OpenSSL API's. The user could do the encoding themselves and then set the settable
to not encode the passed in message.
+Signing API
+-------------
+
+As only the one shot implementation is required and the message is not digested
+the API's used should be
+
+EVP_PKEY_sign_message_init(), EVP_PKEY_sign(),
+EVP_PKEY_verify_message_init(), EVP_PKEY_verify().
+
Buffers
-------
are known quantities. Currently there is no attempt to use wpacket to pass
around these sizes. asserts are currently done by the child functions to check
that the expected size does not exceed the size passed in by the parent.
+
+Constant Time Considerations
+----------------------------
+
+As the security of SLH-DSA depends only on hash functions, I do not foresee
+there being any constant time issues. Some if statements have been added to
+detect failures in hash operations, and these errors are propagated all the way
+up the function call stack. These errors should not happen in general so should
+not affect the security of the algorithms.
3 different security categories also depending on the type.
L<EVP_SIGNATURE_fetch(3)> can be used to explicitely fetch one of the 12
-algorithms which can then be used with L<EVP_PKEY_sign_init_ex2(3)>,
-L<EVP_PKEY_sign(3)>, L<EVP_PKEY_verify_init_ex2(3)>, and
+algorithms which can then be used with L<EVP_PKEY_sign_message_init(3)>,
+L<EVP_PKEY_sign(3)>, L<EVP_PKEY_verify_message_init(3)>, and
L<EVP_PKEY_verify(3)> to sign or verify one-shot messages.
The normal signing process (called Pure SLH-DSA Signature Generation)
EVP_PKEY_CTX *sctx = EVP_PKEY_CTX_new_from_pkey(NULL, pkey, NULL);
EVP_SIGNATURE *sig_alg = EVP_SIGNATURE_fetch(NULL, "SLH-DSA-SHA2-128s", NULL);
- EVP_PKEY_sign_init_ex2(sctx, sig_alg, params);
+ EVP_PKEY_sign_message_init(sctx, sig_alg, params);
/* Calculate the required size for the signature by passing a NULL buffer. */
EVP_PKEY_sign(sctx, NULL, &sig_len, msg, msg_len);
sig = OPENSSL_zalloc(sig_len);
#define SLH_DSA_MESSAGE_ENCODE_RAW 0
#define SLH_DSA_MESSAGE_ENCODE_PURE 1
-static OSSL_FUNC_signature_sign_init_fn slh_sign_init;
+static OSSL_FUNC_signature_sign_message_init_fn slh_sign_msg_init;
static OSSL_FUNC_signature_sign_fn slh_sign;
-static OSSL_FUNC_signature_verify_init_fn slh_verify_init;
+static OSSL_FUNC_signature_verify_message_init_fn slh_verify_msg_init;
static OSSL_FUNC_signature_verify_fn slh_verify;
static OSSL_FUNC_signature_freectx_fn slh_freectx;
static OSSL_FUNC_signature_set_ctx_params_fn slh_set_ctx_params;
return NULL;
}
-static int slh_signverify_init(void *vctx, void *vkey,
- const OSSL_PARAM params[], int operation,
- const char *desc)
+static int slh_signverify_msg_init(void *vctx, void *vkey,
+ const OSSL_PARAM params[], int operation,
+ const char *desc)
{
PROV_SLH_DSA_CTX *ctx = (PROV_SLH_DSA_CTX *)vctx;
SLH_DSA_KEY *key = vkey;
return 1;
}
-static int slh_sign_init(void *vctx, void *vkey, const OSSL_PARAM params[])
+static int slh_sign_msg_init(void *vctx, void *vkey, const OSSL_PARAM params[])
{
- return slh_signverify_init(vctx, vkey, params,
- EVP_PKEY_OP_SIGN, "SLH_DSA Sign Init");
+ return slh_signverify_msg_init(vctx, vkey, params,
+ EVP_PKEY_OP_SIGN, "SLH_DSA Sign Init");
}
static int slh_sign(void *vctx, unsigned char *sig, size_t *siglen,
return ret;
}
-static int slh_verify_init(void *vctx, void *vkey,
+static int slh_verify_msg_init(void *vctx, void *vkey,
const OSSL_PARAM params[])
{
- return slh_signverify_init(vctx, vkey, params, EVP_PKEY_OP_VERIFY,
- "SLH_DSA Verify Init");
+ return slh_signverify_msg_init(vctx, vkey, params, EVP_PKEY_OP_VERIFY,
+ "SLH_DSA Verify Init");
}
static int slh_verify(void *vctx,
} \
const OSSL_DISPATCH ossl_slh_dsa_##fn##_signature_functions[] = { \
{ OSSL_FUNC_SIGNATURE_NEWCTX, (void (*)(void))slh_##fn##_newctx }, \
- { OSSL_FUNC_SIGNATURE_SIGN_INIT, (void (*)(void))slh_sign_init }, \
+ { OSSL_FUNC_SIGNATURE_SIGN_MESSAGE_INIT, \
+ (void (*)(void))slh_sign_msg_init }, \
{ OSSL_FUNC_SIGNATURE_SIGN, (void (*)(void))slh_sign }, \
- { OSSL_FUNC_SIGNATURE_VERIFY_INIT, (void (*)(void))slh_verify_init }, \
+ { OSSL_FUNC_SIGNATURE_VERIFY_MESSAGE_INIT, \
+ (void (*)(void))slh_verify_msg_init }, \
{ OSSL_FUNC_SIGNATURE_VERIFY, (void (*)(void))slh_verify }, \
{ OSSL_FUNC_SIGNATURE_FREECTX, (void (*)(void))slh_freectx }, \
{ OSSL_FUNC_SIGNATURE_SET_CTX_PARAMS, (void (*)(void))slh_set_ctx_params },\
goto err;
if (!TEST_ptr(sig_alg = EVP_SIGNATURE_fetch(lib_ctx, td->alg, NULL)))
goto err;
- if (!TEST_int_eq(EVP_PKEY_verify_init_ex2(vctx, sig_alg, params), 1)
+ if (!TEST_int_eq(EVP_PKEY_verify_message_init(vctx, sig_alg, params), 1)
|| !TEST_int_eq(EVP_PKEY_verify(vctx, sig, sig_len,
td->msg, td->msg_len), 1))
goto err;
goto err;
if (!TEST_ptr(sig_alg = EVP_SIGNATURE_fetch(lib_ctx, td->alg, NULL)))
goto err;
- if (!TEST_int_eq(EVP_PKEY_sign_init_ex2(sctx, sig_alg, params), 1)
+ if (!TEST_int_eq(EVP_PKEY_sign_message_init(sctx, sig_alg, params), 1)
|| !TEST_int_eq(EVP_PKEY_sign(sctx, NULL, &psig_len,
td->msg, td->msg_len), 1)
|| !TEST_true(EVP_PKEY_get_size_t_param(pkey, OSSL_PKEY_PARAM_MAX_SIZE,
projects / thirdparty / openssl.git / commitdiff
