random_ctx, nettle_random_func *random)
+ void *random_ctx, nettle_random_func *random)
{
random (random_ctx, SLH_DSA_128_SEED_SIZE, pub);
random (random_ctx, 2*SLH_DSA_128_SEED_SIZE, priv);
size_t length, const uint8_t *msg,
uint8_t *signature)
{
+ struct sha256_ctx tree_ctx;
uint8_t digest[SLH_DSA_M];
_slh_dsa_pure_rdigest (&_slh_hash_sha256,
pub, priv + _SLH_DSA_128_SIZE, length, msg,
signature, sizeof (digest), digest);
_slh_dsa_sign (&_slh_dsa_128s_params, &_slh_hash_sha256,
- pub, priv, digest, signature + _SLH_DSA_128_SIZE);
+ pub, priv, digest, signature + _SLH_DSA_128_SIZE,
+ &tree_ctx);
}
int
size_t length, const uint8_t *msg,
const uint8_t *signature)
{
+ struct sha256_ctx tree_ctx;
uint8_t digest[SLH_DSA_M];
_slh_dsa_pure_digest (&_slh_hash_sha256,
pub, length, msg, signature, sizeof (digest), digest);
return _slh_dsa_verify (&_slh_dsa_128s_params, &_slh_hash_sha256,
- pub, digest, signature + _SLH_DSA_128_SIZE);
+ pub, digest, signature + _SLH_DSA_128_SIZE,
+ &tree_ctx);
}
#include "slh-dsa.h"
#include "slh-dsa-internal.h"
+#include "sha3.h"
+
#define SLH_DSA_M 34
#define XMSS_H 3
slh_dsa_shake_128f_root (const uint8_t *public_seed, const uint8_t *private_seed,
uint8_t *root)
{
+ struct sha3_ctx tree_ctx;
uint8_t scratch[(XMSS_H + 1)*_SLH_DSA_128_SIZE];
_xmss_gen (&_slh_hash_shake, public_seed, private_seed,
- &_slh_dsa_128f_params.xmss, scratch, root);
+ &_slh_dsa_128f_params.xmss, root,
+ &tree_ctx, scratch);
}
void
size_t length, const uint8_t *msg,
uint8_t *signature)
{
+ struct sha3_ctx tree_ctx;
uint8_t digest[SLH_DSA_M];
_slh_dsa_pure_rdigest (&_slh_hash_shake,
pub, priv + _SLH_DSA_128_SIZE, length, msg,
signature, sizeof (digest), digest);
_slh_dsa_sign (&_slh_dsa_128f_params, &_slh_hash_shake,
- pub, priv, digest, signature + _SLH_DSA_128_SIZE);
+ pub, priv, digest, signature + _SLH_DSA_128_SIZE,
+ &tree_ctx);
}
int
size_t length, const uint8_t *msg,
const uint8_t *signature)
{
+ struct sha3_ctx tree_ctx;
uint8_t digest[SLH_DSA_M];
_slh_dsa_pure_digest (&_slh_hash_shake,
pub, length, msg, signature, sizeof (digest), digest);
return _slh_dsa_verify (&_slh_dsa_128f_params, &_slh_hash_shake,
- pub, digest, signature + _SLH_DSA_128_SIZE);
+ pub, digest, signature + _SLH_DSA_128_SIZE,
+ &tree_ctx);
}
#include "slh-dsa.h"
#include "slh-dsa-internal.h"
+#include "sha3.h"
+
#define SLH_DSA_M 30
#define XMSS_H 9
slh_dsa_shake_128s_root (const uint8_t *public_seed, const uint8_t *private_seed,
uint8_t *root)
{
+ struct sha3_ctx tree_ctx;
uint8_t scratch[(XMSS_H + 1)*_SLH_DSA_128_SIZE];
_xmss_gen (&_slh_hash_shake, public_seed, private_seed,
- &_slh_dsa_128s_params.xmss, scratch, root);
+ &_slh_dsa_128s_params.xmss, root,
+ &tree_ctx, scratch);
}
void
size_t length, const uint8_t *msg,
uint8_t *signature)
{
+ struct sha3_ctx tree_ctx;
uint8_t digest[SLH_DSA_M];
_slh_dsa_pure_rdigest (&_slh_hash_shake,
pub, priv + _SLH_DSA_128_SIZE, length, msg,
signature, sizeof (digest), digest);
_slh_dsa_sign (&_slh_dsa_128s_params, &_slh_hash_shake,
