GENERATE[html/man7/EVP_SIGNATURE-HMAC.html]=man7/EVP_SIGNATURE-HMAC.pod
DEPEND[man/man7/EVP_SIGNATURE-HMAC.7]=man7/EVP_SIGNATURE-HMAC.pod
GENERATE[man/man7/EVP_SIGNATURE-HMAC.7]=man7/EVP_SIGNATURE-HMAC.pod
+DEPEND[html/man7/EVP_SIGNATURE-LMS.html]=man7/EVP_SIGNATURE-LMS.pod
+GENERATE[html/man7/EVP_SIGNATURE-LMS.html]=man7/EVP_SIGNATURE-LMS.pod
+DEPEND[man/man7/EVP_SIGNATURE-LMS.7]=man7/EVP_SIGNATURE-LMS.pod
+GENERATE[man/man7/EVP_SIGNATURE-LMS.7]=man7/EVP_SIGNATURE-LMS.pod
DEPEND[html/man7/EVP_SIGNATURE-RSA.html]=man7/EVP_SIGNATURE-RSA.pod
GENERATE[html/man7/EVP_SIGNATURE-RSA.html]=man7/EVP_SIGNATURE-RSA.pod
DEPEND[man/man7/EVP_SIGNATURE-RSA.7]=man7/EVP_SIGNATURE-RSA.pod
html/man7/EVP_SIGNATURE-ECDSA.html \
html/man7/EVP_SIGNATURE-ED25519.html \
html/man7/EVP_SIGNATURE-HMAC.html \
+html/man7/EVP_SIGNATURE-LMS.html \
html/man7/EVP_SIGNATURE-RSA.html \
html/man7/OSSL_PROVIDER-FIPS.html \
html/man7/OSSL_PROVIDER-base.html \
man/man7/EVP_SIGNATURE-ECDSA.7 \
man/man7/EVP_SIGNATURE-ED25519.7 \
man/man7/EVP_SIGNATURE-HMAC.7 \
+man/man7/EVP_SIGNATURE-LMS.7 \
man/man7/EVP_SIGNATURE-RSA.7 \
man/man7/OSSL_PROVIDER-FIPS.7 \
man/man7/OSSL_PROVIDER-base.7 \
L<EVP_PKEY-DH(7)/DH key generation parameters>
L<EVP_PKEY-EC(7)/Common EC parameters>
L<EVP_PKEY-X25519(7)/Common X25519, X448, ED25519 and ED448 parameters>
+L<EVP_PKEY-LMS(7)/Common LMS parameters>
=head1 RETURN VALUES
L<OSSL_PARAM(3)>, L<EVP_PKEY_todata(3)>,
L<EVP_PKEY-RSA(7)>, L<EVP_PKEY-DSA(7)>, L<EVP_PKEY-DH(7)>, L<EVP_PKEY-EC(7)>,
L<EVP_PKEY-ED448(7)>, L<EVP_PKEY-X25519(7)>, L<EVP_PKEY-X448(7)>,
-L<EVP_PKEY-ED25519(7)>
+L<EVP_PKEY-ED25519(7)>, L<EVP_PKEY-LMS(7)>
=head1 HISTORY
L<EVP_PKEY_fromdata(3)>,
L<EVP_PKEY-RSA(7)>, L<EVP_PKEY-DSA(7)>, L<EVP_PKEY-DH(7)>, L<EVP_PKEY-EC(7)>,
L<EVP_PKEY-ED448(7)>, L<EVP_PKEY-X25519(7)>, L<EVP_PKEY-X448(7)>,
-L<EVP_PKEY-ED25519(7)>
+L<EVP_PKEY-ED25519(7)>, L<EVP_PKEY-LMS(7)>
=head1 HISTORY
=head1 DESCRIPTION
-The B<LMS> keytype is implemented in OpenSSL's default provider.
+The B<LMS> keytype is implemented in OpenSSL's default and FIPS providers.