- pub, priv, digest, signature + _SLH_DSA_128_SIZE);
+ pub, priv, digest, signature + _SLH_DSA_128_SIZE,
+ &tree_ctx);
}
int
size_t length, const uint8_t *msg,
const uint8_t *signature)
{
+ struct sha3_ctx tree_ctx;
uint8_t digest[SLH_DSA_M];
_slh_dsa_pure_digest (&_slh_hash_shake,
pub, length, msg, signature, sizeof (digest), digest);
return _slh_dsa_verify (&_slh_dsa_128s_params, &_slh_hash_shake,
- pub, digest, signature + _SLH_DSA_128_SIZE);
+ pub, digest, signature + _SLH_DSA_128_SIZE,
+ &tree_ctx);
}
_slh_dsa_sign (const struct slh_dsa_params *params,
const struct slh_hash *hash,
const uint8_t *pub, const uint8_t *priv,
- const uint8_t *digest, uint8_t *signature)
+ const uint8_t *digest, uint8_t *signature,
+ void *tree_ctx)
{
uint64_t tree_idx;
unsigned leaf_idx;
params->parse_digest (digest + params->fors.msg_size, &tree_idx, &leaf_idx);
- union slh_hash_ctx tree_ctx;
union slh_hash_ctx scratch_ctx;
const struct slh_merkle_ctx_secret merkle_ctx =
{
- { hash, &tree_ctx, leaf_idx },
+ { hash, tree_ctx, leaf_idx },
priv, &scratch_ctx,
};
- hash->init_tree (&tree_ctx, pub, 0, tree_idx);
+
+ hash->init_tree (tree_ctx, pub, 0, tree_idx);
uint8_t root[_SLH_DSA_128_SIZE];
leaf_idx = tree_idx & ((1 << params->xmss.h) - 1);
tree_idx >>= params->xmss.h;
- hash->init_tree (&tree_ctx, pub, i, tree_idx);
+ hash->init_tree (tree_ctx, pub, i, tree_idx);
_xmss_sign (&merkle_ctx, params->xmss.h, leaf_idx, root, signature, root);
}
_slh_dsa_verify (const struct slh_dsa_params *params,
const struct slh_hash *hash,
const uint8_t *pub,
- const uint8_t *digest, const uint8_t *signature)
+ const uint8_t *digest, const uint8_t *signature,
+ void *tree_ctx)
{
uint64_t tree_idx;
unsigned leaf_idx;
params->parse_digest (digest + params->fors.msg_size, &tree_idx, &leaf_idx);
- union slh_hash_ctx tree_ctx;
const struct slh_merkle_ctx_public merkle_ctx =
- { hash, &tree_ctx, leaf_idx };
+ { hash, tree_ctx, leaf_idx };
- hash->init_tree (&tree_ctx, pub, 0, tree_idx);
+ hash->init_tree (tree_ctx, pub, 0, tree_idx);
uint8_t root[_SLH_DSA_128_SIZE];
leaf_idx = tree_idx & ((1 << params->xmss.h) - 1);
tree_idx >>= params->xmss.h;
- hash->init_tree (&tree_ctx, pub, i, tree_idx);
+ hash->init_tree (tree_ctx, pub, i, tree_idx);
_xmss_verify (&merkle_ctx, params->xmss.h, leaf_idx, root, signature, root, &scratch_ctx);
}
void
_xmss_gen (const struct slh_hash *hash,
const uint8_t *public_seed, const uint8_t *secret_seed,
- const struct slh_xmss_params *xmss,
- uint8_t *scratch, uint8_t *root)
+ const struct slh_xmss_params *xmss, uint8_t *root,
+ void *tree_ctx, uint8_t *scratch)
{
- union slh_hash_ctx tree_ctx;
union slh_hash_ctx scratch_ctx;
const struct slh_merkle_ctx_secret ctx =
{
- { hash, &tree_ctx, 0 },
+ { hash, tree_ctx, 0 },
secret_seed, &scratch_ctx,
};
- hash->init_tree (&tree_ctx, public_seed, xmss->d - 1, 0);
+ hash->init_tree (tree_ctx, public_seed, xmss->d - 1, 0);
_merkle_root (&ctx, xmss_leaf, xmss_node, xmss->h, 0, root, scratch);
}
projects / thirdparty / nettle.git / commitdiff