+The OpenSSL providers only support LMS signature verification, as this is a
+[SP 800-208](https://csrc.nist.gov/pubs/sp/800/208/final) requirement for
+software modules.
=head2 Common LMS parameters
-LMS public keys are encoded in XDR format (i.e. not ANS1 format),
+LMS public keys are encoded in XDR format (i.e. not ASN1 format).
The following parameters are used by EVP_PKEY_fromdata() and by the
LMS keymanager for import and export.
Leighton-Micali Hash-Based Signatures
-=item NIST SP 800-208
+=item NIST SP800-208
Recommendation for Stateful Hash-Based Signature Schemes
L<EVP_KEYMGMT(3)>,
L<EVP_PKEY(3)>,
+L<EVP_SIGNATURE-LMS(7)>,
L<provider-keymgmt(7)>
=head1 HISTORY
--- /dev/null
+=pod
+
+=head1 NAME
+
+EVP_SIGNATURE-LMS
+- The EVP_PKEY Leighton-Micali Signature (LMS) implementation
+
+=head1 DESCRIPTION
+
+The B<LMS> EVP_PKEY implementation supports Leighton-Micali Signatures (LMS)
+described in [RFC 8554](https://datatracker.ietf.org/doc/html/rfc8854)
+and [SP 800-208](https://csrc.nist.gov/pubs/sp/800/208/final).
+
+The OpenSSL providers only support LMS signature verification, as this is a
+SP 800-208 requirement for software modules.
+
+EVP_PKEY_verify_message_init() and EVP_PKEY_verify() are the only supported
+functions used for LMS signatures. Streaming is not currently supported,
+and since the signature data contains data related to the digest used, functions
+that specify the digest name are not necessary.
+
+=head1 EXAMPLES
+
+Error checking has been omitted from the following examples
+
+=head2 LMS signature verification
+
+ /* See L<EVP_PKEY-LMS(7)/EXAMPLES for an example of loading a LMS |pub| key */
+ ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pub, propq);
+ sig = EVP_SIGNATURE_fetch(libctx, "LMS", propq);
+ EVP_PKEY_verify_message_init(ctx, sig, NULL);
+ /*
+ * EVP_PKEY_verify_message_update() and EVP_PKEY_verify_message_final()
+ * are not supported
+ */
+ ret = EVP_PKEY_verify(ctx, sigdata, sigdata_len, msg, msglen);
+ /*
+ * ret == 1 indicates success, 0 verify failure and < 0 for some
+ * other error.
+ */
+
+=head1 SEE ALSO
+
+L<EVP_PKEY-LMS(7)>,
+L<provider-signature(7)>,
+
+=head1 HISTORY
+
+This functionality was added in OpenSSL 3.5.0
+
+=head1 COPYRIGHT
+
+Copyright 2024 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
=item CMAC, see L<EVP_SIGNATURE-CMAC(7)>
+=item LMS, see L<EVP_SIGNATURE-LMS(7)>
+
=back
=head2 Asymmetric Cipher
=item CMAC, see L<EVP_SIGNATURE-CMAC(7)>
+=item LMS, see L<EVP_SIGNATURE-LMS(7)>
+
=back
=head2 Asymmetric Cipher
L<provider(7)>,
L<EVP_PKEY-X25519(7)>, L<EVP_PKEY-X448(7)>, L<EVP_PKEY-ED25519(7)>,
L<EVP_PKEY-ED448(7)>, L<EVP_PKEY-EC(7)>, L<EVP_PKEY-RSA(7)>,
-L<EVP_PKEY-DSA(7)>, L<EVP_PKEY-DH(7)>
+L<EVP_PKEY-DSA(7)>, L<EVP_PKEY-DH(7)>,
+L<EVP_PKEY-LMS(7)>
=head1 HISTORY
projects / thirdparty / openssl.git / commitdiff
